Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/4LEdMQHMIbLJ4VLtak7G35kx1oE.roa
File: 4LEdMQHMIbLJ4VLtak7G35kx1oE.roa (raw, json)
Hash identifier: ErGW1tRm2eyXjh3V0b/pNCf6j7pAJ3xyHNob5OGFrE4=
Subject key identifier: E0:B1:1D:31:01:CC:21:B2:C9:E1:52:ED:6A:4E:C6:DF:99:31:D6:81
Certificate issuer: /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial: 018552C15C1104CAD56775514DE09436B9DD
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/4LEdMQHMIbLJ4VLtak7G35kx1oE.roa
Signing time: Tue 27 Dec 2022 08:44:41 +0000
ROA not before: Tue 27 Dec 2022 08:44:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43966
IP address blocks: 79.173.66.0/23 maxlen: 24
79.173.80.0/20 maxlen: 24
94.243.192.0/20 maxlen: 24
94.243.232.0/21 maxlen: 24
79.173.64.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:52:c1:5c:11:04:ca:d5:67:75:51:4d:e0:94:36:b9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
Validity
Not Before: Dec 27 08:44:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0b11d3101cc21b2c9e152ed6a4ec6df9931d681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4c:d6:8e:2e:a1:81:b1:53:5c:b4:07:68:77:
4c:2c:c0:61:97:db:2c:c1:d9:4a:21:07:bc:98:db:
e0:bb:40:8f:42:56:35:88:17:db:ae:59:75:35:1a:
89:44:89:3d:79:ef:7f:c0:9c:e1:dc:7f:d2:e0:01:
78:8e:86:3d:70:ac:ff:18:ca:53:1e:63:a3:04:4f:
1c:b1:f7:66:67:79:10:d6:a2:66:8b:c0:c4:56:e3:
f1:56:93:32:8f:5d:8d:81:ea:88:b2:68:08:f3:f3:
0e:54:0c:09:e8:2d:29:69:1d:09:6b:15:ba:b1:56:
e1:d8:61:7b:3d:60:2c:0b:f1:a7:3f:c1:71:8e:c5:
73:50:7f:c2:e8:19:7f:05:15:5d:0f:62:46:6b:af:
de:8a:2b:86:82:5a:dd:c8:2b:1b:b8:db:92:51:7f:
82:7c:ed:74:d1:8c:09:bc:dd:17:47:ab:3a:55:68:
fc:fc:e0:d0:2e:99:1c:30:a4:1f:a3:1c:99:f5:69:
9d:ca:ed:5e:3d:f1:d5:2a:71:d2:5e:5f:fc:8b:ce:
c5:26:85:29:82:b3:28:e3:24:36:4f:20:21:4b:7c:
9b:07:de:61:7c:85:06:8b:bb:27:09:a8:db:ec:f0:
a7:bf:55:b9:ba:78:ce:4f:80:8b:44:9f:10:6a:c2:
c0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B1:1D:31:01:CC:21:B2:C9:E1:52:ED:6A:4E:C6:DF:99:31:D6:81
X509v3 Authority Key Identifier:
keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/4LEdMQHMIbLJ4VLtak7G35kx1oE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.173.64.0/22
79.173.80.0/20
94.243.192.0/20
94.243.232.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:1e:5d:2f:06:f5:f7:63:0d:b8:5f:6c:c6:7e:0f:68:98:d7:
e2:da:81:54:2e:5d:d4:23:17:70:ed:e8:f0:3f:6e:7a:15:cf:
c3:f4:69:bc:91:ea:26:cb:ab:3c:37:c2:ec:cb:68:4c:70:95:
04:a4:e9:8a:d8:50:a2:0d:03:9e:b6:8d:e7:15:a2:ca:d7:05:
4f:56:12:26:82:15:7b:50:12:ad:ae:52:f6:8e:84:de:3f:ba:
92:be:ba:4d:31:bd:bd:a3:3b:2e:c0:14:45:83:69:ed:b1:d3:
46:1d:16:6c:72:5d:28:32:38:f2:e4:16:9b:34:4b:3c:1d:79:
2e:82:ab:74:b3:fa:d8:5d:37:57:e4:83:14:cc:d0:d9:3d:72:
71:84:a1:03:a6:e9:be:89:26:03:ec:1d:dd:03:f2:22:6b:bc:
89:eb:a5:eb:4f:c6:05:ff:e9:f0:6b:33:0a:1d:2a:36:c1:8c:
e0:08:bb:dc:9d:7e:aa:2e:d2:eb:ce:b0:e2:4c:c9:61:7f:c5:
fb:63:c4:d7:f5:af:49:61:b7:ab:17:c1:98:75:b8:df:b6:bc:
f2:43:1d:5c:7f:36:a8:97:a7:c3:b4:d6:cd:0f:70:7e:0b:f3:
39:e0:60:92:70:da:1e:eb:5d:90:5b:fe:e1:da:56:73:1a:4e:
e5:9a:aa:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVSwVwRBMrVZ3VRTeCUNrndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjIxMjI3MDg0NDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGIxMWQzMTAxY2MyMWIyYzllMTUyZWQ2YTRlYzZkZjk5MzFkNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkzWji6hgbFTXLQHaHdMLMBhl9ss
wdlKIQe8mNvgu0CPQlY1iBfbrll1NRqJRIk9ee9/wJzh3H/S4AF4joY9cKz/GMpT
HmOjBE8csfdmZ3kQ1qJmi8DEVuPxVpMyj12NgeqIsmgI8/MOVAwJ6C0paR0JaxW6
sVbh2GF7PWAsC/GnP8FxjsVzUH/C6Bl/BRVdD2JGa6/eiiuGglrdyCsbuNuSUX+C
fO100YwJvN0XR6s6VWj8/ODQLpkcMKQfoxyZ9Wmdyu1ePfHVKnHSXl/8i87FJoUp
grMo4yQ2TyAhS3ybB95hfIUGi7snCajb7PCnv1W5unjOT4CLRJ8QasLA9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOCxHTEBzCGyyeFS7WpOxt+ZMdaBMB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEvNExFZE1RSE1JYkxKNFZMdGFrN0czNWt4MW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCT61AAwQE
T61QAwQEXvPAAwQDXvPoMA0GCSqGSIb3DQEBCwUAA4IBAQAqHl0vBvX3Yw24X2zG
fg9omNfi2oFULl3UIxdw7ejwP256Fc/D9Gm8keomy6s8N8Lsy2hMcJUEpOmK2FCi
DQOeto3nFaLK1wVPVhImghV7UBKtrlL2joTeP7qSvrpNMb29ozsuwBRFg2ntsdNG
HRZscl0oMjjy5BabNEs8HXkugqt0s/rYXTdX5IMUzNDZPXJxhKEDpum+iSYD7B3d
A/Iia7yJ66XrT8YF/+nwazMKHSo2wYzgCLvcnX6qLtLrzrDiTMlhf8X7Y8TX9a9J
YberF8GYdbjftrzyQx1cfzaol6fDtNbND3B+C/M54GCScNoe612QW/7h2lZzGk7l
mqoP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:59 2024 by rpki-client on console-fra.rpki-client.org