Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/ePSnPH2aoJtWSSz0jvAvvOnvqKU.roa
File: ePSnPH2aoJtWSSz0jvAvvOnvqKU.roa (raw, json)
Hash identifier: kc+st0I02e38puEJL+zrD9S7WxvrTv5V+ZLZXbLAAig=
Subject key identifier: 78:F4:A7:3C:7D:9A:A0:9B:56:49:2C:F4:8E:F0:2F:BC:E9:EF:A8:A5
Certificate issuer: /CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Certificate serial: 01856C0146A97FC8C9FE3C7EAD1A243AC628
Authority key identifier: 26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/ePSnPH2aoJtWSSz0jvAvvOnvqKU.roa
Signing time: Sun 01 Jan 2023 06:25:01 +0000
ROA not before: Sun 01 Jan 2023 06:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34574
IP address blocks: 188.64.144.0/24 maxlen: 24
188.64.144.0/23 maxlen: 23
188.64.145.0/24 maxlen: 24
188.64.147.0/24 maxlen: 24
2a00:1120::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:46:a9:7f:c8:c9:fe:3c:7e:ad:1a:24:3a:c6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Validity
Not Before: Jan 1 06:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78f4a73c7d9aa09b56492cf48ef02fbce9efa8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:64:6a:fc:5e:77:61:29:e0:a8:18:e2:f4:08:
af:f6:1f:5b:ea:72:90:3c:5c:30:58:19:77:b8:7f:
a4:5a:3e:96:3b:86:46:d8:be:e4:63:9a:7f:3c:93:
a5:d6:2c:74:d1:b3:35:9f:35:1e:93:c1:ff:5a:08:
d5:95:82:ca:3a:14:a2:54:12:01:70:ce:0d:ab:09:
47:d8:7d:29:ea:70:fa:0e:6d:ed:23:08:81:04:71:
b3:88:b1:0d:23:07:c4:f0:64:ee:3b:0c:32:82:17:
f8:f4:97:04:4d:67:17:80:6d:70:0a:01:55:4d:a2:
fc:1a:7c:1b:32:f1:7f:19:ac:0f:09:6f:e5:a5:9c:
34:2e:b4:35:72:f4:8d:d9:c6:f8:b1:9a:95:b9:c1:
25:d9:95:f5:e6:bf:0a:57:38:c2:b5:6d:13:3c:d9:
29:47:b6:7f:14:1f:da:1d:5d:9e:38:98:93:22:12:
7e:b7:3f:c4:c5:c5:ff:12:5f:c0:aa:a9:a7:b2:5e:
14:7f:83:9b:47:59:a4:37:54:cc:e4:84:d4:38:a3:
2c:7e:2b:ef:15:60:d4:b8:82:cd:12:e9:cb:24:0b:
76:9c:b5:32:b1:f8:a7:19:cd:30:ce:ed:ef:8e:b1:
4c:3c:2a:31:67:f1:3c:ff:2b:ad:3c:44:34:85:86:
28:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F4:A7:3C:7D:9A:A0:9B:56:49:2C:F4:8E:F0:2F:BC:E9:EF:A8:A5
X509v3 Authority Key Identifier:
keyid:26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/ePSnPH2aoJtWSSz0jvAvvOnvqKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.144.0/23
188.64.147.0/24
IPv6:
2a00:1120::/32
Signature Algorithm: sha256WithRSAEncryption
64:f1:3e:eb:b0:b0:0a:73:f9:a5:b9:5a:e1:90:a4:f1:04:4c:
7b:50:60:f4:e0:b8:33:98:d6:28:5a:05:c8:2d:28:f9:77:23:
61:a9:19:6d:2d:e2:9e:ce:24:6e:63:5d:a5:5d:b4:26:ad:4a:
da:d3:fe:08:84:ad:25:a8:3f:29:e3:68:5f:77:e3:16:fc:99:
04:cc:82:1f:dc:da:2e:95:e8:6c:7e:2b:a6:7c:d6:7f:eb:e9:
53:40:cf:87:b7:87:7b:12:47:d2:bd:19:87:7f:3a:fc:c6:d5:
ef:61:22:22:ba:ed:ec:e4:cc:64:7e:37:88:55:2b:28:31:8f:
b2:b2:61:98:d7:9c:43:c5:2e:51:70:62:13:fa:25:0e:58:7c:
6b:44:1a:7e:76:eb:77:75:5f:b6:cc:0e:08:2b:4a:d4:16:ed:
55:96:b4:99:65:2d:07:e8:96:54:d5:ac:4a:d6:9d:03:a9:a1:
7d:9d:5d:8a:de:64:de:65:7f:aa:77:27:50:3e:d4:fd:0c:60:
f3:0d:19:2c:c5:69:85:48:06:b9:23:aa:63:f6:65:6a:93:95:
ba:e3:17:de:51:87:cb:58:d8:44:84:5e:91:e1:d6:63:b1:ac:
f9:c6:7e:c3:f2:2a:e0:a5:f9:44:e0:0f:06:8b:c9:c8:53:7b:
af:60:32:ca
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsAUapf8jJ/jx+rRokOsYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OWY0ZjcxNDNiNDA2NzgwNWNiYTlhNDBmNjM5NzMyZWU3
ZDQyZTUwHhcNMjMwMTAxMDYyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGY0YTczYzdkOWFhMDliNTY0OTJjZjQ4ZWYwMmZiY2U5ZWZhOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2Rq/F53YSngqBji9Aiv9h9b6nKQ
PFwwWBl3uH+kWj6WO4ZG2L7kY5p/PJOl1ix00bM1nzUek8H/WgjVlYLKOhSiVBIB
cM4NqwlH2H0p6nD6Dm3tIwiBBHGziLENIwfE8GTuOwwyghf49JcETWcXgG1wCgFV
TaL8GnwbMvF/GawPCW/lpZw0LrQ1cvSN2cb4sZqVucEl2ZX15r8KVzjCtW0TPNkp
R7Z/FB/aHV2eOJiTIhJ+tz/ExcX/El/Aqqmnsl4Uf4ObR1mkN1TM5ITUOKMsfivv
FWDUuILNEunLJAt2nLUysfinGc0wzu3vjrFMPCoxZ/E8/yutPEQ0hYYoKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHj0pzx9mqCbVkks9I7wL7zp76ilMB8GA1UdIwQY
MBaAFCafT3FDtAZ4BcuppA9jlzLufULlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnA5UGNVTzBCbmdGeTZta0QyT1hNdTU5UXVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jOTA4NjAtODEzOC00MzNjLWIyNGYt
OTJjNzgwY2EzMjYwLzEvZVBTblBIMmFvSnRXU1N6MGp2QXZ2T252cUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jOTA4NjAtODEzOC00MzNjLWIyNGYtOTJjNzgwY2EzMjYw
LzEvSnA5UGNVTzBCbmdGeTZta0QyT1hNdTU5UXVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBvECQAwQA
vECTMA0EAgACMAcDBQAqABEgMA0GCSqGSIb3DQEBCwUAA4IBAQBk8T7rsLAKc/ml
uVrhkKTxBEx7UGD04LgzmNYoWgXILSj5dyNhqRltLeKeziRuY12lXbQmrUra0/4I
hK0lqD8p42hfd+MW/JkEzIIf3NoulehsfiumfNZ/6+lTQM+Ht4d7EkfSvRmHfzr8
xtXvYSIiuu3s5MxkfjeIVSsoMY+ysmGY15xDxS5RcGIT+iUOWHxrRBp+dut3dV+2
zA4IK0rUFu1VlrSZZS0H6JZU1axK1p0DqaF9nV2K3mTeZX+qdydQPtT9DGDzDRks
xWmFSAa5I6pj9mVqk5W64xfeUYfLWNhEhF6R4dZjsaz5xn7D8irgpflE4A8Gi8nI
U3uvYDLK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:31 2025 by rpki-client