Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/EptKfMf52WjMrBhoxeyFW6EZY00.roa
File: EptKfMf52WjMrBhoxeyFW6EZY00.roa (raw, json)
Hash identifier: d79J1eekCcBp9kN/LmDD+1/hZk9iAmBe6OI144JJJUo=
Subject key identifier: 12:9B:4A:7C:C7:F9:D9:68:CC:AC:18:68:C5:EC:85:5B:A1:19:63:4D
Certificate issuer: /CN=b9ac49d1ccdcaedd9a13f4803df1aedce6dc1112
Certificate serial: 0A865D
Authority key identifier: B9:AC:49:D1:CC:DC:AE:DD:9A:13:F4:80:3D:F1:AE:DC:E6:DC:11:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uaxJ0czcrt2aE_SAPfGu3ObcERI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/EptKfMf52WjMrBhoxeyFW6EZY00.roa
Signing time: Wed 06 Apr 2022 06:25:29 +0000
ROA not before: Wed 06 Apr 2022 06:25:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61275
IP address blocks: 188.93.184.0/21 maxlen: 21
185.24.188.0/22 maxlen: 22
178.248.96.0/21 maxlen: 21
85.93.224.0/19 maxlen: 19
91.135.48.0/21 maxlen: 21
77.223.162.0/23 maxlen: 23
185.3.0.0/22 maxlen: 22
91.135.58.0/24 maxlen: 24
91.135.56.0/23 maxlen: 23
77.223.172.0/22 maxlen: 22
91.135.59.0/24 maxlen: 24
77.223.176.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 689757 (0xa865d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ac49d1ccdcaedd9a13f4803df1aedce6dc1112
Validity
Not Before: Apr 6 06:25:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=129b4a7cc7f9d968ccac1868c5ec855ba119634d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ee:c6:d4:ed:7b:fc:cd:04:ff:4f:c4:59:a6:
2a:88:6c:ca:35:16:e2:0e:2e:10:17:37:3a:7d:8e:
7b:45:97:ac:27:f4:9a:ec:3a:c8:68:03:64:0b:7a:
b9:e1:1e:85:69:b0:22:42:36:b2:94:d4:a2:76:58:
df:41:5f:70:8c:64:72:40:ab:c5:79:86:1f:d1:34:
06:54:0c:ce:bc:87:f6:7a:ce:77:69:ae:b2:d4:1f:
4b:ba:72:a9:6e:9c:74:80:2a:6b:10:86:c9:08:7b:
8f:6a:6b:b7:30:2c:be:df:4b:92:74:8f:34:3f:d6:
a6:ff:a5:6d:77:da:86:81:d7:49:c6:7b:cd:b0:94:
0b:55:6d:03:e1:b9:42:60:fc:bd:c1:8e:75:ef:14:
02:2b:b4:b2:ae:7e:08:ee:0a:b4:8e:60:8f:19:42:
ad:38:22:b2:dc:5b:4f:d1:74:89:80:f4:a4:69:63:
14:c1:f5:57:3e:c3:3c:67:5a:48:92:dd:75:74:59:
76:53:2b:e8:e6:68:9c:34:71:b4:d8:bb:14:9f:0d:
55:c7:31:31:ee:d5:7e:1c:83:1a:d8:4f:9a:07:89:
c9:ba:71:8f:7c:e1:d0:00:01:de:a6:08:ca:30:0c:
1f:c5:26:51:1c:4e:ad:42:39:e9:01:ff:95:38:35:
54:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:9B:4A:7C:C7:F9:D9:68:CC:AC:18:68:C5:EC:85:5B:A1:19:63:4D
X509v3 Authority Key Identifier:
keyid:B9:AC:49:D1:CC:DC:AE:DD:9A:13:F4:80:3D:F1:AE:DC:E6:DC:11:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uaxJ0czcrt2aE_SAPfGu3ObcERI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/EptKfMf52WjMrBhoxeyFW6EZY00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/uaxJ0czcrt2aE_SAPfGu3ObcERI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.162.0/23
77.223.172.0-77.223.191.255
85.93.224.0/19
