Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/EpIETloX7xqRflkc1GKzOmQ85CE.roa
File: EpIETloX7xqRflkc1GKzOmQ85CE.roa (raw, json)
Hash identifier: vD6ePPq/Qut+Al+kiab4RRxLrJoL6ZIoCsrghAzB9ZA=
Subject key identifier: 12:92:04:4E:5A:17:EF:1A:91:7E:59:1C:D4:62:B3:3A:64:3C:E4:21
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 01848ECC797CF0C63BE2BC73DDD78AB75ACE
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/EpIETloX7xqRflkc1GKzOmQ85CE.roa
Signing time: Sat 19 Nov 2022 07:31:15 +0000
ROA not before: Sat 19 Nov 2022 07:31:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48011
IP address blocks: 45.89.236.0/22 maxlen: 24
213.232.203.0/24 maxlen: 24
185.227.136.0/24 maxlen: 24
185.227.139.0/24 maxlen: 24
185.227.137.0/24 maxlen: 24
185.227.138.0/24 maxlen: 24
2a0c:6600:1::/48 maxlen: 48
2a0c:6600:2::/48 maxlen: 48
2a0c:6600::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8e:cc:79:7c:f0:c6:3b:e2:bc:73:dd:d7:8a:b7:5a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Nov 19 07:31:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1292044e5a17ef1a917e591cd462b33a643ce421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:45:22:6c:45:29:23:64:cb:57:50:d5:5e:33:
cc:b3:9f:22:f0:51:18:34:f4:6a:ab:4a:54:70:18:
b9:83:15:d3:b4:40:e8:77:4b:b3:84:95:16:ed:c6:
dd:89:9d:8f:ab:8f:59:a0:83:db:ff:32:d0:6e:04:
41:9f:fa:48:2d:f8:30:93:38:29:37:0a:fa:90:00:
e5:0a:65:e0:f9:f6:5d:25:8f:c6:38:3d:ac:b6:a8:
b2:d6:1d:97:d6:21:1b:83:fc:be:18:6c:6a:ef:b9:
d1:1c:79:9f:3f:20:c5:f3:46:98:65:4f:b8:95:9f:
a8:0a:3a:a2:73:12:e2:03:ac:80:14:4d:82:c1:d4:
06:1e:2b:ce:01:13:63:ba:7b:65:f1:0f:7c:9e:1c:
72:fd:7c:15:7a:03:2d:d7:9c:d5:2a:5c:84:ec:a7:
21:40:c9:89:cf:9c:bf:3e:b9:31:a0:83:ed:7d:ab:
38:1b:d4:2d:ae:8a:36:14:1d:31:a6:81:e8:7f:13:
17:f2:a7:66:81:53:d2:40:68:97:d8:2b:55:5b:b9:
71:35:d6:38:dc:23:a9:c9:75:70:42:78:29:67:7f:
7b:52:b7:62:9c:d3:d4:8f:4e:37:38:3a:5a:20:61:
1c:38:a7:52:df:9f:3e:3d:d8:c2:23:cd:b1:6e:b6:
6d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:92:04:4E:5A:17:EF:1A:91:7E:59:1C:D4:62:B3:3A:64:3C:E4:21
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/EpIETloX7xqRflkc1GKzOmQ85CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
185.227.136.0/22
213.232.203.0/24
IPv6:
2a0c:6600::-2a0c:6600:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a3:35:36:4d:be:c5:99:fd:d2:22:8e:c4:e9:cb:15:41:ea:b8:
11:df:d1:36:fc:db:de:65:45:13:e5:81:e0:3c:5b:80:8c:eb:
9c:2f:6c:db:6f:00:e9:27:d2:58:6f:36:9d:58:ec:0f:58:87:
c9:6e:72:8f:37:e8:55:36:5c:36:d9:fa:da:ee:3f:bf:0a:c0:
6e:3c:f9:a6:38:40:2e:af:49:a3:37:70:d0:9b:d1:fa:18:14:
cc:2a:0e:7a:6b:df:9b:a4:95:a7:cc:8c:1e:2c:48:fc:74:28:
1f:f1:18:72:d4:a2:6f:ae:ce:c2:b2:af:67:44:63:3b:3f:35:
00:93:99:bd:f9:70:6c:2a:76:0f:56:63:45:e3:36:38:b3:7c:
03:c2:3d:45:ea:de:85:2e:b4:9d:57:bc:79:e0:6a:48:fd:b8:
62:9d:eb:74:fb:72:01:75:22:ff:57:53:42:54:8e:ff:fe:b5:
ed:1f:9b:30:05:1c:10:34:cb:01:43:e0:06:8d:b6:a8:8b:9e:
c1:6f:c0:f6:b6:64:9d:d7:47:86:58:bf:f3:40:9a:75:c2:c5:
d8:76:9b:48:b0:e0:cd:2b:df:d9:a5:37:0e:99:53:a2:c7:19:
17:3a:1b:0d:30:b8:3a:8b:53:06:6a:5c:68:b0:6c:37:7b:9c:
ff:5e:7d:e5
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYSOzHl88MY74rxz3deKt1rOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjIxMTE5MDczMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjkyMDQ0ZTVhMTdlZjFhOTE3ZTU5MWNkNDYyYjMzYTY0M2NlNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkUibEUpI2TLV1DVXjPMs58i8FEY
NPRqq0pUcBi5gxXTtEDod0uzhJUW7cbdiZ2Pq49ZoIPb/zLQbgRBn/pILfgwkzgp
Nwr6kADlCmXg+fZdJY/GOD2stqiy1h2X1iEbg/y+GGxq77nRHHmfPyDF80aYZU+4
lZ+oCjqicxLiA6yAFE2CwdQGHivOARNjuntl8Q98nhxy/XwVegMt15zVKlyE7Kch
QMmJz5y/PrkxoIPtfas4G9Qtroo2FB0xpoHofxMX8qdmgVPSQGiX2CtVW7lxNdY4
3COpyXVwQngpZ397UrdinNPUj043ODpaIGEcOKdS358+PdjCI82xbrZtWQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFBKSBE5aF+8akX5ZHNRiszpkPOQhMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvRXBJRVRsb1g3eHFSZmxrYzFHS3pPbVE4NUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAYBAIAATASAwQCLVnsAwQC
ueOIAwQA1ejLMBcEAgACMBEwDwMEASoMZgMHACoMZgAAAjANBgkqhkiG9w0BAQsF
AAOCAQEAozU2Tb7Fmf3SIo7E6csVQeq4Ed/RNvzb3mVFE+WB4DxbgIzrnC9s228A
6SfSWG82nVjsD1iHyW5yjzfoVTZcNtn62u4/vwrAbjz5pjhALq9Jozdw0JvR+hgU
zCoOemvfm6SVp8yMHixI/HQoH/EYctSib67OwrKvZ0RjOz81AJOZvflwbCp2D1Zj
ReM2OLN8A8I9RerehS60nVe8eeBqSP24Yp3rdPtyAXUi/1dTQlSO//617R+bMAUc
EDTLAUPgBo22qIuewW/A9rZknddHhli/80CadcLF2HabSLDgzSvf2aU3DplToscZ
FzobDTC4OotTBmpcaLBsN3uc/1595Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:16 2024 by rpki-client on console-fra.rpki-client.org