Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/f5YQ6nhFzwaGAZs5iEQElTyg3Rg.roa
File: f5YQ6nhFzwaGAZs5iEQElTyg3Rg.roa (raw, json)
Hash identifier: veq5hrP2JUCtwUbO00E+i85IMrGdm0Iwe4efY3BhAv4=
Subject key identifier: 7F:96:10:EA:78:45:CF:06:86:01:9B:39:88:44:04:95:3C:A0:DD:18
Certificate issuer: /CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c
Certificate serial: 018216C0B12FAE6E31813DEB080DB74C2D3B
Authority key identifier: EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/f5YQ6nhFzwaGAZs5iEQElTyg3Rg.roa
Signing time: Tue 19 Jul 2022 13:58:23 +0000
ROA not before: Tue 19 Jul 2022 13:58:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62214
IP address blocks: 79.139.56.0/21 maxlen: 21
92.119.120.0/22 maxlen: 22
193.39.12.0/22 maxlen: 22
185.187.72.0/22 maxlen: 22
185.43.204.0/22 maxlen: 22
193.201.184.0/21 maxlen: 21
46.29.136.0/21 maxlen: 21
185.80.48.0/22 maxlen: 22
2a01:6ee0::/40 maxlen: 40
2a01:6ee0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:c0:b1:2f:ae:6e:31:81:3d:eb:08:0d:b7:4c:2d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c
Validity
Not Before: Jul 19 13:58:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f9610ea7845cf0686019b39884404953ca0dd18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:90:9e:f8:50:eb:41:b3:cf:55:44:f0:73:
1b:dd:16:5a:ac:3f:99:fe:a7:f4:63:b5:a0:9a:e4:
c9:3a:37:7c:b9:16:bc:aa:ac:da:76:ea:ea:8f:34:
6b:7c:17:c8:51:e5:fd:3c:68:be:f2:5d:d8:a5:97:
7d:cc:62:78:5b:d7:f4:8c:82:91:42:1f:d2:2c:00:
6d:16:4a:9b:b3:3d:a5:e2:b4:56:fc:54:df:46:b3:
7e:14:c0:10:b2:9d:61:c5:1f:4c:de:0a:fd:67:15:
4a:91:ba:f4:2e:28:74:94:1d:ae:cd:25:f0:98:5a:
03:5f:98:33:ec:39:c5:27:c0:04:3c:17:1a:53:46:
a9:27:d6:5a:b3:6a:25:64:39:08:77:48:e3:8b:0e:
97:3e:8e:8f:88:34:7d:df:7f:2e:b6:3b:87:1c:0b:
fc:4b:7d:55:5f:e5:9b:50:36:ec:89:36:9f:17:fa:
3c:75:a3:eb:f8:25:f1:46:cc:53:9b:21:68:f8:4f:
c7:ce:76:2c:d2:5f:b3:1d:fb:60:e5:32:af:c2:57:
ce:b0:d5:59:eb:36:ae:e9:3e:3a:f3:1e:21:65:92:
3f:0e:79:b8:0e:41:b1:ae:17:01:4d:8e:79:d4:7b:
43:5d:aa:b0:f8:87:33:a7:f6:f4:74:6d:16:57:40:
d7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:96:10:EA:78:45:CF:06:86:01:9B:39:88:44:04:95:3C:A0:DD:18
X509v3 Authority Key Identifier:
keyid:EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/f5YQ6nhFzwaGAZs5iEQElTyg3Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.136.0/21
79.139.56.0/21
92.119.120.0/22
185.43.204.0/22
185.80.48.0/22
185.187.72.0/22
193.39.12.0/22
193.201.184.0/21
IPv6:
2a01:6ee0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:19:cf:58:b6:18:99:d7:73:df:96:c8:75:10:f6:0c:34:18:
ed:15:f3:6d:e5:7d:db:d9:8b:8a:36:75:1f:1e:d0:6c:8b:0b:
e8:a6:a6:f2:df:1a:14:71:24:44:ea:0b:cf:3a:74:73:81:e6:
c2:df:f9:6f:1e:93:8e:eb:60:9b:af:da:48:f2:2b:40:a2:97:
6f:ff:c9:f3:53:e4:3c:b8:44:e0:6f:13:07:b6:71:2d:d0:b4:
8c:28:e8:f6:5d:87:76:f3:a8:f8:87:35:0e:79:16:d7:72:6d:
f6:91:0f:cf:3f:1c:e5:c4:70:9b:7e:75:7c:65:71:d9:d0:0c:
61:34:2c:53:9f:ac:61:36:bc:a9:88:12:4c:eb:88:cf:88:ec:
51:ac:e9:2d:3e:fd:51:1f:57:e5:d6:16:1c:7e:76:3b:d5:e1:
d4:00:2f:d7:5f:14:b7:ff:e6:aa:84:7b:ea:e1:f9:34:ce:a3:
39:43:4f:c0:31:b0:7f:33:66:90:ff:7b:6b:4c:3f:95:c4:32:
fb:85:cb:ed:d3:b6:00:f7:0b:73:0b:46:79:2d:ae:5f:3f:f6:
18:65:34:01:eb:0a:e9:1c:0f:a4:9a:68:7d:38:4c:fd:2f:b4:
32:6a:c2:8e:15:6d:78:13:40:3a:f0:91:b0:c9:06:55:86:98:
b2:01:9a:b6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYIWwLEvrm4xgT3rCA23TC07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYjFlYTVhMTA1MGE4MjkyMjRlYTQ4NmMwZTIyZWJmYzc1
ZDY0MGMwHhcNMjIwNzE5MTM1ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjk2MTBlYTc4NDVjZjA2ODYwMTliMzk4ODQ0MDQ5NTNjYTBkZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE2QnvhQ60Gzz1VE8HMb3RZarD+Z
/qf0Y7WgmuTJOjd8uRa8qqzadurqjzRrfBfIUeX9PGi+8l3YpZd9zGJ4W9f0jIKR
Qh/SLABtFkqbsz2l4rRW/FTfRrN+FMAQsp1hxR9M3gr9ZxVKkbr0Lih0lB2uzSXw
mFoDX5gz7DnFJ8AEPBcaU0apJ9Zas2olZDkId0jjiw6XPo6PiDR9338utjuHHAv8
S31VX+WbUDbsiTafF/o8daPr+CXxRsxTmyFo+E/HznYs0l+zHftg5TKvwlfOsNVZ
6zau6T468x4hZZI/Dnm4DkGxrhcBTY551HtDXaqw+Iczp/b0dG0WV0DXNQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFH+WEOp4Rc8GhgGbOYhEBJU8oN0YMB8GA1UdIwQY
MBaAFOyx6loQUKgpIk6khsDiLr/HXWQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2Ut
MDJmZmNlZmYxYWNjLzEvZjVZUTZuaEZ6d2FHQVpzNWlFUUVsVHlnM1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2UtMDJmZmNlZmYxYWNj
LzEvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDLh2IAwQD
T4s4AwQCXHd4AwQCuSvMAwQCuVAwAwQCubtIAwQCwScMAwQDwcm4MA0EAgACMAcD
BQAqAW7gMA0GCSqGSIb3DQEBCwUAA4IBAQCLGc9YthiZ13Pflsh1EPYMNBjtFfNt
5X3b2YuKNnUfHtBsiwvopqby3xoUcSRE6gvPOnRzgebC3/lvHpOO62Cbr9pI8itA
opdv/8nzU+Q8uETgbxMHtnEt0LSMKOj2XYd286j4hzUOeRbXcm32kQ/PPxzlxHCb
fnV8ZXHZ0AxhNCxTn6xhNrypiBJM64jPiOxRrOktPv1RH1fl1hYcfnY71eHUAC/X
XxS3/+aqhHvq4fk0zqM5Q0/AMbB/M2aQ/3trTD+VxDL7hcvt07YA9wtzC0Z5La5f
P/YYZTQB6wrpHA+kmmh9OEz9L7QyasKOFW14E0A68JGwyQZVhpiyAZq2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:38 2023 by rpki-client on console-ams.rpki-client.org