Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/QEB5ZYvnXyZilWLxbQbnAkJ0n94.roa
File: QEB5ZYvnXyZilWLxbQbnAkJ0n94.roa (raw, json)
Hash identifier: yEYHNhnonCcLtJ8bL7PRIUY63dczQRXN69gaU0lLJnQ=
Subject key identifier: 40:40:79:65:8B:E7:5F:26:62:95:62:F1:6D:06:E7:02:42:74:9F:DE
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 0FBB32E8
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/QEB5ZYvnXyZilWLxbQbnAkJ0n94.roa
Signing time: Wed 27 Apr 2022 07:29:43 +0000
ROA not before: Wed 27 Apr 2022 07:29:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12578
IP address blocks: 185.38.56.0/22 maxlen: 22
46.109.0.0/16 maxlen: 16
195.122.28.0/24 maxlen: 24
81.198.0.0/16 maxlen: 16
78.84.0.0/16 maxlen: 16
195.114.32.0/19 maxlen: 19
81.198.95.0/24 maxlen: 24
194.8.16.0/21 maxlen: 21
194.8.24.0/22 maxlen: 22
195.13.201.0/24 maxlen: 24
80.232.150.13/32 maxlen: 32
84.237.128.0/17 maxlen: 17
195.13.128.0/17 maxlen: 17
80.232.128.0/17 maxlen: 17
80.232.150.0/24 maxlen: 24
95.68.0.0/17 maxlen: 17
87.246.144.0/20 maxlen: 20
195.2.96.0/19 maxlen: 19
195.122.0.0/19 maxlen: 19
87.246.160.0/19 maxlen: 19
62.85.0.0/17 maxlen: 17
195.13.228.0/24 maxlen: 24
195.13.253.0/24 maxlen: 24
195.13.249.0/24 maxlen: 24
87.110.0.0/16 maxlen: 16
91.105.0.0/17 maxlen: 17
2a02:2330::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 263926504 (0xfbb32e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Apr 27 07:29:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=404079658be75f26629562f16d06e70242749fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:4a:9a:40:ef:0e:d4:9c:f7:ce:d2:c3:29:7e:
bb:6d:63:85:44:43:9f:79:b6:fc:71:2b:a6:50:85:
ce:80:d4:ac:20:68:3c:f0:f9:f6:93:14:2c:a2:fe:
e9:c8:3c:c5:72:0a:ea:06:3a:f5:5c:11:5b:d0:14:
05:84:6e:09:66:68:e2:55:c2:8f:40:1d:8d:5a:09:
7d:20:ed:cf:32:69:4b:e8:32:f8:4e:8e:1c:87:17:
0d:fa:0e:28:9e:3d:8d:f5:44:50:4e:4a:34:1a:24:
80:eb:eb:68:b2:49:d0:99:85:0e:3e:de:e1:62:75:
f9:33:c5:e3:47:4f:15:fc:12:b2:ed:2a:a5:d1:a7:
02:81:0b:66:13:61:f5:24:a6:f1:73:75:c6:c7:6c:
23:ab:10:97:48:40:56:60:23:85:15:09:c8:0e:31:
32:b9:09:3b:e3:a7:9c:24:bd:e0:e4:66:01:98:bf:
c0:b6:b9:74:dd:32:d5:2d:e9:28:91:82:6f:49:ea:
43:14:62:89:b4:22:f4:f4:c9:27:25:74:f4:02:11:
39:42:9f:01:79:95:f1:bb:65:11:b0:fc:48:98:2b:
17:da:55:60:73:f9:27:e3:61:0d:90:51:c3:3a:98:
58:64:d6:de:a5:0a:09:ed:95:1f:4a:93:1f:23:f6:
0d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:40:79:65:8B:E7:5F:26:62:95:62:F1:6D:06:E7:02:42:74:9F:DE
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/QEB5ZYvnXyZilWLxbQbnAkJ0n94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.109.0.0/16
62.85.0.0/17
78.84.0.0/16
80.232.128.0/17
81.198.0.0/16
84.237.128.0/17
87.110.0.0/16
87.246.144.0-87.246.191.255
91.105.0.0/17
95.68.0.0/17
185.38.56.0/22
194.8.16.0-194.8.27.255
195.2.96.0/19
195.13.128.0/17
