Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/EWRhrtK7I05KxyNnmR7MCo7lojQ.roa
File: EWRhrtK7I05KxyNnmR7MCo7lojQ.roa (raw, json)
Hash identifier: PEsvsZiYFYoagXKjphZcOsXpdjU5Wn+nlxovD0dXXCA=
Subject key identifier: 11:64:61:AE:D2:BB:23:4E:4A:C7:23:67:99:1E:CC:0A:8E:E5:A2:34
Certificate issuer: /CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Certificate serial: 0181F292196B532CBF870652731C9CDCEA10
Authority key identifier: A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/EWRhrtK7I05KxyNnmR7MCo7lojQ.roa
Signing time: Tue 12 Jul 2022 13:21:09 +0000
ROA not before: Tue 12 Jul 2022 13:21:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197883
IP address blocks: 195.144.23.0/24 maxlen: 24
195.137.186.0/24 maxlen: 24
195.137.188.0/24 maxlen: 24
185.136.40.0/24 maxlen: 24
185.136.41.0/24 maxlen: 24
185.136.42.0/24 maxlen: 24
185.136.43.0/24 maxlen: 24
185.8.145.0/24 maxlen: 24
185.8.144.0/24 maxlen: 24
185.8.146.0/24 maxlen: 24
185.8.147.0/24 maxlen: 24
176.57.240.0/24 maxlen: 24
176.57.243.0/24 maxlen: 24
176.57.244.0/24 maxlen: 24
176.57.241.0/24 maxlen: 24
176.57.242.0/24 maxlen: 24
176.57.245.0/24 maxlen: 24
176.57.246.0/24 maxlen: 24
176.57.247.0/24 maxlen: 24
195.138.220.0/24 maxlen: 24
194.53.4.0/24 maxlen: 24
194.53.5.0/24 maxlen: 24
194.53.6.0/24 maxlen: 24
194.53.7.0/24 maxlen: 24
2a01:9d80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:92:19:6b:53:2c:bf:87:06:52:73:1c:9c:dc:ea:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a00cb4b8d569477512ce57885ba6a2898fbc2d95
Validity
Not Before: Jul 12 13:21:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=116461aed2bb234e4ac72367991ecc0a8ee5a234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0c:86:ab:99:3e:23:fc:29:0c:bc:07:bb:23:
f2:f0:aa:f8:2e:c9:5a:01:96:64:df:3c:4b:5a:6d:
3b:3b:8a:8f:3d:3c:40:d7:2c:ce:dd:68:2e:f8:c2:
cf:58:6b:57:dc:56:8a:bf:8c:a6:c0:00:31:e1:5f:
5c:2d:bd:3d:a4:54:48:ca:3f:f1:54:7b:1e:ac:6a:
0a:d5:e6:e6:51:92:75:a7:b8:78:20:1a:5d:f2:ee:
31:d7:71:d9:dd:f7:9a:ed:3c:eb:5e:e4:85:7b:00:
c3:ed:49:9c:c3:43:06:27:92:fe:c6:cf:15:f6:cb:
32:91:bf:8e:e9:43:d9:09:4c:a8:49:f7:17:45:bf:
bf:9f:b4:17:28:e0:0a:d5:ab:39:19:05:5a:a4:79:
dd:ad:a2:86:57:35:ac:8d:58:18:68:4f:13:12:6b:
f6:1f:aa:df:7f:95:c4:87:22:eb:82:0f:d4:01:81:
0d:50:98:01:cd:29:8c:60:b0:95:f0:29:b7:28:e9:
af:6b:df:9f:c7:12:b9:34:a6:85:81:7f:37:ee:96:
e5:98:90:47:b0:46:88:a0:a6:a6:af:a6:25:f7:74:
f3:be:1c:26:58:30:86:4d:2b:86:c4:6f:f3:d3:f1:
77:92:fc:c7:a1:65:fa:95:58:73:5e:a6:32:0f:9b:
da:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:64:61:AE:D2:BB:23:4E:4A:C7:23:67:99:1E:CC:0A:8E:E5:A2:34
X509v3 Authority Key Identifier:
keyid:A0:0C:B4:B8:D5:69:47:75:12:CE:57:88:5B:A6:A2:89:8F:BC:2D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oAy0uNVpR3USzleIW6aiiY-8LZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/EWRhrtK7I05KxyNnmR7MCo7lojQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f8fd59-0115-4db3-bd85-18c70ebf681a/1/oAy0uNVpR3USzleIW6aiiY-8LZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.240.0/21
