Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/EcqRBAdrxhekEQZAu_jA762yOT4.roa
File: EcqRBAdrxhekEQZAu_jA762yOT4.roa (raw, json)
Hash identifier: ewPraunIjZB7XBMFcfy8bHtkqbgRRYU6QFhIonzlmiU=
Subject key identifier: 11:CA:91:04:07:6B:C6:17:A4:11:06:40:BB:F8:C0:EF:AD:B2:39:3E
Certificate issuer: /CN=be8c0a74f47312df298a46095e47525d515854a1
Certificate serial: 0184A4D336A4CC7527D69EB22D814FAA4FA8
Authority key identifier: BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/EcqRBAdrxhekEQZAu_jA762yOT4.roa
Signing time: Wed 23 Nov 2022 14:10:15 +0000
ROA not before: Wed 23 Nov 2022 14:10:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12963
IP address blocks: 94.232.208.0/24 maxlen: 24
94.232.209.0/24 maxlen: 24
94.232.210.0/24 maxlen: 24
94.232.211.0/24 maxlen: 24
94.232.212.0/24 maxlen: 24
176.97.3.0/24 maxlen: 24
176.97.4.0/22 maxlen: 22
176.97.0.0/23 maxlen: 23
176.97.2.0/24 maxlen: 24
91.218.72.0/24 maxlen: 24
91.218.73.0/24 maxlen: 24
91.218.74.0/24 maxlen: 24
91.218.75.0/24 maxlen: 24
91.197.168.0/24 maxlen: 24
91.197.169.0/24 maxlen: 24
91.197.170.0/24 maxlen: 24
91.197.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:d3:36:a4:cc:75:27:d6:9e:b2:2d:81:4f:aa:4f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8c0a74f47312df298a46095e47525d515854a1
Validity
Not Before: Nov 23 14:10:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11ca9104076bc617a4110640bbf8c0efadb2393e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:53:b3:d1:d2:a0:30:c1:fb:76:9e:00:44:22:
73:eb:5a:fe:c7:a9:91:0e:86:4e:72:fe:1b:3e:9b:
4f:66:49:0e:81:4f:21:14:2b:16:8f:2c:2e:a1:d6:
ab:61:0f:07:6a:b7:6c:09:33:9f:68:45:c4:f1:96:
3a:49:db:80:a4:a4:93:af:2e:f1:43:25:86:ff:2c:
2d:0c:13:1e:ba:71:41:b8:f5:36:d6:58:c6:02:52:
41:61:ef:ed:9e:1d:fb:4e:22:16:20:5e:9d:eb:e9:
e1:0a:b4:0c:2e:a5:92:16:aa:2d:66:c2:2e:86:bb:
22:e7:2d:85:e9:f0:5c:92:f9:93:f4:a7:d1:38:35:
d0:e5:ac:ef:94:19:34:26:d1:57:57:71:ee:87:37:
46:d0:73:18:73:d5:4c:de:00:eb:70:73:cb:b8:e9:
2d:07:9e:fb:36:3d:9f:91:d0:5d:c5:f2:4e:8b:7d:
8f:27:5b:c8:c5:d6:1d:2e:23:67:ab:d9:0a:b4:01:
6c:8b:93:a6:ea:dd:26:79:e2:95:34:8b:e2:53:b6:
52:1c:ea:d9:da:e6:2b:da:df:1c:01:6e:d8:b6:b5:
db:e8:9b:6c:40:1a:d8:31:0b:13:94:b9:6b:04:64:
1e:3b:e4:50:1d:d2:f8:c4:4d:0a:2b:8b:66:2d:98:
85:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:CA:91:04:07:6B:C6:17:A4:11:06:40:BB:F8:C0:EF:AD:B2:39:3E
X509v3 Authority Key Identifier:
keyid:BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/EcqRBAdrxhekEQZAu_jA762yOT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.168.0/22
