Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/eSTDxS2rojSv2vCkCMJhwrsPN9I.roa
File: eSTDxS2rojSv2vCkCMJhwrsPN9I.roa (raw, json)
Hash identifier: AOWaIsUtw690GT1V1HtinygRcgAHRSwhYCnp1BUkQTU=
Subject key identifier: 79:24:C3:C5:2D:AB:A2:34:AF:DA:F0:A4:08:C2:61:C2:BB:0F:37:D2
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 01826FD1EB2C797F5FBBFC4EC2D1C32B8179
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/eSTDxS2rojSv2vCkCMJhwrsPN9I.roa
Signing time: Fri 05 Aug 2022 21:03:24 +0000
ROA not before: Fri 05 Aug 2022 21:03:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54203
IP address blocks: 185.147.214.0/24 maxlen: 24
2a03:efc0:200::/40 maxlen: 40
2a03:efc0:900::/40 maxlen: 40
2a03:efc0:1900::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:1500::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6f:d1:eb:2c:79:7f:5f:bb:fc:4e:c2:d1:c3:2b:81:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Aug 5 21:03:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7924c3c52daba234afdaf0a408c261c2bb0f37d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7a:4a:ce:2d:c6:31:ff:79:35:4b:b8:e9:d4:
d8:02:30:d4:04:63:72:e5:a4:1f:cc:ee:b9:a3:1d:
c5:bd:ce:e7:76:ff:07:e7:60:a2:a5:1e:25:a8:81:
54:2f:e6:ea:c9:c8:3d:52:96:6b:cd:5b:aa:bf:c0:
29:d7:19:2a:c5:a0:97:61:dc:7c:11:db:31:fe:aa:
67:4c:0b:e4:1e:ee:8f:ca:bd:4e:c9:f5:02:18:3e:
1e:67:c6:7c:72:7e:99:7f:da:47:b4:0b:12:96:fe:
94:26:1e:bc:73:d8:aa:e8:0a:d2:ea:37:af:75:34:
d9:8f:96:79:c4:45:c1:af:23:d9:f1:f1:7a:bb:7c:
4b:e8:9d:8a:eb:0c:60:62:ac:97:92:cf:3f:3d:32:
07:53:db:81:04:6c:91:26:68:cf:f7:a7:55:9a:63:
b4:92:77:36:fd:3a:1d:3a:2a:5a:fd:92:04:c6:4c:
2e:94:94:bf:ce:6e:b3:7f:56:da:75:b7:a0:b9:64:
d8:ce:99:a3:94:de:91:c8:a0:fa:68:b8:e0:01:70:
a3:9d:50:f8:ca:4a:ad:d4:85:08:00:d3:6b:ab:9b:
4d:6c:af:50:81:65:64:8c:17:89:9c:d9:d9:96:87:
1f:2a:73:91:04:c4:4a:82:90:05:db:92:7f:ed:cf:
bb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:24:C3:C5:2D:AB:A2:34:AF:DA:F0:A4:08:C2:61:C2:BB:0F:37:D2
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/eSTDxS2rojSv2vCkCMJhwrsPN9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.214.0/24
IPv6:
2a03:efc0:200::/40
2a03:efc0:900::/40
2a03:efc0:1500::/40
2a03:efc0:1700::/40
2a03:efc0:1900::/40
Signature Algorithm: sha256WithRSAEncryption
27:fd:58:bb:f4:68:3a:e6:cd:68:56:1e:7b:ba:ff:31:f0:79:
3b:e6:44:f6:2b:60:9c:24:02:62:69:c5:a3:1f:a3:30:b4:bb:
f5:36:fd:f5:60:16:ee:74:a0:0d:92:97:7d:89:cd:a8:0b:2d:
d2:1b:16:93:02:03:1e:44:a9:05:27:f9:3c:d4:1a:03:7e:96:
4b:f0:ab:4d:29:86:34:bc:a0:d1:7a:39:c7:17:a7:aa:97:1a:
cd:dd:19:e6:49:f0:4a:39:b4:29:6f:a0:2a:a6:56:ed:ed:c2:
4e:64:95:28:7f:3b:f9:aa:01:98:bb:1b:e7:4e:00:d7:89:de:
54:ef:2a:96:a2:ee:d4:cb:ac:0b:70:28:a4:e5:fa:35:79:d2:
1c:3c:27:9a:f4:e3:76:e3:fe:1b:fb:37:53:6b:1b:85:46:b7:
69:6c:45:7c:24:8f:17:59:76:b8:9d:4e:9e:cd:e7:63:82:d6:
c8:d5:61:ec:69:31:96:65:c9:49:e0:93:35:1f:e1:df:b2:6a:
ea:c6:e3:09:76:9a:b0:02:fb:8e:d3:28:cb:58:51:b5:52:27:
e7:54:8f:b4:c1:c5:98:5a:e2:41:01:19:e9:b1:d8:5a:6e:9b:
f7:4b:ee:cd:82:fb:ed:23:5b:a6:44:d3:9f:9e:df:a5:1c:bc:
04:0f:ed:24
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYJv0esseX9fu/xOwtHDK4F5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjIwODA1MjEwMzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTI0YzNjNTJkYWJhMjM0YWZkYWYwYTQwOGMyNjFjMmJiMGYzN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknpKzi3GMf95NUu46dTYAjDUBGNy
5aQfzO65ox3Fvc7ndv8H52CipR4lqIFUL+bqycg9UpZrzVuqv8Ap1xkqxaCXYdx8
Edsx/qpnTAvkHu6Pyr1OyfUCGD4eZ8Z8cn6Zf9pHtAsSlv6UJh68c9iq6ArS6jev
dTTZj5Z5xEXBryPZ8fF6u3xL6J2K6wxgYqyXks8/PTIHU9uBBGyRJmjP96dVmmO0
knc2/TodOipa/ZIExkwulJS/zm6zf1badbeguWTYzpmjlN6RyKD6aLjgAXCjnVD4
ykqt1IUIANNrq5tNbK9QgWVkjBeJnNnZlocfKnORBMRKgpAF25J/7c+77wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHkkw8Utq6I0r9rwpAjCYcK7DzfSMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvZVNURHhTMnJvalN2MnZDa0NNSmh3cnNQTjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAMBAIAATAGAwQAuZPWMC4E
AgACMCgDBgAqA+/AAgMGACoD78AJAwYAKgPvwBUDBgAqA+/AFwMGACoD78AZMA0G
CSqGSIb3DQEBCwUAA4IBAQAn/Vi79Gg65s1oVh57uv8x8Hk75kT2K2CcJAJiacWj
H6MwtLv1Nv31YBbudKANkpd9ic2oCy3SGxaTAgMeRKkFJ/k81BoDfpZL8KtNKYY0
vKDRejnHF6eqlxrN3RnmSfBKObQpb6Aqplbt7cJOZJUofzv5qgGYuxvnTgDXid5U
7yqWou7Uy6wLcCik5fo1edIcPCea9ON24/4b+zdTaxuFRrdpbEV8JI8XWXa4nU6e
zedjgtbI1WHsaTGWZclJ4JM1H+HfsmrqxuMJdpqwAvuO0yjLWFG1UifnVI+0wcWY
WuJBARnpsdhabpv3S+7NgvvtI1umRNOfnt+lHLwED+0k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:01 2024 by rpki-client on console-ams.rpki-client.org