Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/eYlfmvJ4q7rh8nhu5KSC8w7eJU8.roa
File: eYlfmvJ4q7rh8nhu5KSC8w7eJU8.roa (raw, json)
Hash identifier: 9XZ/Hfjx8EqQ541Mfezjy9FbWAu6T/9/sBmUgWdLGl8=
Subject key identifier: 79:89:5F:9A:F2:78:AB:BA:E1:F2:78:6E:E4:A4:82:F3:0E:DE:25:4F
Certificate issuer: /CN=6f3d89a81fc299f39c092e4f6d0173a9a9cfbc65
Certificate serial: 0D5B1B5F
Authority key identifier: 6F:3D:89:A8:1F:C2:99:F3:9C:09:2E:4F:6D:01:73:A9:A9:CF:BC:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/eYlfmvJ4q7rh8nhu5KSC8w7eJU8.roa
Signing time: Wed 06 Apr 2022 07:02:37 +0000
ROA not before: Wed 06 Apr 2022 07:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16024
IP address blocks: 156.67.56.0/23 maxlen: 23
156.67.56.0/24 maxlen: 24
156.67.57.0/24 maxlen: 24
217.70.160.0/20 maxlen: 24
185.47.232.0/22 maxlen: 24
46.28.32.0/21 maxlen: 24
185.159.32.0/22 maxlen: 24
149.232.244.0/22 maxlen: 24
149.232.248.0/22 maxlen: 24
2a02:1670::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224074591 (0xd5b1b5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3d89a81fc299f39c092e4f6d0173a9a9cfbc65
Validity
Not Before: Apr 6 07:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79895f9af278abbae1f2786ee4a482f30ede254f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cd:f7:c5:e3:58:75:e2:62:b4:74:ed:09:73:
5e:94:73:1a:f5:a6:71:7b:67:c0:0f:f3:51:87:c1:
ca:be:1c:45:69:89:ae:11:4d:07:c5:cb:e9:b2:ad:
1e:4c:56:87:5a:78:b9:69:1b:b0:f6:48:06:df:a8:
8b:72:d6:9c:2a:45:9a:a3:c0:4b:60:d7:ed:03:52:
2e:73:86:18:27:e6:b0:18:5c:b5:5e:5e:62:1b:13:
e2:80:85:9b:61:f4:11:f9:bc:cd:ca:89:c7:9e:c1:
1b:51:8e:7a:bb:85:d3:58:e0:3a:35:ed:2c:85:ec:
f7:7f:ff:c5:27:7e:49:c6:c0:e3:6c:c4:72:c9:02:
e7:2c:d1:96:b4:0c:fa:ea:d9:9e:c9:68:70:ed:00:
98:63:20:bc:ea:a1:32:d2:94:9c:f0:42:7a:82:dc:
38:b7:17:08:13:77:2c:e4:3a:55:27:fb:d6:a6:62:
81:67:b1:5e:79:67:2e:c4:1a:7e:3d:ae:11:25:8e:
22:a1:33:f8:db:e7:ab:79:4a:ce:ed:94:30:f6:ed:
38:b5:58:7e:b5:55:cd:b8:c7:a1:46:42:b7:fd:6d:
8e:ed:67:b7:35:fe:07:43:61:78:02:19:d3:02:73:
7b:9a:46:d3:85:02:37:20:fe:dd:2e:1b:bb:3a:0b:
36:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:89:5F:9A:F2:78:AB:BA:E1:F2:78:6E:E4:A4:82:F3:0E:DE:25:4F
X509v3 Authority Key Identifier:
keyid:6F:3D:89:A8:1F:C2:99:F3:9C:09:2E:4F:6D:01:73:A9:A9:CF:BC:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/eYlfmvJ4q7rh8nhu5KSC8w7eJU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/bz2JqB_CmfOcCS5PbQFzqanPvGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.32.0/21
149.232.244.0-149.232.251.255
156.67.56.0/23
185.47.232.0/22
185.159.32.0/22
217.70.160.0/20
IPv6:
2a02:1670::/32
