Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/2CHywYpcTjUGCm9CnH9GsUzP_BA.roa
File: 2CHywYpcTjUGCm9CnH9GsUzP_BA.roa (raw, json)
Hash identifier: pDXmt+8ObOC7swwdqqgFDJ/iKevkd2QzEXIkyrDGhYQ=
Subject key identifier: D8:21:F2:C1:8A:5C:4E:35:06:0A:6F:42:9C:7F:46:B1:4C:CF:FC:10
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 01849AD7113890B406BD1FB34EC6DED2AB62
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/2CHywYpcTjUGCm9CnH9GsUzP_BA.roa
Signing time: Mon 21 Nov 2022 15:38:16 +0000
ROA not before: Mon 21 Nov 2022 15:38:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61976
IP address blocks: 79.141.65.0/24 maxlen: 24
79.141.66.0/24 maxlen: 24
78.155.198.0/24 maxlen: 24
185.193.90.0/23 maxlen: 23
92.255.62.0/23 maxlen: 23
185.42.164.0/22 maxlen: 22
79.141.64.0/20 maxlen: 20
79.141.64.0/24 maxlen: 24
2a00:ab00:6000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:d7:11:38:90:b4:06:bd:1f:b3:4e:c6:de:d2:ab:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Nov 21 15:38:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d821f2c18a5c4e35060a6f429c7f46b14ccffc10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:7f:d0:72:6a:9e:0c:81:fd:26:7b:b2:9b:
e7:7b:f7:ef:bd:97:2f:79:75:18:f2:ea:5e:62:59:
b9:70:1a:37:21:ca:cf:c1:7a:cd:13:67:93:68:a2:
dc:17:a5:78:6c:bb:7b:2b:f0:85:e7:5b:10:31:65:
41:3e:cf:44:29:e8:09:96:bd:12:ff:c9:4b:87:d7:
2c:f4:54:1f:77:e6:29:c6:f9:dc:4f:ce:8f:3a:41:
e6:7f:71:df:28:0a:30:f8:e3:87:60:79:4e:ac:09:
c5:54:03:d8:df:c2:fd:ec:d0:e1:fa:17:d1:19:9d:
cd:81:1f:b9:82:d9:46:2a:9b:61:fd:92:2a:37:4e:
43:ce:81:f8:a3:c4:42:2b:3a:02:58:f8:9d:f5:09:
c5:81:0e:ec:c3:a5:ed:cb:ed:06:2c:15:89:5a:fc:
ac:ea:b6:7b:ef:40:9d:0a:84:4e:f1:40:a5:46:30:
00:53:2a:0b:0a:8d:04:fb:1b:19:19:27:3b:52:aa:
55:e4:88:c4:21:e2:5d:29:8a:78:b0:66:5c:46:26:
6e:c9:a3:51:ff:36:b4:05:be:c2:4a:55:82:05:72:
b8:0a:be:b6:3b:f9:51:2a:e6:58:66:43:87:d9:22:
3f:90:0a:9c:b9:e5:d7:c4:df:18:8f:ab:7e:ba:6e:
56:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:21:F2:C1:8A:5C:4E:35:06:0A:6F:42:9C:7F:46:B1:4C:CF:FC:10
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/2CHywYpcTjUGCm9CnH9GsUzP_BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.155.198.0/24
79.141.64.0/20
92.255.62.0/23
185.42.164.0/22
185.193.90.0/23
IPv6:
2a00:ab00:6000::/36
Signature Algorithm: sha256WithRSAEncryption
17:e8:4a:4d:cc:f6:5b:25:51:cf:5b:ce:cf:2a:20:a2:e3:cc:
01:26:5a:b6:1e:1c:63:b6:c3:49:59:8a:f8:69:bf:e1:8f:a7:
30:9b:7a:17:47:bd:5b:cf:3c:a0:b1:04:3b:88:dd:cb:7c:e1:
6b:dd:fd:db:5f:8d:5e:c3:74:b3:26:19:4b:8a:9d:9b:28:71:
9b:47:d6:f3:16:44:a6:73:08:1a:ed:ba:89:b8:27:fa:6e:84:
2d:c4:4e:87:5c:49:d4:59:13:0f:9e:f9:ba:3c:6d:25:83:ca:
19:5f:4d:a5:b9:ec:67:9b:5b:60:2f:d4:09:85:0c:bd:ba:6c:
11:d4:1c:3a:33:32:3c:9e:76:d3:01:5e:cf:81:be:6c:14:3f:
65:4b:63:88:d2:31:79:4b:a1:d5:a2:ab:3a:91:92:2e:4a:be:
be:1f:0d:8f:e6:b3:57:cf:3d:84:39:94:61:4f:40:d7:56:30:
f5:9e:5a:c7:a9:a3:78:bd:32:01:63:b1:34:97:fd:c9:a3:6b:
e5:c7:76:7d:e8:f3:a9:61:8b:1e:21:ab:80:59:16:67:fc:92:
56:55:c6:1e:66:ac:e2:95:65:fd:2a:57:ec:0e:ff:07:e1:f6:
21:b1:b8:31:39:87:0b:d6:a3:59:11:e8:f7:cd:01:02:ea:17:
c0:76:30:c1
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYSa1xE4kLQGvR+zTsbe0qtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjIxMTIxMTUzODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODIxZjJjMThhNWM0ZTM1MDYwYTZmNDI5YzdmNDZiMTRjY2ZmYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjF/0HJqngyB/SZ7spvne/fvvZcv
eXUY8upeYlm5cBo3IcrPwXrNE2eTaKLcF6V4bLt7K/CF51sQMWVBPs9EKegJlr0S
/8lLh9cs9FQfd+YpxvncT86POkHmf3HfKAow+OOHYHlOrAnFVAPY38L97NDh+hfR
GZ3NgR+5gtlGKpth/ZIqN05DzoH4o8RCKzoCWPid9QnFgQ7sw6Xty+0GLBWJWvys
6rZ770CdCoRO8UClRjAAUyoLCo0E+xsZGSc7UqpV5IjEIeJdKYp4sGZcRiZuyaNR
/za0Bb7CSlWCBXK4Cr62O/lRKuZYZkOH2SI/kAqcueXXxN8Yj6t+um5WdwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNgh8sGKXE41BgpvQpx/RrFMz/wQMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvMkNIeXdZcGNUalVHQ205Q25IOUdzVXpQX0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQATpvGAwQE
T41AAwQBXP8+AwQCuSqkAwQBucFaMA4EAgACMAgDBgQqAKsAYDANBgkqhkiG9w0B
AQsFAAOCAQEAF+hKTcz2WyVRz1vOzyogouPMASZath4cY7bDSVmK+Gm/4Y+nMJt6
F0e9W888oLEEO4jdy3zha93921+NXsN0syYZS4qdmyhxm0fW8xZEpnMIGu26ibgn
+m6ELcROh1xJ1FkTD575ujxtJYPKGV9NpbnsZ5tbYC/UCYUMvbpsEdQcOjMyPJ52
0wFez4G+bBQ/ZUtjiNIxeUuh1aKrOpGSLkq+vh8Nj+azV889hDmUYU9A11Yw9Z5a
x6mjeL0yAWOxNJf9yaNr5cd2fejzqWGLHiGrgFkWZ/ySVlXGHmas4pVl/SpX7A7/
B+H2IbG4MTmHC9ajWRHo980BAuoXwHYwwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:18 2024 by rpki-client on console-ams.rpki-client.org