Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/EUOb8WRjIjqjXO9bCSaSOz0w2G4.roa
File: EUOb8WRjIjqjXO9bCSaSOz0w2G4.roa (raw, json)
Hash identifier: 19x4aFyDqrV07SO6FPt7UReTZloGtl1VpsQ9z930RFU=
Subject key identifier: 11:43:9B:F1:64:63:22:3A:A3:5C:EF:5B:09:26:92:3B:3D:30:D8:6E
Certificate issuer: /CN=9f5646f7d8afc0a933fb33333f37013d83a04d00
Certificate serial: 064B43DE
Authority key identifier: 9F:56:46:F7:D8:AF:C0:A9:33:FB:33:33:3F:37:01:3D:83:A0:4D:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1ZG99ivwKkz-zMzPzcBPYOgTQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/EUOb8WRjIjqjXO9bCSaSOz0w2G4.roa
Signing time: Fri 14 Jan 2022 08:47:01 +0000
ROA not before: Fri 14 Jan 2022 08:47:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6855
IP address blocks: 178.41.128.0/17 maxlen: 17
95.103.0.0/18 maxlen: 18
78.98.0.0/15 maxlen: 15
195.146.136.0/24 maxlen: 24
195.91.0.0/17 maxlen: 17
213.81.197.0/24 maxlen: 24
95.102.0.0/15 maxlen: 15
213.160.160.0/19 maxlen: 19
213.81.128.0/17 maxlen: 17
84.47.0.0/17 maxlen: 17
212.5.192.0/19 maxlen: 19
91.127.0.0/16 maxlen: 16
194.154.224.0/19 maxlen: 19
185.19.72.0/22 maxlen: 22
195.146.128.0/19 maxlen: 19
87.197.0.0/16 maxlen: 16
178.40.0.0/15 maxlen: 15
95.103.64.0/18 maxlen: 18
95.102.128.0/17 maxlen: 17
2a00:12a8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105595870 (0x64b43de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5646f7d8afc0a933fb33333f37013d83a04d00
Validity
Not Before: Jan 14 08:47:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11439bf16463223aa35cef5b0926923b3d30d86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:68:95:91:a8:a1:12:7a:97:7f:e9:a9:10:63:
81:3f:44:ad:ab:5b:8b:60:43:86:b9:80:a0:6d:f4:
3e:93:f3:48:72:04:81:ea:f0:c1:ae:95:b2:3a:57:
37:31:65:f5:d1:17:84:90:13:68:3d:c7:5c:35:e4:
c3:95:af:1c:57:4c:89:21:a2:e6:2e:41:0d:d8:c4:
0a:e5:70:3f:70:53:bf:23:1b:56:5f:f2:1d:04:29:
2a:ae:7c:83:45:26:a4:05:81:1a:c5:a2:a5:ce:cd:
4e:6e:5b:eb:79:fd:d2:aa:2c:12:f7:72:86:e0:7c:
08:0e:8c:0b:3e:82:85:1a:1c:ff:ba:b7:01:ca:00:
4f:e1:6e:5a:66:82:aa:ff:1a:4e:da:95:f8:7d:f8:
6a:fe:c1:a3:04:fa:36:eb:91:1a:3b:aa:35:fd:d1:
eb:1f:7f:00:6e:29:7e:e3:16:3d:36:a0:f2:2a:52:
0d:56:f8:90:c8:76:3a:77:05:e5:eb:02:bf:06:20:
6f:86:94:45:2b:d8:5b:d7:ea:38:54:c5:49:5f:db:
06:01:25:d3:09:df:7d:2f:4d:b6:c9:8d:c9:d5:96:
d9:c9:e7:e0:db:97:f9:ae:99:cc:23:0e:94:97:5c:
17:34:4c:8c:0d:d0:e5:53:05:69:21:d5:92:60:83:
84:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:43:9B:F1:64:63:22:3A:A3:5C:EF:5B:09:26:92:3B:3D:30:D8:6E
X509v3 Authority Key Identifier:
keyid:9F:56:46:F7:D8:AF:C0:A9:33:FB:33:33:3F:37:01:3D:83:A0:4D:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1ZG99ivwKkz-zMzPzcBPYOgTQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/EUOb8WRjIjqjXO9bCSaSOz0w2G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/n1ZG99ivwKkz-zMzPzcBPYOgTQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.98.0.0/15
