Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/ee0I66i8P2AqxJweaNXig5QbllM.roa
File: ee0I66i8P2AqxJweaNXig5QbllM.roa (raw, json)
Hash identifier: rH63YTp0JaeC2UggR1cH+tqeXW5Q2WuULiGSTJPMN/0=
Subject key identifier: 79:ED:08:EB:A8:BC:3F:60:2A:C4:9C:1E:68:D5:E2:83:94:1B:96:53
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 07794787
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/ee0I66i8P2AqxJweaNXig5QbllM.roa
Signing time: Sat 01 Jan 2022 05:04:20 +0000
ROA not before: Sat 01 Jan 2022 05:04:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207461
IP address blocks: 178.239.28.0/23 maxlen: 23
2.58.232.0/22 maxlen: 24
2.58.232.0/24 maxlen: 24
178.239.30.0/23 maxlen: 23
2.58.233.0/24 maxlen: 24
2.58.234.0/24 maxlen: 24
2.58.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125388679 (0x7794787)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 1 05:04:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79ed08eba8bc3f602ac49c1e68d5e283941b9653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9c:ba:15:2e:c1:0c:91:03:d4:a4:4e:e0:0d:
24:2e:ee:7d:2d:db:d2:35:a1:66:6f:67:c7:59:51:
43:81:b0:2c:a2:7e:6c:4d:26:a0:5e:3f:20:04:41:
19:a5:99:c1:d4:30:06:72:25:38:de:eb:96:00:dc:
55:c9:9e:9e:fa:e3:99:ac:d3:10:4f:31:97:1a:b1:
c2:d3:ac:7c:42:e9:7e:a4:a8:2d:e5:32:80:a0:41:
f5:61:3f:45:65:09:54:f1:96:0b:16:3d:6d:9d:42:
1a:8f:3a:05:61:2a:b5:43:d1:c1:6a:e5:13:2d:91:
90:55:1e:3d:93:41:02:c2:c3:97:16:e0:07:a3:47:
73:94:47:f1:9a:5c:8e:3a:ea:c3:ef:85:cd:ac:31:
48:9f:70:23:29:a0:89:4c:ce:c2:b0:78:ca:f4:57:
51:ef:c6:0e:6f:1d:3b:e9:ac:0b:4e:27:b3:75:9b:
cd:0a:6d:47:19:65:0d:86:79:9c:03:08:4a:27:a2:
20:fd:87:0d:d7:df:d8:ac:a9:88:0e:5e:58:81:fe:
2f:31:e8:36:71:27:87:a3:01:e4:73:18:da:d3:8e:
17:84:8f:21:91:6e:46:7b:83:1f:7f:8a:a2:35:f5:
64:6c:94:91:24:2d:fa:92:21:3f:c5:dc:d7:83:23:
c3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:ED:08:EB:A8:BC:3F:60:2A:C4:9C:1E:68:D5:E2:83:94:1B:96:53
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/ee0I66i8P2AqxJweaNXig5QbllM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.232.0/22
178.239.28.0/22
Signature Algorithm: sha256WithRSAEncryption
71:67:63:18:a5:86:71:3d:09:e3:13:67:b0:f2:32:11:9a:2b:
13:21:d5:c7:d1:a6:0c:15:70:ee:1b:59:b8:60:b2:e6:94:70:
b4:96:01:bb:e5:4b:b3:e4:5e:43:2c:22:b7:3d:72:c2:b8:9c:
03:f2:02:47:4e:db:07:c5:c2:29:83:89:17:f7:ef:0c:93:1a:
3f:4b:27:df:34:96:ae:9f:7e:71:3e:f9:b6:a4:6c:e6:4f:00:
b1:ed:78:36:3f:58:6a:67:90:18:f5:cf:9e:15:41:20:5a:2d:
39:d6:f7:bf:c1:23:4b:61:fe:7a:3c:bc:8e:55:87:d6:ca:ad:
82:05:4c:12:86:53:39:38:56:1e:11:11:02:3f:6d:62:7d:26:
30:e0:81:e6:52:40:d4:4d:2b:2b:0e:9c:31:cd:64:62:30:75:
f9:46:c3:09:b7:d7:f6:84:b5:12:38:ee:3f:a3:6a:d3:09:28:
86:e1:0a:d0:41:d8:a7:5c:00:58:fb:20:23:ec:71:0d:f6:a5:
70:cd:e3:18:e5:28:0e:49:d5:43:aa:ed:cf:43:df:cb:c1:ce:
c2:3b:26:01:7e:ea:b2:4a:c8:b5:04:a4:30:47:06:16:b2:96:
42:34:0f:fa:12:b8:94:40:bf:75:6c:22:1a:73:6d:b2:d6:34:
84:d6:aa:d3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB3lHhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzY3N2Q3Y2I5MjcxY2UzNjEyNTZlOTgzM2NjN2IxNGZkMDIzZWJlMB4XDTIyMDEw
MTA1MDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzllZDA4ZWJhOGJj
M2Y2MDJhYzQ5YzFlNjhkNWUyODM5NDFiOTY1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALecuhUuwQyRA9SkTuANJC7ufS3b0jWhZm9nx1lRQ4GwLKJ+
bE0moF4/IARBGaWZwdQwBnIlON7rlgDcVcmenvrjmazTEE8xlxqxwtOsfELpfqSo
LeUygKBB9WE/RWUJVPGWCxY9bZ1CGo86BWEqtUPRwWrlEy2RkFUePZNBAsLDlxbg
B6NHc5RH8Zpcjjrqw++FzawxSJ9wIymgiUzOwrB4yvRXUe/GDm8dO+msC04ns3Wb
zQptRxllDYZ5nAMISieiIP2HDdff2KypiA5eWIH+LzHoNnEnh6MB5HMY2tOOF4SP
IZFuRnuDH3+KojX1ZGyUkSQt+pIhP8Xc14Mjw60CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR57QjrqLw/YCrEnB5o1eKDlBuWUzAfBgNVHSMEGDAWgBSTZ318uScc42El
bpgzzHsU/QI+vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syZDlmTGtuSE9OaEpXNllNOHg3RlAwQ1ByNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8x
L2VlMEk2Nmk4UDJBcXhKd2VhTlhpZzVRYmxsTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8xL2syZDlmTGtuSE9O
aEpXNllNOHg3RlAwQ1ByNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgI66AMEArLvHDANBgkqhkiG9w0B
AQsFAAOCAQEAcWdjGKWGcT0J4xNnsPIyEZorEyHVx9GmDBVw7htZuGCy5pRwtJYB
u+VLs+ReQywitz1ywricA/ICR07bB8XCKYOJF/fvDJMaP0sn3zSWrp9+cT75tqRs
5k8Ase14Nj9YameQGPXPnhVBIFotOdb3v8EjS2H+ejy8jlWH1sqtggVMEoZTOThW
HhERAj9tYn0mMOCB5lJA1E0rKw6cMc1kYjB1+UbDCbfX9oS1EjjuP6Nq0wkohuEK
0EHYp1wAWPsgI+xxDfalcM3jGOUoDknVQ6rtz0Pfy8HOwjsmAX7qskrItQSkMEcG
FrKWQjQP+hK4lEC/dWwiGnNtstY0hNaq0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org