Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/EODQwUZz-3argb799iZ4Bqwukxo.roa
File: EODQwUZz-3argb799iZ4Bqwukxo.roa (raw, json)
Hash identifier: jFsF9RF0YCtH/Ow9v4U9Lt63v2Ti6Q0LWIJRRWeJe2c=
Subject key identifier: 10:E0:D0:C1:46:73:FB:76:AB:81:BE:FD:F6:26:78:06:AC:2E:93:1A
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01832254C10FE4C8C52756E804FAFE278BE7
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/EODQwUZz-3argb799iZ4Bqwukxo.roa
Signing time: Fri 09 Sep 2022 12:58:43 +0000
ROA not before: Fri 09 Sep 2022 12:58:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42423
IP address blocks: 193.168.184.0/23 maxlen: 24
193.168.187.0/24 maxlen: 24
194.1.167.0/24 maxlen: 24
193.36.162.0/23 maxlen: 24
2a09:1400::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:54:c1:0f:e4:c8:c5:27:56:e8:04:fa:fe:27:8b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Sep 9 12:58:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10e0d0c14673fb76ab81befdf6267806ac2e931a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bd:4e:3d:83:00:64:55:bb:5e:1b:f1:47:d4:
3e:c0:13:27:12:2e:c6:c5:2e:30:f0:a5:5b:30:15:
bb:f1:94:78:a0:78:69:2f:5b:09:46:a2:fe:6e:31:
48:37:83:87:13:ed:24:5d:8e:df:3a:e7:b8:95:71:
0d:04:8c:ed:7c:96:8a:4b:b5:63:88:6d:d0:c0:96:
e8:54:e5:a8:36:3c:f1:ce:69:46:2b:0d:34:9e:72:
9a:b1:90:47:8d:38:bd:05:9a:0c:61:88:f4:62:87:
a2:7e:8a:33:e7:ac:bf:18:7c:c9:67:a0:05:43:bc:
22:57:6a:4c:68:ea:0c:99:33:a9:8a:c3:b4:b4:42:
e5:57:95:17:d6:d6:22:11:58:73:c4:d9:d8:69:a2:
24:b2:c1:fb:08:49:c5:e0:6c:e4:b2:64:2c:a9:8d:
3a:cf:58:72:0e:d4:1c:41:a4:d4:f3:7b:4f:a4:f0:
e8:d1:27:3a:7a:68:18:b4:88:83:95:6d:3a:5f:c3:
eb:3a:43:06:40:33:e7:cb:19:51:0f:ab:97:04:85:
3f:13:09:22:87:a3:38:ad:86:2a:37:93:ae:e8:fb:
dc:09:31:d4:ef:75:7a:f7:16:31:04:0d:ea:0f:38:
e2:88:b0:76:6c:6e:4a:01:f2:71:9c:7c:58:ed:54:
54:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:E0:D0:C1:46:73:FB:76:AB:81:BE:FD:F6:26:78:06:AC:2E:93:1A
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/EODQwUZz-3argb799iZ4Bqwukxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.162.0/23
193.168.184.0/23
193.168.187.0/24
194.1.167.0/24
IPv6:
2a09:1400::/30
Signature Algorithm: sha256WithRSAEncryption
1f:e0:32:fb:c7:28:18:4f:58:c9:a8:34:15:8d:1f:06:5c:03:
6c:e7:67:68:48:31:c2:00:52:c3:ab:2b:2f:a0:ed:50:8b:e1:
74:bd:69:9b:ac:54:05:06:4c:bf:8b:de:98:ce:c0:93:dd:87:
b8:2d:cf:88:9a:7b:76:be:75:ad:91:98:b5:03:4f:40:ab:36:
ef:72:34:ee:c6:f0:7e:a6:38:35:c6:40:78:e3:1c:1e:c1:1b:
22:20:ff:97:6e:7a:5c:67:66:d1:19:55:ef:93:7a:59:40:4c:
3b:8f:7c:53:09:1e:01:68:12:72:c8:6b:dd:17:4a:99:7a:f9:
a3:b2:e6:3e:ff:80:7e:ee:d1:73:99:0b:7d:8f:49:d9:30:a9:
27:98:6b:99:c4:23:24:84:d5:24:ec:47:71:95:e0:be:5e:ca:
0e:89:a0:56:fb:05:ae:98:4b:18:5f:d7:f9:b8:d4:a4:3a:5e:
0c:40:e7:2c:30:1c:21:f0:46:64:ed:f1:22:5f:5b:a3:dc:e8:
44:77:f4:dd:12:ec:36:82:ed:20:27:64:f9:95:39:8f:b5:24:
11:04:6e:3b:a6:7e:23:1a:5a:5b:12:55:39:bf:a1:af:03:98:
fc:ce:86:3e:1b:19:de:9e:4c:31:1f:b9:6d:cd:ec:35:86:a1:
fb:f2:bf:24
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYMiVMEP5MjFJ1boBPr+J4vnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjIwOTA5MTI1ODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGUwZDBjMTQ2NzNmYjc2YWI4MWJlZmRmNjI2NzgwNmFjMmU5MzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo71OPYMAZFW7XhvxR9Q+wBMnEi7G
xS4w8KVbMBW78ZR4oHhpL1sJRqL+bjFIN4OHE+0kXY7fOue4lXENBIztfJaKS7Vj
iG3QwJboVOWoNjzxzmlGKw00nnKasZBHjTi9BZoMYYj0Yoeifooz56y/GHzJZ6AF
Q7wiV2pMaOoMmTOpisO0tELlV5UX1tYiEVhzxNnYaaIkssH7CEnF4GzksmQsqY06
z1hyDtQcQaTU83tPpPDo0Sc6emgYtIiDlW06X8PrOkMGQDPnyxlRD6uXBIU/Ewki
h6M4rYYqN5Ou6PvcCTHU73V69xYxBA3qDzjiiLB2bG5KAfJxnHxY7VRUZwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBDg0MFGc/t2q4G+/fYmeAasLpMaMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvRU9EUXdVWnotM2FyZ2I3OTlpWjRCcXd1a3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBwSSiAwQB
wai4AwQAwai7AwQAwgGnMA0EAgACMAcDBQIqCRQAMA0GCSqGSIb3DQEBCwUAA4IB
AQAf4DL7xygYT1jJqDQVjR8GXANs52doSDHCAFLDqysvoO1Qi+F0vWmbrFQFBky/
i96YzsCT3Ye4Lc+Imnt2vnWtkZi1A09AqzbvcjTuxvB+pjg1xkB44xwewRsiIP+X
bnpcZ2bRGVXvk3pZQEw7j3xTCR4BaBJyyGvdF0qZevmjsuY+/4B+7tFzmQt9j0nZ
MKknmGuZxCMkhNUk7EdxleC+XsoOiaBW+wWumEsYX9f5uNSkOl4MQOcsMBwh8EZk
7fEiX1uj3OhEd/TdEuw2gu0gJ2T5lTmPtSQRBG47pn4jGlpbElU5v6GvA5j8zoY+
GxnenkwxH7ltzew1hqH78r8k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:53 2024 by rpki-client on console-fra.rpki-client.org