Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/7a9f0c-5888-4fd8-bd90-683384b19ea3/1/5EKiFTRksscO1U3HYhmIFNnn8OE.roa
File: 5EKiFTRksscO1U3HYhmIFNnn8OE.roa (raw, json)
Hash identifier: r98TfKaDlV/4v5CiY7CSIRmJhpNB5Q2R7DI6W6dWQ5Q=
Subject key identifier: E4:42:A2:15:34:64:B2:C7:0E:D5:4D:C7:62:19:88:14:D9:E7:F0:E1
Certificate issuer: /CN=a48a87c45d9720464905b6a6b0933f7c3951192d
Certificate serial: 0181F2B978645EA346F76A9E11EE46FA6A8C
Authority key identifier: A4:8A:87:C4:5D:97:20:46:49:05:B6:A6:B0:93:3F:7C:39:51:19:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pIqHxF2XIEZJBbamsJM_fDlRGS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/7a9f0c-5888-4fd8-bd90-683384b19ea3/1/5EKiFTRksscO1U3HYhmIFNnn8OE.roa
Signing time: Tue 12 Jul 2022 14:04:09 +0000
ROA not before: Tue 12 Jul 2022 14:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39542
IP address blocks: 185.43.60.0/22 maxlen: 22
185.137.252.0/23 maxlen: 24
193.201.37.0/24 maxlen: 24
193.201.38.0/24 maxlen: 24
193.201.35.0/24 maxlen: 24
193.201.43.0/24 maxlen: 24
194.50.39.0/24 maxlen: 24
91.213.242.0/24 maxlen: 24
2a01:6960::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:b9:78:64:5e:a3:46:f7:6a:9e:11:ee:46:fa:6a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a48a87c45d9720464905b6a6b0933f7c3951192d
Validity
Not Before: Jul 12 14:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e442a2153464b2c70ed54dc762198814d9e7f0e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7c:f0:30:33:a5:56:c9:95:29:17:e0:a2:71:
0b:7d:cd:95:92:5c:17:e7:6d:52:2b:cf:cc:5a:60:
85:a5:c2:c2:b6:2f:9f:cc:65:a2:36:c2:6b:5f:51:
ed:94:41:f7:0f:55:c3:ff:9e:bf:3e:08:94:b1:4d:
c9:0d:3a:66:c2:d4:43:e1:49:ee:2c:c2:d8:5c:60:
83:a0:d2:b6:34:51:6f:3d:2e:0a:22:db:46:a5:fe:
3f:2e:6e:87:35:51:40:60:03:ac:f5:de:bf:7f:f3:
6d:d8:04:ca:ae:21:a9:12:9a:5a:a9:ce:d5:3b:84:
2e:5d:6e:9c:45:0d:ee:19:e1:1c:57:63:99:37:bb:
ce:a1:db:18:9a:de:a7:bf:b6:c3:fa:db:84:84:62:
24:00:29:9a:e2:37:8f:60:13:61:5f:c6:b2:f6:a9:
6e:fb:f6:5a:f8:2d:b4:3a:df:40:af:ec:58:ec:a2:
55:3a:3c:b9:7d:ac:3f:7f:13:a4:81:e7:d4:e7:d5:
c0:cc:ea:c0:49:9e:a2:47:e7:a4:c1:18:cf:14:af:
67:47:d9:69:9c:d4:91:b6:fc:79:2c:4c:a6:88:ce:
40:ea:de:6d:52:74:d9:02:88:fb:37:f5:74:82:19:
1b:67:50:53:c2:d5:1e:85:5f:03:9b:e9:b0:b9:41:
f0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:42:A2:15:34:64:B2:C7:0E:D5:4D:C7:62:19:88:14:D9:E7:F0:E1
X509v3 Authority Key Identifier:
keyid:A4:8A:87:C4:5D:97:20:46:49:05:B6:A6:B0:93:3F:7C:39:51:19:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pIqHxF2XIEZJBbamsJM_fDlRGS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/7a9f0c-5888-4fd8-bd90-683384b19ea3/1/5EKiFTRksscO1U3HYhmIFNnn8OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/7a9f0c-5888-4fd8-bd90-683384b19ea3/1/pIqHxF2XIEZJBbamsJM_fDlRGS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.242.0/24
