Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/Ae2S-UkJ2MXxXSMUXSbRkYmHGgg.roa
File: Ae2S-UkJ2MXxXSMUXSbRkYmHGgg.roa (raw, json)
Hash identifier: 96JI0KJLlIQVp0bB32najIrPMDmpYrnpeFteyYa0Xkw=
Subject key identifier: 01:ED:92:F9:49:09:D8:C5:F1:5D:23:14:5D:26:D1:91:89:87:1A:08
Certificate issuer: /CN=e2bd9276a6f78dac1002c3783a18d45ec14b5d43
Certificate serial: 03194C83
Authority key identifier: E2:BD:92:76:A6:F7:8D:AC:10:02:C3:78:3A:18:D4:5E:C1:4B:5D:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4r2Sdqb3jawQAsN4OhjUXsFLXUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/Ae2S-UkJ2MXxXSMUXSbRkYmHGgg.roa
Signing time: Sat 01 Jan 2022 02:02:12 +0000
ROA not before: Sat 01 Jan 2022 02:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6758
IP address blocks: 185.250.4.0/22 maxlen: 24
88.209.64.0/18 maxlen: 24
80.94.96.0/20 maxlen: 24
195.78.0.0/19 maxlen: 24
87.254.224.0/19 maxlen: 24
82.113.0.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51989635 (0x3194c83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2bd9276a6f78dac1002c3783a18d45ec14b5d43
Validity
Not Before: Jan 1 02:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01ed92f94909d8c5f15d23145d26d19189871a08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:dd:70:f2:f9:eb:4a:80:e5:85:34:91:9a:ab:
e5:d5:a0:48:f8:a3:26:40:6c:b2:a8:8e:91:7d:ad:
57:e2:38:72:aa:f1:8c:ac:b6:24:e9:41:6c:c5:e7:
10:97:2e:a4:a6:12:88:89:80:5b:c3:35:2c:5e:d8:
c0:0f:5d:c5:e2:86:9c:52:2a:0d:11:9b:82:d5:34:
14:15:ba:7b:d5:48:8f:47:ed:18:87:db:60:f7:28:
7c:2d:33:ac:e1:a9:ed:24:30:57:e7:02:19:74:22:
fc:b8:33:21:cc:e6:5f:74:bb:e1:d2:36:77:67:f4:
8a:d6:84:cb:ff:04:96:a1:c9:54:7e:75:27:5e:22:
35:ba:84:3b:8c:1d:84:13:4e:87:cf:8f:42:c7:11:
25:48:82:d6:da:bb:59:89:85:59:36:39:0d:6a:34:
30:51:df:5b:ba:ca:88:1c:9b:18:52:ee:aa:56:2d:
87:d7:5c:48:aa:79:9f:b0:81:d9:57:f0:4f:df:bf:
86:ca:1a:68:2f:f6:5b:a8:15:ef:b3:f2:b4:26:f2:
95:28:5a:e6:27:7a:8f:31:07:ed:99:84:e2:c9:d4:
f8:ec:6e:9a:c5:25:60:cc:39:f1:5b:ff:f7:79:b4:
63:a3:0c:09:4a:81:dc:7a:e1:fd:ce:da:bd:0d:90:
59:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:ED:92:F9:49:09:D8:C5:F1:5D:23:14:5D:26:D1:91:89:87:1A:08
X509v3 Authority Key Identifier:
keyid:E2:BD:92:76:A6:F7:8D:AC:10:02:C3:78:3A:18:D4:5E:C1:4B:5D:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4r2Sdqb3jawQAsN4OhjUXsFLXUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/Ae2S-UkJ2MXxXSMUXSbRkYmHGgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/4r2Sdqb3jawQAsN4OhjUXsFLXUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.96.0/20
82.113.0.0/19
87.254.224.0/19
88.209.64.0/18
185.250.4.0/22
