Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/EHhtibmuZneV-bXyPqKz8RYHL10.roa
File: EHhtibmuZneV-bXyPqKz8RYHL10.roa (raw, json)
Hash identifier: 0ToQkorrx1pascRuhUZXSY3VIYJswOFfHDSDHWFR6zg=
Subject key identifier: 10:78:6D:89:B9:AE:66:77:95:F9:B5:F2:3E:A2:B3:F1:16:07:2F:5D
Certificate issuer: /CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Certificate serial: 0183F5D7783D20A6DE8CB6F2AE6EB05125D9
Authority key identifier: B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/EHhtibmuZneV-bXyPqKz8RYHL10.roa
Signing time: Thu 20 Oct 2022 14:41:22 +0000
ROA not before: Thu 20 Oct 2022 14:41:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8301
IP address blocks: 217.65.48.0/20 maxlen: 24
185.74.74.0/24 maxlen: 24
185.74.72.0/22 maxlen: 24
185.74.72.0/24 maxlen: 24
185.74.75.0/24 maxlen: 24
178.208.192.0/19 maxlen: 24
212.120.224.0/19 maxlen: 24
212.120.236.0/24 maxlen: 24
212.120.244.0/24 maxlen: 24
195.244.192.0/19 maxlen: 24
212.120.250.0/24 maxlen: 24
195.244.204.0/24 maxlen: 24
2a01:8c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:d7:78:3d:20:a6:de:8c:b6:f2:ae:6e:b0:51:25:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Validity
Not Before: Oct 20 14:41:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10786d89b9ae667795f9b5f23ea2b3f116072f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:06:71:59:27:1e:a8:49:08:d7:77:ae:0c:72:
47:77:35:0e:44:7c:0b:9c:cf:4f:a9:12:26:63:41:
16:14:50:16:e7:fb:f9:4d:70:40:ac:b8:66:c2:10:
a7:34:f2:2d:3a:f3:ee:e9:ba:ce:92:cc:f9:9d:a1:
91:75:b8:d3:92:c3:cf:19:54:0e:05:84:7d:c3:f8:
4d:7f:ef:e5:3b:f1:be:7b:e8:fd:9e:d6:88:d1:d0:
03:2a:31:f2:68:89:92:b5:35:62:ba:db:98:7a:a0:
5f:ed:9f:e9:b5:b8:c0:b0:4f:62:ca:07:b4:d5:c7:
93:f2:dc:f0:84:f5:55:46:09:3e:ed:f9:b2:f5:22:
8a:23:b0:01:29:f9:e6:ef:c3:be:2f:02:5f:62:85:
ab:c8:aa:94:74:5c:c7:3f:cc:1f:35:a1:69:c1:37:
55:9b:ad:d5:b8:9b:37:48:da:03:0c:c8:41:db:fc:
27:3d:14:67:98:de:03:03:bd:b8:94:79:c6:1f:13:
72:68:1b:09:bf:f7:6c:93:c3:0f:69:93:6e:e4:cd:
34:bb:d9:a6:e4:1e:8a:2b:e8:10:48:84:2b:a2:a1:
57:2f:83:51:6e:d9:fb:a3:c1:07:e1:f7:f4:bd:4a:
83:b2:32:d6:60:66:0d:39:46:21:11:02:cc:05:56:
a8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:78:6D:89:B9:AE:66:77:95:F9:B5:F2:3E:A2:B3:F1:16:07:2F:5D
X509v3 Authority Key Identifier:
keyid:B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/EHhtibmuZneV-bXyPqKz8RYHL10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/uCtyJxX5G-eSoew8Med-2doFy-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.192.0/19
