Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/eOTMdzk5wX4wJqz75ZT8nWqque0.roa
File: eOTMdzk5wX4wJqz75ZT8nWqque0.roa (raw, json)
Hash identifier: iLxtTeF55WZ+Oj0ffqEaMbsQmu2lP48AJVQnkm7UzQg=
Subject key identifier: 78:E4:CC:77:39:39:C1:7E:30:26:AC:FB:E5:94:FC:9D:6A:AA:B9:ED
Certificate issuer: /CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Certificate serial: 0AFBC9A4
Authority key identifier: D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/eOTMdzk5wX4wJqz75ZT8nWqque0.roa
Signing time: Sat 01 Jan 2022 11:55:53 +0000
ROA not before: Sat 01 Jan 2022 11:55:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33835
IP address blocks: 217.169.240.0/20 maxlen: 20
217.169.246.0/23 maxlen: 23
92.42.216.0/21 maxlen: 21
130.185.168.0/22 maxlen: 22
130.185.170.0/24 maxlen: 24
2a02:2440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184273316 (0xafbc9a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Validity
Not Before: Jan 1 11:55:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78e4cc773939c17e3026acfbe594fc9d6aaab9ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0f:25:4d:dd:1c:04:59:1a:d9:b6:b2:75:b7:
29:28:fa:b9:b2:27:df:85:41:06:cb:72:91:5e:3d:
eb:07:a3:21:64:c8:d3:cd:dc:21:2f:83:04:8d:e4:
04:99:94:53:79:25:25:00:a2:2d:0f:c7:4e:45:b5:
f3:29:aa:9f:a3:98:ef:df:e9:be:d8:6b:0d:02:a5:
13:22:2a:ff:4a:c1:3c:2e:3e:f9:18:a2:01:d4:31:
ea:ca:0f:c0:46:94:67:85:8b:90:3d:4a:c4:84:0a:
e3:41:ab:6c:4e:52:e3:6e:b2:d2:d9:df:ae:a8:9a:
80:23:e7:72:42:22:bf:26:a3:ba:4c:ba:00:47:c3:
15:9a:84:59:43:a7:f5:20:bb:2e:8a:f5:b7:78:ce:
45:2d:2d:2e:e1:85:59:26:c9:0e:7e:78:2b:ac:19:
41:01:32:17:a6:3a:03:af:17:4d:e9:48:0e:e7:97:
8c:cb:30:eb:fb:40:75:b6:59:24:59:7e:2f:00:9f:
21:53:86:14:41:1e:dc:fd:24:19:64:96:ac:75:02:
1f:91:8d:ca:d9:2a:9d:18:07:7c:1b:27:62:8f:a9:
10:20:04:32:ad:ac:b5:29:ac:b1:0a:9a:72:4b:c3:
5f:e1:7d:b1:af:20:e3:88:ac:1c:4d:dc:32:13:e1:
b2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E4:CC:77:39:39:C1:7E:30:26:AC:FB:E5:94:FC:9D:6A:AA:B9:ED
X509v3 Authority Key Identifier:
keyid:D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/eOTMdzk5wX4wJqz75ZT8nWqque0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.216.0/21
130.185.168.0/22
217.169.240.0/20
IPv6:
2a02:2440::/32
Signature Algorithm: sha256WithRSAEncryption
1d:8e:60:90:a9:44:89:61:0f:7f:6d:52:d2:fd:11:c0:49:06:
4a:c7:1c:cb:76:a1:6c:fe:61:05:be:18:c0:c8:e9:3f:98:12:
