Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/EysysXnjtKeh0ad1-t1o_kocAgw.roa
File: EysysXnjtKeh0ad1-t1o_kocAgw.roa (raw, json)
Hash identifier: yvhi4pRpvkMvyGSNsqql1+1iZ/i1okxZ4/5AdSNAH7k=
Subject key identifier: 13:2B:32:B1:79:E3:B4:A7:A1:D1:A7:75:FA:DD:68:FE:4A:1C:02:0C
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01853894263B66CFF61A7764F9D594195E6F
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/EysysXnjtKeh0ad1-t1o_kocAgw.roa
Signing time: Thu 22 Dec 2022 06:45:11 +0000
ROA not before: Thu 22 Dec 2022 06:45:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
188.130.254.0/24 maxlen: 24
188.130.155.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:38:94:26:3b:66:cf:f6:1a:77:64:f9:d5:94:19:5e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 22 06:45:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=132b32b179e3b4a7a1d1a775fadd68fe4a1c020c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b5:9c:04:af:c5:bd:8e:cb:80:13:6a:2a:d9:
23:4d:b5:55:48:b3:75:30:18:da:54:04:80:35:a4:
fc:b8:35:f8:de:14:21:b5:f0:47:4c:fa:55:fd:83:
f7:7d:1c:f5:31:60:41:c4:03:ab:8e:02:db:fc:0f:
9d:12:26:04:1f:9a:fd:97:4f:5b:bf:09:ae:9a:6e:
b9:6c:e5:65:f6:81:1b:9b:96:3e:e2:a2:4e:1a:14:
03:ad:4a:df:67:e3:88:c3:eb:3e:75:76:9a:31:96:
52:60:48:1c:3a:44:9d:04:6c:ed:89:02:b9:06:12:
56:5e:1d:7d:65:1f:e5:15:13:d0:49:a5:c7:c8:6b:
6f:56:32:92:a2:83:68:8c:01:d5:21:3f:2b:53:cc:
aa:ee:f6:9a:4b:d9:ab:d9:a9:9d:76:4d:ad:4f:f8:
29:ff:ca:84:30:de:81:1c:11:95:85:f2:e0:b9:44:
42:f1:f5:c1:f0:93:a0:1a:6b:f9:90:77:b7:e8:5f:
50:6c:41:26:39:78:d6:24:7e:61:3f:d6:8a:20:a2:
0c:12:68:de:9a:d8:2e:04:f8:b0:88:aa:07:b1:34:
f6:be:66:40:89:33:cf:7e:02:5a:49:1b:de:78:33:
a9:c3:8d:9f:c1:07:aa:89:a3:d1:d6:2a:1d:1d:2b:
b2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:2B:32:B1:79:E3:B4:A7:A1:D1:A7:75:FA:DD:68:FE:4A:1C:02:0C
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/EysysXnjtKeh0ad1-t1o_kocAgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.155.0/24
188.130.182.0/24
188.130.254.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
7e:08:54:e1:df:37:05:34:2f:46:d3:7e:47:94:aa:23:31:ce:
23:84:24:c8:8d:49:30:1f:8a:f5:12:a9:aa:96:31:de:e0:81:
61:b7:d3:55:be:24:3d:93:03:fb:4e:4b:eb:4e:92:e4:60:9d:
18:42:cb:68:5c:cb:ad:d7:ed:ff:34:9c:85:32:46:af:e0:a0:
85:cc:c2:50:ea:21:7f:55:31:7a:d4:63:f4:5c:e4:85:f3:6d:
a2:7b:6a:11:9d:dd:72:a5:3d:99:51:64:e7:50:61:09:24:6c:
1e:a9:8c:d1:22:3b:7e:77:60:7c:1d:1b:1a:db:6c:12:6d:97:
c4:9d:b9:c9:11:77:5f:03:23:93:4e:e8:21:8b:36:2a:86:df:
ef:7c:de:c6:40:fd:e4:6d:46:75:f7:e4:34:32:39:2a:73:ba:
54:92:f7:e3:32:24:26:09:64:3e:6c:b9:55:9a:59:6b:7b:85:
69:95:63:5e:3c:03:1f:5b:d6:99:ca:a0:be:5c:67:3d:e5:13:
2c:0c:2a:9f:63:56:23:ee:a5:d5:2d:e3:c7:ff:e3:dd:82:21:
fc:fe:f9:7d:a5:4e:ec:c7:27:dc:85:a5:bb:86:b0:59:9c:cf:
a1:ae:fb:a4:30:49:a9:4d:57:1c:5d:9c:b7:27:1e:62:c4:1c:
bc:f7:73:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYU4lCY7Zs/2Gndk+dWUGV5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIxMjIyMDY0NTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzJiMzJiMTc5ZTNiNGE3YTFkMWE3NzVmYWRkNjhmZTRhMWMwMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrWcBK/FvY7LgBNqKtkjTbVVSLN1
MBjaVASANaT8uDX43hQhtfBHTPpV/YP3fRz1MWBBxAOrjgLb/A+dEiYEH5r9l09b
vwmumm65bOVl9oEbm5Y+4qJOGhQDrUrfZ+OIw+s+dXaaMZZSYEgcOkSdBGztiQK5
BhJWXh19ZR/lFRPQSaXHyGtvVjKSooNojAHVIT8rU8yq7vaaS9mr2amddk2tT/gp
/8qEMN6BHBGVhfLguURC8fXB8JOgGmv5kHe36F9QbEEmOXjWJH5hP9aKIKIMEmje
mtguBPiwiKoHsTT2vmZAiTPPfgJaSRveeDOpw42fwQeqiaPR1iodHSuyvwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBMrMrF547SnodGndfrdaP5KHAIMMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvRXlzeXNYbmp0S2VoMGFkMS10MW9fa29jQWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAvIKbAwQA
vIK2AwQAvIL+AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQB+CFTh3zcFNC9G035HlKojMc4jhCTIjUkwH4r1EqmqljHe4IFht9NVviQ9kwP7
TkvrTpLkYJ0YQstoXMut1+3/NJyFMkav4KCFzMJQ6iF/VTF61GP0XOSF822ie2oR
nd1ypT2ZUWTnUGEJJGweqYzRIjt+d2B8HRsa22wSbZfEnbnJEXdfAyOTTughizYq
ht/vfN7GQP3kbUZ19+Q0Mjkqc7pUkvfjMiQmCWQ+bLlVmllre4VplWNePAMfW9aZ
yqC+XGc95RMsDCqfY1Yj7qXVLePH/+PdgiH8/vl9pU7sxyfchaW7hrBZnM+hrvuk
MEmpTVccXZy3Jx5ixBy893Od
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:10 2023 by rpki-client on console-fra.rpki-client.org