91.218.72.0/22
94.232.208.0-94.232.212.255
176.97.0.0/21
Signature Algorithm: sha256WithRSAEncryption
86:1e:5d:8e:bc:e2:29:0f:0c:39:ae:33:6a:2a:ce:54:47:f6:
ed:9e:86:ea:7e:c7:c7:8b:d0:a9:b5:f6:5a:85:ee:8d:bf:76:
58:8d:a7:9f:bc:d6:9c:3c:f6:a8:8d:6e:23:90:70:f6:15:b9:
d8:97:6c:b6:bb:4c:d2:d1:cd:49:23:3d:d2:4c:dc:c6:a7:e9:
56:64:b7:d8:94:2b:1f:42:72:c1:90:64:f6:ef:fe:66:3c:eb:
45:4b:15:63:ba:61:c3:61:df:e7:1d:c2:6e:44:1a:95:11:8f:
60:a4:72:a9:06:0c:79:1e:d2:9d:6c:74:16:f3:72:e0:7d:9c:
e2:4d:95:5c:b9:59:26:7c:1b:78:02:19:2a:58:d3:9e:29:ad:
97:67:1e:4b:f5:3f:e9:85:ad:97:c6:2b:02:79:02:59:01:4d:
de:41:4b:0b:5a:ad:25:6b:b2:9d:9f:56:d1:5b:9b:8e:70:2d:
5e:a0:87:db:b9:ed:74:79:fd:6b:dd:b8:96:0d:8a:e9:18:2c:
f7:a9:c1:8d:45:3d:b1:ce:2b:92:a6:db:1b:3b:b8:f1:39:48:
84:ec:b3:23:8e:8d:ca:d2:ca:d0:66:c6:01:ec:65:25:e1:4f:
f0:f1:0b:03:4f:c4:73:06:f6:0f:1b:6e:0f:32:44:dd:b1:c7:
54:3f:b9:f0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYSk0zakzHUn1p6yLYFPqk+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGMwYTc0ZjQ3MzEyZGYyOThhNDYwOTVlNDc1MjVkNTE1
ODU0YTEwHhcNMjIxMTIzMTQxMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWNhOTEwNDA3NmJjNjE3YTQxMTA2NDBiYmY4YzBlZmFkYjIzOTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1Oz0dKgMMH7dp4ARCJz61r+x6mR
DoZOcv4bPptPZkkOgU8hFCsWjywuodarYQ8HardsCTOfaEXE8ZY6SduApKSTry7x
QyWG/ywtDBMeunFBuPU21ljGAlJBYe/tnh37TiIWIF6d6+nhCrQMLqWSFqotZsIu
hrsi5y2F6fBckvmT9KfRODXQ5azvlBk0JtFXV3HuhzdG0HMYc9VM3gDrcHPLuOkt
B577Nj2fkdBdxfJOi32PJ1vIxdYdLiNnq9kKtAFsi5Om6t0meeKVNIviU7ZSHOrZ
2uYr2t8cAW7YtrXb6JtsQBrYMQsTlLlrBGQeO+RQHdL4xE0KK4tmLZiFkwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBHKkQQHa8YXpBEGQLv4wO+tsjk+MB8GA1UdIwQY
MBaAFL6MCnT0cxLfKYpGCV5HUl1RWFShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMt
MjhlNDE2Y2YxMWNmLzEvRWNxUkJBZHJ4aGVrRVFaQXVfakE3NjJ5T1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMtMjhlNDE2Y2YxMWNm
LzEvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCW8WoAwQC
W9pIMAwDBARe6NADBABe6NQDBAOwYQAwDQYJKoZIhvcNAQELBQADggEBAIYeXY68
4ikPDDmuM2oqzlRH9u2ehup+x8eL0Km19lqF7o2/dliNp5+81pw89qiNbiOQcPYV
udiXbLa7TNLRzUkjPdJM3Man6VZkt9iUKx9CcsGQZPbv/mY860VLFWO6YcNh3+cd
wm5EGpURj2CkcqkGDHke0p1sdBbzcuB9nOJNlVy5WSZ8G3gCGSpY054prZdnHkv1
P+mFrZfGKwJ5AlkBTd5BSwtarSVrsp2fVtFbm45wLV6gh9u57XR5/WvduJYNiukY
LPepwY1FPbHOK5Km2xs7uPE5SITssyOOjcrSytBmxgHsZSXhT/DxCwNPxHMG9g8b
bg8yRN2xx1Q/ufA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:38 2023 by rpki-client on console-ams.rpki-client.org