Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/eG7oBghP5K6ZlnT_8TI8H988WLg.roa
File: eG7oBghP5K6ZlnT_8TI8H988WLg.roa (raw, json)
Hash identifier: hG6Q15kQxST6uEAiywWECnp478/htoqLg/ZX+IlLOgQ=
Subject key identifier: 78:6E:E8:06:08:4F:E4:AE:99:96:74:FF:F1:32:3C:1F:DF:3C:58:B8
Certificate issuer: /CN=e842a46658c1d01bac8d43961c6b49e788e3ccc3
Certificate serial: 09D25D8F
Authority key identifier: E8:42:A4:66:58:C1:D0:1B:AC:8D:43:96:1C:6B:49:E7:88:E3:CC:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EKkZljB0BusjUOWHGtJ54jjzMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/eG7oBghP5K6ZlnT_8TI8H988WLg.roa
Signing time: Sat 01 Jan 2022 07:58:54 +0000
ROA not before: Sat 01 Jan 2022 07:58:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200148
IP address blocks: 185.52.112.0/22 maxlen: 24
185.53.192.0/22 maxlen: 24
5.180.236.0/22 maxlen: 24
185.36.128.0/22 maxlen: 24
185.138.216.0/22 maxlen: 24
185.127.36.0/22 maxlen: 24
194.55.148.0/22 maxlen: 24
188.94.80.0/22 maxlen: 24
185.100.176.0/22 maxlen: 24
2.59.16.0/22 maxlen: 24
185.251.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164781455 (0x9d25d8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e842a46658c1d01bac8d43961c6b49e788e3ccc3
Validity
Not Before: Jan 1 07:58:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=786ee806084fe4ae999674fff1323c1fdf3c58b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:26:b3:61:c6:9b:6f:d2:38:d8:f8:95:cb:32:
c6:1c:0d:d0:23:97:5f:8e:b7:89:a4:da:9d:58:75:
b5:94:82:c6:48:6a:a9:41:f5:d8:f1:49:46:39:6b:
e8:b2:ce:8d:d3:4d:1d:8c:76:ff:7c:5c:33:fd:f1:
18:ef:cf:f9:f8:e2:fc:a0:21:b1:9f:2d:42:a6:eb:
51:f3:4e:f2:90:d1:24:b9:6b:73:0f:d1:2c:9c:65:
0b:9c:ea:f5:1b:95:f8:22:bd:76:5a:8c:39:9c:3d:
aa:75:d7:f6:a2:91:b8:f5:93:9a:98:74:ed:20:42:
cf:69:9b:34:72:e0:fa:4c:df:bb:3b:70:c7:3a:66:
f2:10:7e:b0:24:4b:90:a9:ac:d4:d7:0e:39:33:55:
0f:32:af:5c:8b:0a:81:ba:be:e6:91:22:42:11:c1:
a5:14:77:41:62:f3:53:8a:e0:cf:fb:b4:96:a8:7c:
21:ff:89:a7:fa:b5:af:cc:89:1e:1f:b5:f2:d2:45:
e8:ce:7d:94:79:1c:e5:4b:ce:3b:0b:ba:a8:bd:70:
a1:75:5e:ba:84:be:68:4f:8b:de:dd:c8:f0:3e:ea:
08:03:b9:1d:f7:79:c3:3f:f7:97:a3:a8:e3:1e:6c:
b4:92:a8:37:db:75:42:36:05:c6:ae:75:78:a8:ab:
36:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:6E:E8:06:08:4F:E4:AE:99:96:74:FF:F1:32:3C:1F:DF:3C:58:B8
X509v3 Authority Key Identifier:
keyid:E8:42:A4:66:58:C1:D0:1B:AC:8D:43:96:1C:6B:49:E7:88:E3:CC:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EKkZljB0BusjUOWHGtJ54jjzMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/eG7oBghP5K6ZlnT_8TI8H988WLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/6EKkZljB0BusjUOWHGtJ54jjzMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.16.0/22
5.180.236.0/22
185.36.128.0/22
185.52.112.0/22
