Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/eE4ghpMox2vPA8X0UOr78-NtfbM.roa
File: eE4ghpMox2vPA8X0UOr78-NtfbM.roa (raw, json)
Hash identifier: L2rwJX75QizOoAKWx35LnJBfkoJasE5mvoKaUUYnN2Y=
Subject key identifier: 78:4E:20:86:93:28:C7:6B:CF:03:C5:F4:50:EA:FB:F3:E3:6D:7D:B3
Certificate issuer: /CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Certificate serial: 42549A60
Authority key identifier: 6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/eE4ghpMox2vPA8X0UOr78-NtfbM.roa
Signing time: Sat 01 Jan 2022 06:58:51 +0000
ROA not before: Sat 01 Jan 2022 06:58:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56730
IP address blocks: 188.114.112.0/24 maxlen: 24
185.53.92.0/22 maxlen: 22
188.114.112.0/21 maxlen: 21
95.131.80.0/21 maxlen: 24
185.164.44.0/22 maxlen: 22
134.0.16.0/21 maxlen: 21
91.227.26.0/24 maxlen: 24
2a03:b980:200::/40 maxlen: 40
2a03:b980::/32 maxlen: 32
2a02:ef8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1112840800 (0x42549a60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Validity
Not Before: Jan 1 06:58:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=784e20869328c76bcf03c5f450eafbf3e36d7db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5b:63:70:8e:9a:21:a8:2f:07:43:5e:22:07:
b8:ab:4f:37:f8:82:72:6d:d9:f7:e7:e9:36:de:df:
62:eb:6d:f3:65:19:95:46:c7:fb:20:9d:e5:d0:da:
e0:c7:d3:6d:97:53:54:96:7c:2e:cb:7c:a1:f5:73:
1b:ce:94:bd:0d:59:64:02:43:d6:88:ab:f4:41:37:
55:67:46:51:f5:48:19:d9:7f:c5:73:38:61:73:63:
e3:d9:d4:c6:2f:66:8d:72:0d:2b:5c:9e:07:3b:65:
49:2f:be:0a:8a:d5:01:f9:4f:cb:1a:8d:34:4a:1a:
c0:28:eb:21:83:7b:db:e4:39:28:ba:10:a2:f9:3b:
cd:c5:b3:72:4f:2e:16:66:c2:30:72:9b:f8:c5:2a:
61:15:67:85:18:75:19:6a:ba:20:ec:83:86:45:f6:
7a:fe:e3:9d:fa:58:c4:32:b9:47:51:f4:ba:20:55:
13:19:b8:bf:eb:43:91:87:02:54:99:e0:0d:e7:78:
f4:f8:37:84:8e:16:14:bc:64:07:0a:c0:97:61:35:
fc:10:36:6d:b2:28:fd:53:77:41:ed:06:ec:c9:f8:
3d:9a:81:dc:22:32:c9:c8:69:ae:7d:91:6c:33:4f:
81:7e:b7:86:6b:57:10:7b:77:9a:cd:c2:22:35:ec:
49:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:4E:20:86:93:28:C7:6B:CF:03:C5:F4:50:EA:FB:F3:E3:6D:7D:B3
X509v3 Authority Key Identifier:
keyid:6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/eE4ghpMox2vPA8X0UOr78-NtfbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/bkBn13v-qZ3yXOXgipIT0RKAFM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.26.0/24
95.131.80.0/21
134.0.16.0/21
185.53.92.0/22
185.164.44.0/22
188.114.112.0/21
IPv6:
2a02:ef8::/32
2a03:b980::/32
Signature Algorithm: sha256WithRSAEncryption
