Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/Ewk1avHrtowY_ONCWsLofg9rhUE.roa
File: Ewk1avHrtowY_ONCWsLofg9rhUE.roa (raw, json)
Hash identifier: GnLBHmYU/2/csttHcNrJSOVYhTlIxeWXLj1kkrPt/qQ=
Subject key identifier: 13:09:35:6A:F1:EB:B6:8C:18:FC:E3:42:5A:C2:E8:7E:0F:6B:85:41
Certificate issuer: /CN=92ec295476ca1d934db04d00244fc5079b9c9748
Certificate serial: 030897FB
Authority key identifier: 92:EC:29:54:76:CA:1D:93:4D:B0:4D:00:24:4F:C5:07:9B:9C:97:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/Ewk1avHrtowY_ONCWsLofg9rhUE.roa
Signing time: Sat 01 Jan 2022 10:57:04 +0000
ROA not before: Sat 01 Jan 2022 10:57:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211997
IP address blocks: 185.233.32.0/24 maxlen: 24
2a10:d780:1::/48 maxlen: 48
2a10:d780:cccc::/48 maxlen: 48
2a10:d780:2::/48 maxlen: 48
2a10:d780::/32 maxlen: 32
2a10:d780::/48 maxlen: 48
2a10:d780:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50894843 (0x30897fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92ec295476ca1d934db04d00244fc5079b9c9748
Validity
Not Before: Jan 1 10:57:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1309356af1ebb68c18fce3425ac2e87e0f6b8541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a4:4a:f2:d5:e4:af:26:06:cc:bc:56:f5:ef:
a7:65:7e:2c:3b:50:f7:e1:d7:3a:4d:ce:c1:30:7e:
7a:d0:a6:99:96:80:d6:db:94:04:7a:1d:dc:00:a8:
62:2e:be:b0:1f:e8:f3:f6:37:c2:31:5c:fc:d4:23:
2e:3d:db:4e:ad:67:02:0f:48:1b:71:d7:cb:32:09:
ef:c3:0d:00:c2:b9:ea:b7:f2:c8:06:5d:fd:ee:7c:
30:28:77:22:a7:05:93:0d:a2:d6:ee:f5:9e:b5:bb:
f5:8c:8b:3c:5d:77:ba:1c:87:e9:05:51:64:79:9d:
59:01:23:63:81:b0:e1:4c:dc:1b:04:c1:c4:bf:c3:
3e:34:42:10:bd:c3:ec:85:eb:b1:54:e4:62:d4:e8:
08:48:cd:55:73:af:29:49:72:26:ca:41:ea:ba:02:
b0:f0:c4:d8:d7:4a:64:0e:9f:35:9d:32:95:c3:33:
ec:43:4f:33:ae:a0:3d:18:3e:07:bd:f7:d3:d2:82:
02:a9:12:0b:a8:99:5b:01:de:86:ca:14:d7:76:f0:
74:89:9a:a6:59:a7:7a:6e:dd:4c:8f:2d:e1:ee:fa:
2c:ba:10:49:d9:7a:02:21:4a:1d:f5:cf:92:2a:1e:
c4:92:15:a6:b9:00:c6:2a:64:51:6e:fd:53:45:5e:
99:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:09:35:6A:F1:EB:B6:8C:18:FC:E3:42:5A:C2:E8:7E:0F:6B:85:41
X509v3 Authority Key Identifier:
keyid:92:EC:29:54:76:CA:1D:93:4D:B0:4D:00:24:4F:C5:07:9B:9C:97:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/Ewk1avHrtowY_ONCWsLofg9rhUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/kuwpVHbKHZNNsE0AJE_FB5ucl0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.32.0/24
IPv6:
2a10:d780::/32
Signature Algorithm: sha256WithRSAEncryption