185.43.60.0/22
185.137.252.0/23
193.201.35.0/24
193.201.37.0-193.201.38.255
193.201.43.0/24
194.50.39.0/24
IPv6:
2a01:6960::/32
Signature Algorithm: sha256WithRSAEncryption
d5:86:0c:b5:69:71:d6:fb:b4:59:4a:20:ff:80:4b:96:90:1d:
d0:03:46:e7:7f:4b:c5:fb:b6:b1:ed:eb:f0:59:6c:9a:c2:58:
76:d9:0c:3c:c0:fd:02:43:67:89:6e:5e:4b:3e:ac:50:17:e6:
ff:7d:af:73:03:a0:26:2f:21:2d:d4:08:e2:fa:4b:63:33:5f:
9b:99:68:7b:04:5b:17:17:f9:d2:92:42:2e:cf:fd:11:f2:40:
75:4d:35:1d:cd:8c:c3:94:33:9d:6b:ce:ca:e8:92:e7:ca:76:
42:b3:99:f6:7e:b1:62:24:48:70:ab:6e:07:72:ef:4f:ce:e3:
0b:f6:11:86:3f:4e:0f:6f:40:8f:c0:b5:cf:73:d0:2e:56:75:
ef:dd:d2:78:0c:15:85:70:6e:ee:f1:22:48:33:62:8f:0e:43:
9a:7f:64:98:e8:03:bb:6d:aa:a8:95:de:93:5f:1e:dd:cb:9d:
f7:f7:18:a4:a2:fc:1e:4e:bd:0b:14:fc:02:48:86:74:95:5a:
02:20:27:b2:d0:6f:cf:c4:16:85:48:dc:a4:be:61:0b:7c:d7:
3a:58:ea:ca:18:14:48:e0:15:23:c0:0e:00:22:0b:fc:67:4b:
0c:6e:f1:af:74:6c:96:09:40:87:24:f9:ee:a4:b2:fb:b8:bf:
53:c4:34:01
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYHyuXhkXqNG92qeEe5G+mqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OGE4N2M0NWQ5NzIwNDY0OTA1YjZhNmIwOTMzZjdjMzk1
MTE5MmQwHhcNMjIwNzEyMTQwNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQyYTIxNTM0NjRiMmM3MGVkNTRkYzc2MjE5ODgxNGQ5ZTdmMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHzwMDOlVsmVKRfgonELfc2VklwX
521SK8/MWmCFpcLCti+fzGWiNsJrX1HtlEH3D1XD/56/PgiUsU3JDTpmwtRD4Unu
LMLYXGCDoNK2NFFvPS4KIttGpf4/Lm6HNVFAYAOs9d6/f/Nt2ATKriGpEppaqc7V
O4QuXW6cRQ3uGeEcV2OZN7vOodsYmt6nv7bD+tuEhGIkACma4jePYBNhX8ay9qlu
+/Za+C20Ot9Ar+xY7KJVOjy5faw/fxOkgefU59XAzOrASZ6iR+ekwRjPFK9nR9lp
nNSRtvx5LEymiM5A6t5tUnTZAoj7N/V0ghkbZ1BTwtUehV8Dm+mwuUHwiwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFORCohU0ZLLHDtVNx2IZiBTZ5/DhMB8GA1UdIwQY
MBaAFKSKh8RdlyBGSQW2prCTP3w5URktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcElxSHhGMlhJRVpKQmJhbXNKTV9mRGxSR1MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi83YTlmMGMtNTg4OC00ZmQ4LWJkOTAt
NjgzMzg0YjE5ZWEzLzEvNUVLaUZUUmtzc2NPMVUzSFlobUlGTm5uOE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi83YTlmMGMtNTg4OC00ZmQ4LWJkOTAtNjgzMzg0YjE5ZWEz
LzEvcElxSHhGMlhJRVpKQmJhbXNKTV9mRGxSR1MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQAW9XyAwQC
uSs8AwQBuYn8AwQAwckjMAwDBADBySUDBADBySYDBADBySsDBADCMicwDQQCAAIw
BwMFACoBaWAwDQYJKoZIhvcNAQELBQADggEBANWGDLVpcdb7tFlKIP+AS5aQHdAD
Rud/S8X7trHt6/BZbJrCWHbZDDzA/QJDZ4luXks+rFAX5v99r3MDoCYvIS3UCOL6
S2MzX5uZaHsEWxcX+dKSQi7P/RHyQHVNNR3NjMOUM51rzsrokufKdkKzmfZ+sWIk
SHCrbgdy70/O4wv2EYY/Tg9vQI/Atc9z0C5Wde/d0ngMFYVwbu7xIkgzYo8OQ5p/
ZJjoA7ttqqiV3pNfHt3Lnff3GKSi/B5OvQsU/AJIhnSVWgIgJ7LQb8/EFoVI3KS+
YQt81zpY6soYFEjgFSPADgAiC/xnSwxu8a90bJYJQIck+e6ksvu4v1PENAE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:53 2024 by rpki-client on console-fra.rpki-client.org