Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/eHyCpAzxSB4uId7Y2mJ_ErUwN2Y.roa
File: eHyCpAzxSB4uId7Y2mJ_ErUwN2Y.roa (raw, json)
Hash identifier: 3szNiigwjT20nkBOLEWwMj/nRZh0Ebp+2ljMP/m/WJE=
Subject key identifier: 78:7C:82:A4:0C:F1:48:1E:2E:21:DE:D8:DA:62:7F:12:B5:30:37:66
Certificate issuer: /CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Certificate serial: 1AAABDF6
Authority key identifier: D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/eHyCpAzxSB4uId7Y2mJ_ErUwN2Y.roa
Signing time: Mon 16 May 2022 10:36:30 +0000
ROA not before: Mon 16 May 2022 10:36:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8339
IP address blocks: 202.170.80.0/21 maxlen: 24
95.143.224.0/20 maxlen: 24
194.106.224.0/19 maxlen: 24
178.18.160.0/20 maxlen: 24
185.100.96.0/22 maxlen: 24
141.98.176.0/22 maxlen: 24
2a00:1b38::/32 maxlen: 32
2a02:e200::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447397366 (0x1aaabdf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Validity
Not Before: May 16 10:36:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=787c82a40cf1481e2e21ded8da627f12b5303766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:82:74:18:e1:ca:a9:f6:fc:77:c0:62:67:d7:
7f:da:7a:e0:ce:fd:de:aa:b8:cd:ee:37:17:d2:da:
ab:dd:7b:65:47:35:71:c0:b0:bb:12:fd:f0:22:93:
26:99:b2:0e:d7:99:7c:78:5d:c3:2c:13:b0:00:c1:
7c:57:67:67:86:99:e3:1a:d0:a8:85:ed:d8:82:c9:
57:39:b1:8b:2a:74:a8:32:7f:f2:e1:56:2c:53:44:
8c:93:c7:56:6b:e2:09:7d:55:72:61:61:1b:7c:1c:
71:eb:42:93:f9:e5:02:2d:19:7d:0e:bd:6d:1a:00:
ed:01:8e:29:93:a1:c1:83:04:ff:80:4d:de:20:0c:
83:1c:ec:92:7f:4d:f5:04:ae:45:07:f3:0b:2f:04:
e5:3b:e5:1c:d0:87:d3:78:64:6b:4e:cd:0f:a3:0e:
b2:30:6e:fb:0a:1e:07:e1:51:e3:1c:9b:e7:01:c8:
32:4d:b9:3b:e2:b3:f0:47:78:68:91:98:56:9d:3f:
a4:ab:71:62:40:d7:43:e4:3b:3f:21:8a:16:72:8d:
44:a1:83:76:bb:ac:84:e7:1a:d7:6a:a1:d2:dd:f1:
93:94:72:e0:34:3e:68:87:a1:ca:fd:3b:8f:c7:f3:
cc:96:7f:a3:c9:82:62:66:66:4f:4c:64:f1:9b:09:
c2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:7C:82:A4:0C:F1:48:1E:2E:21:DE:D8:DA:62:7F:12:B5:30:37:66
X509v3 Authority Key Identifier:
keyid:D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/eHyCpAzxSB4uId7Y2mJ_ErUwN2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.143.224.0/20
141.98.176.0/22
178.18.160.0/20
185.100.96.0/22
194.106.224.0/19
202.170.80.0/21
IPv6:
2a00:1b38::/32
2a02:e200::/30
Signature Algorithm: sha256WithRSAEncryption
37:45:24:e7:82:55:2b:62:aa:bd:5c:b3:3b:60:4b:8f:db:c5:
29:f4:5c:88:af:07:ea:1c:a0:c6:bf:86:03:9c:97:7e:68:83:
dd:f7:d4:e7:3b:d4:f6:46:40:18:e2:b4:69:23:f4:37:8e:fc:
5c:d9:e2:02:cb:df:bf:22:7c:d3:0b:75:d6:78:6a:90:a2:10:
a8:09:f1:6e:08:6b:5a:4b:81:30:ff:63:48:e2:54:cf:56:e7:
99:32:f9:cf:b5:39:4c:14:d1:33:23:0a:13:43:9e:91:ed:2f:
05:9b:32:3a:2e:6e:71:7a:82:07:c4:d3:ce:c5:6c:04:1a:7f:
97:40:5c:10:8e:5e:56:90:b6:35:ab:49:3f:85:54:55:99:8a:
96:48:d7:78:ca:27:7f:d6:70:5a:12:e5:d7:0e:cb:9a:63:fd:
4d:7c:a7:59:7c:0e:bf:92:42:b9:e9:52:67:f8:30:e7:b9:e9:
42:11:31:54:62:43:ad:db:b9:90:69:1b:fa:e7:0f:11:7b:cf:
a2:24:19:d5:9d:00:4d:ec:d0:e8:81:13:5d:24:f8:17:4a:9f:
0d:35:2b:1d:71:0c:82:2f:af:96:e4:d8:35:58:c0:c6:c6:c1:
cc:0f:7b:ca:bc:9f:a2:86:7b:c4:a1:d8:be:86:bf:1d:d2:06:
ef:c2:23:69
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEGqq99jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmYxYzg4NDJlN2NmODkxYjIzNGQzYTFlMGUyZTBlZjczZTg0MmFhMB4XDTIyMDUx
NjEwMzYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg3YzgyYTQwY2Yx
NDgxZTJlMjFkZWQ4ZGE2MjdmMTJiNTMwMzc2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGCdBjhyqn2/HfAYmfXf9p64M793qq4ze43F9Laq917ZUc1
ccCwuxL98CKTJpmyDteZfHhdwywTsADBfFdnZ4aZ4xrQqIXt2ILJVzmxiyp0qDJ/
8uFWLFNEjJPHVmviCX1VcmFhG3wccetCk/nlAi0ZfQ69bRoA7QGOKZOhwYME/4BN
3iAMgxzskn9N9QSuRQfzCy8E5TvlHNCH03hka07ND6MOsjBu+woeB+FR4xyb5wHI
Mk25O+Kz8Ed4aJGYVp0/pKtxYkDXQ+Q7PyGKFnKNRKGDdrushOca12qh0t3xk5Ry
4DQ+aIehyv07j8fzzJZ/o8mCYmZmT0xk8ZsJwnECAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBR4fIKkDPFIHi4h3tjaYn8StTA3ZjAfBgNVHSMEGDAWgBTS8ciELnz4kbI0
06Hg4uDvc+hCqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB2SEloQzU4LUpHeU5OT2g0T0xnNzNQb1Fxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYzk5YWU3LWI2NzEtNDBiOS1iYjFlLWExOTQ0NGY3YTMzNy8x
L2VIeUNwQXp4U0I0dUlkN1kybUpfRXJVd04yWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
Yzk5YWU3LWI2NzEtNDBiOS1iYjFlLWExOTQ0NGY3YTMzNy8xLzB2SEloQzU4LUpH
eU5OT2g0T0xnNzNQb1Fxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAMEBF+P4AMEAo1isAMEBLISoAMEArlk
YAMEBcJq4AMEA8qqUDAUBAIAAjAOAwUAKgAbOAMFAioC4gAwDQYJKoZIhvcNAQEL
BQADggEBADdFJOeCVStiqr1csztgS4/bxSn0XIivB+ocoMa/hgOcl35og9331Oc7
1PZGQBjitGkj9DeO/FzZ4gLL378ifNMLddZ4apCiEKgJ8W4Ia1pLgTD/Y0jiVM9W
55ky+c+1OUwU0TMjChNDnpHtLwWbMjoubnF6ggfE087FbAQaf5dAXBCOXlaQtjWr
ST+FVFWZipZI13jKJ3/WcFoS5dcOy5pj/U18p1l8Dr+SQrnpUmf4MOe56UIRMVRi
Q63buZBpG/rnDxF7z6IkGdWdAE3s0OiBE10k+BdKnw01Kx1xDIIvr5bk2DVYwMbG
wcwPe8q8n6KGe8Sh2L6Gvx3SBu/CI2k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:57 2024 by rpki-client on console-ams.rpki-client.org