Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/ee00jwFYbX8gHPEC8CBQSHKPVuo.roa
File: ee00jwFYbX8gHPEC8CBQSHKPVuo.roa (raw, json)
Hash identifier: 9rNQQNbEwm/RvzK4m6jZavVILKhChHp3BPu+KCzlGzs=
Subject key identifier: 79:ED:34:8F:01:58:6D:7F:20:1C:F1:02:F0:20:50:48:72:8F:56:EA
Certificate issuer: /CN=9e563c426d1aae4ed1e7f59536749022089e8479
Certificate serial: 01847508FC40B0658A199E7F0936D4572020
Authority key identifier: 9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/ee00jwFYbX8gHPEC8CBQSHKPVuo.roa
Signing time: Mon 14 Nov 2022 07:27:13 +0000
ROA not before: Mon 14 Nov 2022 07:27:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3238
IP address blocks: 213.204.32.0/19 maxlen: 24
79.133.0.0/19 maxlen: 19
194.110.176.0/20 maxlen: 24
212.17.160.0/19 maxlen: 24
194.112.0.0/20 maxlen: 20
82.199.160.0/19 maxlen: 24
2a00:5500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:08:fc:40:b0:65:8a:19:9e:7f:09:36:d4:57:20:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e563c426d1aae4ed1e7f59536749022089e8479
Validity
Not Before: Nov 14 07:27:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79ed348f01586d7f201cf102f0205048728f56ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a8:c1:63:a5:d6:90:25:0d:86:7f:0b:5a:4d:
14:ce:de:a1:c4:07:6b:3b:30:9b:57:f9:8d:c3:bb:
1f:90:08:f0:4c:7b:00:95:14:0e:36:dc:fa:2d:8a:
c8:f3:8b:b1:64:b2:01:f1:e2:8c:72:d9:d9:99:d8:
c1:0d:35:7d:2f:21:cd:51:1c:4d:53:8b:eb:14:34:
c5:52:82:ea:a6:39:f7:33:d8:e2:ee:76:45:bd:fb:
e1:ae:9c:8d:2c:d3:83:b2:00:21:e6:f4:7f:07:2d:
1e:3d:b1:1c:d3:e0:63:d3:d5:63:da:54:65:f4:6d:
39:0a:ca:61:cc:3f:c6:cd:e2:25:4e:e9:c3:6b:2a:
ed:31:88:6b:73:27:99:f6:61:1d:29:99:ec:a2:a2:
da:65:bf:34:d1:8f:31:52:bc:95:8d:66:f0:cf:6a:
a1:69:0a:7a:b8:c5:ed:0e:77:6d:2d:33:78:ed:f4:
f5:cd:f4:f8:81:46:e7:7c:31:10:f7:c2:93:1c:7e:
6b:a9:83:cd:b4:38:1a:2f:90:31:3e:87:20:ec:59:
55:e9:04:a6:e8:b5:bf:5b:a4:d3:fe:d3:17:70:3a:
e9:b4:49:c1:a6:5a:56:ef:8c:a6:28:c4:db:80:f0:
98:87:3d:7e:3e:81:60:e5:57:58:14:b7:a0:9f:54:
ce:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:ED:34:8F:01:58:6D:7F:20:1C:F1:02:F0:20:50:48:72:8F:56:EA
X509v3 Authority Key Identifier:
keyid:9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/ee00jwFYbX8gHPEC8CBQSHKPVuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.0.0/19
82.199.160.0/19
194.110.176.0/20
194.112.0.0/20
212.17.160.0/19
213.204.32.0/19
IPv6:
2a00:5500::/32
Signature Algorithm: sha256WithRSAEncryption
