Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/cbS6cmI3EB4uFUa7HtHUFvHYbDE.roa
File: cbS6cmI3EB4uFUa7HtHUFvHYbDE.roa (raw, json)
Hash identifier: lP+SMTT9hfJSfneHpUV4OpY/VCDV+6YPEdzD0iZ/qeU=
Subject key identifier: 71:B4:BA:72:62:37:10:1E:2E:15:46:BB:1E:D1:D4:16:F1:D8:6C:31
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 01888D2E758B585B9CF8F65345D8F4A8DC6E
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/cbS6cmI3EB4uFUa7HtHUFvHYbDE.roa
Signing time: Mon 05 Jun 2023 20:10:12 +0000
ROA not before: Mon 05 Jun 2023 20:10:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12618
IP address blocks: 89.191.144.0/20 maxlen: 23
46.239.144.0/20 maxlen: 20
94.141.128.0/19 maxlen: 19
46.238.248.0/21 maxlen: 21
212.122.216.0/22 maxlen: 22
212.122.220.0/22 maxlen: 22
46.238.192.0/19 maxlen: 19
46.239.160.0/19 maxlen: 19
46.238.224.0/22 maxlen: 22
46.238.232.0/24 maxlen: 24
46.238.228.0/22 maxlen: 22
46.238.239.0/24 maxlen: 24
46.238.234.0/23 maxlen: 23
2001:90e::/32 maxlen: 32
2001:90c::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8d:2e:75:8b:58:5b:9c:f8:f6:53:45:d8:f4:a8:dc:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jun 5 20:10:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71b4ba726237101e2e1546bb1ed1d416f1d86c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b5:4f:71:51:13:f2:7f:32:f9:a8:19:a8:5e:
86:f4:ff:d4:f4:63:a0:20:8a:a7:9f:23:02:55:62:
e0:c8:7f:a8:0e:c7:a9:13:42:64:3f:ab:b2:c3:e0:
03:cf:3e:0c:cf:23:a2:0b:6d:62:b1:ea:bd:e5:40:
fe:83:5d:56:91:c5:db:bd:f9:a6:9a:e9:95:6e:da:
cd:19:ba:b9:4c:70:85:d0:ce:b6:69:9a:0b:10:f7:
24:43:1f:7e:a1:56:ff:08:0e:73:6d:41:45:55:99:
60:e1:97:b2:c4:55:6d:14:a2:ba:0f:9e:94:65:20:
9e:21:84:3b:43:58:45:25:c9:be:77:fe:79:b1:16:
71:3a:29:27:11:f6:8a:b2:de:32:6a:d1:07:2b:90:
ec:45:57:da:b4:4d:fc:56:22:1f:9d:b8:d3:10:4d:
9e:5f:f7:48:cf:db:5e:36:06:ec:e2:4b:03:1c:10:
a6:54:91:a9:01:c4:f0:bc:f7:38:71:06:ba:9b:41:
84:92:8a:7f:f6:c9:8c:70:28:b2:1e:19:53:e2:3e:
9b:d3:2e:e7:70:59:26:8e:d8:ec:fd:76:5e:14:70:
ee:68:a3:46:95:b1:eb:18:49:23:b4:9b:1a:15:67:
69:bc:6c:5e:5d:f3:5a:54:a4:92:aa:66:3f:99:61:
6a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B4:BA:72:62:37:10:1E:2E:15:46:BB:1E:D1:D4:16:F1:D8:6C:31
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/cbS6cmI3EB4uFUa7HtHUFvHYbDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.192.0-46.238.232.255
46.238.234.0/23
46.238.239.0/24