195.78.0.0/19
Signature Algorithm: sha256WithRSAEncryption
70:03:27:1a:87:97:5f:f5:a5:b3:0d:73:da:dd:f0:52:3c:85:
cf:0c:b6:64:84:28:5a:ac:0a:15:65:13:fe:1d:f2:8d:3a:07:
61:78:68:f9:f4:63:33:a5:ea:62:63:a7:5f:7c:f8:31:18:9d:
e3:63:6c:9b:5f:cf:85:3a:f7:47:44:e6:8f:e0:0c:7a:f4:9a:
6b:e3:62:b4:ba:55:cf:d6:4d:65:dd:de:be:3b:b0:c4:74:c7:
25:58:dd:d1:bc:5a:cb:8a:4a:d9:48:95:ca:f5:fe:a5:fe:f9:
9d:bd:f5:10:31:80:fc:30:65:79:62:07:2e:d0:d2:3b:00:4b:
a2:1b:65:ad:cc:03:c1:9c:c2:12:d1:ed:43:d2:aa:ae:ba:b8:
72:66:44:48:05:a2:33:4c:9f:44:52:bd:e3:8a:52:43:0b:40:
ea:00:df:f0:fc:6c:6f:e6:33:83:2f:fe:8d:fe:d4:83:8a:42:
bf:84:a6:59:c9:4a:1c:0b:65:2e:a9:0a:79:eb:82:8e:4e:78:
1a:87:a7:22:ed:f0:89:b2:48:17:f5:bd:98:94:1f:5d:5f:63:
59:4c:18:c1:dd:b2:9b:74:83:95:2a:6d:40:89:e0:21:05:6d:
16:d6:64:f9:7f:f7:bd:76:d6:59:a7:48:88:61:ff:9c:6f:94:
df:0d:e6:4b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEAxlMgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmJkOTI3NmE2Zjc4ZGFjMTAwMmMzNzgzYTE4ZDQ1ZWMxNGI1ZDQzMB4XDTIyMDEw
MTAyMDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDFlZDkyZjk0OTA5
ZDhjNWYxNWQyMzE0NWQyNmQxOTE4OTg3MWEwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3dcPL560qA5YU0kZqr5dWgSPijJkBssqiOkX2tV+I4cqrx
jKy2JOlBbMXnEJcupKYSiImAW8M1LF7YwA9dxeKGnFIqDRGbgtU0FBW6e9VIj0ft
GIfbYPcofC0zrOGp7SQwV+cCGXQi/LgzIczmX3S74dI2d2f0itaEy/8ElqHJVH51
J14iNbqEO4wdhBNOh8+PQscRJUiC1tq7WYmFWTY5DWo0MFHfW7rKiBybGFLuqlYt
h9dcSKp5n7CB2VfwT9+/hsoaaC/2W6gV77PytCbylSha5id6jzEH7ZmE4snU+Oxu
msUlYMw58Vv/93m0Y6MMCUqB3Hrh/c7avQ2QWU8CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQB7ZL5SQnYxfFdIxRdJtGRiYcaCDAfBgNVHSMEGDAWgBTivZJ2pveNrBAC
w3g6GNRewUtdQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRyMlNkcWIzamF3UUFzTjRPaGpVWHNGTFhVTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvYTU4ODFhLTk4ZTgtNGU0NS1iY2I4LTcxZWVjZjg5OGQ0Mi8x
L0FlMlMtVWtKMk1YeFhTTVVYU2JSa1ltSEdnZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
YTU4ODFhLTk4ZTgtNGU0NS1iY2I4LTcxZWVjZjg5OGQ0Mi8xLzRyMlNkcWIzamF3
UUFzTjRPaGpVWHNGTFhVTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEBFBeYAMEBVJxAAMEBVf+4AMEBljR
QAMEArn6BAMEBcNOADANBgkqhkiG9w0BAQsFAAOCAQEAcAMnGoeXX/Wlsw1z2t3w
UjyFzwy2ZIQoWqwKFWUT/h3yjToHYXho+fRjM6XqYmOnX3z4MRid42Nsm1/PhTr3
R0Tmj+AMevSaa+NitLpVz9ZNZd3evjuwxHTHJVjd0bxay4pK2UiVyvX+pf75nb31
EDGA/DBleWIHLtDSOwBLohtlrcwDwZzCEtHtQ9Kqrrq4cmZESAWiM0yfRFK944pS
QwtA6gDf8Pxsb+Yzgy/+jf7Ug4pCv4SmWclKHAtlLqkKeeuCjk54GoenIu3wibJI
F/W9mJQfXV9jWUwYwd2ym3SDlSptQIngIQVtFtZk+X/3vXbWWadIiGH/nG+U3w3m
Sw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:51 2023 by rpki-client on console-ams.rpki-client.org