Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/EfK6BAv8w9bBLoWr3boEZkOgLQs.roa
File: EfK6BAv8w9bBLoWr3boEZkOgLQs.roa (raw, json)
Hash identifier: YNkBSvKuxK3+NlxLUhkLJe3UbUcm3Dmm1RKfr60C95U=
Subject key identifier: 11:F2:BA:04:0B:FC:C3:D6:C1:2E:85:AB:DD:BA:04:66:43:A0:2D:0B
Certificate issuer: /CN=ecb612e1f6b4d83f8a5d552cf3b60edd23bfe9f4
Certificate serial: 058ABA17
Authority key identifier: EC:B6:12:E1:F6:B4:D8:3F:8A:5D:55:2C:F3:B6:0E:DD:23:BF:E9:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7LYS4fa02D-KXVUs87YO3SO_6fQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/EfK6BAv8w9bBLoWr3boEZkOgLQs.roa
Signing time: Sat 01 Jan 2022 06:03:03 +0000
ROA not before: Sat 01 Jan 2022 06:03:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49282
IP address blocks: 95.175.96.0/19 maxlen: 19
85.194.204.0/22 maxlen: 22
95.175.124.0/22 maxlen: 22
164.215.32.0/21 maxlen: 21
185.162.156.0/22 maxlen: 22
185.18.76.0/22 maxlen: 22
2a03:e580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92977687 (0x58aba17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecb612e1f6b4d83f8a5d552cf3b60edd23bfe9f4
Validity
Not Before: Jan 1 06:03:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11f2ba040bfcc3d6c12e85abddba046643a02d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:45:93:23:57:b1:1b:e1:be:de:90:69:48:f4:
53:26:58:57:85:ef:0e:c3:3a:a1:94:58:7b:95:53:
e3:9f:41:37:18:37:79:bc:ec:69:c9:39:f3:5d:b8:
1e:b7:1a:c5:61:64:42:a6:c5:a7:f9:e4:83:e3:f3:
98:c7:f3:58:ec:41:31:40:63:d2:08:8f:9a:9d:10:
5a:f5:27:d9:e9:8f:f0:45:ca:30:2f:6f:15:1a:56:
ed:1f:bf:05:7e:46:db:06:0a:11:df:b1:31:5c:e9:
68:89:e7:5a:91:27:2b:9c:ee:24:0c:ec:8a:12:77:
5c:dd:00:60:f5:b0:c2:8f:5d:73:fe:50:77:f8:4f:
67:f6:58:0c:38:57:d3:91:9e:d7:56:78:98:a9:72:
bb:71:4f:b4:51:cc:a4:0b:2e:a4:c2:fe:4d:21:79:
24:66:5f:16:58:c3:fc:98:f4:4d:64:37:87:98:b9:
66:c3:10:09:a5:09:24:01:0c:2a:83:39:9e:b5:35:
df:60:a5:be:25:a9:14:46:a5:03:c3:ae:3c:d6:97:
0f:01:15:14:b0:87:f9:b8:a4:d9:59:56:d3:de:84:
0e:1f:35:b5:6d:a0:7d:a2:e4:8d:ee:e4:1e:a7:27:
0b:58:d8:b7:b0:e4:63:cf:2c:7b:81:34:8d:47:48:
18:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F2:BA:04:0B:FC:C3:D6:C1:2E:85:AB:DD:BA:04:66:43:A0:2D:0B
X509v3 Authority Key Identifier:
keyid:EC:B6:12:E1:F6:B4:D8:3F:8A:5D:55:2C:F3:B6:0E:DD:23:BF:E9:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7LYS4fa02D-KXVUs87YO3SO_6fQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/EfK6BAv8w9bBLoWr3boEZkOgLQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/7LYS4fa02D-KXVUs87YO3SO_6fQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.204.0/22
95.175.96.0/19
164.215.32.0/21
185.18.76.0/22