ba:b3:b7:e7:c5:16:75:58:b7:85:55:77:e2:6c:b5:88:06:8c:
5e:ff:f9:ea:81:da:39:77:bf:fa:b0:ff:13:12:8f:d0:23:2b:
84:c1:39:6d:1d:90:01:24:7c:c6:62:8a:9f:c2:27:0f:b5:ea:
56:f2:c3:8c:95:84:a5:7e:74:65:5b:61:6c:bb:7e:5e:74:4a:
11:66:5f:e0:91:72:45:5d:78:bc:8c:c6:a1:b7:ef:ce:41:94:
a2:73:d7:eb:01:60:ef:b4:c5:a5:01:c9:b0:33:46:be:d7:4f:
bb:a7:36:c1:35:4c:40:83:bb:65:db:2c:a4:26:b3:77:d2:95:
14:d4:51:7b:12:cc:61:7c:fc:4b:f0:c9:42:b6:c4:15:2a:73:
ff:e6:4f:f8:f1:9f:0c:de:cc:50:86:f6:76:a7:7d:62:af:a2:
da:8e:2a:61:3c:ae:cd:45:e9:0a:94:51:3e:73:ea:33:af:bd:
a0:cc:82:f3:99:0f:ba:e0:0b:3d:e6:85:6c:84:14:58:90:ec:
8a:e3:95:5e:ef:12:35:5e:e0:fa:c1:26:40:d5:8a:1f:e0:cd:
3d:a7:04:11
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECvvJpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDg1NTVmOWE1MjcyN2Y2YmNmNzE1Y2I0NzUwYTJhNGE2YzM1MTYxMB4XDTIyMDEw
MTExNTU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzhlNGNjNzczOTM5
YzE3ZTMwMjZhY2ZiZTU5NGZjOWQ2YWFhYjllZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQPJU3dHARZGtm2snW3KSj6ubIn34VBBstykV496wejIWTI
083cIS+DBI3kBJmUU3klJQCiLQ/HTkW18ymqn6OY79/pvthrDQKlEyIq/0rBPC4+
+RiiAdQx6soPwEaUZ4WLkD1KxIQK40GrbE5S426y0tnfrqiagCPnckIivyajuky6
AEfDFZqEWUOn9SC7Lor1t3jORS0tLuGFWSbJDn54K6wZQQEyF6Y6A68XTelIDueX
jMsw6/tAdbZZJFl+LwCfIVOGFEEe3P0kGWSWrHUCH5GNytkqnRgHfBsnYo+pECAE
Mq2stSmssQqackvDX+F9sa8g44isHE3cMhPhsr0CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBR45Mx3OTnBfjAmrPvllPydaqq57TAfBgNVHSMEGDAWgBTUhVX5pScn9rz3
FctHUKKkpsNRYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFJVlYtYVVuSl9hODl4WExSMUNpcEtiRFVXRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvZTQ1NTc3LTY1YjEtNGQ0My04NTNhLTAyYWJmODU3MmZjYi8x
L2VPVE1kems1d1g0d0pxejc1WlQ4bldxcXVlMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ZTQ1NTc3LTY1YjEtNGQ0My04NTNhLTAyYWJmODU3MmZjYi8xLzFJVlYtYVVuSl9h
ODl4WExSMUNpcEtiRFVXRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1wq2AMEAoK5qAMEBNmp8DANBAIA
AjAHAwUAKgIkQDANBgkqhkiG9w0BAQsFAAOCAQEAHY5gkKlEiWEPf21S0v0RwEkG
Ssccy3ahbP5hBb4YwMjpP5gSurO358UWdVi3hVV34my1iAaMXv/56oHaOXe/+rD/
ExKP0CMrhME5bR2QASR8xmKKn8InD7XqVvLDjJWEpX50ZVthbLt+XnRKEWZf4JFy
RV14vIzGobfvzkGUonPX6wFg77TFpQHJsDNGvtdPu6c2wTVMQIO7ZdsspCazd9KV
FNRRexLMYXz8S/DJQrbEFSpz/+ZP+PGfDN7MUIb2dqd9Yq+i2o4qYTyuzUXpCpRR
PnPqM6+9oMyC85kPuuALPeaFbIQUWJDsiuOVXu8SNV7g+sEmQNWKH+DNPacEEQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:57 2023 by rpki-client on console-ams.rpki-client.org