Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/e_6haQ6vNxuEc7-4Do3qlEZZncQ.roa
File: e_6haQ6vNxuEc7-4Do3qlEZZncQ.roa (raw, json)
Hash identifier: L8QDutPnibCo6TxQslplzgqgI7/2Rf0huM9at0Kfyks=
Subject key identifier: 7B:FE:A1:69:0E:AF:37:1B:84:73:BF:B8:0E:8D:EA:94:46:59:9D:C4
Certificate issuer: /CN=aa8b798ce7adaeae9e70915ba2cbcf83fe65d9dd
Certificate serial: 03A5993E
Authority key identifier: AA:8B:79:8C:E7:AD:AE:AE:9E:70:91:5B:A2:CB:CF:83:FE:65:D9:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qot5jOetrq6ecJFbosvPg_5l2d0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/e_6haQ6vNxuEc7-4Do3qlEZZncQ.roa
Signing time: Sat 01 Jan 2022 05:54:43 +0000
ROA not before: Sat 01 Jan 2022 05:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210200
IP address blocks: 185.98.86.0/24 maxlen: 24
185.98.87.0/24 maxlen: 24
2.57.186.0/23 maxlen: 23
2.57.185.0/24 maxlen: 24
2.57.184.0/24 maxlen: 24
92.242.44.0/24 maxlen: 24
92.242.40.0/24 maxlen: 24
92.242.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61184318 (0x3a5993e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa8b798ce7adaeae9e70915ba2cbcf83fe65d9dd
Validity
Not Before: Jan 1 05:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7bfea1690eaf371b8473bfb80e8dea9446599dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:dc:47:ad:5e:f2:fc:8c:32:8c:c7:4e:75:0c:
06:f6:3c:fe:74:c1:36:f9:65:2f:44:a1:9c:37:4d:
df:bd:4a:51:47:46:27:8f:91:68:21:c2:a4:ad:35:
7e:1d:c2:1f:60:91:e0:38:a6:90:6d:f7:ef:6e:db:
3c:fb:56:79:24:a9:70:48:4f:b0:09:00:ca:5e:53:
a5:77:7f:5a:da:bf:3c:04:8d:95:3c:26:e2:07:c1:
60:d4:87:c6:03:fe:d1:c8:d4:3a:06:1a:4b:c9:0d:
59:ee:0e:c4:61:2c:cf:d7:10:4a:2e:ca:95:c3:2d:
0e:ff:6c:f9:5e:ef:2c:22:c9:9e:9e:5a:6a:95:33:
ce:e8:68:2a:99:7f:31:4e:6b:91:66:a8:26:08:f7:
a3:94:a2:87:d5:a3:ee:f7:59:bc:43:87:0b:9d:60:
0b:72:cb:56:8d:91:99:60:5c:78:48:1e:fc:e4:73:
c6:20:ce:f6:95:56:13:42:89:d8:ae:0a:bc:44:48:
46:36:34:c0:d5:7a:c5:02:ad:38:1c:0a:b9:91:4d:
1b:ab:5d:11:37:d5:cd:c9:94:87:fb:93:e7:68:27:
79:fd:25:73:e5:fc:7f:21:10:28:fd:84:a8:54:dd:
fe:4f:0f:0f:b4:4c:ad:c5:da:d3:0a:17:9f:a3:73:
99:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:FE:A1:69:0E:AF:37:1B:84:73:BF:B8:0E:8D:EA:94:46:59:9D:C4
X509v3 Authority Key Identifier:
keyid:AA:8B:79:8C:E7:AD:AE:AE:9E:70:91:5B:A2:CB:CF:83:FE:65:D9:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qot5jOetrq6ecJFbosvPg_5l2d0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/e_6haQ6vNxuEc7-4Do3qlEZZncQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/a1f9df-c48e-497f-ad33-82faf8f3b180/1/qot5jOetrq6ecJFbosvPg_5l2d0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.184.0/22
