Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/eQlvY5n5gEWoUTnq-cP326T3_m0.roa
File: eQlvY5n5gEWoUTnq-cP326T3_m0.roa (raw, json)
Hash identifier: Lcf4tMgKfg+mKmNQgPZxSfs3NWqLZZQQNvImOux5Zys=
Subject key identifier: 79:09:6F:63:99:F9:80:45:A8:51:39:EA:F9:C3:F7:DB:A4:F7:FE:6D
Certificate issuer: /CN=0d0874b333e35df14fd970e189581da093bc8093
Certificate serial: 01840A04CCB912EFA6FB652573E1629F77D4
Authority key identifier: 0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/eQlvY5n5gEWoUTnq-cP326T3_m0.roa
Signing time: Mon 24 Oct 2022 12:43:17 +0000
ROA not before: Mon 24 Oct 2022 12:43:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199496
IP address blocks: 185.13.76.0/22 maxlen: 32
95.129.248.0/21 maxlen: 32
185.65.156.0/22 maxlen: 32
185.249.76.0/22 maxlen: 32
185.235.220.0/22 maxlen: 32
185.165.252.0/22 maxlen: 32
2a00:83e0::/32 maxlen: 64
2a02:f4c0::/29 maxlen: 64
2a09:d00::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:04:cc:b9:12:ef:a6:fb:65:25:73:e1:62:9f:77:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d0874b333e35df14fd970e189581da093bc8093
Validity
Not Before: Oct 24 12:43:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79096f6399f98045a85139eaf9c3f7dba4f7fe6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c1:ec:7a:e0:db:ca:6d:d6:96:15:60:d0:e4:
f8:13:48:dd:e5:04:e6:a2:68:ca:5e:8c:3b:19:ef:
fb:7d:1f:2c:8f:3f:2c:9b:ae:9d:5a:2b:e0:3d:ad:
17:24:e7:b4:40:d5:13:c1:ea:f7:0f:42:d0:5d:73:
73:18:84:20:a2:fc:64:85:34:c2:e9:38:c8:6d:b6:
00:e7:4a:f0:3a:a4:7d:b7:95:b9:04:4d:3f:d4:31:
78:86:bf:2f:38:bf:fe:38:6a:31:84:9b:8c:a5:f3:
66:74:b1:38:50:e6:36:a3:2e:c5:1a:4e:a3:1a:88:
a9:44:86:9c:b9:90:12:7d:bb:df:1d:fc:95:c5:52:
52:aa:ef:b4:44:42:78:88:42:aa:32:74:6d:1e:6d:
5e:0a:2d:8d:45:1e:41:b9:27:fa:33:64:36:c6:0c:
ca:d7:ac:f6:5b:88:7e:53:35:dc:fc:9e:82:2b:ef:
9f:5f:0f:a5:d8:73:97:89:9f:d2:fa:a7:97:4c:7e:
50:3b:7d:78:55:ff:a0:31:d3:52:1b:80:35:81:33:
da:0d:4a:08:94:9c:c4:58:08:97:ef:b5:2b:d0:45:
e8:7b:33:8d:30:d2:1a:68:e4:2d:71:a0:dd:4d:81:
45:10:0e:54:b0:a4:d7:12:0c:7e:b8:8c:74:12:a8:
c4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:09:6F:63:99:F9:80:45:A8:51:39:EA:F9:C3:F7:DB:A4:F7:FE:6D
X509v3 Authority Key Identifier:
keyid:0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/eQlvY5n5gEWoUTnq-cP326T3_m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.248.0/21
185.13.76.0/22
185.65.156.0/22
185.165.252.0/22
185.235.220.0/22
185.249.76.0/22
IPv6:
2a00:83e0::/32
2a02:f4c0::/29
