Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/1b1272-83c1-4864-9cd3-027c7f7dc6d5/1/Eda0NeIYaekK0HgTYtkt-P9TJrU.roa
File: Eda0NeIYaekK0HgTYtkt-P9TJrU.roa (raw, json)
Hash identifier: n57ohl0WJ4jjFLlvlicjAf7V/66wzSziXB1lyqpDJLg=
Subject key identifier: 11:D6:B4:35:E2:18:69:E9:0A:D0:78:13:62:D9:2D:F8:FF:53:26:B5
Certificate issuer: /CN=4f617d6b03e2fe5f8911cbeb5fae2dca3bd6677f
Certificate serial: 01856FF96C6ADF0515B08A863409026B473D
Authority key identifier: 4F:61:7D:6B:03:E2:FE:5F:89:11:CB:EB:5F:AE:2D:CA:3B:D6:67:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T2F9awPi_l-JEcvrX64tyjvWZ38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/1b1272-83c1-4864-9cd3-027c7f7dc6d5/1/Eda0NeIYaekK0HgTYtkt-P9TJrU.roa
Signing time: Mon 02 Jan 2023 00:54:55 +0000
ROA not before: Mon 02 Jan 2023 00:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44034
IP address blocks: 2.64.0.0/13 maxlen: 13
77.241.128.0/20 maxlen: 20
94.191.128.0/17 maxlen: 17
37.250.0.0/16 maxlen: 16
80.251.192.0/20 maxlen: 20
79.138.128.0/17 maxlen: 17
212.27.0.0/19 maxlen: 19
109.56.0.0/14 maxlen: 14
78.156.192.0/19 maxlen: 19
95.209.0.0/16 maxlen: 16
2a02:aa0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:6c:6a:df:05:15:b0:8a:86:34:09:02:6b:47:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f617d6b03e2fe5f8911cbeb5fae2dca3bd6677f
Validity
Not Before: Jan 2 00:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11d6b435e21869e90ad0781362d92df8ff5326b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:45:8d:36:ef:ca:f7:a4:cb:f0:f8:0b:cd:b2:
8b:8a:02:0b:41:aa:ca:1e:53:b7:55:40:a4:b9:4a:
6d:bb:9b:fd:5a:cc:05:3c:71:4c:b0:e4:f2:40:be:
4c:39:2c:2c:1f:06:95:fb:06:e0:27:73:b9:2d:d6:
04:44:5e:e6:16:1f:1e:dc:eb:c4:65:6a:ea:13:d5:
b2:32:2f:55:02:78:0f:75:11:97:3e:b8:88:b5:52:
ad:d3:e5:a2:ee:ca:b7:28:3b:20:a7:73:b8:e5:01:
e2:44:98:5a:8f:76:07:41:36:24:46:13:ca:a5:96:
8f:a1:c1:56:72:4e:4a:e9:15:0d:2f:0d:e1:bc:48:
91:6c:e9:b8:36:a3:42:a1:54:5c:36:f5:95:8d:dd:
ec:61:c5:e2:1f:1b:35:71:6a:3c:9b:04:61:7e:13:
df:ad:32:a3:90:cf:13:7b:a4:09:24:ea:30:7d:7e:
29:37:5a:84:45:b9:25:b5:7f:0f:24:a7:ef:18:0e:
7a:e1:0a:f4:42:5c:61:80:9f:7f:a7:e3:5f:04:c2:
62:25:5f:c9:5b:b1:25:09:82:c8:46:2c:f7:ad:f0:
f1:fb:ab:14:fd:d6:bf:49:64:e6:df:5f:f3:03:00:
40:83:4f:e9:9d:dc:5b:ee:62:fe:31:5b:c8:0e:3b:
92:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D6:B4:35:E2:18:69:E9:0A:D0:78:13:62:D9:2D:F8:FF:53:26:B5
X509v3 Authority Key Identifier:
keyid:4F:61:7D:6B:03:E2:FE:5F:89:11:CB:EB:5F:AE:2D:CA:3B:D6:67:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T2F9awPi_l-JEcvrX64tyjvWZ38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/1b1272-83c1-4864-9cd3-027c7f7dc6d5/1/Eda0NeIYaekK0HgTYtkt-P9TJrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/1b1272-83c1-4864-9cd3-027c7f7dc6d5/1/T2F9awPi_l-JEcvrX64tyjvWZ38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.64.0.0/13
