Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/EYIqY5q9l3Ot5embWIdcH28tx18.roa
File: EYIqY5q9l3Ot5embWIdcH28tx18.roa (raw, json)
Hash identifier: YdilGmUyOTha1j/DsY4FgrOPbmerEJVt2WVZoRmO2K8=
Subject key identifier: 11:82:2A:63:9A:BD:97:73:AD:E5:E9:9B:58:87:5C:1F:6F:2D:C7:5F
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01853EC71375B62A6CF386C2C3FA498FCE85
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/EYIqY5q9l3Ot5embWIdcH28tx18.roa
Signing time: Fri 23 Dec 2022 11:38:32 +0000
ROA not before: Fri 23 Dec 2022 11:38:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60461
IP address blocks: 185.14.93.0/24 maxlen: 24
185.14.92.0/24 maxlen: 24
94.154.50.0/24 maxlen: 24
94.154.55.0/24 maxlen: 24
37.114.32.0/19 maxlen: 24
37.114.33.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.46.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
2a00:ccc3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:c7:13:75:b6:2a:6c:f3:86:c2:c3:fa:49:8f:ce:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Dec 23 11:38:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11822a639abd9773ade5e99b58875c1f6f2dc75f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2d:60:aa:fe:18:29:be:15:98:65:85:eb:7f:
69:96:93:92:92:97:78:07:b2:c2:24:c3:fc:dd:3b:
47:32:82:f4:1c:61:14:08:d7:07:f9:96:da:03:fa:
92:32:48:ac:f5:7e:ea:35:f3:96:b5:95:e7:a9:65:
5b:17:35:2d:cb:82:3f:aa:56:82:7f:e8:7c:1c:26:
ed:8c:d3:b7:39:89:62:36:62:ab:eb:7f:34:42:da:
8a:ec:af:fe:14:37:3f:f0:f0:3a:cd:91:7b:30:47:
a2:a4:28:cf:f6:6f:57:3c:84:45:bb:dd:1c:42:27:
04:94:ce:6e:10:6c:60:90:9d:ae:d3:03:3b:de:97:
c5:08:6e:82:7c:69:90:7f:2e:dc:3e:b7:1b:7d:01:
f0:7f:0a:37:cb:fc:a5:e6:97:12:87:cd:29:47:ab:
b5:96:88:3f:b4:3f:ce:37:04:11:ce:e7:b8:67:06:
a5:f9:03:ca:60:e9:00:8c:e3:52:eb:66:00:af:cd:
77:94:a8:4c:8c:84:91:a0:3a:e7:cd:8a:df:1a:cc:
b1:cc:93:64:83:37:32:a8:ae:77:ca:21:ef:3e:9d:
e2:bc:52:26:7e:68:b5:5d:47:a5:70:29:33:ee:61:
e3:0c:c6:0b:5d:c9:6e:0e:b0:22:77:22:5f:45:40:
11:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:82:2A:63:9A:BD:97:73:AD:E5:E9:9B:58:87:5C:1F:6F:2D:C7:5F
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/EYIqY5q9l3Ot5embWIdcH28tx18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/23
94.154.50.0/24
94.154.55.0/24
176.100.36.0/22
185.14.92.0/23
IPv6:
2a00:ccc3::/32
Signature Algorithm: sha256WithRSAEncryption
71:77:1e:fa:43:b8:49:15:be:ea:dc:b9:3f:73:d5:9d:bf:a0:
5d:53:1e:1b:38:12:5d:fa:b0:ef:90:c2:9e:55:d3:95:bd:19:
5a:85:3f:f9:32:6b:69:85:77:a7:b3:d6:82:50:68:0d:90:9c:
43:a1:f4:cc:31:af:4a:3c:27:5c:2f:71:3a:e9:55:82:f5:1d:
fc:9b:ba:da:d0:86:75:96:c3:d9:bc:63:2a:4c:a2:bb:5e:51:
1a:9d:8c:e5:b3:a5:a5:6c:b2:03:a9:fd:7e:c2:23:49:d2:ad:
25:13:b4:ca:db:0c:e1:38:05:60:15:71:4f:1d:84:b3:bc:09:
fb:2f:2d:82:90:c7:63:19:59:ee:04:6a:87:a1:ca:4e:ad:01:
49:bc:de:03:e8:ff:f4:a9:fa:a2:07:c6:36:42:7c:a6:0a:c5:
e5:b5:0c:a7:b1:19:9e:17:24:23:68:da:f3:92:5d:b8:2d:8f:
e2:35:92:be:a8:6c:85:4d:ef:4e:2e:70:cb:4f:e4:02:68:ef:
1b:de:e1:50:c1:b0:3c:27:35:25:2b:a2:46:6c:f3:f2:cc:b4:
60:35:37:26:cc:78:b7:0b:89:60:7d:e4:04:ed:b1:ad:01:d2:
d7:a2:75:4f:aa:2e:d6:1a:ca:60:14:ef:ca:16:b0:92:e6:19:
04:a4:b5:0b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYU+xxN1tips84bCw/pJj86FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjIxMjIzMTEzODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTgyMmE2MzlhYmQ5NzczYWRlNWU5OWI1ODg3NWMxZjZmMmRjNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny1gqv4YKb4VmGWF639plpOSkpd4
B7LCJMP83TtHMoL0HGEUCNcH+ZbaA/qSMkis9X7qNfOWtZXnqWVbFzUty4I/qlaC
f+h8HCbtjNO3OYliNmKr6380QtqK7K/+FDc/8PA6zZF7MEeipCjP9m9XPIRFu90c
QicElM5uEGxgkJ2u0wM73pfFCG6CfGmQfy7cPrcbfQHwfwo3y/yl5pcSh80pR6u1
log/tD/ONwQRzue4Zwal+QPKYOkAjONS62YAr813lKhMjISRoDrnzYrfGsyxzJNk
gzcyqK53yiHvPp3ivFImfmi1XUelcCkz7mHjDMYLXcluDrAidyJfRUARPwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBGCKmOavZdzreXpm1iHXB9vLcdfMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvRVlJcVk1cTlsM090NWVtYldJZGNIMjh0eDE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFJXIgAwQB
K/ugAwQAXpoyAwQAXpo3AwQCsGQkAwQBuQ5cMA0EAgACMAcDBQAqAMzDMA0GCSqG
SIb3DQEBCwUAA4IBAQBxdx76Q7hJFb7q3Lk/c9Wdv6BdUx4bOBJd+rDvkMKeVdOV
vRlahT/5MmtphXens9aCUGgNkJxDofTMMa9KPCdcL3E66VWC9R38m7ra0IZ1lsPZ
vGMqTKK7XlEanYzls6WlbLIDqf1+wiNJ0q0lE7TK2wzhOAVgFXFPHYSzvAn7Ly2C
kMdjGVnuBGqHocpOrQFJvN4D6P/0qfqiB8Y2QnymCsXltQynsRmeFyQjaNrzkl24
LY/iNZK+qGyFTe9OLnDLT+QCaO8b3uFQwbA8JzUlK6JGbPPyzLRgNTcmzHi3C4lg
feQE7bGtAdLXonVPqi7WGspgFO/KFrCS5hkEpLUL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org