Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/2jpIa6oJ9crcM1GHJTLGzPFXp_w.roa
File: 2jpIa6oJ9crcM1GHJTLGzPFXp_w.roa (raw, json)
Hash identifier: dBAmxoqV2Z7makf09w6HudOa9KvGP5QDM6lOz31Mdrw=
Subject key identifier: DA:3A:48:6B:AA:09:F5:CA:DC:33:51:87:25:32:C6:CC:F1:57:A7:FC
Certificate issuer: /CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
Certificate serial: 3489310A
Authority key identifier: F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/2jpIa6oJ9crcM1GHJTLGzPFXp_w.roa
Signing time: Sat 01 Jan 2022 04:55:44 +0000
ROA not before: Sat 01 Jan 2022 04:55:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203557
IP address blocks: 84.38.133.0/24 maxlen: 24
185.29.11.0/24 maxlen: 24
84.38.129.0/24 maxlen: 24
2a02:4840:101::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 881406218 (0x3489310a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
Validity
Not Before: Jan 1 04:55:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da3a486baa09f5cadc3351872532c6ccf157a7fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:08:9a:ea:c3:de:58:4c:cb:94:22:4a:dd:f4:
ce:81:ff:70:17:9c:70:cc:0b:bb:fd:0d:3f:ac:3c:
6f:f8:74:97:ba:f6:6c:a9:ae:e1:c7:ee:e6:50:4a:
f9:a0:dd:54:77:7f:82:4a:5f:e0:25:e5:4c:05:89:
60:90:19:a1:05:5b:df:30:6b:b1:69:01:90:46:ee:
79:3c:2f:cb:8a:97:67:43:a3:d0:92:cb:6a:b6:f5:
a8:f8:6a:fd:d2:d1:08:f1:62:3d:5f:6e:89:b9:5d:
6b:65:38:fd:a9:14:7f:7b:98:c8:6a:2c:48:5a:ec:
31:0e:6b:3f:b1:18:fa:ba:ca:c5:67:c7:e6:6d:61:
0d:a4:d6:76:5c:ea:1c:a7:28:6a:0b:cb:cf:00:05:
c0:6e:7a:26:f8:42:98:72:94:3c:b8:de:18:f0:af:
a1:9d:1b:ac:b6:8e:12:eb:db:12:3e:f2:f7:11:dd:
5b:a5:6d:86:26:b4:97:6b:26:77:d9:c0:cd:4c:06:
2e:63:8a:fa:20:e7:c0:d4:98:e3:94:cf:3e:54:8b:
5a:a4:65:8b:3c:28:46:d3:6c:41:b2:73:4a:32:14:
5f:56:fc:f4:9b:e4:98:bc:d2:35:03:d3:95:b1:21:
0e:7b:51:29:84:db:ea:73:07:8f:b2:a8:91:68:86:
4e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3A:48:6B:AA:09:F5:CA:DC:33:51:87:25:32:C6:CC:F1:57:A7:FC
X509v3 Authority Key Identifier:
keyid:F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/2jpIa6oJ9crcM1GHJTLGzPFXp_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/92Tu0VxStMgRCiIpY9x7fUui0UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.129.0/24
84.38.133.0/24
185.29.11.0/24
IPv6:
2a02:4840:101::/48
Signature Algorithm: sha256WithRSAEncryption
90:07:4c:8a:56:93:ce:91:d0:61:3f:ce:99:37:6d:96:82:b2:
96:2a:5b:cc:22:e0:1c:0a:13:12:c8:01:e0:b5:51:ab:f5:d7:
cf:ae:fa:4b:95:36:e9:ad:5b:0f:64:9e:bc:be:7a:8c:86:e2:
eb:a2:b3:c2:f0:ec:1b:d1:f4:31:f6:f0:4d:18:9b:32:55:50:
2d:24:11:02:43:7a:59:84:29:2a:c2:d4:93:86:5f:ec:66:b4:
ea:48:16:72:6b:8e:ac:cd:dc:1d:df:b3:00:8b:c9:29:26:9c:
27:37:cb:b0:5d:f9:6d:83:0f:8a:bf:7f:a3:10:1c:ac:87:7b:
29:f0:e8:cc:68:64:4b:61:79:74:c1:69:2d:08:95:f6:2a:f1:
c3:11:72:7c:09:cb:91:f9:ef:9f:5a:ff:3a:d8:3c:5e:90:03:
7a:41:4b:10:ac:05:69:76:ce:c7:60:99:06:ec:11:7e:96:57:
96:55:e9:1c:99:83:55:bf:8d:a8:c9:5a:83:5e:87:3b:90:99:
99:c0:2f:82:12:82:a9:6b:43:b5:1d:23:12:38:21:7b:f2:a3:
d9:fd:c0:7c:d3:de:ac:81:e3:b1:c0:64:f4:66:d3:ec:23:84:
fe:1b:04:c7:56:0e:8d:b3:34:54:09:66:46:b5:ec:3e:20:47:
f4:9d:b7:37
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIENIkxCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzY0ZWVkMTVjNTJiNGM4MTEwYTIyMjk2M2RjN2I3ZDRiYTJkMTQ2MB4XDTIyMDEw
MTA0NTU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGEzYTQ4NmJhYTA5
ZjVjYWRjMzM1MTg3MjUzMmM2Y2NmMTU3YTdmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoImurD3lhMy5QiSt30zoH/cBeccMwLu/0NP6w8b/h0l7r2
bKmu4cfu5lBK+aDdVHd/gkpf4CXlTAWJYJAZoQVb3zBrsWkBkEbueTwvy4qXZ0Oj
0JLLarb1qPhq/dLRCPFiPV9uiblda2U4/akUf3uYyGosSFrsMQ5rP7EY+rrKxWfH
5m1hDaTWdlzqHKcoagvLzwAFwG56JvhCmHKUPLjeGPCvoZ0brLaOEuvbEj7y9xHd
W6Vthia0l2smd9nAzUwGLmOK+iDnwNSY45TPPlSLWqRlizwoRtNsQbJzSjIUX1b8
9JvkmLzSNQPTlbEhDntRKYTb6nMHj7KokWiGTokCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTaOkhrqgn1ytwzUYclMsbM8Ven/DAfBgNVHSMEGDAWgBT3ZO7RXFK0yBEK
Iilj3Ht9S6LRRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkyVHUwVnhTdE1nUkNpSXBZOXg3ZlV1aTBVWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvNzQxZjA2LWMzZDEtNDgzYi1iOTA4LTI4YTQ5NTNmMDUzMC8x
LzJqcElhNm9KOWNyY00xR0hKVExHelBGWHBfdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
NzQxZjA2LWMzZDEtNDgzYi1iOTA4LTI4YTQ5NTNmMDUzMC8xLzkyVHUwVnhTdE1n
UkNpSXBZOXg3ZlV1aTBVWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAFQmgQMEAFQmhQMEALkdCzAPBAIA
AjAJAwcAKgJIQAEBMA0GCSqGSIb3DQEBCwUAA4IBAQCQB0yKVpPOkdBhP86ZN22W
grKWKlvMIuAcChMSyAHgtVGr9dfPrvpLlTbprVsPZJ68vnqMhuLrorPC8Owb0fQx
9vBNGJsyVVAtJBECQ3pZhCkqwtSThl/sZrTqSBZya46szdwd37MAi8kpJpwnN8uw
Xfltgw+Kv3+jEBysh3sp8OjMaGRLYXl0wWktCJX2KvHDEXJ8CcuR+e+fWv862Dxe
kAN6QUsQrAVpds7HYJkG7BF+lleWVekcmYNVv42oyVqDXoc7kJmZwC+CEoKpa0O1
HSMSOCF78qPZ/cB8096sgeOxwGT0ZtPsI4T+GwTHVg6NszRUCWZGtew+IEf0nbc3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:58 2024 by rpki-client on console-ams.rpki-client.org