91.135.48.0-91.135.59.255
178.248.96.0/21
185.3.0.0/22
185.24.188.0/22
188.93.184.0/21
Signature Algorithm: sha256WithRSAEncryption
16:4e:d5:a7:09:89:a3:57:6a:36:84:5e:1e:10:44:8c:d6:a2:
25:82:a4:c1:69:a5:43:c6:d9:40:19:3e:c3:66:7a:92:8a:cd:
6a:4f:26:bf:0d:63:b8:04:31:71:e6:9e:3e:29:81:44:2a:1a:
f6:b8:58:4c:f1:22:ff:e3:f7:8f:38:92:04:1e:00:58:18:69:
8d:e0:57:da:c7:48:d2:67:a5:7e:56:e9:5e:c5:42:aa:f5:39:
8b:3d:07:03:e0:13:3f:39:96:19:da:b4:fc:77:b9:df:cc:2f:
d3:eb:3b:f8:ec:71:db:18:d7:20:c5:57:ad:e5:19:85:bc:3e:
f9:f7:e9:1e:72:97:65:42:04:42:80:75:e3:c7:d8:db:84:d4:
62:5b:d8:8a:42:78:8f:85:40:2e:44:67:e3:ff:2c:02:ee:36:
93:5b:48:93:3a:2e:67:38:3b:05:65:a8:86:db:7a:55:fe:8a:
02:9b:e5:ca:07:b3:c7:22:e3:bb:d2:47:60:96:47:35:20:d3:
39:e1:f1:6d:90:11:b6:84:eb:d8:08:76:e2:6d:f3:6d:b3:75:
62:79:f8:98:7c:6c:35:21:05:5e:c1:e1:17:03:3f:eb:56:fc:
c1:8a:fb:d0:32:2e:cb:0e:9c:8a:02:e1:62:32:ac:67:28:63:
7c:01:83:45
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIDCoZdMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI5
YWM0OWQxY2NkY2FlZGQ5YTEzZjQ4MDNkZjFhZWRjZTZkYzExMTIwHhcNMjIwNDA2
MDYyNTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxMjliNGE3Y2M3Zjlk
OTY4Y2NhYzE4NjhjNWVjODU1YmExMTk2MzRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuu7G1O17/M0E/0/EWaYqiGzKNRbiDi4QFzc6fY57RZesJ/Sa
7DrIaANkC3q54R6FabAiQjaylNSidljfQV9wjGRyQKvFeYYf0TQGVAzOvIf2es53
aa6y1B9LunKpbpx0gCprEIbJCHuPamu3MCy+30uSdI80P9am/6Vtd9qGgddJxnvN
sJQLVW0D4blCYPy9wY517xQCK7Syrn4I7gq0jmCPGUKtOCKy3FtP0XSJgPSkaWMU
wfVXPsM8Z1pIkt11dFl2Uyvo5micNHG02LsUnw1VxzEx7tV+HIMa2E+aB4nJunGP
fOHQAAHepgjKMAwfxSZRHE6tQjnpAf+VODVUTwIDAQABo4ICQzCCAj8wHQYDVR0O
BBYEFBKbSnzH+dlozKwYaMXshVuhGWNNMB8GA1UdIwQYMBaAFLmsSdHM3K7dmhP0
gD3xrtzm3BESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dWF4SjBjemNydDJhRV9TQVBmR3UzT2JjRVJJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wOC81MzcxOTEtMTE3OS00OGVjLWFkOWYtZmZlNDNhNTJkM2Y2LzEv
RXB0S2ZNZjUyV2pNckJob3hleUZXNkVaWTAwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81
MzcxOTEtMTE3OS00OGVjLWFkOWYtZmZlNDNhNTJkM2Y2LzEvdWF4SjBjemNydDJh
RV9TQVBmR3UzT2JjRVJJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFkG
CCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBTd+iMAwDBAJN36wDBAZN34ADBAVV
XeAwDAMEBFuHMAMEAluHOAMEA7L4YAMEArkDAAMEArkYvAMEA7xduDANBgkqhkiG
9w0BAQsFAAOCAQEAFk7VpwmJo1dqNoReHhBEjNaiJYKkwWmlQ8bZQBk+w2Z6korN
ak8mvw1juAQxceaePimBRCoa9rhYTPEi/+P3jziSBB4AWBhpjeBX2sdI0melflbp
XsVCqvU5iz0HA+ATPzmWGdq0/He538wv0+s7+Oxx2xjXIMVXreUZhbw++ffpHnKX
ZUIEQoB148fY24TUYlvYikJ4j4VALkRn4/8sAu42k1tIkzouZzg7BWWohtt6Vf6K
ApvlygezxyLju9JHYJZHNSDTOeHxbZARtoTr2Ah24m3zbbN1Ynn4mHxsNSEFXsHh
FwM/61b8wYr70DIuyw6cigLhYjKsZyhjfAGDRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:57 2024 by rpki-client on console-fra.rpki-client.org