Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/ewIP_7yf0hDyMHOpK9rzUYy8S5A.roa
File: ewIP_7yf0hDyMHOpK9rzUYy8S5A.roa (raw, json)
Hash identifier: zz6b2xBARy/y2MbcvaQ6eaSeFYejofDsIBeiHJVb9g4=
Subject key identifier: 7B:02:0F:FF:BC:9F:D2:10:F2:30:73:A9:2B:DA:F3:51:8C:BC:4B:90
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 0184B487376B8E8B5AABFC55679499323394
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/ewIP_7yf0hDyMHOpK9rzUYy8S5A.roa
Signing time: Sat 26 Nov 2022 15:21:11 +0000
ROA not before: Sat 26 Nov 2022 15:21:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 185.242.84.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.228.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
2a09:7c44::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b4:87:37:6b:8e:8b:5a:ab:fc:55:67:94:99:32:33:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Nov 26 15:21:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b020fffbc9fd210f23073a92bdaf3518cbc4b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:15:01:3c:c4:46:3f:96:fd:09:1b:36:9d:d0:
c5:7d:39:82:6c:b8:0d:8f:2e:a0:14:e6:49:a7:f3:
e2:99:48:6c:db:bf:6d:c8:4b:2a:59:14:f1:2a:d8:
dd:bb:1e:f3:9d:6b:50:ab:61:ab:43:03:5d:d9:61:
29:37:5c:f6:1d:a7:ae:03:48:94:9a:1e:38:b7:ed:
1f:c5:db:be:d2:a8:83:51:31:0f:a0:84:94:3a:eb:
e8:8b:6d:3d:8b:f0:4b:9d:23:06:c9:fb:cb:6a:e3:
81:a1:4f:39:f2:59:13:34:cc:e8:cd:ef:e6:6b:d6:
1c:40:f4:78:7d:42:8a:18:ba:f4:01:ac:04:a9:27:
00:43:8d:de:e6:6f:1e:36:64:91:0c:be:b5:7f:bc:
3a:8a:99:a7:e9:8a:f0:a3:de:7a:02:e5:f7:9d:42:
9f:40:5b:d8:7c:d8:fd:80:32:0c:47:16:8d:91:e4:
f1:45:ae:78:f4:6d:ce:87:fe:5c:7b:d6:45:37:e0:
1a:3e:1d:d3:6b:d7:d7:93:f4:b2:9b:20:a6:23:c6:
27:10:b0:f4:26:3d:26:e4:37:8a:6d:57:b5:7c:f6:
75:56:71:22:4a:2e:d5:1d:03:be:be:b2:f1:71:2c:
c6:ad:70:3b:02:88:23:bb:64:fb:01:fe:8d:ea:9e:
10:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:02:0F:FF:BC:9F:D2:10:F2:30:73:A9:2B:DA:F3:51:8C:BC:4B:90
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/ewIP_7yf0hDyMHOpK9rzUYy8S5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
74.119.195.0/24
80.92.206.0/24
185.242.84.0/24
185.250.148.0/23
IPv6:
2a09:7c44::/32
Signature Algorithm: sha256WithRSAEncryption
54:c9:c6:33:6e:e8:af:71:3e:f7:da:c1:80:0a:ad:38:38:11:
4a:a7:73:46:87:83:fe:f1:d0:d5:2f:88:bd:22:04:1e:85:f7:
0e:1d:78:66:f2:df:16:5c:c7:ab:dc:d2:ae:f9:f7:55:dd:11:
2c:e0:0d:a5:c9:6f:12:1a:20:d0:e7:ec:ab:13:cc:45:4d:3e:
1c:32:2e:65:b7:36:ac:41:34:ce:68:84:8c:8d:e5:23:57:9c:
31:fe:31:50:13:83:6b:bd:a8:93:43:49:93:02:02:d5:07:5b:
a4:54:f7:fc:d6:da:9f:43:e4:d8:13:67:44:cb:78:eb:39:12:
4b:cb:5b:2a:7f:2d:8a:ef:17:dc:04:9f:63:d3:68:78:28:55:
5b:33:30:dd:7a:20:0a:d6:3c:66:1e:6a:d0:3e:11:7a:59:25:
52:e6:68:a0:f8:fd:9e:68:11:bd:b1:3b:7b:19:2c:cf:34:9d:
7f:d8:0c:27:0a:72:45:3c:50:95:24:aa:30:85:11:30:53:96:
5e:c2:2e:ce:f3:47:7f:10:7e:fd:17:35:f9:40:2b:45:87:9d:
11:55:46:b3:c3:8c:01:d7:2b:56:ab:74:4b:a5:cd:ae:4f:4f:
95:fc:2c:da:3b:45:82:1e:ba:15:08:35:d8:76:e6:c8:33:8d:
fb:b3:eb:fe
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYS0hzdrjotaq/xVZ5SZMjOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjIxMTI2MTUyMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjAyMGZmZmJjOWZkMjEwZjIzMDczYTkyYmRhZjM1MThjYmM0YjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxUBPMRGP5b9CRs2ndDFfTmCbLgN
jy6gFOZJp/PimUhs279tyEsqWRTxKtjdux7znWtQq2GrQwNd2WEpN1z2HaeuA0iU
mh44t+0fxdu+0qiDUTEPoISUOuvoi209i/BLnSMGyfvLauOBoU858lkTNMzoze/m
a9YcQPR4fUKKGLr0AawEqScAQ43e5m8eNmSRDL61f7w6ipmn6Yrwo956AuX3nUKf
QFvYfNj9gDIMRxaNkeTxRa549G3Oh/5ce9ZFN+AaPh3Ta9fXk/SymyCmI8YnELD0
Jj0m5DeKbVe1fPZ1VnEiSi7VHQO+vrLxcSzGrXA7Aogju2T7Af6N6p4QxwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHsCD/+8n9IQ8jBzqSva81GMvEuQMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvZXdJUF83eWYwaER5TUhPcEs5cnpVWXk4UzVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLUPkAwQA
SnfDAwQAUFzOAwQAufJUAwQBufqUMA0EAgACMAcDBQAqCXxEMA0GCSqGSIb3DQEB
CwUAA4IBAQBUycYzbuivcT732sGACq04OBFKp3NGh4P+8dDVL4i9IgQehfcOHXhm
8t8WXMer3NKu+fdV3REs4A2lyW8SGiDQ5+yrE8xFTT4cMi5ltzasQTTOaISMjeUj
V5wx/jFQE4NrvaiTQ0mTAgLVB1ukVPf81tqfQ+TYE2dEy3jrORJLy1sqfy2K7xfc
BJ9j02h4KFVbMzDdeiAK1jxmHmrQPhF6WSVS5mig+P2eaBG9sTt7GSzPNJ1/2Awn
CnJFPFCVJKowhREwU5Zewi7O80d/EH79FzX5QCtFh50RVUazw4wB1ytWq3RLpc2u
T0+V/CzaO0WCHroVCDXYdubIM437s+v+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:06 2023 by rpki-client on console-fra.rpki-client.org