Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/Ef3pFZFnAWUHX3fg5JADlSTsb7U.roa
File: Ef3pFZFnAWUHX3fg5JADlSTsb7U.roa (raw, json)
Hash identifier: MIrORBd8ZWj0kHI/ZvsrCQImZcy/cFi5PmpcA4Fbua0=
Subject key identifier: 11:FD:E9:15:91:67:01:65:07:5F:77:E0:E4:90:03:95:24:EC:6F:B5
Certificate issuer: /CN=afa51165aa5036acda11fee0020e34fcc439ede6
Certificate serial: 0183A2F0FD36D38141359B57E12DF716405F
Authority key identifier: AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/Ef3pFZFnAWUHX3fg5JADlSTsb7U.roa
Signing time: Tue 04 Oct 2022 12:20:45 +0000
ROA not before: Tue 04 Oct 2022 12:20:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25504
IP address blocks: 185.90.232.0/22 maxlen: 24
151.252.48.0/20 maxlen: 24
158.58.144.0/21 maxlen: 24
94.102.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a2:f0:fd:36:d3:81:41:35:9b:57:e1:2d:f7:16:40:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa51165aa5036acda11fee0020e34fcc439ede6
Validity
Not Before: Oct 4 12:20:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11fde91591670165075f77e0e490039524ec6fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ef:7d:de:17:45:35:69:49:dd:0d:7d:12:52:
9c:0b:84:d2:f8:9b:27:06:82:72:94:e8:6b:5a:74:
f6:1e:d4:1a:92:c9:a8:59:3e:cf:a1:68:f6:2d:ff:
3f:23:2e:cd:69:0f:0f:5e:b3:26:3f:a5:a7:96:e8:
95:19:28:57:42:70:32:21:06:db:f9:2e:fb:f1:a9:
89:eb:70:db:bb:bc:2f:4a:0d:50:7e:17:b7:a3:2b:
79:a6:8c:ab:ef:a9:e7:f6:28:49:4f:77:51:10:48:
68:da:66:a3:0f:b0:4f:8a:60:3b:8e:37:4a:1e:fd:
51:31:ab:a8:50:39:ae:1b:01:db:46:ee:ab:cc:b8:
92:43:42:d9:b9:8f:c6:29:1b:a2:5f:08:5d:08:de:
d2:20:8c:92:fb:3f:21:24:95:59:c7:5d:06:b0:ef:
ee:ed:4c:ed:37:ff:e2:be:e2:5e:35:41:67:19:93:
ae:5a:5e:ae:bc:b4:9e:bd:e1:59:0e:8b:b2:ca:05:
0d:f9:1f:26:34:fb:a7:c0:8f:93:9c:bc:60:05:96:
7a:64:cc:8f:aa:ca:57:a3:7c:7a:ed:7d:a5:3e:79:
2d:5a:21:52:45:45:0c:90:e3:e7:4f:55:ce:5b:a3:
0c:a6:18:ce:32:89:1b:97:84:9d:d4:2e:b6:72:94:
a3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:FD:E9:15:91:67:01:65:07:5F:77:E0:E4:90:03:95:24:EC:6F:B5
X509v3 Authority Key Identifier:
keyid:AF:A5:11:65:AA:50:36:AC:DA:11:FE:E0:02:0E:34:FC:C4:39:ED:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6URZapQNqzaEf7gAg40_MQ57eY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/Ef3pFZFnAWUHX3fg5JADlSTsb7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/2da1ec-aa4b-4d94-98cb-a776e4a63e6f/1/r6URZapQNqzaEf7gAg40_MQ57eY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.102.208.0/20
151.252.48.0/20
