Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/e9F95CRAndMoPQAwtvxQAHrIdp8.roa
File: e9F95CRAndMoPQAwtvxQAHrIdp8.roa (raw, json)
Hash identifier: 8E8H88oHrdMtLF0XLhTf66ZUefMmBZj+F++Kd788OGo=
Subject key identifier: 7B:D1:7D:E4:24:40:9D:D3:28:3D:00:30:B6:FC:50:00:7A:C8:76:9F
Certificate issuer: /CN=f779f5f0288985abde09827e03d787a52149e7ec
Certificate serial: 018316C047299E20D7A581256BE480E142B8
Authority key identifier: F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/e9F95CRAndMoPQAwtvxQAHrIdp8.roa
Signing time: Wed 07 Sep 2022 07:00:43 +0000
ROA not before: Wed 07 Sep 2022 07:00:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29467
IP address blocks: 185.97.244.0/22 maxlen: 22
178.251.160.0/21 maxlen: 24
185.4.124.0/22 maxlen: 22
5.149.112.0/21 maxlen: 24
185.123.216.0/22 maxlen: 22
2a03:2f00::/32 maxlen: 32
2a02:70c0::/32 maxlen: 32
2a03:92e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:16:c0:47:29:9e:20:d7:a5:81:25:6b:e4:80:e1:42:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f779f5f0288985abde09827e03d787a52149e7ec
Validity
Not Before: Sep 7 07:00:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7bd17de424409dd3283d0030b6fc50007ac8769f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:19:8c:7a:86:57:aa:3c:cc:f4:16:38:15:3c:
c0:75:12:54:75:b5:10:04:bc:ee:77:48:a3:ee:f8:
d1:0d:cb:5e:4b:d2:82:e9:83:fc:82:a7:b3:09:29:
23:b6:cd:84:fa:07:ad:74:c1:a0:bc:c7:92:d6:6d:
98:94:55:44:68:ef:fb:42:35:41:d7:4a:3f:62:47:
7e:f9:b7:42:ca:18:d8:4c:8a:99:62:37:16:a9:6f:
c5:31:09:49:6e:90:fe:e6:86:3e:3a:74:1d:75:1c:
fc:b6:a7:14:4a:f3:4c:66:dd:de:c0:1d:04:ad:d4:
15:79:d7:81:f4:fa:30:03:d4:3a:9e:5a:81:55:e2:
da:ea:b7:c4:60:3d:74:76:12:88:92:47:94:2b:93:
c9:30:83:ad:12:a5:28:83:2c:04:86:0f:eb:3d:eb:
6b:a6:4c:b9:29:be:91:c4:f6:88:89:b9:1f:a9:09:
a5:bd:dd:f0:ae:c9:02:86:5d:f4:0e:68:ff:03:65:
59:01:f8:12:8b:30:39:b8:48:cd:a6:1b:3c:b0:b9:
93:c9:93:37:36:5f:ce:1e:cd:43:5b:a0:84:7d:bc:
90:48:29:27:14:1d:6d:02:2c:97:a0:94:52:8d:42:
a6:f5:e6:dd:c6:63:68:34:39:6e:83:9b:73:19:9f:
c0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D1:7D:E4:24:40:9D:D3:28:3D:00:30:B6:FC:50:00:7A:C8:76:9F
X509v3 Authority Key Identifier:
keyid:F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/e9F95CRAndMoPQAwtvxQAHrIdp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/93n18CiJhaveCYJ-A9eHpSFJ5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.112.0/21
178.251.160.0/21
185.4.124.0/22
185.97.244.0/22
185.123.216.0/22
IPv6:
2a02:70c0::/32
2a03:2f00::/32
2a03:92e0::/32
Signature Algorithm: sha256WithRSAEncryption
