Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/ke6wmnvWfKe7Kdj-AU7HwfdOvOQ.roa
File: ke6wmnvWfKe7Kdj-AU7HwfdOvOQ.roa (raw, json)
Hash identifier: J3eEahxLzJgVzQSUHmq93pRXgKAYc13e2v0beHv1X7Q=
Subject key identifier: 91:EE:B0:9A:7B:D6:7C:A7:BB:29:D8:FE:01:4E:C7:C1:F7:4E:BC:E4
Certificate issuer: /CN=beab1ee7c4dad29d127d565d1b9379465c288937
Certificate serial: 14DF32A9
Authority key identifier: BE:AB:1E:E7:C4:DA:D2:9D:12:7D:56:5D:1B:93:79:46:5C:28:89:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqse58Ta0p0SfVZdG5N5RlwoiTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/ke6wmnvWfKe7Kdj-AU7HwfdOvOQ.roa
Signing time: Sat 01 Jan 2022 13:02:54 +0000
ROA not before: Sat 01 Jan 2022 13:02:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3226
IP address blocks: 217.29.176.0/20 maxlen: 20
92.55.0.0/18 maxlen: 18
91.146.0.0/18 maxlen: 18
87.250.0.0/19 maxlen: 19
217.14.192.0/20 maxlen: 20
217.114.144.0/20 maxlen: 20
92.241.224.0/19 maxlen: 19
2a00:4580::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350171817 (0x14df32a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beab1ee7c4dad29d127d565d1b9379465c288937
Validity
Not Before: Jan 1 13:02:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91eeb09a7bd67ca7bb29d8fe014ec7c1f74ebce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:28:48:86:58:6e:e9:e6:c8:e7:73:8c:62:1e:
a0:79:47:78:7f:82:af:3b:1a:b1:7a:0a:a4:4c:0a:
5c:fc:e3:e3:32:1a:78:7a:32:6a:7a:8a:ba:c1:f5:
be:a3:43:01:eb:02:08:da:98:3c:a0:35:7d:03:4d:
a4:18:9b:fc:cc:08:d3:70:42:30:b1:68:83:c1:0b:
84:07:50:71:06:39:1a:3a:c2:9e:09:f0:a5:f1:48:
d3:26:0f:17:1b:75:33:3a:e2:85:60:d9:c1:64:41:
53:68:7f:47:0d:eb:46:02:53:0d:52:e0:7a:0e:68:
3d:6d:7b:f9:54:95:76:3f:dd:55:bf:fd:c7:4a:38:
59:de:ae:50:ba:2e:1c:77:8b:06:77:b6:37:02:14:
27:0d:56:56:d5:c1:d3:5d:90:00:37:f8:62:ad:be:
46:d0:73:16:68:39:40:9c:26:1c:10:79:8d:52:b4:
52:59:cb:fd:7b:af:22:59:ec:b9:55:af:93:95:66:
d8:3d:c1:6b:30:46:84:bc:6f:56:48:02:c1:73:c1:
61:1d:dc:f4:a9:dd:7d:f4:db:73:31:26:17:f8:8f:
07:ef:9f:85:61:ec:a9:16:dc:dd:25:7e:f0:0d:e7:
f7:a1:3c:1d:d2:07:b6:f8:68:14:a6:4c:7c:e7:71:
50:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:EE:B0:9A:7B:D6:7C:A7:BB:29:D8:FE:01:4E:C7:C1:F7:4E:BC:E4
X509v3 Authority Key Identifier:
keyid:BE:AB:1E:E7:C4:DA:D2:9D:12:7D:56:5D:1B:93:79:46:5C:28:89:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqse58Ta0p0SfVZdG5N5RlwoiTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/ke6wmnvWfKe7Kdj-AU7HwfdOvOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/vqse58Ta0p0SfVZdG5N5RlwoiTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.250.0.0/19
91.146.0.0/18
92.55.0.0/18
92.241.224.0/19
217.14.192.0/20