185.53.192.0/22
185.100.176.0/22
185.127.36.0/22
185.138.216.0/22
185.251.136.0/22
188.94.80.0/22
194.55.148.0/22
Signature Algorithm: sha256WithRSAEncryption
17:96:80:d2:e3:c8:11:46:f0:1f:38:08:2d:c3:f9:4a:29:34:
84:b1:32:b3:41:3e:36:fc:a6:36:2e:a0:18:29:1c:98:e5:0c:
d7:b0:25:e4:61:d9:fa:9c:36:7f:fa:a9:02:d6:8e:97:0e:17:
56:47:2f:dd:db:ee:26:19:4f:64:c8:87:c5:d1:f7:cf:9f:86:
77:83:f2:eb:66:f5:20:5e:c1:4b:62:1a:7d:c9:a2:9b:5a:91:
2c:d2:e6:08:99:e9:4c:8f:49:68:cc:85:8a:1b:77:df:e6:0f:
32:7e:56:d2:94:00:8f:e3:5d:c2:7c:c4:b2:05:d3:72:e2:cd:
a7:ea:b9:ca:40:0a:6d:83:6d:74:a2:7e:b8:b4:4c:ab:95:e1:
f9:52:66:3e:ec:1d:7a:63:12:83:ef:d9:a2:55:56:eb:11:ee:
1b:c1:3d:3d:d4:2a:76:3c:e8:a2:24:4d:68:f0:df:f4:02:a6:
38:a4:5a:05:cd:94:cb:10:d9:b1:a1:c2:34:4d:47:c7:c1:8f:
7b:d1:46:8d:f6:ee:07:f1:5d:f5:98:fd:11:4c:94:c8:f2:c6:
cb:11:cb:51:20:d3:96:93:ff:02:c8:ea:61:cb:80:1d:d2:81:
43:92:25:5a:79:95:1c:d7:e4:6c:b9:3d:09:14:8c:76:ed:c9:
6b:3c:3d:96
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIECdJdjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQyYTQ2NjU4YzFkMDFiYWM4ZDQzOTYxYzZiNDllNzg4ZTNjY2MzMB4XDTIyMDEw
MTA3NTg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg2ZWU4MDYwODRm
ZTRhZTk5OTY3NGZmZjEzMjNjMWZkZjNjNThiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsms2HGm2/SONj4lcsyxhwN0COXX463iaTanVh1tZSCxkhq
qUH12PFJRjlr6LLOjdNNHYx2/3xcM/3xGO/P+fji/KAhsZ8tQqbrUfNO8pDRJLlr
cw/RLJxlC5zq9RuV+CK9dlqMOZw9qnXX9qKRuPWTmph07SBCz2mbNHLg+kzfuztw
xzpm8hB+sCRLkKms1NcOOTNVDzKvXIsKgbq+5pEiQhHBpRR3QWLzU4rgz/u0lqh8
If+Jp/q1r8yJHh+18tJF6M59lHkc5UvOOwu6qL1woXVeuoS+aE+L3t3I8D7qCAO5
Hfd5wz/3l6Oo4x5stJKoN9t1QjYFxq51eKirNisCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBR4bugGCE/krpmWdP/xMjwf3zxYuDAfBgNVHSMEGDAWgBToQqRmWMHQG6yN
Q5Yca0nniOPMwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFS2tabGpCMEJ1c2pVT1dIR3RKNTRqanpNTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvY2QwOTJlLTZiZWItNDAzNy04YTVhLWZhZThkNDJhZTVlNS8x
L2VHN29CZ2hQNUs2WmxuVF84VEk4SDk4OFdMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
Y2QwOTJlLTZiZWItNDAzNy04YTVhLWZhZThkNDJhZTVlNS8xLzZFS2tabGpCMEJ1
c2pVT1dIR3RKNTRqanpNTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAgI7EAMEAgW07AMEArkkgAMEArk0
cAMEArk1wAMEArlksAMEArl/JAMEArmK2AMEArn7iAMEArxeUAMEAsI3lDANBgkq
hkiG9w0BAQsFAAOCAQEAF5aA0uPIEUbwHzgILcP5Sik0hLEys0E+NvymNi6gGCkc
mOUM17Al5GHZ+pw2f/qpAtaOlw4XVkcv3dvuJhlPZMiHxdH3z5+Gd4Py62b1IF7B
S2Iafcmim1qRLNLmCJnpTI9JaMyFiht33+YPMn5W0pQAj+NdwnzEsgXTcuLNp+q5
ykAKbYNtdKJ+uLRMq5Xh+VJmPuwdemMSg+/ZolVW6xHuG8E9PdQqdjzooiRNaPDf
9AKmOKRaBc2UyxDZsaHCNE1Hx8GPe9FGjfbuB/Fd9Zj9EUyUyPLGyxHLUSDTlpP/
AsjqYcuAHdKBQ5IlWnmVHNfkbLk9CRSMdu3Jazw9lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:19 2024 by rpki-client on console-fra.rpki-client.org