Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/eITNIMEb0ZAw4dQh5BZKiOfH67o.roa
File: eITNIMEb0ZAw4dQh5BZKiOfH67o.roa (raw, json)
Hash identifier: m4F5CwcTnFXs97nzp4NgTDALadDaIsMI59u00iTxuhI=
Subject key identifier: 78:84:CD:20:C1:1B:D1:90:30:E1:D4:21:E4:16:4A:88:E7:C7:EB:BA
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 02D2AE66
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/eITNIMEb0ZAw4dQh5BZKiOfH67o.roa
Signing time: Sat 01 Jan 2022 16:06:23 +0000
ROA not before: Sat 01 Jan 2022 16:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199653
IP address blocks: 94.177.232.0/21 maxlen: 24
94.177.240.0/22 maxlen: 24
89.38.148.0/22 maxlen: 24
89.40.112.0/22 maxlen: 24
89.36.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47361638 (0x2d2ae66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 16:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7884cd20c11bd19030e1d421e4164a88e7c7ebba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6e:85:ad:82:5a:58:6c:82:61:23:2c:cb:67:
b9:03:ad:e7:be:94:17:55:cc:08:87:d1:99:b3:fd:
78:5c:75:d6:08:34:43:ca:a7:79:98:42:3f:23:4d:
6d:ce:85:16:a3:fb:b9:04:fd:f3:aa:7e:1c:3a:0c:
46:ce:fa:65:18:0a:65:57:44:a8:cf:13:89:ad:16:
6a:5a:78:dd:c4:c0:96:7b:9c:31:e3:ce:08:b9:09:
5b:42:43:e4:5f:8e:60:74:4a:2b:9f:bc:e9:90:47:
92:42:bb:06:31:57:ef:e9:22:c7:d6:2f:e8:e5:c9:
1a:69:6e:22:d4:1d:07:cb:a2:50:f6:6b:d2:c3:82:
6e:c9:97:4b:ca:a4:1c:02:e5:d0:75:8c:81:eb:be:
41:a7:5f:2c:82:b2:08:55:f1:7e:7a:72:fd:9a:74:
ac:54:c1:2a:26:83:18:86:3a:5d:13:95:02:c4:ee:
06:18:f4:de:3b:5a:11:63:fc:5e:aa:2f:7c:f5:58:
1e:b4:2f:ab:44:0c:8b:12:37:53:a3:10:a2:d7:ab:
4f:95:45:3a:2b:06:dc:c7:a5:57:ae:3c:0c:9e:b6:
c3:6d:bd:01:45:ce:bb:75:ee:67:25:d7:36:2b:6e:
86:d0:3c:1c:e1:82:7a:9c:43:df:98:e3:b1:36:b9:
73:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:84:CD:20:C1:1B:D1:90:30:E1:D4:21:E4:16:4A:88:E7:C7:EB:BA
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/eITNIMEb0ZAw4dQh5BZKiOfH67o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.212.0/22
89.38.148.0/22
89.40.112.0/22
94.177.232.0-94.177.243.255
Signature Algorithm: sha256WithRSAEncryption
35:ba:28:a0:19:66:aa:be:8a:a6:16:8a:6c:9a:78:b1:13:5e:
98:47:b4:60:4c:34:ea:c6:16:ca:8e:2f:76:70:01:f9:d3:40:
48:2c:1e:43:82:10:c5:a8:5e:79:d7:06:9e:7f:48:32:e2:64:
de:60:e9:be:e0:0c:30:18:9b:f6:18:6e:8d:37:12:1f:3a:b9:
b1:86:24:97:22:13:cd:da:ae:2d:94:16:bc:75:78:88:42:c0:
51:ed:c1:b6:3d:24:fa:16:00:0c:8b:c0:94:5a:2a:39:d1:84:
b1:b0:a1:ce:1f:d6:45:21:c5:36:6f:ff:dc:dc:f9:c0:36:fc:
e1:e5:a0:64:60:07:34:e4:28:8b:d8:79:02:c5:76:72:f3:a1:
d7:c4:dc:f7:0f:21:d9:02:5c:20:43:eb:3c:b3:9b:81:84:aa:
cd:52:0e:57:2d:a8:bb:19:7e:f8:a6:97:7a:19:7d:e3:73:65:
91:0e:bb:fa:ec:3e:f2:72:02:e9:0a:ba:1d:ea:aa:b5:1f:bb:
36:26:b2:aa:e7:2b:f0:91:2e:67:8f:bf:1d:4d:2d:cf:7e:1d:
39:c2:bf:35:04:42:8f:aa:a3:69:18:f6:c8:a7:6a:dd:64:83:
9e:00:66:6b:ff:a2:c0:4a:4f:27:dc:ad:e2:bb:7e:2e:18:0c:
ff:88:72:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEAtKuZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NiNWNlY2MyMTNiOWY4NmRiYmE1MTg1MjFlODU0NmVjOTM4NjFjMB4XDTIyMDEw
MTE2MDYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg4NGNkMjBjMTFi
ZDE5MDMwZTFkNDIxZTQxNjRhODhlN2M3ZWJiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOxuha2CWlhsgmEjLMtnuQOt576UF1XMCIfRmbP9eFx11gg0
Q8qneZhCPyNNbc6FFqP7uQT986p+HDoMRs76ZRgKZVdEqM8Tia0Walp43cTAlnuc
MePOCLkJW0JD5F+OYHRKK5+86ZBHkkK7BjFX7+kix9Yv6OXJGmluItQdB8uiUPZr
0sOCbsmXS8qkHALl0HWMgeu+QadfLIKyCFXxfnpy/Zp0rFTBKiaDGIY6XROVAsTu
Bhj03jtaEWP8XqovfPVYHrQvq0QMixI3U6MQoterT5VFOisG3MelV648DJ62w229
AUXOu3XuZyXXNituhtA8HOGCepxD35jjsTa5cwMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBR4hM0gwRvRkDDh1CHkFkqI58frujAfBgNVHSMEGDAWgBTTy1zswhO5+G27
pRhSHoVG7JOGHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4dGM3TUlUdWZodHU2VVlVaDZGUnV5VGhody5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZTExN2ZlLWM5ZTctNGQ0MS05NGRmLTg0MjY5NDEyZDU2MS8x
L2VJVE5JTUViMFpBdzRkUWg1QlpLaU9mSDY3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
ZTExN2ZlLWM5ZTctNGQ0MS05NGRmLTg0MjY5NDEyZDU2MS8xLzA4dGM3TUlUdWZo
dHU2VVlVaDZGUnV5VGhody5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAlkk1AMEAlkmlAMEAlkocDAMAwQD
XrHoAwQCXrHwMA0GCSqGSIb3DQEBCwUAA4IBAQA1uiigGWaqvoqmFopsmnixE16Y
R7RgTDTqxhbKji92cAH500BILB5DghDFqF551waef0gy4mTeYOm+4AwwGJv2GG6N
NxIfOrmxhiSXIhPN2q4tlBa8dXiIQsBR7cG2PST6FgAMi8CUWio50YSxsKHOH9ZF
IcU2b//c3PnANvzh5aBkYAc05CiL2HkCxXZy86HXxNz3DyHZAlwgQ+s8s5uBhKrN
Ug5XLai7GX74ppd6GX3jc2WRDrv67D7ycgLpCrod6qq1H7s2JrKq5yvwkS5nj78d
TS3Pfh05wr81BEKPqqNpGPbIp2rdZIOeAGZr/6LASk8n3K3iu34uGAz/iHLN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-ams.rpki-client.org