Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/3EKLv7lNl97OABwFhivUf7FyRL0.roa
File: 3EKLv7lNl97OABwFhivUf7FyRL0.roa (raw, json)
Hash identifier: jxcmcX8Zp5GxxP7zu+LPCjWDVzBV3njHyYyowXGyCZc=
Subject key identifier: DC:42:8B:BF:B9:4D:97:DE:CE:00:1C:05:86:2B:D4:7F:B1:72:44:BD
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 4863DC77
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/3EKLv7lNl97OABwFhivUf7FyRL0.roa
Signing time: Sat 01 Jan 2022 03:00:26 +0000
ROA not before: Sat 01 Jan 2022 03:00:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44050
IP address blocks: 95.215.0.0/22 maxlen: 24
5.101.89.0/24 maxlen: 24
188.143.128.0/17 maxlen: 24
195.2.240.0/23 maxlen: 24
5.188.192.0/23 maxlen: 23
2a00:1d78::/32 maxlen: 48
2a00:1d78:666::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1214504055 (0x4863dc77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 03:00:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc428bbfb94d97dece001c05862bd47fb17244bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e8:22:48:07:4f:ac:09:8e:14:87:ae:8e:82:
45:9d:e8:c5:14:89:a3:6b:28:59:11:e3:a8:f3:0a:
0b:f9:c2:dc:49:cf:44:a6:d6:18:b7:3c:0f:ec:12:
63:b5:ec:0d:de:ba:68:9e:ed:64:50:df:ca:ef:b8:
00:20:6b:da:4a:c0:81:98:9a:28:80:89:65:8e:05:
bf:fe:f9:a7:7b:82:3e:fe:3f:d6:8e:f5:d3:43:ab:
05:bf:c0:98:35:40:38:50:7c:c0:27:0c:cd:a6:76:
cf:03:55:fc:dd:4f:3a:b0:dc:8f:08:44:72:18:06:
8d:34:78:b3:7a:cc:10:fd:db:ed:56:70:b3:8d:21:
64:9c:e4:52:d7:25:15:e7:f1:81:c0:35:83:b0:4c:
84:f8:47:03:65:55:96:0a:ce:57:76:f6:21:7b:96:
c7:dd:ea:02:b1:9e:5c:7a:7d:3b:b4:72:fb:cc:d3:
fb:99:76:5f:1b:cd:35:10:b4:57:e4:69:79:72:76:
5c:d1:d3:1e:db:e3:fc:35:b1:2a:f7:89:84:44:48:
b7:e4:94:ef:5a:bb:ac:33:3b:52:5c:a1:63:d5:cf:
00:59:6a:86:ab:aa:16:99:e3:37:3b:84:db:fb:9a:
a9:e4:7b:fe:0d:0f:95:86:33:b8:63:a0:d6:28:92:
36:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:42:8B:BF:B9:4D:97:DE:CE:00:1C:05:86:2B:D4:7F:B1:72:44:BD
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/3EKLv7lNl97OABwFhivUf7FyRL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.89.0/24
5.188.192.0/23
95.215.0.0/22
188.143.128.0/17
195.2.240.0/23
IPv6:
2a00:1d78::/32
Signature Algorithm: sha256WithRSAEncryption
46:cb:b2:78:47:c6:6e:4e:25:15:c2:fa:27:55:77:58:a6:55:
b1:8b:94:72:03:15:18:87:32:96:03:83:b3:f0:5e:87:30:75:
9b:b4:9e:d1:4a:af:d9:76:3d:cb:66:98:3e:47:e8:c2:99:6d:
cb:38:8c:fc:a6:85:fa:ec:7e:5d:4b:86:8a:b9:75:a4:1c:a1:
9f:ba:b0:0f:19:b2:8c:fb:1f:b8:4d:a2:ec:83:e9:27:b8:1f:
53:fc:cf:e1:12:b3:bb:ef:55:f2:dd:e9:d6:05:61:a8:32:bd:
50:27:9f:2c:85:72:11:85:57:8e:de:c6:db:66:b4:f9:b2:fe:
6a:c3:19:1f:01:a3:aa:a5:94:28:d7:31:07:5d:a8:e1:67:9f:
48:77:60:cd:9c:da:16:3f:86:38:e5:b5:95:d7:b4:47:1e:a7:
80:72:fa:1b:f4:5b:b5:44:64:7d:58:52:23:93:7b:ac:05:fa:
4a:22:b6:32:38:f8:7f:dd:dc:5c:79:f6:98:bc:92:23:3f:e8:
c7:04:d0:e2:98:a0:c1:5a:bc:e2:85:fe:53:a4:9c:71:51:7d:
c8:33:7b:40:3e:74:e4:25:7f:bc:21:fb:62:ef:6a:9e:24:3d:
70:f4:70:c8:f7:a2:97:a4:0f:19:b3:dc:0a:fb:a3:2a:1b:8f:
3e:ca:20:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIESGPcdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGM0MjhiYmZiOTRk
OTdkZWNlMDAxYzA1ODYyYmQ0N2ZiMTcyNDRiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzoIkgHT6wJjhSHro6CRZ3oxRSJo2soWRHjqPMKC/nC3EnP
RKbWGLc8D+wSY7XsDd66aJ7tZFDfyu+4ACBr2krAgZiaKICJZY4Fv/75p3uCPv4/
1o7100OrBb/AmDVAOFB8wCcMzaZ2zwNV/N1POrDcjwhEchgGjTR4s3rMEP3b7VZw
s40hZJzkUtclFefxgcA1g7BMhPhHA2VVlgrOV3b2IXuWx93qArGeXHp9O7Ry+8zT
+5l2XxvNNRC0V+RpeXJ2XNHTHtvj/DWxKveJhERIt+SU71q7rDM7UlyhY9XPAFlq
hquqFpnjNzuE2/uaqeR7/g0PlYYzuGOg1iiSNnECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTcQou/uU2X3s4AHAWGK9R/sXJEvTAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
LzNFS0x2N2xObDk3T0FCd0ZoaXZVZjdGeVJMMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAAVlWQMEAQW8wAMEAl/XAAMEB7yP
gAMEAcMC8DANBAIAAjAHAwUAKgAdeDANBgkqhkiG9w0BAQsFAAOCAQEARsuyeEfG
bk4lFcL6J1V3WKZVsYuUcgMVGIcylgODs/BehzB1m7Se0Uqv2XY9y2aYPkfowplt
yziM/KaF+ux+XUuGirl1pByhn7qwDxmyjPsfuE2i7IPpJ7gfU/zP4RKzu+9V8t3p
1gVhqDK9UCefLIVyEYVXjt7G22a0+bL+asMZHwGjqqWUKNcxB12o4WefSHdgzZza
Fj+GOOW1lde0Rx6ngHL6G/RbtURkfVhSI5N7rAX6SiK2Mjj4f93cXHn2mLySIz/o
xwTQ4pigwVq84oX+U6SccVF9yDN7QD505CV/vCH7Yu9qniQ9cPRwyPeil6QPGbPc
CvujKhuPPsogow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org