b4:7c:21:78:83:79:a2:13:29:88:da:31:00:43:04:5f:74:b8:
f0:6d:34:53:e3:20:23:83:56:cd:5c:88:af:85:1a:bb:2d:5f:
ba:7f:4d:7e:d7:99:77:fd:05:3d:0e:cd:6a:0c:59:55:92:0b:
46:45:e8:4f:4e:84:56:72:90:fa:30:62:fd:3a:f5:be:b0:49:
ab:09:c9:43:53:cd:98:e6:f7:95:d0:60:a7:49:fb:ce:84:a8:
46:35:ae:21:2e:f1:d2:ec:b8:8c:d6:ea:39:a4:47:2e:8a:fc:
fc:b0:74:a6:d2:36:c2:2b:9e:d6:82:8d:f8:a1:f6:30:4a:dc:
c2:f4:7f:86:f2:8a:10:d5:5b:ea:35:1c:07:9c:ec:bb:06:3b:
3e:9b:bb:21:a5:d3:74:42:bb:b5:3d:f3:06:91:c0:f9:cb:dd:
86:11:5a:65:ab:16:48:70:37:02:3b:ef:5a:6b:e9:06:c9:a5:
c9:3d:a4:81:17:6c:fa:ad:77:ec:ff:e5:6c:28:6a:ca:8d:03:
ce:3f:bf:6a:d2:c9:5e:ba:6e:5e:90:6e:65:32:8a:48:f0:83:
32:99:87:18:45:2a:06:0b:b6:09:33:f9:2b:a8:1f:4d:c9:9b:
f8:ec:6a:27:97:af:b2:42:93:2b:6a:28:c1:c3:8a:d6:b6:40:
8b:44:65:d2
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYMWwEcpniDXpYEla+SA4UK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzlmNWYwMjg4OTg1YWJkZTA5ODI3ZTAzZDc4N2E1MjE0
OWU3ZWMwHhcNMjIwOTA3MDcwMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQxN2RlNDI0NDA5ZGQzMjgzZDAwMzBiNmZjNTAwMDdhYzg3NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxmMeoZXqjzM9BY4FTzAdRJUdbUQ
BLzud0ij7vjRDcteS9KC6YP8gqezCSkjts2E+getdMGgvMeS1m2YlFVEaO/7QjVB
10o/Ykd++bdCyhjYTIqZYjcWqW/FMQlJbpD+5oY+OnQddRz8tqcUSvNMZt3ewB0E
rdQVedeB9PowA9Q6nlqBVeLa6rfEYD10dhKIkkeUK5PJMIOtEqUogywEhg/rPetr
pky5Kb6RxPaIibkfqQmlvd3wrskChl30Dmj/A2VZAfgSizA5uEjNphs8sLmTyZM3
Nl/OHs1DW6CEfbyQSCknFB1tAiyXoJRSjUKm9ebdxmNoNDlug5tzGZ/AUwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFHvRfeQkQJ3TKD0AMLb8UAB6yHafMB8GA1UdIwQY
MBaAFPd59fAoiYWr3gmCfgPXh6UhSefsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNuMThDaUpoYXZlQ1lKLUE5ZUhwU0ZKNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZWQzODEtNDVjYy00NGJjLWE1YzMt
ZmU3OTYzYmVjN2QzLzEvZTlGOTVDUkFuZE1vUFFBd3R2eFFBSHJJZHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZWQzODEtNDVjYy00NGJjLWE1YzMtZmU3OTYzYmVjN2Qz
LzEvOTNuMThDaUpoYXZlQ1lKLUE5ZUhwU0ZKNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQDBZVwAwQD
svugAwQCuQR8AwQCuWH0AwQCuXvYMBsEAgACMBUDBQAqAnDAAwUAKgMvAAMFACoD
kuAwDQYJKoZIhvcNAQELBQADggEBALR8IXiDeaITKYjaMQBDBF90uPBtNFPjICOD
Vs1ciK+FGrstX7p/TX7XmXf9BT0OzWoMWVWSC0ZF6E9OhFZykPowYv069b6wSasJ
yUNTzZjm95XQYKdJ+86EqEY1riEu8dLsuIzW6jmkRy6K/PywdKbSNsIrntaCjfih
9jBK3ML0f4byihDVW+o1HAec7LsGOz6buyGl03RCu7U98waRwPnL3YYRWmWrFkhw
NwI771pr6QbJpck9pIEXbPqtd+z/5WwoasqNA84/v2rSyV66bl6QbmUyikjwgzKZ
hxhFKgYLtgkz+SuoH03Jm/jsaieXr7JCkytqKMHDita2QItEZdI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:49 2024 by rpki-client on console-ams.rpki-client.org