Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/EgcCAyJTx-1AiCZs56Vv_EJlhNg.roa
File: EgcCAyJTx-1AiCZs56Vv_EJlhNg.roa (raw, json)
Hash identifier: UWGQxc19Az/zdxjfvdl3T1ztajXmhO5PEEdUJ0gi4ck=
Subject key identifier: 12:07:02:03:22:53:C7:ED:40:88:26:6C:E7:A5:6F:FC:42:65:84:D8
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 01854A2ED7C29D94A9A6DE0CFEA90879B56B
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/EgcCAyJTx-1AiCZs56Vv_EJlhNg.roa
Signing time: Sun 25 Dec 2022 16:47:41 +0000
ROA not before: Sun 25 Dec 2022 16:47:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 2a06:e881:73ff::/48 maxlen: 48
2a06:e881:650f::/48 maxlen: 48
2a06:e881:9200::/45 maxlen: 48
2a06:e881:9300::/44 maxlen: 48
2a06:e881:9700::/44 maxlen: 44
2a06:e881:9600::/48 maxlen: 48
2a06:e881:9700::/48 maxlen: 48
2a06:e881:9701::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4a:2e:d7:c2:9d:94:a9:a6:de:0c:fe:a9:08:79:b5:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Dec 25 16:47:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=120702032253c7ed4088266ce7a56ffc426584d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a2:e9:2e:35:64:15:91:48:7e:a6:29:f5:38:
2a:54:43:1a:f7:3a:4b:d1:c8:78:7e:c7:4e:4d:5d:
68:62:28:30:63:af:34:26:61:01:1b:ff:91:55:d9:
10:d6:2b:fa:0a:16:d5:b7:07:05:c7:0a:ac:b7:1d:
95:87:41:b2:3c:bd:ad:cb:4b:9a:fe:28:e6:35:db:
82:01:e3:2d:e9:02:fc:1d:7b:c7:23:15:72:85:2a:
41:15:99:38:92:41:75:a2:3e:ed:b1:6e:65:2e:dc:
23:50:8b:cc:58:84:76:7f:7c:78:b6:c3:6e:e7:29:
19:89:5f:51:2f:e2:30:4f:cb:f1:22:47:ac:93:22:
e7:d1:72:3e:8b:fa:9b:05:64:53:cb:2e:50:17:ea:
9f:e9:23:fa:b2:09:36:24:76:7b:ba:12:09:76:77:
5f:10:30:84:45:68:50:b3:8d:63:1c:7b:1f:2b:2d:
b0:6a:17:a6:1c:f5:d2:c1:51:ac:09:02:80:2d:d5:
ef:b0:e7:82:9c:b4:1a:65:37:78:44:89:ce:9e:07:
42:f3:d2:25:56:08:d9:0c:2b:a3:5c:6a:c8:1a:b8:
0c:f1:9f:fe:8e:88:b5:11:fd:68:15:52:18:23:ad:
ab:c2:a8:23:c2:91:da:84:b1:ea:f1:a0:5b:6a:0b:
64:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:07:02:03:22:53:C7:ED:40:88:26:6C:E7:A5:6F:FC:42:65:84:D8
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/EgcCAyJTx-1AiCZs56Vv_EJlhNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:650f::/48
2a06:e881:73ff::/48
2a06:e881:9200::/45
2a06:e881:9300::/44
2a06:e881:9600::/48
2a06:e881:9700::/44
Signature Algorithm: sha256WithRSAEncryption
0f:a4:4a:3b:00:56:1a:67:23:50:b4:4e:44:aa:56:48:6e:0e:
ff:2e:14:9a:c3:18:1f:31:ea:c5:d1:2b:dc:e2:1b:a6:cf:c1:
39:98:df:0d:8f:67:42:9f:39:e4:c2:c7:65:c4:a8:ad:6e:17:
3d:5e:50:83:d4:c7:a6:a0:64:0a:e0:15:a0:ed:4e:71:10:a0:
f2:fb:91:82:2d:6b:77:ce:a3:78:d1:dc:5e:f7:cd:f6:e2:f3:
9d:49:fa:d1:ba:27:4f:38:94:a2:9f:b1:df:7c:e9:f3:74:a2:
92:8e:b2:08:2a:0c:e2:b5:5f:d2:75:4d:90:36:fb:9e:c8:8e:
e6:e8:15:11:c5:72:8a:bc:99:df:8e:c9:22:02:27:2f:13:68:
3b:90:4f:01:09:4f:a9:29:58:a0:3e:89:1a:35:a0:55:48:b8:
0a:7c:b8:9b:24:3a:a1:05:21:e0:7b:a1:5d:c1:c4:70:d2:0b:
bc:81:d3:81:24:c7:c3:96:7a:57:8d:f2:fb:75:54:3b:4c:96:
ac:88:a2:64:8f:d0:42:4f:19:3d:b8:5e:88:1e:a0:2d:40:b9:
65:8d:cc:7a:8b:9f:6b:78:35:3b:4e:a2:8c:44:d9:f8:04:05:
aa:4c:c1:86:27:2a:14:8b:ac:65:db:7c:c7:80:ab:1c:ad:cd:
6d:4f:19:3b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVKLtfCnZSppt4M/qkIebVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjIxMjI1MTY0NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjA3MDIwMzIyNTNjN2VkNDA4ODI2NmNlN2E1NmZmYzQyNjU4NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKLpLjVkFZFIfqYp9TgqVEMa9zpL
0ch4fsdOTV1oYigwY680JmEBG/+RVdkQ1iv6ChbVtwcFxwqstx2Vh0GyPL2ty0ua
/ijmNduCAeMt6QL8HXvHIxVyhSpBFZk4kkF1oj7tsW5lLtwjUIvMWIR2f3x4tsNu
5ykZiV9RL+IwT8vxIkeskyLn0XI+i/qbBWRTyy5QF+qf6SP6sgk2JHZ7uhIJdndf
EDCERWhQs41jHHsfKy2wahemHPXSwVGsCQKALdXvsOeCnLQaZTd4RInOngdC89Il
VgjZDCujXGrIGrgM8Z/+joi1Ef1oFVIYI62rwqgjwpHahLHq8aBbagtkOwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBIHAgMiU8ftQIgmbOelb/xCZYTYMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvRWdjQ0F5SlR4LTFBaUNaczU2VnZfRUpsaE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgbogWUP
AwcAKgbogXP/AwcDKgbogZIAAwcEKgbogZMAAwcAKgbogZYAAwcEKgbogZcAMA0G
CSqGSIb3DQEBCwUAA4IBAQAPpEo7AFYaZyNQtE5EqlZIbg7/LhSawxgfMerF0Svc
4humz8E5mN8Nj2dCnznkwsdlxKitbhc9XlCD1MemoGQK4BWg7U5xEKDy+5GCLWt3
zqN40dxe98324vOdSfrRuidPOJSin7HffOnzdKKSjrIIKgzitV/SdU2QNvueyI7m
6BURxXKKvJnfjskiAicvE2g7kE8BCU+pKVigPokaNaBVSLgKfLibJDqhBSHge6Fd
wcRw0gu8gdOBJMfDlnpXjfL7dVQ7TJasiKJkj9BCTxk9uF6IHqAtQLlljcx6i59r
eDU7TqKMRNn4BAWqTMGGJyoUi6xl23zHgKscrc1tTxk7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org