92.242.40.0/24
92.242.44.0/23
185.98.86.0/23
Signature Algorithm: sha256WithRSAEncryption
95:09:92:e1:6f:bb:a0:6f:30:f7:d6:c6:3f:03:36:6f:a2:fe:
6b:d3:0b:86:91:7e:9e:3e:03:e6:99:03:b9:a9:39:8b:d7:05:
a1:b4:85:d6:ae:7d:af:1c:e8:18:2e:68:37:40:9f:1a:4b:e3:
80:de:88:02:70:42:59:17:b1:4b:d0:32:cf:50:1b:75:33:e6:
97:ae:41:56:d4:e4:a1:d6:33:f3:1c:1c:5e:f3:50:da:45:5e:
53:be:29:68:ad:39:09:a9:cd:13:e7:be:d7:dc:82:57:80:7b:
3c:a7:25:a3:3f:0b:cb:28:14:6b:2f:09:b1:cf:6d:23:75:9f:
e4:1b:76:88:72:9d:7b:ce:ad:ab:b3:01:a1:04:c9:45:19:86:
f0:69:ec:9d:a4:7c:9f:1d:02:92:65:fa:bb:81:30:db:3b:3e:
8a:46:c0:69:ec:77:81:a0:38:7e:01:1c:16:96:48:46:c4:3b:
fb:e1:09:90:bb:a6:e7:a2:ec:b1:c4:48:61:7c:86:bd:9d:7c:
d8:ff:78:30:27:4d:b4:93:84:55:53:70:af:d6:73:77:04:9d:
10:aa:37:9d:40:09:d5:2d:00:5f:fe:60:b1:a4:33:df:97:ab:
48:a8:39:75:73:c9:e3:06:5e:a5:42:b8:7d:65:84:c3:d7:2e:
26:91:21:4e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEA6WZPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YThiNzk4Y2U3YWRhZWFlOWU3MDkxNWJhMmNiY2Y4M2ZlNjVkOWRkMB4XDTIyMDEw
MTA1NTQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JmZWExNjkwZWFm
MzcxYjg0NzNiZmI4MGU4ZGVhOTQ0NjU5OWRjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANrcR61e8vyMMozHTnUMBvY8/nTBNvllL0ShnDdN371KUUdG
J4+RaCHCpK01fh3CH2CR4DimkG33727bPPtWeSSpcEhPsAkAyl5TpXd/Wtq/PASN
lTwm4gfBYNSHxgP+0cjUOgYaS8kNWe4OxGEsz9cQSi7KlcMtDv9s+V7vLCLJnp5a
apUzzuhoKpl/MU5rkWaoJgj3o5Sih9Wj7vdZvEOHC51gC3LLVo2RmWBceEge/ORz
xiDO9pVWE0KJ2K4KvERIRjY0wNV6xQKtOBwKuZFNG6tdETfVzcmUh/uT52gnef0l
c+X8fyEQKP2EqFTd/k8PD7RMrcXa0woXn6NzmeMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR7/qFpDq83G4Rzv7gOjeqURlmdxDAfBgNVHSMEGDAWgBSqi3mM562urp5w
kVuiy8+D/mXZ3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FvdDVqT2V0cnE2ZWNKRmJvc3ZQZ181bDJkMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvYTFmOWRmLWM0OGUtNDk3Zi1hZDMzLTgyZmFmOGYzYjE4MC8x
L2VfNmhhUTZ2Tnh1RWM3LTREbzNxbEVaWm5jUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
YTFmOWRmLWM0OGUtNDk3Zi1hZDMzLTgyZmFmOGYzYjE4MC8xL3FvdDVqT2V0cnE2
ZWNKRmJvc3ZQZ181bDJkMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgI5uAMEAFzyKAMEAVzyLAMEAbli
VjANBgkqhkiG9w0BAQsFAAOCAQEAlQmS4W+7oG8w99bGPwM2b6L+a9MLhpF+nj4D
5pkDuak5i9cFobSF1q59rxzoGC5oN0CfGkvjgN6IAnBCWRexS9Ayz1AbdTPml65B
VtTkodYz8xwcXvNQ2kVeU74paK05CanNE+e+19yCV4B7PKcloz8LyygUay8Jsc9t
I3Wf5Bt2iHKde86tq7MBoQTJRRmG8GnsnaR8nx0CkmX6u4Ew2zs+ikbAaex3gaA4
fgEcFpZIRsQ7++EJkLum56LsscRIYXyGvZ182P94MCdNtJOEVVNwr9ZzdwSdEKo3
nUAJ1S0AX/5gsaQz35erSKg5dXPJ4wZepUK4fWWEw9cuJpEhTg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:03 2023 by rpki-client on console-fra.rpki-client.org