185.162.156.0/22
IPv6:
2a03:e580::/29
Signature Algorithm: sha256WithRSAEncryption
74:e2:b4:16:e3:36:09:42:e4:24:b5:1f:32:ee:4d:1f:54:2c:
34:00:1b:5b:f3:d6:c9:a7:82:18:fe:d0:5e:dd:b5:ad:6a:e5:
ea:6f:fe:48:44:06:e9:51:71:b5:cd:ea:03:25:05:6b:c0:f4:
73:55:3e:9a:eb:0e:c7:f8:2a:4a:cc:f6:9b:0f:2f:c7:5f:42:
c4:b9:67:99:c5:bb:96:09:42:11:63:c5:bb:d7:b1:d6:f0:51:
8b:86:b5:9a:2a:e2:e8:51:f5:d8:0c:f8:1b:5b:27:0c:06:9d:
cb:8f:5a:c2:d6:8c:3c:98:5c:b9:87:35:cc:34:91:c1:57:43:
7c:81:cb:08:fc:85:41:7e:d9:ab:4a:6a:29:6b:01:20:73:73:
91:50:f1:1d:c8:19:95:a3:8a:73:b2:4e:72:5f:7f:ad:87:cf:
e1:c0:ee:72:4f:04:a1:69:16:fe:d7:46:19:54:cc:9a:bb:9e:
98:e6:7f:2f:17:d9:ec:2a:12:99:b0:0a:11:17:c4:20:fd:5c:
c6:1e:89:af:ff:39:ea:f6:3c:9a:be:72:4b:1e:dc:69:d9:0a:
fc:34:8b:20:35:6a:d6:ef:20:d2:59:c1:1c:72:66:6b:11:a6:
1b:12:a4:c0:ca:cf:46:94:f0:79:85:cf:70:75:ee:6a:a0:94:
39:55:d2:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBYq6FzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Y2I2MTJlMWY2YjRkODNmOGE1ZDU1MmNmM2I2MGVkZDIzYmZlOWY0MB4XDTIyMDEw
MTA2MDMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTFmMmJhMDQwYmZj
YzNkNmMxMmU4NWFiZGRiYTA0NjY0M2EwMmQwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdFkyNXsRvhvt6QaUj0UyZYV4XvDsM6oZRYe5VT459BNxg3
ebzsack58124HrcaxWFkQqbFp/nkg+PzmMfzWOxBMUBj0giPmp0QWvUn2emP8EXK
MC9vFRpW7R+/BX5G2wYKEd+xMVzpaInnWpEnK5zuJAzsihJ3XN0AYPWwwo9dc/5Q
d/hPZ/ZYDDhX05Ge11Z4mKlyu3FPtFHMpAsupML+TSF5JGZfFljD/Jj0TWQ3h5i5
ZsMQCaUJJAEMKoM5nrU132ClviWpFEalA8OuPNaXDwEVFLCH+bik2VlW096EDh81
tW2gfaLkje7kHqcnC1jYt7DkY88se4E0jUdIGFUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQR8roEC/zD1sEuhavdugRmQ6AtCzAfBgNVHSMEGDAWgBTsthLh9rTYP4pd
VSzztg7dI7/p9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdMWVM0ZmEwMkQtS1hWVXM4N1lPM1NPXzZmUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNWNkODg0LTc5ZjUtNDgzZC05MDRhLTk2ZmUxOTExZDBiMy8x
L0VmSzZCQXY4dzliQkxvV3IzYm9FWmtPZ0xRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NWNkODg0LTc5ZjUtNDgzZC05MDRhLTk2ZmUxOTExZDBiMy8xLzdMWVM0ZmEwMkQt
S1hWVXM4N1lPM1NPXzZmUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAlXCzAMEBV+vYAMEA6TXIAMEArkS
TAMEArminDANBAIAAjAHAwUDKgPlgDANBgkqhkiG9w0BAQsFAAOCAQEAdOK0FuM2
CULkJLUfMu5NH1QsNAAbW/PWyaeCGP7QXt21rWrl6m/+SEQG6VFxtc3qAyUFa8D0
c1U+musOx/gqSsz2mw8vx19CxLlnmcW7lglCEWPFu9ex1vBRi4a1miri6FH12Az4
G1snDAady49awtaMPJhcuYc1zDSRwVdDfIHLCPyFQX7Zq0pqKWsBIHNzkVDxHcgZ
laOKc7JOcl9/rYfP4cDuck8EoWkW/tdGGVTMmruemOZ/LxfZ7CoSmbAKERfEIP1c
xh6Jr/856vY8mr5ySx7cadkK/DSLIDVq1u8g0lnBHHJmaxGmGxKkwMrPRpTweYXP
cHXuaqCUOVXSNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:19 2024 by rpki-client on console-fra.rpki-client.org