2a09:d00::/29
Signature Algorithm: sha256WithRSAEncryption
62:ed:b7:2e:df:49:fc:4c:2e:d1:d8:4f:22:8e:a0:8c:3d:57:
4f:a8:db:c3:d3:87:c1:a2:09:72:63:12:43:49:c5:95:f4:0e:
79:48:d3:86:b2:28:3e:14:6e:ec:c3:e0:f4:6b:01:91:33:ee:
8d:e1:72:51:b4:e8:f3:42:a4:36:dc:8d:40:6a:6c:df:3f:d7:
00:59:c4:f9:d7:8d:3d:e7:72:ba:18:25:4a:8f:4c:97:45:bc:
84:4c:e4:c1:f6:a1:40:a4:e6:ee:59:71:58:3f:61:03:9a:15:
c6:71:fa:82:10:77:3f:8a:8d:c0:a3:5b:b5:3a:cf:9e:9a:9d:
c7:be:c7:7e:eb:0b:93:5a:26:8b:2a:38:6c:d2:90:c9:82:9e:
5d:41:7c:7d:3c:38:98:85:62:64:7e:a9:fd:13:01:3e:9f:7e:
1b:cc:50:c5:db:f5:2c:8f:48:1f:06:91:82:7a:d6:06:12:eb:
df:dd:52:9e:c8:89:14:1f:1b:e5:8f:f6:75:c1:33:a8:34:62:
a5:49:97:49:1c:81:eb:fd:bb:08:8b:a3:69:7d:4b:c3:e2:85:
41:36:fa:6e:d4:96:ee:26:f4:84:58:e6:54:27:41:c5:1d:79:
d8:7f:4e:4b:1e:bc:44:05:89:5a:a5:95:92:64:bc:8d:d7:96:
95:11:e0:2b
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYQKBMy5Eu+m+2Ulc+Fin3fUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDg3NGIzMzNlMzVkZjE0ZmQ5NzBlMTg5NTgxZGEwOTNi
YzgwOTMwHhcNMjIxMDI0MTI0MzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTA5NmY2Mzk5Zjk4MDQ1YTg1MTM5ZWFmOWMzZjdkYmE0ZjdmZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcHseuDbym3WlhVg0OT4E0jd5QTm
omjKXow7Ge/7fR8sjz8sm66dWivgPa0XJOe0QNUTwer3D0LQXXNzGIQgovxkhTTC
6TjIbbYA50rwOqR9t5W5BE0/1DF4hr8vOL/+OGoxhJuMpfNmdLE4UOY2oy7FGk6j
GoipRIacuZASfbvfHfyVxVJSqu+0REJ4iEKqMnRtHm1eCi2NRR5BuSf6M2Q2xgzK
16z2W4h+UzXc/J6CK++fXw+l2HOXiZ/S+qeXTH5QO314Vf+gMdNSG4A1gTPaDUoI
lJzEWAiX77Ur0EXoezONMNIaaOQtcaDdTYFFEA5UsKTXEgx+uIx0EqjE2wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFHkJb2OZ+YBFqFE56vnD99uk9/5tMB8GA1UdIwQY
MBaAFA0IdLMz413xT9lw4YlYHaCTvICTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUt
MzE4MWRiOTExYTEzLzEvZVFsdlk1bjVnRVdvVVRucS1jUDMyNlQzX20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUtMzE4MWRiOTExYTEz
LzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDX4H4AwQC
uQ1MAwQCuUGcAwQCuaX8AwQCuevcAwQCuflMMBsEAgACMBUDBQAqAIPgAwUDKgL0
wAMFAyoJDQAwDQYJKoZIhvcNAQELBQADggEBAGLtty7fSfxMLtHYTyKOoIw9V0+o
28PTh8GiCXJjEkNJxZX0DnlI04ayKD4UbuzD4PRrAZEz7o3hclG06PNCpDbcjUBq
bN8/1wBZxPnXjT3ncroYJUqPTJdFvIRM5MH2oUCk5u5ZcVg/YQOaFcZx+oIQdz+K
jcCjW7U6z56ance+x37rC5NaJosqOGzSkMmCnl1BfH08OJiFYmR+qf0TAT6ffhvM
UMXb9SyPSB8GkYJ61gYS69/dUp7IiRQfG+WP9nXBM6g0YqVJl0kcgev9uwiLo2l9
S8PihUE2+m7Ulu4m9IRY5lQnQcUdedh/TksevEQFiVqllZJkvI3XlpUR4Cs=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:03 2023 by rpki-client on console-ams.rpki-client.org