Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/7N-egGtsWX5cKjQAytirkaD6J00.roa
File: 7N-egGtsWX5cKjQAytirkaD6J00.roa (raw, json)
Hash identifier: sY+jWgwjLGhzq0FKJ1nY+529HbQ0ik0Qg2KZXDzV8qU=
Subject key identifier: EC:DF:9E:80:6B:6C:59:7E:5C:2A:34:00:CA:D8:AB:91:A0:FA:27:4D
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 0A890426
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/7N-egGtsWX5cKjQAytirkaD6J00.roa
Signing time: Thu 07 Apr 2022 10:16:49 +0000
ROA not before: Thu 07 Apr 2022 10:16:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39537
IP address blocks: 185.49.236.0/22 maxlen: 24
109.69.80.0/21 maxlen: 24
185.71.24.0/22 maxlen: 24
45.145.180.0/22 maxlen: 24
185.33.184.0/22 maxlen: 24
94.199.184.0/21 maxlen: 24
195.94.112.0/20 maxlen: 24
185.11.240.0/22 maxlen: 24
151.236.208.0/21 maxlen: 24
94.190.240.0/21 maxlen: 24
185.68.0.0/22 maxlen: 24
93.95.8.0/21 maxlen: 24
185.122.216.0/22 maxlen: 24
31.210.128.0/21 maxlen: 24
37.35.88.0/21 maxlen: 24
185.31.252.0/22 maxlen: 24
87.237.64.0/21 maxlen: 24
2a04:5ac0::/29 maxlen: 36
2a03:25e0::/32 maxlen: 36
2a00:e620::/32 maxlen: 36
2a0a:fd80::/29 maxlen: 36
2a01:500::/29 maxlen: 32
2a01:b280::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176751654 (0xa890426)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Apr 7 10:16:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ecdf9e806b6c597e5c2a3400cad8ab91a0fa274d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fa:06:d8:91:d0:88:78:05:b8:7c:19:6e:07:
26:1a:d7:73:d4:60:b0:fa:74:df:14:67:0e:2d:05:
6c:eb:db:9d:b8:1f:6d:7d:43:89:0d:34:ee:94:65:
2c:0c:37:f9:80:0a:fd:27:9c:81:1c:6e:d4:96:23:
85:b5:53:96:c7:11:ce:6d:78:73:2b:82:06:5d:c3:
f4:b8:82:6a:35:a5:6a:6b:e3:7f:6a:3e:32:db:f8:
f3:33:26:21:04:ec:8a:77:a8:8e:03:6a:06:be:07:
9e:ae:64:69:79:c1:73:3e:9a:5b:9d:81:83:1f:9f:
95:25:c2:f0:7a:db:15:86:77:d5:b4:5a:d3:39:4d:
92:d1:86:20:67:fb:8e:97:0e:f7:07:e4:e2:6c:e4:
39:73:51:62:0a:2a:5f:bc:4e:64:c8:cc:9c:6a:78:
31:2a:49:44:b5:94:d2:40:64:ce:2d:a0:ef:94:81:
db:75:63:cc:26:29:43:b2:15:df:fe:98:14:75:22:
5e:fb:08:b0:6e:2b:ae:fa:c5:5f:e5:06:ba:d6:a0:
c3:27:ec:74:9f:d2:22:8d:09:a2:c1:59:90:e8:10:
a3:fb:0e:91:03:a5:48:7e:2a:ea:5c:14:74:d4:87:
f7:86:ec:f5:c1:3e:74:5b:82:15:9f:fe:e6:c4:f4:
27:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:DF:9E:80:6B:6C:59:7E:5C:2A:34:00:CA:D8:AB:91:A0:FA:27:4D
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/7N-egGtsWX5cKjQAytirkaD6J00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.128.0/21
37.35.88.0/21
45.145.180.0/22
87.237.64.0/21
93.95.8.0/21
94.190.240.0/21
94.199.184.0/21
109.69.80.0/21
151.236.208.0/21
185.11.240.0/22
185.31.252.0/22
185.33.184.0/22
185.49.236.0/22
185.68.0.0/22
185.71.24.0/22
185.122.216.0/22
195.94.112.0/20
IPv6:
2a00:e620::/32
2a01:500::/29
2a01:b280::/29
2a03:25e0::/32
2a04:5ac0::/29
2a0a:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
56:5c:1f:65:f2:4b:56:ef:64:3b:0d:1c:06:f7:a0:39:ee:a9:
a4:9c:3a:c2:d2:5a:15:a3:7b:a2:e5:3b:85:b6:80:12:eb:b4:
fd:9f:bb:ca:fe:2e:a9:e0:a8:b7:69:1c:b6:a7:dd:01:cd:8e:
b4:b2:fd:db:de:93:f2:2b:af:29:28:b2:03:9b:eb:52:fd:96:
35:f5:8c:7f:81:f4:df:a9:4b:c5:8c:99:bf:b1:01:c5:53:37:
d7:0c:14:dc:9e:7d:c6:cf:c7:7f:96:2f:55:b0:df:56:38:85:
ab:c4:fb:8e:a8:1c:2b:14:28:be:a6:8a:63:32:47:38:76:11:
22:55:b3:2b:d7:37:d6:de:6f:a1:7c:55:a2:79:fe:6f:e4:e5:
8b:10:af:ae:62:20:c4:69:cd:e1:4d:bb:2c:f6:b3:16:08:33:
74:21:70:4b:7e:14:8f:b3:54:97:f8:22:d9:49:4b:ed:3c:ce:
b9:03:ba:81:7f:49:e8:b9:1b:d7:2f:ae:4d:0e:b2:25:55:86:
8d:3e:2c:20:5d:d7:e2:ba:61:64:3f:34:ba:e3:af:a9:d3:82:
45:4c:40:11:96:06:39:17:e5:74:d2:c9:3c:ab:4f:2a:16:25:
0a:aa:59:fc:d6:fe:ec:56:8f:98:9e:4d:2c:81:a1:d9:8e:0d:
68:e7:fd:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIECokEJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ODRkNjFjZDE3ZWQ5MmU1NGJiMzM5N2YxZTVhNmIzOTA0YWM2ZjA1MB4XDTIyMDQw
NzEwMTY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNkZjllODA2YjZj
NTk3ZTVjMmEzNDAwY2FkOGFiOTFhMGZhMjc0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJf6BtiR0Ih4Bbh8GW4HJhrXc9RgsPp03xRnDi0FbOvbnbgf
bX1DiQ007pRlLAw3+YAK/SecgRxu1JYjhbVTlscRzm14cyuCBl3D9LiCajWlamvj
f2o+Mtv48zMmIQTsineojgNqBr4Hnq5kaXnBcz6aW52Bgx+flSXC8HrbFYZ31bRa
0zlNktGGIGf7jpcO9wfk4mzkOXNRYgoqX7xOZMjMnGp4MSpJRLWU0kBkzi2g75SB
23VjzCYpQ7IV3/6YFHUiXvsIsG4rrvrFX+UGutagwyfsdJ/SIo0JosFZkOgQo/sO
kQOlSH4q6lwUdNSH94bs9cE+dFuCFZ/+5sT0J5ECAwEAAaOCAp4wggKaMB0GA1Ud
DgQWBBTs356Aa2xZflwqNADK2KuRoPonTTAfBgNVHSMEGDAWgBTITWHNF+2S5Uuz
OX8eWms5BKxvBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lFMWh6UmZ0a3VWTHN6bF9IbHByT1FTc2J3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8x
LzdOLWVnR3RzV1g1Y0tqUUF5dGlya2FENkowMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8xL3lFMWh6UmZ0a3VW
THN6bF9IbHByT1FTc2J3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
swYIKwYBBQUHAQcBAf8EgaMwgaAwbAQCAAEwZgMEAx/SgAMEAyUjWAMEAi2RtAME
A1ftQAMEA11fCAMEA16+8AMEA17HuAMEA21FUAMEA5fs0AMEArkL8AMEArkf/AME
ArkhuAMEArkx7AMEArlEAAMEArlHGAMEArl62AMEBMNecDAwBAIAAjAqAwUAKgDm
IAMFAyoBBQADBQMqAbKAAwUAKgMl4AMFAyoEWsADBQMqCv2AMA0GCSqGSIb3DQEB
CwUAA4IBAQBWXB9l8ktW72Q7DRwG96A57qmknDrC0loVo3ui5TuFtoAS67T9n7vK
/i6p4Ki3aRy2p90BzY60sv3b3pPyK68pKLIDm+tS/ZY19Yx/gfTfqUvFjJm/sQHF
UzfXDBTcnn3Gz8d/li9VsN9WOIWrxPuOqBwrFCi+popjMkc4dhEiVbMr1zfW3m+h
fFWief5v5OWLEK+uYiDEac3hTbss9rMWCDN0IXBLfhSPs1SX+CLZSUvtPM65A7qB
f0nouRvXL65NDrIlVYaNPiwgXdfiumFkPzS646+p04JFTEARlgY5F+V00sk8q08q
FiUKqln81v7sVo+Ynk0sgaHZjg1o5/3C
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:38 2024 by rpki-client on console-ams.rpki-client.org