Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/erv2s3FmBknMGIvE16tOTcZZxG0.roa
File: erv2s3FmBknMGIvE16tOTcZZxG0.roa (raw, json)
Hash identifier: CoS7wXyRic1gJoeaPfQ6zgNfzABWzLDzT8KDb+eKy/I=
Subject key identifier: 7A:BB:F6:B3:71:66:06:49:CC:18:8B:C4:D7:AB:4E:4D:C6:59:C4:6D
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 0189F7D04270D3EF6F9089AA52E3A1E2E3DA
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/erv2s3FmBknMGIvE16tOTcZZxG0.roa
Signing time: Tue 15 Aug 2023 06:09:28 +0000
ROA not before: Tue 15 Aug 2023 06:09:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59613
IP address blocks: 195.234.112.0/24 maxlen: 24
195.234.115.0/24 maxlen: 24
195.234.114.0/24 maxlen: 24
195.234.113.0/24 maxlen: 24
185.158.208.0/24 maxlen: 24
185.158.211.0/24 maxlen: 24
185.158.210.0/24 maxlen: 24
185.158.209.0/24 maxlen: 24
2a02:2278:ff00::/40 maxlen: 40
2a02:2278:fffb::/48 maxlen: 48
2a02:2278:fffe::/48 maxlen: 48
2a02:2278:ffff::/48 maxlen: 48
2a02:2278:fffd::/48 maxlen: 48
2a02:2278:fffc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f7:d0:42:70:d3:ef:6f:90:89:aa:52:e3:a1:e2:e3:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Aug 15 06:09:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7abbf6b371660649cc188bc4d7ab4e4dc659c46d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:6c:72:6a:ee:a0:9e:e3:ad:4b:0f:1a:89:ba:
c7:d6:67:c0:83:61:9c:74:e0:74:19:0b:98:43:74:
9e:fb:48:6e:85:d8:9c:4b:ee:cf:41:b2:75:f6:b5:
4e:0e:ab:01:49:ca:7a:19:c6:66:15:e3:01:3e:3c:
45:25:22:30:47:23:85:50:1b:bd:07:f8:d9:87:b9:
65:58:c5:c5:41:10:68:fc:34:90:d4:93:c3:bf:4d:
20:81:2c:16:68:8b:f3:96:f1:88:83:56:fd:f3:c8:
18:15:0d:a1:14:a9:9c:a9:14:73:c7:20:1b:e6:97:
56:d9:96:5a:e5:28:62:92:31:44:25:8e:f2:89:38:
c8:82:25:ce:6c:5f:bb:1d:49:3c:34:f8:0c:73:5a:
4b:e4:44:f6:8b:f0:9f:63:51:2a:43:fc:7a:55:37:
38:d7:ef:7d:b6:1d:9d:11:82:cc:93:c7:a0:ed:56:
77:af:b4:bf:8e:c3:1c:ae:8f:3f:a7:31:65:a0:2f:
21:a5:73:46:be:95:30:94:9c:ab:cb:f7:69:b2:4b:
56:3c:4e:47:21:e8:3a:63:44:ce:01:f9:de:af:0c:
96:27:aa:52:7f:a8:d2:77:a4:30:1e:34:ce:17:cf:
82:56:70:af:fb:21:5c:b3:08:9b:69:22:0a:66:00:
54:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BB:F6:B3:71:66:06:49:CC:18:8B:C4:D7:AB:4E:4D:C6:59:C4:6D
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/erv2s3FmBknMGIvE16tOTcZZxG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.208.0/22
195.234.112.0/22
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
ad:63:66:dc:71:57:e3:61:8b:c2:ee:66:11:33:96:69:68:da:
01:47:ff:a5:f8:3b:73:ee:0d:d9:17:21:81:08:7b:4a:d8:22:
87:57:ff:f3:44:7b:fc:d3:1e:b2:8a:81:6e:3c:39:eb:84:74:
68:a3:01:a0:11:d8:fd:2a:0e:38:f9:d8:b8:21:1f:be:77:a2:
f5:ba:b2:37:cb:ad:ef:df:03:49:25:5a:46:57:aa:65:0d:f6:
25:31:1d:62:1a:5e:e6:b0:90:a3:4d:74:5b:a1:66:3f:01:ae:
57:dd:10:fd:b7:05:77:17:7e:fd:08:90:09:63:23:de:d0:00:
6a:0f:e5:ea:d5:54:31:2f:45:19:05:6b:2a:5f:13:a5:b0:c9:
5e:7c:06:84:69:84:31:be:a7:9b:18:85:21:7c:e7:1b:1d:91:
29:ef:d8:a7:24:27:63:ac:17:f8:3a:27:c2:8a:0a:0e:c9:24:
90:de:e2:10:c3:62:c7:1f:3d:c7:9c:e1:d8:a3:2c:5a:aa:0e:
b5:dd:72:e3:8a:92:6b:a1:6b:b6:09:98:2d:2f:47:cd:d3:b3:
2a:d5:82:c2:ca:0b:f8:3d:00:54:91:0d:d2:a6:32:5d:bc:e2:
0a:c0:04:01:c7:5a:93:10:47:bb:20:1c:3c:c5:f0:da:10:f2:
36:e8:a9:12
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYn30EJw0+9vkImqUuOh4uPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwODE1MDYwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJiZjZiMzcxNjYwNjQ5Y2MxODhiYzRkN2FiNGU0ZGM2NTljNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72xyau6gnuOtSw8aibrH1mfAg2Gc
dOB0GQuYQ3Se+0huhdicS+7PQbJ19rVODqsBScp6GcZmFeMBPjxFJSIwRyOFUBu9
B/jZh7llWMXFQRBo/DSQ1JPDv00ggSwWaIvzlvGIg1b988gYFQ2hFKmcqRRzxyAb
5pdW2ZZa5ShikjFEJY7yiTjIgiXObF+7HUk8NPgMc1pL5ET2i/CfY1EqQ/x6VTc4
1+99th2dEYLMk8eg7VZ3r7S/jsMcro8/pzFloC8hpXNGvpUwlJyry/dpsktWPE5H
Ieg6Y0TOAfnerwyWJ6pSf6jSd6QwHjTOF8+CVnCv+yFcswibaSIKZgBURwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHq79rNxZgZJzBiLxNerTk3GWcRtMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvZXJ2MnMzRm1Ca25NR0l2RTE2dE9UY1paeEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuZ7QAwQC
w+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOCAQEArWNm3HFX42GL
wu5mETOWaWjaAUf/pfg7c+4N2RchgQh7Stgih1f/80R7/NMesoqBbjw564R0aKMB
oBHY/SoOOPnYuCEfvnei9bqyN8ut798DSSVaRleqZQ32JTEdYhpe5rCQo010W6Fm
PwGuV90Q/bcFdxd+/QiQCWMj3tAAag/l6tVUMS9FGQVrKl8TpbDJXnwGhGmEMb6n
mxiFIXznGx2RKe/YpyQnY6wX+DonwooKDskkkN7iEMNixx89x5zh2KMsWqoOtd1y
44qSa6FrtgmYLS9HzdOzKtWCwsoL+D0AVJEN0qYyXbziCsAEAcdakxBHuyAcPMXw
2hDyNuipEg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:35 2025 by rpki-client