46.238.248.0/21
46.239.144.0-46.239.191.255
89.191.144.0/20
94.141.128.0/19
212.122.216.0/21
IPv6:
2001:90c::-2001:90e:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:66:80:c3:a6:9e:34:c2:02:e4:be:bf:50:d6:aa:21:3b:13:
fe:57:e7:51:44:3e:8c:3c:b9:6b:e8:7f:db:80:a3:00:31:f4:
e3:d1:58:e9:49:e3:a2:3f:68:47:44:64:80:a8:8c:74:d1:ef:
f6:a0:0e:2a:25:a7:10:28:ef:f1:f9:d2:14:6a:6e:e5:20:ac:
cf:67:ac:05:74:0d:ba:9a:12:09:fc:82:73:bf:d0:93:21:cb:
35:b8:bd:4d:ce:00:47:23:ee:72:f1:1f:0a:d5:e8:27:bc:5d:
e5:9b:dd:51:3e:c3:f4:80:ae:ec:ef:fb:9c:2b:d0:15:ee:b2:
a1:9c:e4:47:46:71:1f:dc:6f:c8:81:ee:69:7e:75:27:e9:0a:
0e:d7:f3:28:40:ba:90:e6:21:ce:09:95:c3:17:83:a9:a6:20:
1a:df:44:a1:ff:c9:ee:be:a3:cc:3b:f3:d2:af:65:d6:66:55:
0f:45:df:5d:a3:90:91:cb:ca:47:29:47:01:55:51:16:ed:ef:
2d:0a:cf:43:07:0f:b2:b3:5d:9c:38:f3:f8:a0:25:58:23:46:
c8:df:33:d7:53:41:01:4b:d9:bc:21:09:b4:d7:2a:02:3b:77:
16:4d:f8:c8:05:59:bf:a7:06:1f:83:88:fc:ed:a3:90:d5:ab:
ea:26:57:0e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYiNLnWLWFuc+PZTRdj0qNxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjMwNjA1MjAxMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWI0YmE3MjYyMzcxMDFlMmUxNTQ2YmIxZWQxZDQxNmYxZDg2YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LVPcVET8n8y+agZqF6G9P/U9GOg
IIqnnyMCVWLgyH+oDsepE0JkP6uyw+ADzz4MzyOiC21iseq95UD+g11WkcXbvfmm
mumVbtrNGbq5THCF0M62aZoLEPckQx9+oVb/CA5zbUFFVZlg4ZeyxFVtFKK6D56U
ZSCeIYQ7Q1hFJcm+d/55sRZxOiknEfaKst4yatEHK5DsRVfatE38ViIfnbjTEE2e
X/dIz9teNgbs4ksDHBCmVJGpAcTwvPc4cQa6m0GEkop/9smMcCiyHhlT4j6b0y7n
cFkmjtjs/XZeFHDuaKNGlbHrGEkjtJsaFWdpvGxeXfNaVKSSqmY/mWFq6wIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFHG0unJiNxAeLhVGux7R1Bbx2GwxMB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEvY2JTNmNtSTNFQjR1RlVhN0h0SFVGdkhZYkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBGBAIAATBAMAwDBAYu7sAD
BAAu7ugDBAEu7uoDBAAu7u8DBAMu7vgwDAMEBC7vkAMEBi7vgAMEBFm/kAMEBV6N
gAMEA9R62DAWBAIAAjAQMA4DBQIgAQkMAwUAIAEJDjANBgkqhkiG9w0BAQsFAAOC
AQEAT2aAw6aeNMIC5L6/UNaqITsT/lfnUUQ+jDy5a+h/24CjADH049FY6Unjoj9o
R0RkgKiMdNHv9qAOKiWnECjv8fnSFGpu5SCsz2esBXQNupoSCfyCc7/QkyHLNbi9
Tc4ARyPucvEfCtXoJ7xd5ZvdUT7D9ICu7O/7nCvQFe6yoZzkR0ZxH9xvyIHuaX51
J+kKDtfzKEC6kOYhzgmVwxeDqaYgGt9Eof/J7r6jzDvz0q9l1mZVD0XfXaOQkcvK
RylHAVVRFu3vLQrPQwcPsrNdnDjz+KAlWCNGyN8z11NBAUvZvCEJtNcqAjt3Fk34
yAVZv6cGH4OI/O2jkNWr6iZXDg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:13 2025 by rpki-client