84.47.0.0/17
87.197.0.0/16
91.127.0.0/16
95.102.0.0/15
178.40.0.0/15
185.19.72.0/22
194.154.224.0/19
195.91.0.0/17
195.146.128.0/19
212.5.192.0/19
213.81.128.0/17
213.160.160.0/19
IPv6:
2a00:12a8::/29
Signature Algorithm: sha256WithRSAEncryption
4c:21:99:b0:2f:ac:a0:c1:98:44:86:ac:ed:0a:9b:ea:ed:19:
d8:0a:61:90:12:0b:2a:65:89:95:fc:4f:df:2b:e9:ce:ca:c7:
bf:74:e7:4d:97:41:ca:1e:83:26:14:75:53:97:cf:da:39:a2:
9e:1d:3b:2a:dd:55:bf:50:8a:9b:01:f4:8b:99:9f:bd:9a:7f:
9d:00:37:28:0b:3b:2c:ce:1c:aa:94:85:5e:5f:e0:7f:67:c1:
0c:29:4b:71:e5:69:f5:48:4d:9a:56:24:7d:ab:94:71:25:69:
8c:9f:39:92:2a:12:43:a5:2d:b5:04:c8:fa:ae:f8:ef:f8:71:
cc:9b:b8:4d:16:1f:e7:5c:22:2d:2f:89:ac:0d:6e:4d:0b:5b:
33:56:e1:18:62:f5:27:45:b2:45:85:c3:97:60:42:23:9e:24:
2e:e1:0f:aa:fa:84:82:20:2c:7f:bc:b6:3a:96:0c:8c:f7:35:
e3:9d:88:f3:49:97:d1:3d:20:49:c1:86:87:a9:9b:a6:d9:ea:
1b:83:f6:2e:52:34:58:11:6b:92:68:5e:e2:dc:07:d2:cf:66:
3a:7a:d9:43:2b:5e:8a:a0:b8:5e:ea:a4:10:cc:7e:ff:5d:a7:
e0:a6:3c:6d:8e:34:27:2c:28:72:30:fc:d0:e2:94:3d:18:6b:
73:a8:54:78
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEBktD3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjU2NDZmN2Q4YWZjMGE5MzNmYjMzMzMzZjM3MDEzZDgzYTA0ZDAwMB4XDTIyMDEx
NDA4NDcwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTE0MzliZjE2NDYz
MjIzYWEzNWNlZjViMDkyNjkyM2IzZDMwZDg2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJtolZGooRJ6l3/pqRBjgT9Eratbi2BDhrmAoG30PpPzSHIE
gerwwa6VsjpXNzFl9dEXhJATaD3HXDXkw5WvHFdMiSGi5i5BDdjECuVwP3BTvyMb
Vl/yHQQpKq58g0UmpAWBGsWipc7NTm5b63n90qosEvdyhuB8CA6MCz6ChRoc/7q3
AcoAT+FuWmaCqv8aTtqV+H34av7BowT6NuuRGjuqNf3R6x9/AG4pfuMWPTag8ipS
DVb4kMh2OncF5esCvwYgb4aURSvYW9fqOFTFSV/bBgEl0wnffS9NtsmNydWW2cnn
4NuX+a6ZzCMOlJdcFzRMjA3Q5VMFaSHVkmCDhPsCAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBQRQ5vxZGMiOqNc71sJJpI7PTDYbjAfBgNVHSMEGDAWgBSfVkb32K/AqTP7
MzM/NwE9g6BNADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L24xWkc5OWl2d0trei16TXpQemNCUFlPZ1RRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvOTE2OTE3LTg4YzUtNGU3Yi04MTFlLTdkMzJjYTA2NWI2Ni8x
L0VVT2I4V1JqSWpxalhPOWJDU2FTT3owdzJHNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
OTE2OTE3LTg4YzUtNGU3Yi04MTFlLTdkMzJjYTA2NWI2Ni8xL24xWkc5OWl2d0tr
ei16TXpQemNCUFlPZ1RRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwTwQCAAEwSQMDAU5iAwQHVC8AAwMAV8UDAwBbfwMD
AV9mAwMBsigDBAK5E0gDBAXCmuADBAfDWwADBAXDkoADBAXUBcADBAfVUYADBAXV
oKAwDQQCAAIwBwMFAyoAEqgwDQYJKoZIhvcNAQELBQADggEBAEwhmbAvrKDBmESG
rO0Km+rtGdgKYZASCypliZX8T98r6c7Kx790502XQcoegyYUdVOXz9o5op4dOyrd
Vb9QipsB9IuZn72af50ANygLOyzOHKqUhV5f4H9nwQwpS3HlafVITZpWJH2rlHEl
aYyfOZIqEkOlLbUEyPqu+O/4ccybuE0WH+dcIi0viawNbk0LWzNW4Rhi9SdFskWF
w5dgQiOeJC7hD6r6hIIgLH+8tjqWDIz3NeOdiPNJl9E9IEnBhoepm6bZ6huD9i5S
NFgRa5JoXuLcB9LPZjp62UMrXoqguF7qpBDMfv9dp+CmPG2ONCcsKHIw/NDilD0Y
a3OoVHg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:44 2025 by rpki-client