Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/E0lMNh95V9_qMI7tbtSAAb-nipQ.roa
File: E0lMNh95V9_qMI7tbtSAAb-nipQ.roa (raw, json)
Hash identifier: WVx8xVAwr7wSHIjRqPuYkbtyHYE/vxnCI+1y7wrS2f0=
Subject key identifier: 13:49:4C:36:1F:79:57:DF:EA:30:8E:ED:6E:D4:80:01:BF:A7:8A:94
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01844404678AF4A25BCEC3F925348BE26A36
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/E0lMNh95V9_qMI7tbtSAAb-nipQ.roa
Signing time: Fri 04 Nov 2022 19:00:50 +0000
ROA not before: Fri 04 Nov 2022 19:00:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209087
IP address blocks: 179.189.212.0/22 maxlen: 22
185.227.92.0/22 maxlen: 22
85.8.136.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:44:04:67:8a:f4:a2:5b:ce:c3:f9:25:34:8b:e2:6a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Nov 4 19:00:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13494c361f7957dfea308eed6ed48001bfa78a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5b:91:4d:9d:5e:40:36:74:0a:d5:3e:8f:42:
34:18:38:e2:42:e1:37:bf:90:c3:66:2f:4b:6e:f3:
2e:81:42:bc:17:0c:30:4b:ac:43:1f:49:72:70:6e:
5d:c4:14:dc:48:a6:be:fc:e8:3c:6b:59:8e:a9:51:
fd:5b:d7:da:59:7c:90:d7:45:82:ca:df:62:f4:4d:
3c:5f:66:a4:d4:9c:30:e8:7a:ac:21:83:72:6d:93:
cd:57:94:3e:be:49:6b:23:ad:ee:0a:ce:79:ad:c0:
7e:51:24:1e:f2:81:6b:bb:76:70:a7:f2:6b:c1:3e:
35:93:5b:84:22:a8:5e:ed:6f:de:ee:7e:d9:e4:e8:
65:30:7c:26:f3:44:7f:3a:2d:d4:85:4b:27:df:6a:
44:2c:5f:88:67:f2:16:25:66:94:e5:45:d1:63:00:
b5:46:2c:b6:cb:76:7f:65:d8:32:19:83:67:19:2e:
08:e0:58:a7:99:8a:7e:e2:e5:99:71:ea:b1:d7:ca:
99:c2:d0:f5:23:83:b1:e0:d4:d0:43:f8:8d:2f:8c:
60:de:b6:ec:48:8e:0b:92:b2:b7:ca:0d:c7:e0:2c:
46:51:c4:1b:d0:32:54:0f:47:50:28:6c:07:cf:f7:
d1:f9:7c:19:41:8a:8d:65:f0:7d:2c:dc:61:94:d7:
60:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:49:4C:36:1F:79:57:DF:EA:30:8E:ED:6E:D4:80:01:BF:A7:8A:94
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/E0lMNh95V9_qMI7tbtSAAb-nipQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.136.0/22
179.189.212.0/22
185.227.92.0/22
Signature Algorithm: sha256WithRSAEncryption
04:90:7b:65:09:27:13:59:a3:78:d0:3c:93:5d:e8:f7:43:09:
a2:65:c0:21:2a:c0:47:5e:3a:fb:aa:da:45:20:e9:f2:80:e4:
42:ea:0a:d8:ad:03:68:1c:ed:18:1f:95:4f:f4:f6:7e:e4:ae:
52:93:ff:5f:08:27:9d:b8:5f:65:6a:86:8d:0c:8a:90:5e:b6:
d3:f9:cf:d0:81:35:75:60:1d:46:7e:98:8d:59:00:2e:c0:bb:
16:31:63:f8:c9:ba:b0:13:10:a7:6e:fa:54:ac:87:bd:f9:d5:
e1:6d:57:e2:75:40:a0:00:fd:50:df:81:9d:ab:d3:1a:a7:3c:
01:0e:d9:c5:3d:46:39:d9:f9:b1:2f:e8:d2:a7:cd:49:e8:29:
02:ff:ee:a6:15:11:6c:8e:42:90:bc:98:fb:75:04:d0:76:c1:
e8:6e:ed:ea:80:ed:49:86:33:ce:d3:7f:7b:c0:e6:91:40:4f:
3e:fb:c8:81:52:d8:f8:7e:06:ed:52:2a:bc:ba:ea:b4:09:23:
4a:5f:88:c8:0d:59:49:fb:b7:3a:f8:de:7d:3b:2d:28:43:b3:
bf:d4:a3:48:c8:0b:1c:a2:95:dc:03:ad:ed:3c:a2:ad:37:54:
70:c2:76:71:dc:e0:fc:c1:9b:f1:c2:41:94:97:de:31:9d:97:
42:16:ce:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYREBGeK9KJbzsP5JTSL4mo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjIxMTA0MTkwMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQ5NGMzNjFmNzk1N2RmZWEzMDhlZWQ2ZWQ0ODAwMWJmYTc4YTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVuRTZ1eQDZ0CtU+j0I0GDjiQuE3
v5DDZi9LbvMugUK8FwwwS6xDH0lycG5dxBTcSKa+/Og8a1mOqVH9W9faWXyQ10WC
yt9i9E08X2ak1Jww6HqsIYNybZPNV5Q+vklrI63uCs55rcB+USQe8oFru3Zwp/Jr
wT41k1uEIqhe7W/e7n7Z5OhlMHwm80R/Oi3UhUsn32pELF+IZ/IWJWaU5UXRYwC1
Riy2y3Z/ZdgyGYNnGS4I4FinmYp+4uWZceqx18qZwtD1I4Ox4NTQQ/iNL4xg3rbs
SI4LkrK3yg3H4CxGUcQb0DJUD0dQKGwHz/fR+XwZQYqNZfB9LNxhlNdgpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBNJTDYfeVff6jCO7W7UgAG/p4qUMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvRTBsTU5oOTVWOV9xTUk3dGJ0U0FBYi1uaXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVQiIAwQC
s73UAwQCueNcMA0GCSqGSIb3DQEBCwUAA4IBAQAEkHtlCScTWaN40DyTXej3Qwmi
ZcAhKsBHXjr7qtpFIOnygORC6grYrQNoHO0YH5VP9PZ+5K5Sk/9fCCeduF9laoaN
DIqQXrbT+c/QgTV1YB1GfpiNWQAuwLsWMWP4ybqwExCnbvpUrIe9+dXhbVfidUCg
AP1Q34Gdq9MapzwBDtnFPUY52fmxL+jSp81J6CkC/+6mFRFsjkKQvJj7dQTQdsHo
bu3qgO1JhjPO0397wOaRQE8++8iBUtj4fgbtUiq8uuq0CSNKX4jIDVlJ+7c6+N59
Oy0oQ7O/1KNIyAscopXcA63tPKKtN1RwwnZx3OD8wZvxwkGUl94xnZdCFs6l
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:49 2023 by rpki-client on console-fra.rpki-client.org