63:a4:fe:54:f4:75:ce:a7:c3:2a:02:d9:95:17:33:45:4a:5d:
31:65:5d:e9:9e:ce:58:64:7d:dc:b4:ea:a7:62:9a:02:b8:42:
69:bd:99:cc:c7:86:31:33:13:57:e4:af:f8:11:7f:7b:b0:d8:
6a:9d:ce:21:0c:90:44:9b:47:cd:e0:e2:1f:2c:9a:8c:cb:0e:
59:32:68:cb:fd:4c:02:0e:cc:85:92:b5:43:3e:37:39:cb:c0:
23:7a:5d:6f:7d:ad:87:72:74:e7:a7:a4:2c:00:3c:31:1a:5c:
eb:9c:60:aa:3b:35:48:fd:1b:98:80:28:93:fd:85:4a:c6:1e:
dd:d8:43:0a:ed:b4:d0:51:6f:aa:f6:2b:4b:f6:43:13:42:86:
e1:d9:14:1b:f7:fe:41:73:0d:af:f0:bf:41:65:f6:f5:67:66:
4f:b1:ff:ca:67:47:88:7e:98:bc:b9:fb:d4:be:3b:6a:af:38:
34:28:ec:59:0c:ab:4e:c0:77:36:27:63:3b:a0:6e:fd:86:43:
b0:7d:c4:ae:ca:55:b0:16:a9:9a:e8:d4:99:9c:34:70:cf:5b:
60:4a:15:f6:e5:c8:20:24:75:f0:b9:5e:69:51:53:9e:81:18:
25:32:dc:5f:ba:24:10:40:e6:8b:be:ff:19:d2:df:36:4d:25:
75:9e:3d:f0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEQlSaYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTQwNjdkNzdiZmVhOTlkZjI1Y2U1ZTA4YTkyMTNkMTEyODAxNGNmMB4XDTIyMDEw
MTA2NTg1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg0ZTIwODY5MzI4
Yzc2YmNmMDNjNWY0NTBlYWZiZjNlMzZkN2RiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRbY3COmiGoLwdDXiIHuKtPN/iCcm3Z9+fpNt7fYutt82UZ
lUbH+yCd5dDa4MfTbZdTVJZ8Lst8ofVzG86UvQ1ZZAJD1oir9EE3VWdGUfVIGdl/
xXM4YXNj49nUxi9mjXINK1yeBztlSS++CorVAflPyxqNNEoawCjrIYN72+Q5KLoQ
ovk7zcWzck8uFmbCMHKb+MUqYRVnhRh1GWq6IOyDhkX2ev7jnfpYxDK5R1H0uiBV
Exm4v+tDkYcCVJngDed49Pg3hI4WFLxkBwrAl2E1/BA2bbIo/VN3Qe0G7Mn4PZqB
3CIyychprn2RbDNPgX63hmtXEHt3ms3CIjXsSRMCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBR4TiCGkyjHa88DxfRQ6vvz4219szAfBgNVHSMEGDAWgBRuQGfXe/6pnfJc
5eCKkhPREoAUzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JrQm4xM3YtcVozeVhPWGdpcElUMFJLQUZNOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvNTg5ZWNhLTNmMTktNGUyMy1hM2ZiLTMzMDNmNzE2MjJmOS8x
L2VFNGdocE1veDJ2UEE4WDBVT3I3OC1OdGZiTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
NTg5ZWNhLTNmMTktNGUyMy1hM2ZiLTMzMDNmNzE2MjJmOS8xL2JrQm4xM3YtcVoz
eVhPWGdpcElUMFJLQUZNOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAMEAFvjGgMEA1+DUAMEA4YAEAMEArk1
XAMEArmkLAMEA7xycDAUBAIAAjAOAwUAKgIO+AMFACoDuYAwDQYJKoZIhvcNAQEL
BQADggEBAGOk/lT0dc6nwyoC2ZUXM0VKXTFlXemezlhkfdy06qdimgK4Qmm9mczH
hjEzE1fkr/gRf3uw2GqdziEMkESbR83g4h8smozLDlkyaMv9TAIOzIWStUM+NznL
wCN6XW99rYdydOenpCwAPDEaXOucYKo7NUj9G5iAKJP9hUrGHt3YQwrttNBRb6r2
K0v2QxNChuHZFBv3/kFzDa/wv0Fl9vVnZk+x/8pnR4h+mLy5+9S+O2qvODQo7FkM
q07AdzYnYzugbv2GQ7B9xK7KVbAWqZro1JmcNHDPW2BKFfblyCAkdfC5XmlRU56B
GCUy3F+6JBBA5ou+/xnS3zZNJXWePfA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:31 2025 by rpki-client