185.74.72.0/22
195.244.192.0/19
212.120.224.0/19
217.65.48.0/20
IPv6:
2a01:8c40::/32
Signature Algorithm: sha256WithRSAEncryption
18:fe:34:d7:13:0f:73:9a:bd:3d:1f:4f:c9:fd:94:d0:20:e5:
56:32:c6:d7:62:e3:3a:7e:14:f0:b4:e3:1d:b3:b5:3d:e7:30:
6d:a2:17:e1:dc:c5:98:73:d5:a9:47:a7:8a:35:86:0d:a3:9a:
e3:7e:6f:b0:74:0c:9e:4f:97:ca:a8:34:25:80:1d:74:b2:fe:
d4:21:60:9a:ed:6d:c8:7b:67:45:97:c1:c2:a7:87:a2:27:f9:
f0:7d:ed:c3:8a:d9:34:b9:12:9f:1a:d1:6c:aa:42:78:72:75:
c3:1b:c8:27:b8:c1:92:cb:0c:83:a5:3c:88:35:f7:26:3c:11:
01:b9:22:e0:25:15:86:93:37:93:76:13:c3:74:31:3c:5b:50:
71:b3:40:05:dd:4d:81:b7:a9:a1:c4:52:ea:06:15:25:b6:4a:
8a:68:6f:24:49:fd:10:02:9a:b3:8f:56:27:0d:07:87:0b:a0:
57:79:bd:b1:49:78:f7:42:22:ff:37:ca:8c:87:90:a2:3e:3e:
f9:41:ec:ee:15:05:02:c2:c1:f5:b5:22:18:bc:3a:00:06:82:
cc:15:31:9a:54:b8:40:97:04:39:a7:85:21:18:8a:5c:24:9c:
d2:4a:99:d0:83:5a:4a:73:d2:7d:34:20:66:92:4b:54:e8:d0:
68:96:71:ca
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYP113g9IKbejLbyrm6wUSXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MmI3MjI3MTVmOTFiZTc5MmExZWMzYzMxZTc3ZWQ5ZGEw
NWNiZTEwHhcNMjIxMDIwMTQ0MTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc4NmQ4OWI5YWU2Njc3OTVmOWI1ZjIzZWEyYjNmMTE2MDcyZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAZxWSceqEkI13euDHJHdzUORHwL
nM9PqRImY0EWFFAW5/v5TXBArLhmwhCnNPItOvPu6brOksz5naGRdbjTksPPGVQO
BYR9w/hNf+/lO/G+e+j9ntaI0dADKjHyaImStTViutuYeqBf7Z/ptbjAsE9iyge0
1ceT8tzwhPVVRgk+7fmy9SKKI7ABKfnm78O+LwJfYoWryKqUdFzHP8wfNaFpwTdV
m63VuJs3SNoDDMhB2/wnPRRnmN4DA724lHnGHxNyaBsJv/dsk8MPaZNu5M00u9mm
5B6KK+gQSIQroqFXL4NRbtn7o8EH4ff0vUqDsjLWYGYNOUYhEQLMBVaobwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBB4bYm5rmZ3lfm18j6is/EWBy9dMB8GA1UdIwQY
MBaAFLgrcicV+RvnkqHsPDHnftnaBcvhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMt
YTE1YTE4NjEzZGE2LzEvRUhodGlibXVabmVWLWJYeVBxS3o4UllITDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMtYTE1YTE4NjEzZGE2
LzEvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFstDAAwQC
uUpIAwQFw/TAAwQF1HjgAwQE2UEwMA0EAgACMAcDBQAqAYxAMA0GCSqGSIb3DQEB
CwUAA4IBAQAY/jTXEw9zmr09H0/J/ZTQIOVWMsbXYuM6fhTwtOMds7U95zBtohfh
3MWYc9WpR6eKNYYNo5rjfm+wdAyeT5fKqDQlgB10sv7UIWCa7W3Ie2dFl8HCp4ei
J/nwfe3Ditk0uRKfGtFsqkJ4cnXDG8gnuMGSywyDpTyINfcmPBEBuSLgJRWGkzeT
dhPDdDE8W1Bxs0AF3U2Bt6mhxFLqBhUltkqKaG8kSf0QApqzj1YnDQeHC6BXeb2x
SXj3QiL/N8qMh5CiPj75QezuFQUCwsH1tSIYvDoABoLMFTGaVLhAlwQ5p4UhGIpc
JJzSSpnQg1pKc9J9NCBmkktU6NBolnHK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:44 2024 by rpki-client on console-fra.rpki-client.org