185.8.144.0/22
185.136.40.0/22
194.53.4.0/22
195.137.186.0/24
195.137.188.0/24
195.138.220.0/24
195.144.23.0/24
IPv6:
2a01:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
12:5d:92:36:5c:a5:6c:dd:8c:c8:d6:0c:5c:52:fe:9d:be:fc:
9e:9d:4b:75:9e:05:2a:34:45:9d:68:25:1d:7b:88:65:89:95:
5f:cd:1a:7c:83:9c:b5:4b:62:50:16:7d:24:e3:a3:8a:cb:b2:
ee:25:62:bb:30:e4:78:db:21:a9:96:0e:e2:9f:5f:4c:f2:2a:
e7:d5:54:af:8a:5e:83:d0:1c:18:24:12:e4:60:0e:0e:e0:e3:
45:86:ef:99:34:3d:de:1a:ee:08:2d:2c:10:ad:1f:8d:f0:68:
85:96:6c:a9:7b:94:96:8d:bb:6d:21:67:80:b8:4c:b8:e5:25:
04:dc:4a:fe:51:c7:ed:97:17:96:86:eb:99:93:7f:27:17:89:
ea:3a:6a:9d:28:d9:68:60:16:31:61:95:38:c1:0d:01:59:70:
e9:e9:da:4f:7b:f2:fa:c8:f0:1f:6c:df:f8:02:47:83:8c:dd:
17:95:43:22:9e:72:ac:ab:b5:e8:00:14:96:19:18:df:0d:5a:
6c:b8:4c:1a:89:98:a0:55:61:60:e0:70:8a:13:e9:88:d8:da:
2a:d1:01:97:fe:8c:58:94:d7:6c:31:cb:0c:d3:3c:72:17:5f:
70:c1:58:b2:be:17:64:6a:64:0b:0b:f2:88:e9:74:d0:37:75:
27:7d:20:ce
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYHykhlrUyy/hwZScxyc3OoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMGNiNGI4ZDU2OTQ3NzUxMmNlNTc4ODViYTZhMjg5OGZi
YzJkOTUwHhcNMjIwNzEyMTMyMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY0NjFhZWQyYmIyMzRlNGFjNzIzNjc5OTFlY2MwYThlZTVhMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgyGq5k+I/wpDLwHuyPy8Kr4Lsla
AZZk3zxLWm07O4qPPTxA1yzO3Wgu+MLPWGtX3FaKv4ymwAAx4V9cLb09pFRIyj/x
VHserGoK1ebmUZJ1p7h4IBpd8u4x13HZ3fea7TzrXuSFewDD7Umcw0MGJ5L+xs8V
9ssykb+O6UPZCUyoSfcXRb+/n7QXKOAK1as5GQVapHndraKGVzWsjVgYaE8TEmv2
H6rff5XEhyLrgg/UAYENUJgBzSmMYLCV8Cm3KOmva9+fxxK5NKaFgX837pblmJBH
sEaIoKamr6Yl93TzvhwmWDCGTSuGxG/z0/F3kvzHoWX6lVhzXqYyD5vaMwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBFkYa7SuyNOSscjZ5kezAqO5aI0MB8GA1UdIwQY
MBaAFKAMtLjVaUd1Es5XiFumoomPvC2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUt
MThjNzBlYmY2ODFhLzEvRVdSaHJ0SzdJMDVLeHlObm1SN01Dbzdsb2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mOGZkNTktMDExNS00ZGIzLWJkODUtMThjNzBlYmY2ODFh
LzEvb0F5MHVOVnBSM1VTemxlSVc2YWlpWS04TFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDsDnwAwQC
uQiQAwQCuYgoAwQCwjUEAwQAw4m6AwQAw4m8AwQAw4rcAwQAw5AXMA0EAgACMAcD
BQAqAZ2AMA0GCSqGSIb3DQEBCwUAA4IBAQASXZI2XKVs3YzI1gxcUv6dvvyenUt1
ngUqNEWdaCUde4hliZVfzRp8g5y1S2JQFn0k46OKy7LuJWK7MOR42yGplg7in19M
8irn1VSvil6D0BwYJBLkYA4O4ONFhu+ZND3eGu4ILSwQrR+N8GiFlmype5SWjbtt
IWeAuEy45SUE3Er+UcftlxeWhuuZk38nF4nqOmqdKNloYBYxYZU4wQ0BWXDp6dpP
e/L6yPAfbN/4AkeDjN0XlUMinnKsq7XoABSWGRjfDVpsuEwaiZigVWFg4HCKE+mI
2Noq0QGX/oxYlNdsMcsM0zxyF19wwViyvhdkamQLC/KI6XTQN3UnfSDO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:23 2024 by rpki-client on console-fra.rpki-client.org