Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/Am0AaDx0a2ojTs5sBirqe9-CzFE.roa
File: Am0AaDx0a2ojTs5sBirqe9-CzFE.roa (raw, json)
Hash identifier: yNZ3LfFO4o0jqp98BVuOYr3g6bDAqkVt8S92P9gP8wo=
Subject key identifier: 02:6D:00:68:3C:74:6B:6A:23:4E:CE:6C:06:2A:EA:7B:DF:82:CC:51
Certificate issuer: /CN=11bfa2961fa0e0b07041293ddc0c3693a9e0a238
Certificate serial: 071F20DB
Authority key identifier: 11:BF:A2:96:1F:A0:E0:B0:70:41:29:3D:DC:0C:36:93:A9:E0:A2:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eb-ilh-g4LBwQSk93Aw2k6ngojg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/Am0AaDx0a2ojTs5sBirqe9-CzFE.roa
Signing time: Sat 01 Jan 2022 16:05:52 +0000
ROA not before: Sat 01 Jan 2022 16:05:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42927
IP address blocks: 94.124.4.0/24 maxlen: 24
94.124.2.0/23 maxlen: 23
94.124.0.0/21 maxlen: 21
94.124.1.0/24 maxlen: 24
94.124.0.0/24 maxlen: 24
94.124.8.0/21 maxlen: 21
94.124.7.0/24 maxlen: 24
94.124.6.0/24 maxlen: 24
94.124.5.0/24 maxlen: 24
185.28.16.0/24 maxlen: 24
185.28.16.0/22 maxlen: 22
185.28.18.0/23 maxlen: 23
80.82.16.0/23 maxlen: 23
80.82.22.0/24 maxlen: 24
80.82.22.0/23 maxlen: 23
80.82.20.0/23 maxlen: 23
80.82.18.0/23 maxlen: 23
80.82.30.0/23 maxlen: 23
80.82.29.0/24 maxlen: 24
80.82.28.0/24 maxlen: 24
80.82.26.0/23 maxlen: 23
80.82.25.0/24 maxlen: 24
91.189.253.0/24 maxlen: 24
91.189.250.0/24 maxlen: 24
91.189.248.0/21 maxlen: 21
46.22.164.0/23 maxlen: 23
46.22.160.0/24 maxlen: 24
46.22.170.0/24 maxlen: 24
46.22.169.0/24 maxlen: 24
46.22.168.0/24 maxlen: 24
46.22.167.0/24 maxlen: 24
46.22.173.0/24 maxlen: 24
2a02:f78::/32 maxlen: 32
2a02:f7f:14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119480539 (0x71f20db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11bfa2961fa0e0b07041293ddc0c3693a9e0a238
Validity
Not Before: Jan 1 16:05:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=026d00683c746b6a234ece6c062aea7bdf82cc51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9b:7d:26:c6:18:90:52:3e:77:d4:57:ed:63:
3c:1a:f7:55:a1:b4:fe:d2:99:5e:de:17:3d:df:5e:
be:17:5a:f0:00:91:c0:9f:7a:c7:e3:cd:59:2c:dd:
60:0d:61:b9:c1:20:4c:37:86:78:8b:cd:22:e2:d5:
4d:80:3d:96:e1:be:ea:e4:14:0b:aa:1f:fe:50:1b:
6f:6a:5c:6c:a7:fd:72:97:b8:df:eb:8e:f5:db:33:
e7:b1:d4:e5:66:66:7e:32:df:9d:57:84:bd:7b:47:
59:d2:8d:6e:2f:bc:bb:77:e9:31:2b:3f:0f:54:47:
39:7c:2d:05:9a:ef:48:14:d5:a6:1f:60:1e:55:6b:
e6:e1:d2:72:c4:8a:11:ab:ad:7d:54:3a:8c:df:15:
94:3a:3c:11:b3:62:1d:06:e8:cf:6c:3f:1b:18:21:
14:db:b5:14:86:ef:03:41:b8:ae:e7:1f:d2:0c:3e:
f6:39:84:bc:53:bf:d3:e3:bf:42:9a:a6:97:7a:98:
eb:28:5d:eb:cb:73:fb:0d:1c:84:56:db:fb:74:2e:
b3:bf:f9:05:ec:d8:9b:ce:7a:eb:63:e3:32:19:83:
64:6c:71:98:99:e8:fb:3b:0f:27:a3:b1:32:9c:51:
a1:fb:cc:10:db:d1:bf:04:bc:c9:88:2c:cb:95:a4:
98:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6D:00:68:3C:74:6B:6A:23:4E:CE:6C:06:2A:EA:7B:DF:82:CC:51
X509v3 Authority Key Identifier:
