Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/eSt5zgYwlvBpoHak1M1zAmQ4bZg.roa
File: eSt5zgYwlvBpoHak1M1zAmQ4bZg.roa (raw, json)
Hash identifier: 98j1rlkkCuxzJ1jnb3p9GiqdTnLcRF+91cInVUvEKNY=
Subject key identifier: 79:2B:79:CE:06:30:96:F0:69:A0:76:A4:D4:CD:73:02:64:38:6D:98
Certificate issuer: /CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Certificate serial: 018A04D5A3E6062A11EE21ADD50F7F15E34A
Authority key identifier: 7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/eSt5zgYwlvBpoHak1M1zAmQ4bZg.roa
Signing time: Thu 17 Aug 2023 18:50:24 +0000
ROA not before: Thu 17 Aug 2023 18:50:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44881
IP address blocks: 185.117.30.0/23 maxlen: 23
185.117.28.0/22 maxlen: 22
93.94.232.0/21 maxlen: 21
109.68.208.0/22 maxlen: 22
2a05:ce80::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:04:d5:a3:e6:06:2a:11:ee:21:ad:d5:0f:7f:15:e3:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Validity
Not Before: Aug 17 18:50:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=792b79ce063096f069a076a4d4cd730264386d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c9:ac:f4:51:8c:f1:a7:e2:16:56:4c:1f:aa:
64:95:72:ee:34:e6:44:94:c4:4b:65:e9:f0:fe:6b:
1f:0b:13:4a:7f:85:16:ee:c1:19:77:05:5d:8c:8b:
8d:fc:f4:f3:36:03:64:16:dc:c5:99:52:29:48:97:
16:67:8c:bc:3b:4c:b1:ad:39:95:89:c8:a8:64:59:
3a:1c:3e:16:43:ad:f7:69:64:02:b5:9d:d9:85:de:
af:55:f3:af:76:e0:5c:cc:21:2b:e2:3d:fb:15:b9:
b6:50:e5:7a:24:dc:51:67:d1:cf:a2:ac:16:7d:61:
29:89:fe:03:40:a3:61:b5:5b:b0:53:17:d4:dd:f0:
4c:42:7f:f3:d8:01:bb:45:5e:c6:07:ce:3e:4f:66:
84:27:6f:06:dc:35:5d:31:2b:6e:76:83:47:94:a6:
dd:e8:c9:16:e5:bc:6b:2a:4f:ff:ff:89:7e:74:17:
e1:3a:48:e8:52:77:0c:37:20:73:0b:f9:b3:96:0e:
eb:19:11:27:06:65:44:d3:00:8b:9d:d1:f4:ae:88:
60:54:bc:d5:50:fb:3c:bc:6d:a4:76:d3:8b:77:d3:
71:8e:ae:22:39:e1:60:fb:ad:68:55:68:0b:71:52:
00:7e:ab:56:b4:f5:58:42:49:93:28:d3:69:eb:b4:
de:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:2B:79:CE:06:30:96:F0:69:A0:76:A4:D4:CD:73:02:64:38:6D:98
X509v3 Authority Key Identifier:
keyid:7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/eSt5zgYwlvBpoHak1M1zAmQ4bZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.232.0/21
109.68.208.0/22
185.117.28.0/22
IPv6:
2a05:ce80::/36
Signature Algorithm: sha256WithRSAEncryption
8f:db:af:3d:37:ef:73:44:7d:55:3d:60:ee:32:f7:a2:e6:da:
4b:d3:e9:78:3c:09:67:d7:b7:17:71:83:fb:31:f3:03:0a:c7:
09:ab:b8:04:fa:bf:fa:fb:c3:78:42:c1:71:f0:89:05:c0:66:
4d:58:f4:4c:c6:4d:22:a4:53:2c:f0:5b:84:9b:93:13:f2:6a:
fb:23:ba:5a:2b:b9:6e:b8:72:0b:ad:df:ed:f7:db:e6:2a:aa:
92:f4:a0:e4:84:8c:79:17:c3:00:a2:bb:3a:2e:68:a7:a1:96:
87:d2:3c:04:cc:a0:1b:7e:c2:a0:27:44:c2:1f:8a:38:11:77:
50:1a:22:38:97:5f:14:07:ed:84:c6:10:f0:c2:1c:72:ae:b9:
b9:b9:4f:b5:db:ed:d1:6c:0c:45:91:be:5d:18:0f:a2:02:ce:
88:5e:7f:4f:54:15:7b:f2:51:cd:c8:ca:b5:f6:eb:e4:be:da:
78:01:50:0b:1a:1d:f1:60:bf:e8:b1:09:23:ec:43:24:b0:94:
44:e5:90:a8:5c:6a:7a:a5:c1:62:c5:92:0f:a3:d9:a7:a4:cf:
e7:4a:f8:d8:b7:18:4c:b0:7a:3d:a1:9d:8c:dc:3b:04:3f:03:
d8:b5:2f:36:5b:66:eb:3d:77:6f:2e:f7:7b:96:d9:1a:e1:60:
6d:69:84:6c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYoE1aPmBioR7iGt1Q9/FeNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTVjMGY5NWFiN2JlOGI4NWY3MTFmYTQzMzY2NWMxNGU2
ZTkzNTkwHhcNMjMwODE3MTg1MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTJiNzljZTA2MzA5NmYwNjlhMDc2YTRkNGNkNzMwMjY0Mzg2ZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8ms9FGM8afiFlZMH6pklXLuNOZE
lMRLZenw/msfCxNKf4UW7sEZdwVdjIuN/PTzNgNkFtzFmVIpSJcWZ4y8O0yxrTmV
icioZFk6HD4WQ633aWQCtZ3Zhd6vVfOvduBczCEr4j37Fbm2UOV6JNxRZ9HPoqwW
fWEpif4DQKNhtVuwUxfU3fBMQn/z2AG7RV7GB84+T2aEJ28G3DVdMStudoNHlKbd
6MkW5bxrKk///4l+dBfhOkjoUncMNyBzC/mzlg7rGREnBmVE0wCLndH0rohgVLzV
UPs8vG2kdtOLd9Nxjq4iOeFg+61oVWgLcVIAfqtWtPVYQkmTKNNp67Te1QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHkrec4GMJbwaaB2pNTNcwJkOG2YMB8GA1UdIwQY
MBaAFH7lwPlat76LhfcR+kM2ZcFObpNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEt
OTAxOTRiZDY4NDI4LzEvZVN0NXpnWXdsdkJwb0hhazFNMXpBbVE0YlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEtOTAxOTRiZDY4NDI4
LzEvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDXV7oAwQC
bUTQAwQCuXUcMA4EAgACMAgDBgQqBc6AADANBgkqhkiG9w0BAQsFAAOCAQEAj9uv
PTfvc0R9VT1g7jL3oubaS9PpeDwJZ9e3F3GD+zHzAwrHCau4BPq/+vvDeELBcfCJ
BcBmTVj0TMZNIqRTLPBbhJuTE/Jq+yO6Wiu5brhyC63f7ffb5iqqkvSg5ISMeRfD
AKK7Oi5op6GWh9I8BMygG37CoCdEwh+KOBF3UBoiOJdfFAfthMYQ8MIccq65ublP
tdvt0WwMRZG+XRgPogLOiF5/T1QVe/JRzcjKtfbr5L7aeAFQCxod8WC/6LEJI+xD
JLCUROWQqFxqeqXBYsWSD6PZp6TP50r42LcYTLB6PaGdjNw7BD8D2LUvNltm6z13
by73e5bZGuFgbWmEbA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:24 2025 by rpki-client