195.114.32.0/19
195.122.0.0/19
IPv6:
2a02:2330::/29
Signature Algorithm: sha256WithRSAEncryption
26:16:33:9b:96:8c:58:0a:ce:9d:28:dc:1d:2c:05:f2:f4:32:
fb:40:61:8c:3a:57:b7:b6:9a:74:58:91:a6:9a:63:2e:51:76:
f0:e3:f6:2d:12:ca:5f:e1:55:84:60:c7:b6:37:f5:01:9e:11:
62:b6:d1:4f:28:cd:3a:40:8a:ca:7d:ee:07:97:a7:1c:16:5c:
b4:06:59:b3:7e:4e:90:54:2f:78:5d:34:a7:d4:86:cf:f5:4c:
b6:34:e8:5f:4f:6a:46:29:38:ae:08:d6:24:89:fc:56:b0:33:
04:9f:9e:30:a4:14:78:70:ad:71:56:be:f9:ca:c4:3d:67:36:
2c:b5:3b:2c:eb:9b:f6:71:28:26:05:c7:9a:e7:f7:5f:15:49:
55:85:e0:0c:28:88:1d:38:2c:a6:ff:36:5c:97:fb:0a:b2:ab:
63:aa:d2:cd:d4:7f:1c:11:84:db:92:50:fc:da:e6:c4:fb:4d:
d3:ac:14:53:72:5a:e6:9e:a9:2d:87:36:e2:af:1b:c2:2d:ee:
63:09:06:94:a7:7d:78:fd:53:e7:49:e8:e2:08:ac:ea:f5:c8:
9f:c5:8d:b1:15:14:82:b2:04:12:1f:62:a7:ae:e0:a5:a3:db:
4a:8d:55:92:74:95:61:6d:17:1e:8f:68:be:7a:1a:65:67:3e:
5b:12:57:92
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIED7sy6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
M2JlMDdjYjFmZDRmMWUzYzkyMjMwM2I2NzBhODgxYjgyZTYxNDkxMB4XDTIyMDQy
NzA3Mjk0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA0MDc5NjU4YmU3
NWYyNjYyOTU2MmYxNmQwNmU3MDI0Mjc0OWZkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPNKmkDvDtSc987Swyl+u21jhURDn3m2/HErplCFzoDUrCBo
PPD59pMULKL+6cg8xXIK6gY69VwRW9AUBYRuCWZo4lXCj0AdjVoJfSDtzzJpS+gy
+E6OHIcXDfoOKJ49jfVEUE5KNBokgOvraLJJ0JmFDj7e4WJ1+TPF40dPFfwSsu0q
pdGnAoELZhNh9SSm8XN1xsdsI6sQl0hAVmAjhRUJyA4xMrkJO+OnnCS94ORmAZi/
wLa5dN0y1S3pKJGCb0nqQxRiibQi9PTJJyV09AIROUKfAXmV8btlEbD8SJgrF9pV
YHP5J+NhDZBRwzqYWGTW3qUKCe2VH0qTHyP2Dd8CAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBRAQHlli+dfJmKVYvFtBucCQnSf3jAfBgNVHSMEGDAWgBTjvgfLH9Tx48ki
MDtnCogbguYUkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQ3NEh5eF9VOGVQSklqQTdad3FJRzRMbUZKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvOGY1ZmFlLWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8x
L1FFQjVaWXZuWHlaaWxXTHhiUWJuQWtKMG45NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
OGY1ZmFlLWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8xLzQ3NEh5eF9VOGVQ
SklqQTdad3FJRzRMbUZKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwcgQCAAEwbAMDAC5tAwQHPlUAAwMATlQDBAdQ
6IADAwBRxgMEB1TtgAMDAFduMAwDBARX9pADBAZX9oADBAdbaQADBAdfRAADBAK5
JjgwDAMEBMIIEAMEAsIIGAMEBcMCYAMEB8MNgAMEBcNyIAMEBcN6ADANBAIAAjAH
AwUDKgIjMDANBgkqhkiG9w0BAQsFAAOCAQEAJhYzm5aMWArOnSjcHSwF8vQy+0Bh
jDpXt7aadFiRpppjLlF28OP2LRLKX+FVhGDHtjf1AZ4RYrbRTyjNOkCKyn3uB5en
HBZctAZZs35OkFQveF00p9SGz/VMtjToX09qRik4rgjWJIn8VrAzBJ+eMKQUeHCt
cVa++crEPWc2LLU7LOub9nEoJgXHmuf3XxVJVYXgDCiIHTgspv82XJf7CrKrY6rS
zdR/HBGE25JQ/NrmxPtN06wUU3Ja5p6pLYc24q8bwi3uYwkGlKd9eP1T50no4gis
6vXIn8WNsRUUgrIEEh9ip67gpaPbSo1VknSVYW0XHo9ovnoaZWc+WxJXkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:29 2024 by rpki-client on console-fra.rpki-client.org