Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/1EWbBiwfPlKtuQWfvfpbi0tVaBY.roa
File: 1EWbBiwfPlKtuQWfvfpbi0tVaBY.roa (raw, json)
Hash identifier: g2TYhR22MNkTi7UkWOJBPRd/mZ0ZpxIjghaYr3sN/WY=
Subject key identifier: D4:45:9B:06:2C:1F:3E:52:AD:B9:05:9F:BD:FA:5B:8B:4B:55:68:16
Certificate issuer: /CN=707f7ee6ab9cf448f9949367fb7c0ede1073f97f
Certificate serial: 10391A85
Authority key identifier: 70:7F:7E:E6:AB:9C:F4:48:F9:94:93:67:FB:7C:0E:DE:10:73:F9:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cH9-5quc9Ej5lJNn-3wO3hBz-X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/1EWbBiwfPlKtuQWfvfpbi0tVaBY.roa
Signing time: Thu 30 Jun 2022 08:45:02 +0000
ROA not before: Thu 30 Jun 2022 08:45:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20810
IP address blocks: 80.69.192.0/20 maxlen: 20
149.249.32.0/20 maxlen: 20
188.74.0.0/19 maxlen: 20
188.74.0.0/20 maxlen: 20
45.158.172.0/22 maxlen: 22
188.74.16.0/20 maxlen: 20
185.158.180.0/22 maxlen: 22
212.102.118.0/24 maxlen: 24
2a03:7500::/32 maxlen: 32
2a03:7500::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 272177797 (0x10391a85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=707f7ee6ab9cf448f9949367fb7c0ede1073f97f
Validity
Not Before: Jun 30 08:45:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4459b062c1f3e52adb9059fbdfa5b8b4b556816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6e:9f:1a:2c:02:4f:d2:3e:bf:f7:81:c5:bd:
2b:04:63:55:27:bf:61:95:b5:80:c1:9e:e7:93:b8:
f2:84:4d:d8:8a:15:cc:9e:b4:3d:0e:97:b6:fe:16:
a8:e3:0a:ed:a9:f1:f6:23:48:cf:52:b9:03:ce:16:
e4:15:cb:0e:34:49:17:21:f5:68:f3:a0:e7:c7:0f:
7c:11:83:3c:f5:b7:13:e7:d2:90:12:24:86:54:5f:
92:7e:9f:ec:72:70:c3:d4:bd:88:ee:cd:56:55:e8:
1a:cc:5d:f0:c3:1c:b7:16:28:ef:37:56:a0:e2:c9:
08:94:f6:13:cc:1b:55:53:7e:a2:d0:74:86:18:3e:
f3:a7:02:41:73:eb:34:b1:5f:00:b1:bb:eb:e3:34:
4a:9e:17:f5:a5:b4:7f:2a:18:84:82:65:f0:81:0b:
b0:ad:b9:94:23:04:38:ff:98:20:6d:b7:69:fa:d9:
de:2e:a0:37:82:90:12:a9:0a:9b:c2:0f:4b:da:07:
c8:42:d4:dd:2c:4e:c2:6c:52:33:28:a6:c1:64:79:
7c:0a:15:19:bc:9f:e1:25:8e:94:cb:2c:7a:45:14:
74:09:7b:e9:98:92:b5:fb:dc:f0:5c:3e:6e:a1:7d:
7f:c1:f6:10:e8:43:c5:b0:14:45:f8:69:b2:60:62:
50:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:45:9B:06:2C:1F:3E:52:AD:B9:05:9F:BD:FA:5B:8B:4B:55:68:16
X509v3 Authority Key Identifier:
keyid:70:7F:7E:E6:AB:9C:F4:48:F9:94:93:67:FB:7C:0E:DE:10:73:F9:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cH9-5quc9Ej5lJNn-3wO3hBz-X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/1EWbBiwfPlKtuQWfvfpbi0tVaBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/cH9-5quc9Ej5lJNn-3wO3hBz-X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.172.0/22
