Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/ckEbHBFLBHUr6q5t7YTEEbVztF0.roa
File: ckEbHBFLBHUr6q5t7YTEEbVztF0.roa (raw, json)
Hash identifier: WgwKwCQgH6pa/jL5Wxtu25p9yv4AthvCcacbFdAPX/Y=
Subject key identifier: 72:41:1B:1C:11:4B:04:75:2B:EA:AE:6D:ED:84:C4:11:B5:73:B4:5D
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01839CE21FEC3B56652E12D692B0F09B753C
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/ckEbHBFLBHUr6q5t7YTEEbVztF0.roa
Signing time: Mon 03 Oct 2022 08:06:48 +0000
ROA not before: Mon 03 Oct 2022 08:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 194.110.172.0/23 maxlen: 24
85.117.241.0/24 maxlen: 24
192.144.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9c:e2:1f:ec:3b:56:65:2e:12:d6:92:b0:f0:9b:75:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Oct 3 08:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72411b1c114b04752beaae6ded84c411b573b45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:af:74:3e:2f:3f:8f:ef:8d:04:71:9d:24:fb:
3b:d9:e2:f5:38:19:89:b5:54:7f:62:f6:cc:47:8d:
92:97:b7:b2:9b:88:99:2a:d7:f0:e8:bd:c9:a1:06:
41:eb:49:1b:dc:c6:1a:55:12:60:0c:44:94:71:69:
59:cd:96:ba:4f:e1:50:e5:82:e4:ec:cc:09:eb:dd:
ba:6b:d9:2a:60:87:06:b8:8b:13:dd:75:04:25:fc:
db:da:92:05:b2:77:56:d7:a0:03:f4:a8:b3:74:c4:
1f:b6:25:ff:3b:b6:a2:4c:58:a3:83:8f:02:d7:48:
1e:6d:11:5a:df:e8:e5:d2:37:75:00:5a:61:96:7d:
e1:8a:08:6f:92:82:71:d3:bc:9d:42:be:b5:e3:3b:
28:88:1f:e2:64:5a:a8:d9:76:31:87:04:9f:74:80:
79:2c:73:b2:9d:ee:92:94:da:69:a4:5f:c5:7c:fb:
ea:31:29:c7:e0:d1:76:9f:24:d3:13:f2:34:2a:09:
7e:a5:4e:7a:fb:89:6f:9d:d1:ae:bd:b1:4a:6e:d6:
7f:d2:76:e6:54:fc:1d:42:14:19:f7:ab:ee:10:48:
a0:7e:21:70:bc:a1:6a:be:a0:73:31:a2:f6:ee:6a:
90:85:06:fd:a9:e1:9d:51:2f:53:21:20:3e:e2:b5:
3c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:41:1B:1C:11:4B:04:75:2B:EA:AE:6D:ED:84:C4:11:B5:73:B4:5D
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/ckEbHBFLBHUr6q5t7YTEEbVztF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.241.0/24
192.144.32.0/24
194.110.172.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:bd:71:27:81:6b:5f:b0:f0:d0:e4:13:75:eb:11:54:d3:94:
b1:c0:c4:56:82:98:a5:53:a4:a8:32:9d:4c:cd:5e:45:85:98:
a0:a7:e8:fd:0b:d0:36:70:f6:cf:e7:e7:18:0a:d9:9e:8c:99:
b7:23:92:1f:12:16:13:de:38:64:39:78:fe:6c:5b:e2:25:78:
63:ca:43:74:c9:d8:9b:e7:b9:df:49:73:3c:ab:a2:5b:c0:ca:
c1:b7:a7:a1:a5:da:68:ad:b6:54:4d:c5:2f:00:98:fd:c0:d7:
90:7c:eb:93:c3:79:74:9f:ad:25:70:99:2b:dd:47:81:44:ef:
71:da:40:9a:b0:2c:62:36:10:c3:c2:b6:21:d5:98:08:ff:0b:
01:42:c0:48:32:5b:37:c6:23:32:9b:a8:d1:b9:bf:83:e5:8d:
9a:6d:3d:35:58:40:0f:ef:b8:8c:fe:8b:d2:d5:c8:ba:8c:a1:
72:5d:6e:b5:70:92:67:df:64:5f:ea:1e:59:3c:5c:c8:df:3a:
32:55:6d:99:83:18:ab:fd:c8:4e:0c:a6:45:15:0a:b0:a3:5f:
df:85:11:03:1a:72:e6:2f:ec:e8:5b:a2:07:fc:b7:94:15:85:
a7:bd:51:95:25:13:16:e4:a9:6f:30:2e:c2:cc:86:5a:b4:c8:
9a:ac:1d:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOc4h/sO1ZlLhLWkrDwm3U8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjIxMDAzMDgwNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQxMWIxYzExNGIwNDc1MmJlYWFlNmRlZDg0YzQxMWI1NzNiNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq90Pi8/j++NBHGdJPs72eL1OBmJ
tVR/YvbMR42Sl7eym4iZKtfw6L3JoQZB60kb3MYaVRJgDESUcWlZzZa6T+FQ5YLk
7MwJ6926a9kqYIcGuIsT3XUEJfzb2pIFsndW16AD9KizdMQftiX/O7aiTFijg48C
10gebRFa3+jl0jd1AFphln3highvkoJx07ydQr614zsoiB/iZFqo2XYxhwSfdIB5
LHOyne6SlNpppF/FfPvqMSnH4NF2nyTTE/I0Kgl+pU56+4lvndGuvbFKbtZ/0nbm
VPwdQhQZ96vuEEigfiFwvKFqvqBzMaL27mqQhQb9qeGdUS9TISA+4rU8+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHJBGxwRSwR1K+qube2ExBG1c7RdMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvY2tFYkhCRkxCSFVyNnE1dDdZVEVFYlZ6dEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXXxAwQA
wJAgAwQBwm6sMA0GCSqGSIb3DQEBCwUAA4IBAQCdvXEngWtfsPDQ5BN16xFU05Sx
wMRWgpilU6SoMp1MzV5FhZigp+j9C9A2cPbP5+cYCtmejJm3I5IfEhYT3jhkOXj+
bFviJXhjykN0ydib57nfSXM8q6JbwMrBt6ehpdporbZUTcUvAJj9wNeQfOuTw3l0
n60lcJkr3UeBRO9x2kCasCxiNhDDwrYh1ZgI/wsBQsBIMls3xiMym6jRub+D5Y2a
bT01WEAP77iM/ovS1ci6jKFyXW61cJJn32Rf6h5ZPFzI3zoyVW2Zgxir/chODKZF
FQqwo1/fhREDGnLmL+zoW6IH/LeUFYWnvVGVJRMW5KlvMC7CzIZatMiarB3N
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-fra.rpki-client.org