217.29.176.0/20
217.114.144.0/20
IPv6:
2a00:4580::/30
Signature Algorithm: sha256WithRSAEncryption
01:e7:80:8c:42:c3:06:b2:14:0b:6c:94:04:8f:79:63:89:28:
5a:08:d5:9e:96:41:50:da:4f:da:a6:d0:9a:cd:15:b0:32:76:
91:10:86:5f:24:9a:61:2c:b0:31:63:90:45:24:c6:10:c3:0b:
67:3a:80:4f:6e:db:0f:ed:c4:ed:b6:00:41:6f:c7:a7:0b:06:
8a:93:c2:f1:b7:4d:33:54:de:40:6f:0f:5c:30:81:9c:c7:d4:
b4:89:91:90:8b:3c:0f:51:29:cb:f5:87:c0:65:78:2f:96:97:
5a:98:ce:fe:3f:d5:64:cd:5b:11:ba:b2:e5:f4:fe:e2:e9:7e:
50:00:20:c3:25:0b:76:05:5f:8b:88:25:4f:fb:fc:9c:77:d0:
cc:02:92:62:ed:cc:c0:b0:be:87:c3:b4:7d:11:5a:f5:e7:45:
cc:0e:76:c7:5c:73:3d:c5:76:06:53:5d:b7:2b:be:8a:90:48:
f2:6e:29:1c:4b:bc:24:84:ea:30:d1:dd:72:df:9a:5c:b1:fb:
82:84:98:3a:6c:b3:16:18:5c:33:51:94:b7:b5:9a:86:0f:39:
64:f7:ef:98:44:0a:1a:2d:9b:a1:b6:64:01:51:8c:86:e6:27:
d6:56:47:81:6a:47:7d:a1:45:fa:fd:41:76:04:4f:10:60:e7:
56:93:4a:1c
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEFN8yqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZWFiMWVlN2M0ZGFkMjlkMTI3ZDU2NWQxYjkzNzk0NjVjMjg4OTM3MB4XDTIyMDEw
MTEzMDI1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFlZWIwOWE3YmQ2
N2NhN2JiMjlkOGZlMDE0ZWM3YzFmNzRlYmNlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8oSIZYbunmyOdzjGIeoHlHeH+CrzsasXoKpEwKXPzj4zIa
eHoyanqKusH1vqNDAesCCNqYPKA1fQNNpBib/MwI03BCMLFog8ELhAdQcQY5GjrC
ngnwpfFI0yYPFxt1MzrihWDZwWRBU2h/Rw3rRgJTDVLgeg5oPW17+VSVdj/dVb/9
x0o4Wd6uULouHHeLBne2NwIUJw1WVtXB012QADf4Yq2+RtBzFmg5QJwmHBB5jVK0
UlnL/XuvIlnsuVWvk5Vm2D3BazBGhLxvVkgCwXPBYR3c9KndffTbczEmF/iPB++f
hWHsqRbc3SV+8A3n96E8HdIHtvhoFKZMfOdxUPcCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSR7rCae9Z8p7sp2P4BTsfB90685DAfBgNVHSMEGDAWgBS+qx7nxNrSnRJ9
Vl0bk3lGXCiJNzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Zxc2U1OFRhMHAwU2ZWWmRHNU41Umx3b2lUYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvNjFhNjkzLTgzNmEtNDEyMi1iOTI5LWUyYTkyMDVhOWQyYS8x
L2tlNndtbnZXZktlN0tkai1BVTdId2ZkT3ZPUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
NjFhNjkzLTgzNmEtNDEyMi1iOTI5LWUyYTkyMDVhOWQyYS8xL3Zxc2U1OFRhMHAw
U2ZWWmRHNU41Umx3b2lUYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBVf6AAMEBluSAAMEBlw3AAMEBVzx
4AMEBNkOwAMEBNkdsAMEBNlykDANBAIAAjAHAwUCKgBFgDANBgkqhkiG9w0BAQsF
AAOCAQEAAeeAjELDBrIUC2yUBI95Y4koWgjVnpZBUNpP2qbQms0VsDJ2kRCGXySa
YSywMWOQRSTGEMMLZzqAT27bD+3E7bYAQW/HpwsGipPC8bdNM1TeQG8PXDCBnMfU
tImRkIs8D1Epy/WHwGV4L5aXWpjO/j/VZM1bEbqy5fT+4ul+UAAgwyULdgVfi4gl
T/v8nHfQzAKSYu3MwLC+h8O0fRFa9edFzA52x1xzPcV2BlNdtyu+ipBI8m4pHEu8
JITqMNHdct+aXLH7goSYOmyzFhhcM1GUt7Wahg85ZPfvmEQKGi2bobZkAVGMhuYn
1lZHgWpHfaFF+v1BdgRPEGDnVpNKHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:38 2024 by rpki-client on console-ams.rpki-client.org