keyid:11:BF:A2:96:1F:A0:E0:B0:70:41:29:3D:DC:0C:36:93:A9:E0:A2:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eb-ilh-g4LBwQSk93Aw2k6ngojg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/Am0AaDx0a2ojTs5sBirqe9-CzFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/Eb-ilh-g4LBwQSk93Aw2k6ngojg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.160.0/24
46.22.164.0/23
46.22.167.0-46.22.170.255
46.22.173.0/24
80.82.16.0/21
80.82.25.0-80.82.31.255
91.189.248.0/21
94.124.0.0/20
185.28.16.0/22
IPv6:
2a02:f78::/32
2a02:f7f:14::/48
Signature Algorithm: sha256WithRSAEncryption
28:8a:45:4c:0a:69:a5:cd:f3:63:2e:b6:a7:b2:1b:c0:8e:f4:
a5:65:d7:d9:c4:5f:20:1b:51:26:6b:94:6d:93:6c:fc:c0:c6:
13:91:5c:da:b4:d7:29:3a:32:dc:4c:d5:ce:71:2a:16:12:47:
e1:be:46:96:85:e0:cf:dc:2e:a5:c7:99:38:f2:3b:c8:4d:a3:
c7:04:6f:d3:9d:9b:30:77:1e:8d:e2:38:5d:05:bd:e4:3d:61:
c0:c5:01:68:8d:5e:56:4a:82:65:ed:8e:ce:69:d8:49:b3:15:
0d:a1:a0:03:a5:0c:ca:1f:2e:65:f2:08:76:13:09:7f:1f:11:
62:84:1e:e2:db:60:0d:fc:86:05:e1:bd:15:70:cb:42:5e:1a:
92:fb:fe:21:db:20:7c:c3:49:f5:0b:79:5a:2e:cc:22:84:40:
c6:68:40:d1:cc:be:78:9a:07:9a:2f:67:ed:35:5c:7f:4b:b6:
03:52:d4:7c:a0:3b:71:3a:dc:3b:87:e4:c5:03:80:7f:95:cd:
47:75:0d:5b:d6:07:a1:bc:e5:3b:28:bf:36:b5:b4:88:fe:63:
29:1d:03:10:00:7a:af:22:0c:2d:b5:67:3a:38:72:2d:11:bc:
a1:71:fd:00:0b:37:63:54:80:48:88:70:60:5f:0f:0c:3e:26:
26:6c:df:ce
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIEBx8g2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWJmYTI5NjFmYTBlMGIwNzA0MTI5M2RkYzBjMzY5M2E5ZTBhMjM4MB4XDTIyMDEw
MTE2MDU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI2ZDAwNjgzYzc0
NmI2YTIzNGVjZTZjMDYyYWVhN2JkZjgyY2M1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+bfSbGGJBSPnfUV+1jPBr3VaG0/tKZXt4XPd9evhda8ACR
wJ96x+PNWSzdYA1hucEgTDeGeIvNIuLVTYA9luG+6uQUC6of/lAbb2pcbKf9cpe4
3+uO9dsz57HU5WZmfjLfnVeEvXtHWdKNbi+8u3fpMSs/D1RHOXwtBZrvSBTVph9g
HlVr5uHScsSKEautfVQ6jN8VlDo8EbNiHQboz2w/GxghFNu1FIbvA0G4rucf0gw+
9jmEvFO/0+O/Qpqml3qY6yhd68tz+w0chFbb+3Qus7/5BezYm85662PjMhmDZGxx
mJno+zsPJ6OxMpxRofvMENvRvwS8yYgsy5WkmD0CAwEAAaOCAmEwggJdMB0GA1Ud
DgQWBBQCbQBoPHRraiNOzmwGKup734LMUTAfBgNVHSMEGDAWgBQRv6KWH6DgsHBB
KT3cDDaTqeCiODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ViLWlsaC1nNExCd1FTazkzQXcyazZuZ29qZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMTczMTczLTgxOWYtNGJjOS05MmQ4LTc4NzkxYzkzNTZhMy8x
L0FtMEFhRHgwYTJvalRzNXNCaXJxZTktQ3pGRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MTczMTczLTgxOWYtNGJjOS05MmQ4LTc4NzkxYzkzNTZhMy8xL0ViLWlsaC1nNExC
d1FTazkzQXcyazZuZ29qZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3
BggrBgEFBQcBBwEB/wRoMGYwTAQCAAEwRgMEAC4WoAMEAS4WpDAMAwQALhanAwQA
LhaqAwQALhatAwQDUFIQMAwDBABQUhkDBAVQUgADBANbvfgDBARefAADBAK5HBAw
FgQCAAIwEAMFACoCD3gDBwAqAg9/ABQwDQYJKoZIhvcNAQELBQADggEBACiKRUwK
aaXN82MutqeyG8CO9KVl19nEXyAbUSZrlG2TbPzAxhORXNq01yk6MtxM1c5xKhYS
R+G+RpaF4M/cLqXHmTjyO8hNo8cEb9OdmzB3Ho3iOF0FveQ9YcDFAWiNXlZKgmXt
js5p2EmzFQ2hoAOlDMofLmXyCHYTCX8fEWKEHuLbYA38hgXhvRVwy0JeGpL7/iHb
IHzDSfULeVouzCKEQMZoQNHMvniaB5ovZ+01XH9LtgNS1HygO3E63DuH5MUDgH+V
zUd1DVvWB6G85Tsovza1tIj+YykdAxAAeq8iDC21Zzo4ci0RvKFx/QALN2NUgEiI
cGBfDww+JiZs384=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:23 2024 by rpki-client on console-fra.rpki-client.org