37.250.0.0/16
77.241.128.0/20
78.156.192.0/19
79.138.128.0/17
80.251.192.0/20
94.191.128.0/17
95.209.0.0/16
109.56.0.0/14
212.27.0.0/19
IPv6:
2a02:aa0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:6d:b1:ee:81:a3:5b:8d:ed:c4:a7:e9:83:34:fd:b6:a3:9c:
cc:da:8f:c1:5a:48:30:fc:9a:dc:d0:02:3a:2d:f1:55:3b:79:
0a:7c:57:05:b0:68:8f:69:b7:8c:00:c0:f8:aa:04:cd:a6:d2:
af:ec:fd:0e:6a:f2:f4:de:09:ff:ff:f8:59:04:f4:75:37:eb:
84:2e:12:07:03:00:9e:ee:2e:90:07:6b:e0:49:20:93:6c:45:
62:8f:41:87:d0:a1:e9:86:47:b8:fc:e6:fd:9e:f7:96:19:f1:
37:6b:7e:dd:c3:ba:ab:29:01:f8:f7:d2:26:f4:8b:a1:81:50:
0d:3b:0d:0c:b7:63:e0:3c:45:6e:54:dc:fc:da:57:32:20:c7:
14:49:1d:0d:8d:5e:80:b5:ae:f5:54:e7:ed:d8:37:1f:04:27:
0f:91:e4:f9:36:37:0f:27:20:e7:13:f8:5c:14:39:40:01:04:
a9:5e:2a:01:49:0e:51:96:e1:c9:f0:e7:a6:2a:77:1b:51:1d:
09:40:03:70:4f:b1:84:59:86:4f:ed:bb:2d:8a:47:47:11:7e:
6f:12:60:c4:46:79:9e:88:67:23:4f:e0:bf:d5:ff:68:65:32:
15:ce:9f:b6:3b:08:c5:6a:da:a8:06:a6:b6:16:d2:09:e5:a7:
70:70:cd:80
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYVv+Wxq3wUVsIqGNAkCa0c9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNjE3ZDZiMDNlMmZlNWY4OTExY2JlYjVmYWUyZGNhM2Jk
NjY3N2YwHhcNMjMwMTAyMDA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQ2YjQzNWUyMTg2OWU5MGFkMDc4MTM2MmQ5MmRmOGZmNTMyNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0WNNu/K96TL8PgLzbKLigILQarK
HlO3VUCkuUptu5v9WswFPHFMsOTyQL5MOSwsHwaV+wbgJ3O5LdYERF7mFh8e3OvE
ZWrqE9WyMi9VAngPdRGXPriItVKt0+Wi7sq3KDsgp3O45QHiRJhaj3YHQTYkRhPK
pZaPocFWck5K6RUNLw3hvEiRbOm4NqNCoVRcNvWVjd3sYcXiHxs1cWo8mwRhfhPf
rTKjkM8Te6QJJOowfX4pN1qERbkltX8PJKfvGA564Qr0QlxhgJ9/p+NfBMJiJV/J
W7ElCYLIRiz3rfDx+6sU/da/SWTm31/zAwBAg0/pndxb7mL+MVvIDjuSGQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBHWtDXiGGnpCtB4E2LZLfj/Uya1MB8GA1UdIwQY
MBaAFE9hfWsD4v5fiRHL61+uLco71md/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDJGOWF3UGlfbC1KRWN2clg2NHR5anZXWjM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xYjEyNzItODNjMS00ODY0LTljZDMt
MDI3YzdmN2RjNmQ1LzEvRWRhME5lSVlhZWtLMEhnVFl0a3QtUDlUSnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xYjEyNzItODNjMS00ODY0LTljZDMtMDI3YzdmN2RjNmQ1
LzEvVDJGOWF3UGlfbC1KRWN2clg2NHR5anZXWjM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwMDAkADAwAl
+gMEBE3xgAMEBU6cwAMEB0+KgAMEBFD7wAMEB16/gAMDAF/RAwMCbTgDBAXUGwAw
DQQCAAIwBwMFAyoCCqAwDQYJKoZIhvcNAQELBQADggEBAF1tse6Bo1uN7cSn6YM0
/bajnMzaj8FaSDD8mtzQAjot8VU7eQp8VwWwaI9pt4wAwPiqBM2m0q/s/Q5q8vTe
Cf//+FkE9HU364QuEgcDAJ7uLpAHa+BJIJNsRWKPQYfQoemGR7j85v2e95YZ8Tdr
ft3DuqspAfj30ib0i6GBUA07DQy3Y+A8RW5U3PzaVzIgxxRJHQ2NXoC1rvVU5+3Y
Nx8EJw+R5Pk2Nw8nIOcT+FwUOUABBKleKgFJDlGW4cnw56YqdxtRHQlAA3BPsYRZ
hk/tuy2KR0cRfm8SYMRGeZ6IZyNP4L/V/2hlMhXOn7Y7CMVq2qgGprYW0gnlp3Bw
zYA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:40 2025 by rpki-client