158.58.144.0/21
185.90.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:21:21:06:e8:45:e8:a2:95:13:67:59:08:3a:ee:0f:62:aa:
d8:bd:48:4e:e8:ca:6b:4e:84:8a:9e:92:da:5f:47:cb:28:d4:
a0:e5:0f:dd:6c:0d:5f:62:4f:a4:78:ab:b8:1e:86:a6:06:e1:
5d:b8:4c:95:07:3d:53:be:16:82:43:75:03:e8:00:d4:27:b4:
e5:59:ec:b9:91:0d:95:2e:12:f6:7b:18:f1:76:1c:27:53:16:
88:35:a8:2a:9c:b7:57:a5:7c:f9:1d:b3:68:ae:97:e0:08:a2:
d1:89:29:ed:8e:b0:7c:f9:0b:c7:9f:14:4e:b8:54:08:3a:00:
8f:d6:cd:5f:98:92:9e:89:57:73:78:8e:03:5c:08:70:0c:74:
39:a3:21:97:6a:6d:a2:f6:3e:87:22:1a:d1:fe:34:d5:6b:64:
f9:35:62:86:c9:d6:3c:2d:19:f0:fa:00:83:d2:3c:f3:76:3a:
1d:b2:7c:01:7f:11:65:59:8b:5a:03:4d:56:57:b8:44:62:c4:
72:74:25:93:31:3e:1f:ce:e1:cf:0a:37:86:60:30:6f:88:56:
dc:ea:be:86:39:79:8b:e6:2c:06:eb:47:a9:d1:7d:a5:7d:bc:
63:14:55:88:bf:e9:09:80:f6:b2:96:d7:21:01:93:89:7a:a5:
18:b7:b6:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYOi8P0204FBNZtX4S33FkBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYTUxMTY1YWE1MDM2YWNkYTExZmVlMDAyMGUzNGZjYzQz
OWVkZTYwHhcNMjIxMDA0MTIyMDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWZkZTkxNTkxNjcwMTY1MDc1Zjc3ZTBlNDkwMDM5NTI0ZWM2ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO993hdFNWlJ3Q19ElKcC4TS+Jsn
BoJylOhrWnT2HtQaksmoWT7PoWj2Lf8/Iy7NaQ8PXrMmP6WnluiVGShXQnAyIQbb
+S778amJ63Dbu7wvSg1Qfhe3oyt5poyr76nn9ihJT3dREEho2majD7BPimA7jjdK
Hv1RMauoUDmuGwHbRu6rzLiSQ0LZuY/GKRuiXwhdCN7SIIyS+z8hJJVZx10GsO/u
7UztN//ivuJeNUFnGZOuWl6uvLSeveFZDouyygUN+R8mNPunwI+TnLxgBZZ6ZMyP
qspXo3x67X2lPnktWiFSRUUMkOPnT1XOW6MMphjOMokbl4Sd1C62cpSj5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBH96RWRZwFlB1934OSQA5Uk7G+1MB8GA1UdIwQY
MBaAFK+lEWWqUDas2hH+4AIONPzEOe3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2It
YTc3NmU0YTYzZTZmLzEvRWYzcEZaRm5BV1VIWDNmZzVKQURsU1RzYjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yZGExZWMtYWE0Yi00ZDk0LTk4Y2ItYTc3NmU0YTYzZTZm
LzEvcjZVUlphcFFOcXphRWY3Z0FnNDBfTVE1N2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEXmbQAwQE
l/wwAwQDnjqQAwQCuVroMA0GCSqGSIb3DQEBCwUAA4IBAQBuISEG6EXoopUTZ1kI
Ou4PYqrYvUhO6MprToSKnpLaX0fLKNSg5Q/dbA1fYk+keKu4HoamBuFduEyVBz1T
vhaCQ3UD6ADUJ7TlWey5kQ2VLhL2exjxdhwnUxaINagqnLdXpXz5HbNorpfgCKLR
iSntjrB8+QvHnxROuFQIOgCP1s1fmJKeiVdzeI4DXAhwDHQ5oyGXam2i9j6HIhrR
/jTVa2T5NWKGydY8LRnw+gCD0jzzdjodsnwBfxFlWYtaA01WV7hEYsRydCWTMT4f
zuHPCjeGYDBviFbc6r6GOXmL5iwG60ep0X2lfbxjFFWIv+kJgPayltchAZOJeqUY
t7Z1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:44 2024 by rpki-client on console-ams.rpki-client.org