Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/eOnlDuhZXAb2BqNaiuD8Z9-rW8w.roa
File: eOnlDuhZXAb2BqNaiuD8Z9-rW8w.roa (raw, json)
Hash identifier: r1a3ktxP0yjRuc4TfjnLrfPHt3seGkGvBaeWisH27go=
Subject key identifier: 78:E9:E5:0E:E8:59:5C:06:F6:06:A3:5A:8A:E0:FC:67:DF:AB:5B:CC
Certificate issuer: /CN=85db83a8365a604476f282d24d327ad1ef0fde52
Certificate serial: 0D45EF4C
Authority key identifier: 85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/eOnlDuhZXAb2BqNaiuD8Z9-rW8w.roa
Signing time: Sat 01 Jan 2022 08:56:29 +0000
ROA not before: Sat 01 Jan 2022 08:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41960
IP address blocks: 185.199.232.0/22 maxlen: 24
46.226.236.0/22 maxlen: 24
185.25.80.0/22 maxlen: 24
185.199.188.0/22 maxlen: 24
2a00:c600::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222687052 (0xd45ef4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85db83a8365a604476f282d24d327ad1ef0fde52
Validity
Not Before: Jan 1 08:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78e9e50ee8595c06f606a35a8ae0fc67dfab5bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:98:12:57:a5:98:f1:c2:c9:d3:ca:d0:58:06:
ad:b1:ad:f9:26:1c:c8:8f:af:13:0f:0b:d8:c7:7a:
72:f7:64:9c:cf:39:00:d2:89:57:54:36:7b:37:82:
5b:b6:30:4f:56:1a:97:a4:68:64:0b:68:9f:2e:86:
1a:ba:de:0e:68:4e:e8:61:a4:cd:76:4b:14:b9:fc:
66:fe:a3:df:d5:69:b4:89:75:13:79:eb:25:3b:fc:
2b:32:87:00:1f:f7:7a:e3:05:e4:82:54:78:bc:7b:
97:fb:e4:b6:43:00:4d:0b:ff:7f:1a:30:bc:18:4f:
1a:74:96:b7:9d:2d:68:96:bb:38:39:96:4b:49:9c:
ab:dc:5d:8a:c2:ae:39:06:b9:5d:0a:38:fd:ab:04:
ae:8f:31:14:4f:f5:7f:6a:5f:eb:6a:ef:51:8b:a0:
83:fa:25:f9:4b:23:56:6c:f1:3c:37:a7:70:2f:e3:
d4:b5:ed:d9:78:29:9f:bf:ed:14:e3:3e:c8:6f:52:
37:b2:45:73:a3:a9:fc:45:29:55:0c:06:98:37:bb:
28:4a:af:97:f5:e6:37:dc:94:7b:b8:f4:74:de:c5:
f8:c8:fa:0b:f6:59:25:fc:a6:2c:15:34:73:56:10:
b8:ab:dc:b3:1d:bb:b1:1a:28:60:a4:79:83:fa:67:
65:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E9:E5:0E:E8:59:5C:06:F6:06:A3:5A:8A:E0:FC:67:DF:AB:5B:CC
X509v3 Authority Key Identifier:
keyid:85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/eOnlDuhZXAb2BqNaiuD8Z9-rW8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/hduDqDZaYER28oLSTTJ60e8P3lI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.236.0/22
185.25.80.0/22
185.199.188.0/22
185.199.232.0/22
IPv6:
2a00:c600::/29
Signature Algorithm: sha256WithRSAEncryption
50:7f:04:48:4f:ee:3b:4a:13:22:8e:11:9a:63:6f:fe:5b:16:
d5:f0:cc:65:cf:e3:31:d4:98:eb:ff:f6:18:59:39:8f:04:f4:
6d:0f:6c:b7:4d:82:89:ef:67:d6:fc:6e:ae:bd:aa:f5:50:d8:
75:00:78:f0:e8:59:d8:9e:95:cb:1d:1b:47:ea:e1:0b:af:4c:
59:fe:07:13:a5:54:36:b9:13:15:ce:e1:7d:aa:ec:59:f3:2a:
d8:06:44:7f:86:88:44:9f:73:5c:9d:d8:8b:01:69:5a:d9:2e:
a8:44:4b:99:62:28:4f:f1:f0:b5:ce:69:77:e3:23:87:44:d3:
75:1e:d2:fa:e0:38:1b:6a:d4:29:a4:55:8e:26:6a:fa:9f:57:
6f:4b:62:37:3c:5a:f6:5a:24:23:a5:96:c6:ae:04:f7:9b:f5:
b3:5a:13:8d:86:ce:35:40:9f:4d:46:4d:90:2c:7b:e5:7c:35:
35:71:e4:5f:ac:2a:57:d7:03:f0:ba:13:c9:af:53:3b:d2:63:
8b:22:67:65:b3:58:09:86:29:c6:21:0d:73:6f:b2:b6:6a:d1:
1b:47:51:fa:ab:7b:0d:1a:08:21:c2:ff:7b:38:ae:14:fc:9e:
13:4b:b0:e7:fc:04:65:48:44:2b:e5:b1:57:d6:4a:bc:b8:77:
1c:20:ca:39
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDUXvTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWRiODNhODM2NWE2MDQ0NzZmMjgyZDI0ZDMyN2FkMWVmMGZkZTUyMB4XDTIyMDEw
MTA4NTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzhlOWU1MGVlODU5
NWMwNmY2MDZhMzVhOGFlMGZjNjdkZmFiNWJjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWYElelmPHCydPK0FgGrbGt+SYcyI+vEw8L2Md6cvdknM85
ANKJV1Q2ezeCW7YwT1Yal6RoZAtony6GGrreDmhO6GGkzXZLFLn8Zv6j39VptIl1
E3nrJTv8KzKHAB/3euMF5IJUeLx7l/vktkMATQv/fxowvBhPGnSWt50taJa7ODmW
S0mcq9xdisKuOQa5XQo4/asEro8xFE/1f2pf62rvUYugg/ol+UsjVmzxPDencC/j
1LXt2Xgpn7/tFOM+yG9SN7JFc6Op/EUpVQwGmDe7KEqvl/XmN9yUe7j0dN7F+Mj6
C/ZZJfymLBU0c1YQuKvcsx27sRooYKR5g/pnZbsCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBR46eUO6FlcBvYGo1qK4Pxn36tbzDAfBgNVHSMEGDAWgBSF24OoNlpgRHby
gtJNMnrR7w/eUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hkdURxRFphWUVSMjhvTFNUVEo2MGU4UDNsSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMmM4ZjA4LWU1OTktNDRmMy1iYmMxLThjYmVmOTEzZTM0Mi8x
L2VPbmxEdWhaWEFiMkJxTmFpdUQ4Wjktclc4dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MmM4ZjA4LWU1OTktNDRmMy1iYmMxLThjYmVmOTEzZTM0Mi8xL2hkdURxRFphWUVS
MjhvTFNUVEo2MGU4UDNsSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAi7i7AMEArkZUAMEArnHvAMEArnH
6DANBAIAAjAHAwUDKgDGADANBgkqhkiG9w0BAQsFAAOCAQEAUH8ESE/uO0oTIo4R
mmNv/lsW1fDMZc/jMdSY6//2GFk5jwT0bQ9st02Cie9n1vxurr2q9VDYdQB48OhZ
2J6Vyx0bR+rhC69MWf4HE6VUNrkTFc7hfarsWfMq2AZEf4aIRJ9zXJ3YiwFpWtku
qERLmWIoT/Hwtc5pd+Mjh0TTdR7S+uA4G2rUKaRVjiZq+p9Xb0tiNzxa9lokI6WW
xq4E95v1s1oTjYbONUCfTUZNkCx75Xw1NXHkX6wqV9cD8LoTya9TO9JjiyJnZbNY
CYYpxiENc2+ytmrRG0dR+qt7DRoIIcL/eziuFPyeE0uw5/wEZUhEK+WxV9ZKvLh3
HCDKOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:47 2024 by rpki-client on console-ams.rpki-client.org