Signature Algorithm: sha256WithRSAEncryption
ae:8e:61:f2:d7:0d:3a:c8:8d:16:6e:08:87:2f:09:7c:b0:89:
bb:af:dd:f8:1e:21:84:7e:9e:58:84:d4:27:ec:25:5a:ab:7e:
9d:79:12:5a:37:2e:ac:e6:98:2a:43:9c:a3:ae:b9:01:2d:39:
2d:b3:bc:07:44:bb:79:cb:aa:c1:09:42:76:72:bf:fe:c7:86:
34:9f:94:e5:57:f0:97:e5:8f:a1:14:ab:f5:3e:9a:63:2d:fb:
29:ca:96:ed:12:a0:fc:12:28:03:6d:f3:20:7c:64:e5:86:3b:
4c:25:85:f2:f2:d2:c6:ee:fa:30:1d:52:e0:6e:4c:d6:74:15:
b5:0f:eb:39:72:15:6a:92:45:3a:90:3f:05:d7:a3:f4:29:76:
e7:17:f7:ba:b9:63:0d:67:29:a7:4b:7d:b2:a5:6b:3b:84:9f:
c1:07:c0:b2:ba:47:51:88:32:ca:b1:a0:4e:b5:38:c3:a1:d6:
f0:11:fd:fb:ef:50:46:f0:f4:78:31:2a:36:0f:f2:68:8d:65:
e6:a6:11:27:71:3b:e9:0c:f5:68:a2:76:ae:b1:5b:b5:af:ee:
82:d2:01:c7:88:1e:ab:67:a5:75:b3:1c:3b:58:6b:1b:b5:db:
e6:dc:5d:00:7e:8e:70:c5:11:ea:61:4f:ee:7f:02:7d:19:9f:
a5:88:5d:d9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEDVsbXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjNkODlhODFmYzI5OWYzOWMwOTJlNGY2ZDAxNzNhOWE5Y2ZiYzY1MB4XDTIyMDQw
NjA3MDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzk4OTVmOWFmMjc4
YWJiYWUxZjI3ODZlZTRhNDgyZjMwZWRlMjU0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJTN98XjWHXiYrR07QlzXpRzGvWmcXtnwA/zUYfByr4cRWmJ
rhFNB8XL6bKtHkxWh1p4uWkbsPZIBt+oi3LWnCpFmqPAS2DX7QNSLnOGGCfmsBhc
tV5eYhsT4oCFm2H0Efm8zcqJx57BG1GOeruF01jgOjXtLIXs93//xSd+ScbA42zE
cskC5yzRlrQM+urZnslocO0AmGMgvOqhMtKUnPBCeoLcOLcXCBN3LOQ6VSf71qZi
gWexXnlnLsQafj2uESWOIqEz+Nvnq3lKzu2UMPbtOLVYfrVVzbjHoUZCt/1tju1n
tzX+B0NheAIZ0wJze5pG04UCNyD+3S4buzoLNp0CAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBR5iV+a8niruuHyeG7kpILzDt4lTzAfBgNVHSMEGDAWgBRvPYmoH8KZ85wJ
Lk9tAXOpqc+8ZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J6MkpxQl9DbWZPY0NTNVBiUUZ6cWFuUHZHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvMDVlMGVlLWFlMDMtNDEyNC1iNjcwLTMwOWI3Yjk2MGQxNC8x
L2VZbGZtdko0cTdyaDhuaHU1S1NDOHc3ZUpVOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
MDVlMGVlLWFlMDMtNDEyNC1iNjcwLTMwOWI3Yjk2MGQxNC8xL2J6MkpxQl9DbWZP
Y0NTNVBiUUZ6cWFuUHZHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEAy4cIDAMAwQClej0AwQClej4AwQB
nEM4AwQCuS/oAwQCuZ8gAwQE2UagMA0EAgACMAcDBQAqAhZwMA0GCSqGSIb3DQEB
CwUAA4IBAQCujmHy1w06yI0WbgiHLwl8sIm7r934HiGEfp5YhNQn7CVaq36deRJa
Ny6s5pgqQ5yjrrkBLTkts7wHRLt5y6rBCUJ2cr/+x4Y0n5TlV/CX5Y+hFKv1Pppj
LfspypbtEqD8EigDbfMgfGTlhjtMJYXy8tLG7vowHVLgbkzWdBW1D+s5chVqkkU6
kD8F16P0KXbnF/e6uWMNZymnS32ypWs7hJ/BB8CyukdRiDLKsaBOtTjDodbwEf37
71BG8PR4MSo2D/JojWXmphEncTvpDPVoonausVu1r+6C0gHHiB6rZ6V1sxw7WGsb
tdvm3F0Afo5wxRHqYU/ufwJ9GZ+liF3Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:28 2024 by rpki-client on console-ams.rpki-client.org