Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/wR3B7bOIcXj0P2YOra2suO28um4.roa
File: wR3B7bOIcXj0P2YOra2suO28um4.roa (raw, json)
Hash identifier: T1ye6j6t3PKQr1D+rONF7lTHIicqRe+mQFWyTifVtpU=
Subject key identifier: C1:1D:C1:ED:B3:88:71:78:F4:3F:66:0E:AD:AD:AC:B8:ED:BC:BA:6E
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 08E9ADC9
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/wR3B7bOIcXj0P2YOra2suO28um4.roa
Signing time: Sat 01 Jan 2022 08:05:17 +0000
ROA not before: Sat 01 Jan 2022 08:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41313
IP address blocks: 185.40.164.0/22 maxlen: 24
46.35.160.0/19 maxlen: 24
185.18.228.0/22 maxlen: 24
212.21.128.0/19 maxlen: 24
151.252.192.0/20 maxlen: 24
79.110.120.0/21 maxlen: 24
95.158.128.0/18 maxlen: 24
2a00:e200::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149532105 (0x8e9adc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 08:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c11dc1edb3887178f43f660eadadacb8edbcba6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:27:b7:7b:84:32:12:82:15:1b:8a:23:4e:15:
f1:98:73:d8:7a:a7:79:4c:a8:0c:36:e4:44:12:73:
6e:25:f5:ac:5f:03:4d:d6:2b:44:b4:af:d6:24:10:
52:ec:d1:3e:fb:02:3b:ee:37:a2:c2:89:c7:1e:68:
5c:62:78:f7:92:4f:db:4a:ca:f4:28:a5:e7:14:e8:
f3:25:f1:a2:e8:ac:68:8f:0a:b9:2e:b7:04:a6:37:
5e:bd:26:3e:84:4d:57:11:e4:74:42:59:18:e6:01:
77:a2:fe:2b:35:c7:ef:e3:20:55:ee:3a:65:98:96:
3c:27:04:26:68:cb:80:77:20:4f:20:bf:9f:d7:8c:
eb:4e:6e:83:c0:79:a4:16:16:62:23:be:5e:53:df:
59:3e:6b:ef:46:fc:e8:97:5b:b7:f9:bc:33:ab:8d:
6b:31:1e:a9:1d:81:27:27:59:a9:4f:c2:6a:46:08:
1e:05:6f:4a:b6:0e:b6:bb:ab:8a:b1:bd:ec:de:d4:
aa:b5:5e:99:e7:71:d1:0b:a9:6b:b0:fd:71:62:7a:
44:3d:9e:7f:41:c4:8f:6b:a0:c5:59:50:38:d0:f3:
ae:92:76:65:ae:73:e7:d4:ce:57:c7:b3:94:28:aa:
8e:bd:82:24:6e:35:2e:fa:d7:c5:24:41:e9:4e:b5:
16:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:1D:C1:ED:B3:88:71:78:F4:3F:66:0E:AD:AD:AC:B8:ED:BC:BA:6E
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/wR3B7bOIcXj0P2YOra2suO28um4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.35.160.0/19
79.110.120.0/21
95.158.128.0/18
151.252.192.0/20
185.18.228.0/22
185.40.164.0/22
212.21.128.0/19
IPv6:
2a00:e200::/32
Signature Algorithm: sha256WithRSAEncryption
bf:68:98:43:6c:bb:80:ac:d0:5b:f9:e7:d6:b2:2a:3a:3f:06:
ca:c9:89:ac:bf:ef:28:9c:0e:be:51:76:76:02:3a:65:f8:e3:
51:1f:e7:6e:7e:7a:66:18:e8:e7:91:75:af:40:64:bd:04:5a:
25:ba:8e:d4:b8:1d:17:eb:76:e9:f5:24:a8:4f:a9:ff:17:aa:
84:19:19:c1:ce:0e:65:26:0e:c2:d3:51:89:54:2e:7a:20:07:
5c:69:0d:ba:53:ac:7c:6f:83:9b:bd:c8:66:0a:01:3d:2d:fa:
b1:38:19:2e:f9:3f:a3:26:9d:5d:64:02:79:09:49:bb:ec:0e:
c2:97:22:86:18:61:61:dd:b7:51:46:42:27:1a:1f:f3:a6:cc:
37:6c:52:9f:e8:bd:1b:1e:d8:b1:d8:ee:48:86:d5:a0:dc:05:
44:e0:e6:b7:36:05:8d:41:9d:54:de:ae:d4:fd:ab:df:d0:2b:
11:e9:f0:80:39:f6:6b:3b:ba:31:39:b1:2a:67:29:e3:6f:64:
6f:c3:61:df:1d:03:15:14:c2:b3:ac:0a:4d:5f:ba:f6:b3:bd:
6a:ba:b4:f1:8e:a5:66:64:df:8e:6e:96:1d:80:a3:45:48:c8:
61:52:26:b5:d7:f2:41:29:48:89:15:70:38:83:94:40:cb:51:
40:b1:31:e0
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIECOmtyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDEw
MTA4MDUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzExZGMxZWRiMzg4
NzE3OGY0M2Y2NjBlYWRhZGFjYjhlZGJjYmE2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAnt3uEMhKCFRuKI04V8Zhz2HqneUyoDDbkRBJzbiX1rF8D
TdYrRLSv1iQQUuzRPvsCO+43osKJxx5oXGJ495JP20rK9Cil5xTo8yXxouisaI8K
uS63BKY3Xr0mPoRNVxHkdEJZGOYBd6L+KzXH7+MgVe46ZZiWPCcEJmjLgHcgTyC/
n9eM605ug8B5pBYWYiO+XlPfWT5r70b86Jdbt/m8M6uNazEeqR2BJydZqU/CakYI
HgVvSrYOtrurirG97N7UqrVemedx0Qupa7D9cWJ6RD2ef0HEj2ugxVlQONDzrpJ2
Za5z59TOV8ezlCiqjr2CJG41LvrXxSRB6U61FqkCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTBHcHts4hxePQ/Zg6tray47by6bjAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L3dSM0I3Yk9JY1hqMFAyWU9yYTJzdU8yOHVtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBS4joAMEA09ueAMEBl+egAMEBJf8
wAMEArkS5AMEArkopAMEBdQVgDANBAIAAjAHAwUAKgDiADANBgkqhkiG9w0BAQsF
AAOCAQEAv2iYQ2y7gKzQW/nn1rIqOj8GysmJrL/vKJwOvlF2dgI6ZfjjUR/nbn56
Zhjo55F1r0BkvQRaJbqO1LgdF+t26fUkqE+p/xeqhBkZwc4OZSYOwtNRiVQueiAH
XGkNulOsfG+Dm73IZgoBPS36sTgZLvk/oyadXWQCeQlJu+wOwpcihhhhYd23UUZC
Jxof86bMN2xSn+i9Gx7YsdjuSIbVoNwFRODmtzYFjUGdVN6u1P2r39ArEenwgDn2
azu6MTmxKmcp429kb8Nh3x0DFRTCs6wKTV+69rO9arq08Y6lZmTfjm6WHYCjRUjI
YVImtdfyQSlIiRVwOIOUQMtRQLEx4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:35 2024 by rpki-client on console-ams.rpki-client.org