3f:6e:4e:df:d8:52:5b:11:72:7d:32:f7:58:9b:17:68:15:be:
56:66:cc:e9:8c:b0:13:b7:cd:68:ba:7b:d1:4f:0b:53:36:5e:
ba:e0:f1:23:ec:88:00:75:50:a7:75:14:a9:a2:9b:7e:e4:ca:
a9:71:29:fc:5b:b8:5c:29:4c:7b:bd:a5:84:17:82:e7:89:70:
6a:d9:91:68:37:6c:bc:19:43:fe:51:fc:f1:a8:21:87:aa:1d:
9a:8c:ad:bf:c2:f6:5f:d3:68:36:d2:47:71:54:c9:c0:2f:02:
71:26:74:32:c1:b5:d0:d5:c0:16:c0:56:3e:30:4d:93:cd:bb:
29:b0:76:fd:17:e4:46:08:87:3d:fb:cf:0b:6c:9a:9c:c1:16:
39:1a:f4:55:3b:f3:df:76:4f:0f:f9:fe:cd:44:65:10:85:ad:
a1:2a:e2:81:5a:76:0e:48:0f:21:7d:b0:46:5d:fc:93:5e:72:
88:db:e8:a2:ea:81:e1:73:c9:3c:ba:ed:01:af:2c:32:3c:48:
05:60:8f:9b:ee:e2:1c:ca:1d:e4:29:43:ce:4c:3f:e9:49:e4:
c9:4a:0b:f3:39:3d:0e:7f:77:54:8b:3c:5a:b2:af:57:01:ac:
43:77:75:10:5c:96:d4:4c:75:c6:e5:bc:fb:70:3b:12:cc:ee:
ca:dc:f5:5f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYR1CPxAsGWKGZ5/CTbUVyAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTYzYzQyNmQxYWFlNGVkMWU3ZjU5NTM2NzQ5MDIyMDg5
ZTg0NzkwHhcNMjIxMTE0MDcyNzEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWVkMzQ4ZjAxNTg2ZDdmMjAxY2YxMDJmMDIwNTA0ODcyOGY1NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKjBY6XWkCUNhn8LWk0Uzt6hxAdr
OzCbV/mNw7sfkAjwTHsAlRQONtz6LYrI84uxZLIB8eKMctnZmdjBDTV9LyHNURxN
U4vrFDTFUoLqpjn3M9ji7nZFvfvhrpyNLNODsgAh5vR/By0ePbEc0+Bj09Vj2lRl
9G05CsphzD/GzeIlTunDayrtMYhrcyeZ9mEdKZnsoqLaZb800Y8xUryVjWbwz2qh
aQp6uMXtDndtLTN47fT1zfT4gUbnfDEQ98KTHH5rqYPNtDgaL5AxPocg7FlV6QSm
6LW/W6TT/tMXcDrptEnBplpW74ymKMTbgPCYhz1+PoFg5VdYFLegn1TOMQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHntNI8BWG1/IBzxAvAgUEhyj1bqMB8GA1UdIwQY
MBaAFJ5WPEJtGq5O0ef1lTZ0kCIInoR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAt
YWZiY2YzNjZiYjA3LzEvZWUwMGp3RlliWDhnSFBFQzhDQlFTSEtQVnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAtYWZiY2YzNjZiYjA3
LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFT4UAAwQF
UsegAwQEwm6wAwQEwnAAAwQF1BGgAwQF1cwgMA0EAgACMAcDBQAqAFUAMA0GCSqG
SIb3DQEBCwUAA4IBAQA/bk7f2FJbEXJ9MvdYmxdoFb5WZszpjLATt81ounvRTwtT
Nl664PEj7IgAdVCndRSpopt+5MqpcSn8W7hcKUx7vaWEF4LniXBq2ZFoN2y8GUP+
UfzxqCGHqh2ajK2/wvZf02g20kdxVMnALwJxJnQywbXQ1cAWwFY+ME2TzbspsHb9
F+RGCIc9+88LbJqcwRY5GvRVO/Pfdk8P+f7NRGUQha2hKuKBWnYOSA8hfbBGXfyT
XnKI2+ii6oHhc8k8uu0BrywyPEgFYI+b7uIcyh3kKUPOTD/pSeTJSgvzOT0Of3dU
izxasq9XAaxDd3UQXJbUTHXG5bz7cDsSzO7K3PVf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:09 2023 by rpki-client on console-fra.rpki-client.org