80.69.192.0/20
149.249.32.0/20
185.158.180.0/22
188.74.0.0/19
212.102.118.0/24
IPv6:
2a03:7500::/29
Signature Algorithm: sha256WithRSAEncryption
66:91:45:ec:1e:a1:1e:1b:40:05:f8:f7:b9:7b:1a:b8:46:6d:
20:ac:f2:24:2b:48:28:49:c7:58:83:74:56:c1:33:54:a8:ab:
97:f9:94:7e:5c:82:da:bf:96:96:d3:0b:16:98:b8:57:56:90:
6a:a5:bb:fc:97:f4:17:06:f0:7d:e2:cc:bc:2b:ab:85:d9:ae:
41:3f:38:57:f6:eb:bb:3d:1a:2d:8c:77:65:88:4f:0d:a1:fe:
35:d9:50:8d:5c:b4:aa:a8:de:d5:f8:68:5b:7b:6a:bd:b7:d9:
73:59:c3:c8:23:9a:52:7f:55:f7:5d:77:6c:21:8e:8b:41:66:
fa:12:fa:c0:9b:d9:dc:d9:7b:54:ad:df:12:4c:72:24:0c:2b:
0b:26:b9:14:f0:52:4a:70:38:12:f4:1d:32:63:1b:77:8d:04:
cd:6f:b0:d6:b5:18:d1:4a:e6:49:31:80:7d:da:fe:61:8d:c2:
bd:03:36:b5:f6:e7:a6:e5:66:aa:90:1d:ec:ad:8d:80:56:54:
4b:c8:42:ff:bc:76:23:c4:98:be:21:f0:55:10:2a:b5:82:8c:
fa:13:4a:ad:88:fd:13:29:ed:04:c3:fc:3c:c4:09:c1:db:a5:
8e:8a:a3:dd:9c:2d:d9:11:1f:5c:33:ca:88:8c:14:48:ca:5b:
95:30:cf:91
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEEDkahTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDdmN2VlNmFiOWNmNDQ4Zjk5NDkzNjdmYjdjMGVkZTEwNzNmOTdmMB4XDTIyMDYz
MDA4NDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDQ0NTliMDYyYzFm
M2U1MmFkYjkwNTlmYmRmYTViOGI0YjU1NjgxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBunxosAk/SPr/3gcW9KwRjVSe/YZW1gMGe55O48oRN2IoV
zJ60PQ6Xtv4WqOMK7anx9iNIz1K5A84W5BXLDjRJFyH1aPOg58cPfBGDPPW3E+fS
kBIkhlRfkn6f7HJww9S9iO7NVlXoGsxd8MMctxYo7zdWoOLJCJT2E8wbVVN+otB0
hhg+86cCQXPrNLFfALG76+M0Sp4X9aW0fyoYhIJl8IELsK25lCMEOP+YIG23afrZ
3i6gN4KQEqkKm8IPS9oHyELU3SxOwmxSMyimwWR5fAoVGbyf4SWOlMssekUUdAl7
6ZiStfvc8Fw+bqF9f8H2EOhDxbAURfhpsmBiUO8CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTURZsGLB8+Uq25BZ+9+luLS1VoFjAfBgNVHSMEGDAWgBRwf37mq5z0SPmU
k2f7fA7eEHP5fzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NIOS01cXVjOUVqNWxKTm4tM3dPM2hCei1YOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTYvM2I0NWIzLTE4YTQtNDdmOC04MjY0LWY3MDhiYzcwZTZlZS8x
LzFFV2JCaXdmUGxLdHVRV2Z2ZnBiaTB0VmFCWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYv
M2I0NWIzLTE4YTQtNDdmOC04MjY0LWY3MDhiYzcwZTZlZS8xL2NIOS01cXVjOUVq
NWxKTm4tM3dPM2hCei1YOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAi2erAMEBFBFwAMEBJX5IAMEArme
tAMEBbxKAAMEANRmdjANBAIAAjAHAwUDKgN1ADANBgkqhkiG9w0BAQsFAAOCAQEA
ZpFF7B6hHhtABfj3uXsauEZtIKzyJCtIKEnHWIN0VsEzVKirl/mUflyC2r+WltML
Fpi4V1aQaqW7/Jf0FwbwfeLMvCurhdmuQT84V/bruz0aLYx3ZYhPDaH+NdlQjVy0
qqje1fhoW3tqvbfZc1nDyCOaUn9V9113bCGOi0Fm+hL6wJvZ3Nl7VK3fEkxyJAwr
Cya5FPBSSnA4EvQdMmMbd40EzW+w1rUY0UrmSTGAfdr+YY3CvQM2tfbnpuVmqpAd
7K2NgFZUS8hC/7x2I8SYviHwVRAqtYKM+hNKrYj9EyntBMP8PMQJwduljoqj3Zwt
2REfXDPKiIwUSMpblTDPkQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:27 2025 by rpki-client