22:38:41:3b:7b:f5:dc:bd:91:9f:4b:5b:a5:79:35:63:db:8c:
e1:42:a9:64:b6:f0:23:18:a9:c6:ed:0c:8f:89:8a:8f:76:31:
15:93:d2:6c:00:94:42:99:be:19:ad:e1:9c:6e:ca:49:de:db:
dc:cb:d9:dd:c7:a8:9a:65:e0:65:ed:bc:07:63:b7:b5:14:eb:
a4:4e:eb:d0:42:bd:d2:22:b4:1b:d8:b2:03:29:69:84:05:31:
af:02:f6:64:7c:01:3d:77:eb:ac:48:7c:7c:05:9a:9d:bb:b3:
10:1a:a2:22:13:45:63:7b:e1:81:4a:e0:be:d5:4b:8c:fe:cd:
48:f0:cc:24:24:97:0a:19:70:12:59:28:1a:66:5e:d8:58:0f:
14:d3:4f:42:94:a6:4c:7a:49:0d:0b:86:b4:29:56:94:74:a7:
10:90:28:6e:b3:69:d4:ba:de:fe:ca:2d:6a:67:40:01:ef:75:
d3:84:e0:6b:f6:a3:0f:6c:cd:f1:b9:fd:30:6c:6e:83:70:7d:
7e:43:58:cd:05:ce:0a:77:3e:3c:62:7b:f2:44:3c:32:56:eb:
50:7e:32:03:0a:79:31:a6:c8:e8:5f:67:49:6a:0d:3f:5d:23:
70:66:54:00:47:bf:32:70:d2:45:c6:40:ee:a8:77:79:db:85:
02:98:ff:44
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAwiX+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmVjMjk1NDc2Y2ExZDkzNGRiMDRkMDAyNDRmYzUwNzliOWM5NzQ4MB4XDTIyMDEw
MTEwNTcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTMwOTM1NmFmMWVi
YjY4YzE4ZmNlMzQyNWFjMmU4N2UwZjZiODU0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALukSvLV5K8mBsy8VvXvp2V+LDtQ9+HXOk3OwTB+etCmmZaA
1tuUBHod3ACoYi6+sB/o8/Y3wjFc/NQjLj3bTq1nAg9IG3HXyzIJ78MNAMK56rfy
yAZd/e58MCh3IqcFkw2i1u71nrW79YyLPF13uhyH6QVRZHmdWQEjY4Gw4UzcGwTB
xL/DPjRCEL3D7IXrsVTkYtToCEjNVXOvKUlyJspB6roCsPDE2NdKZA6fNZ0ylcMz
7ENPM66gPRg+B73309KCAqkSC6iZWwHehsoU13bwdImaplmnem7dTI8t4e76LLoQ
Sdl6AiFKHfXPkioexJIVprkAxipkUW79U0VemT0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQTCTVq8eu2jBj840Jawuh+D2uFQTAfBgNVHSMEGDAWgBSS7ClUdsodk02w
TQAkT8UHm5yXSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t1d3BWSGJLSFpOTnNFMEFKRV9GQjV1Y2wwZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvNTgzOTRhLThjZjYtNGIxMS1iZWNiLTNiYTY5MTMxNDU4Yi8x
L0V3azFhdkhydG93WV9PTkNXc0xvZmc5cmhVRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
NTgzOTRhLThjZjYtNGIxMS1iZWNiLTNiYTY5MTMxNDU4Yi8xL2t1d3BWSGJLSFpO
TnNFMEFKRV9GQjV1Y2wwZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnpIDANBAIAAjAHAwUAKhDXgDAN
BgkqhkiG9w0BAQsFAAOCAQEAIjhBO3v13L2Rn0tbpXk1Y9uM4UKpZLbwIxipxu0M
j4mKj3YxFZPSbACUQpm+Ga3hnG7KSd7b3MvZ3ceommXgZe28B2O3tRTrpE7r0EK9
0iK0G9iyAylphAUxrwL2ZHwBPXfrrEh8fAWanbuzEBqiIhNFY3vhgUrgvtVLjP7N
SPDMJCSXChlwElkoGmZe2FgPFNNPQpSmTHpJDQuGtClWlHSnEJAobrNp1Lre/sot
amdAAe9104Tga/ajD2zN8bn9MGxug3B9fkNYzQXOCnc+PGJ78kQ8MlbrUH4yAwp5
MabI6F9nSWoNP10jcGZUAEe/MnDSRcZA7qh3eduFApj/RA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:14 2024 by rpki-client on console-fra.rpki-client.org