Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/eEWR_YGUkpQrMYzX2T6uTeFRXos.roa
File: eEWR_YGUkpQrMYzX2T6uTeFRXos.roa (raw, json)
Hash identifier: FIVq4AosYlKwqWPXPV5pTXWg94oAZnUidFtwZi7idds=
Subject key identifier: 78:45:91:FD:81:94:92:94:2B:31:8C:D7:D9:3E:AE:4D:E1:51:5E:8B
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1B3D134F
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/eEWR_YGUkpQrMYzX2T6uTeFRXos.roa
Signing time: Fri 18 Feb 2022 11:31:46 +0000
ROA not before: Fri 18 Feb 2022 11:31:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34418
IP address blocks: 176.236.215.0/24 maxlen: 24
85.153.154.0/24 maxlen: 24
85.153.153.0/24 maxlen: 24
212.252.211.0/24 maxlen: 24
212.252.208.0/23 maxlen: 23
212.252.210.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 456987471 (0x1b3d134f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Feb 18 11:31:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=784591fd819492942b318cd7d93eae4de1515e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:93:80:9b:64:2a:0c:77:fd:b8:e1:42:a6:21:
30:8b:15:a7:2c:25:e4:ce:c6:5b:64:54:8e:10:5d:
f0:c7:7f:57:22:d7:f5:ce:0c:62:8b:f5:7f:53:11:
7a:a9:ac:0c:3f:bb:47:24:31:50:e4:e5:96:cf:f5:
bb:4b:cc:f0:86:6c:0e:42:5e:99:96:3f:7c:d5:42:
78:29:07:9a:f0:ba:5d:ac:32:df:91:63:47:08:04:
6f:ea:ab:45:f8:53:86:d1:a4:49:98:15:a8:61:89:
df:67:db:c7:22:2a:2a:9b:c1:6d:77:f3:e5:1f:ce:
da:3e:d4:d8:a8:ed:bf:1a:36:e2:25:a4:f5:c6:78:
65:2d:d9:2f:ea:65:1c:0d:5d:f0:63:96:54:68:e3:
e1:ae:ad:8b:9e:b2:7b:a7:3d:23:94:f2:6a:1a:84:
8a:61:af:8a:76:45:73:f8:21:2f:8a:23:83:60:81:
fe:67:79:c3:1f:88:3a:9c:5a:79:e5:17:46:84:fb:
dc:92:c8:55:f1:a7:8e:d4:ff:84:d5:99:b5:03:48:
68:70:19:62:58:17:48:cd:af:41:14:23:cf:11:ef:
b4:6e:e1:b4:f0:00:6e:a0:e7:fd:1d:83:ff:ac:75:
9a:04:76:3c:60:b8:0c:dd:3a:ec:d8:95:0b:35:fe:
74:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:45:91:FD:81:94:92:94:2B:31:8C:D7:D9:3E:AE:4D:E1:51:5E:8B
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/eEWR_YGUkpQrMYzX2T6uTeFRXos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.153.0-85.153.154.255
176.236.215.0/24
212.252.208.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:84:df:d0:8b:f7:86:2a:17:3f:29:50:d3:1b:cf:a9:d2:29:
51:f2:94:0c:89:f0:86:bf:51:27:ba:61:e4:12:82:93:c5:06:
06:9d:89:64:c1:55:44:00:c4:3b:a1:15:ad:3f:33:b7:b8:0e:
6f:1e:52:72:6f:1d:be:21:44:9a:05:ce:d7:91:bd:47:1f:c2:
96:c8:e3:b9:e8:f4:5a:cd:02:c6:16:cd:22:7b:4e:d5:e7:84:
a9:b0:d8:2d:80:70:7f:77:4b:46:84:15:ef:0f:19:eb:8c:1b:
dc:0a:a0:33:8e:ce:0e:4d:e8:45:3d:16:e1:83:0b:c0:8c:44:
a6:53:0b:de:b8:f8:05:d7:fc:53:ee:2b:c4:95:97:d6:6d:2a:
90:d2:13:b1:70:5e:88:47:9d:f1:8d:82:7f:d3:f8:40:2c:83:
90:73:cc:20:ec:52:a0:2a:b6:cc:12:22:2b:0f:ea:f9:6a:a4:
23:cf:98:08:80:33:28:1f:67:ce:b5:4b:dc:d4:fc:84:75:2d:
4a:c3:28:41:8a:6f:ba:50:aa:5f:35:8d:38:eb:ad:26:61:6c:
77:c1:6f:9c:55:24:05:9a:91:24:59:21:2b:5f:a7:d2:51:d3:
d8:64:7c:6f:e9:6b:37:17:b7:82:00:f5:5a:fb:bf:b6:d5:3a:
c1:76:d5:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEGz0TTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDIx
ODExMzE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg0NTkxZmQ4MTk0
OTI5NDJiMzE4Y2Q3ZDkzZWFlNGRlMTUxNWU4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuTgJtkKgx3/bjhQqYhMIsVpywl5M7GW2RUjhBd8Md/VyLX
9c4MYov1f1MReqmsDD+7RyQxUOTlls/1u0vM8IZsDkJemZY/fNVCeCkHmvC6Xawy
35FjRwgEb+qrRfhThtGkSZgVqGGJ32fbxyIqKpvBbXfz5R/O2j7U2Kjtvxo24iWk
9cZ4ZS3ZL+plHA1d8GOWVGjj4a6ti56ye6c9I5TyahqEimGvinZFc/ghL4ojg2CB
/md5wx+IOpxaeeUXRoT73JLIVfGnjtT/hNWZtQNIaHAZYlgXSM2vQRQjzxHvtG7h
tPAAbqDn/R2D/6x1mgR2PGC4DN067NiVCzX+dCECAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR4RZH9gZSSlCsxjNfZPq5N4VFeizAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L2VFV1JfWUdVa3BRck1ZelgyVDZ1VGVGUlhvcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQAVZmZAwQAVZmaAwQAsOzXAwQC
1PzQMA0GCSqGSIb3DQEBCwUAA4IBAQBfhN/Qi/eGKhc/KVDTG8+p0ilR8pQMifCG
v1EnumHkEoKTxQYGnYlkwVVEAMQ7oRWtPzO3uA5vHlJybx2+IUSaBc7Xkb1HH8KW
yOO56PRazQLGFs0ie07V54SpsNgtgHB/d0tGhBXvDxnrjBvcCqAzjs4OTehFPRbh
gwvAjESmUwveuPgF1/xT7ivElZfWbSqQ0hOxcF6IR53xjYJ/0/hALIOQc8wg7FKg
KrbMEiIrD+r5aqQjz5gIgDMoH2fOtUvc1PyEdS1KwyhBim+6UKpfNY04660mYWx3
wW+cVSQFmpEkWSErX6fSUdPYZHxv6Ws3F7eCAPVa+7+21TrBdtWv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org