Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/vS6eP9pA2-2H--gmZu2t7eC4RBo.roa
File: vS6eP9pA2-2H--gmZu2t7eC4RBo.roa (raw, json)
Hash identifier: 17rXMA4LLEuc4sXJQtNmeZIOlH+RxqxiSfS/rOOQAIY=
Subject key identifier: BD:2E:9E:3F:DA:40:DB:ED:87:FB:E8:26:66:ED:AD:ED:E0:B8:44:1A
Certificate issuer: /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial: 1B86B956
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/vS6eP9pA2-2H--gmZu2t7eC4RBo.roa
Signing time: Sat 01 Jan 2022 09:00:00 +0000
ROA not before: Sat 01 Jan 2022 09:00:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201019
IP address blocks: 188.33.128.0/17 maxlen: 17
5.173.224.0/19 maxlen: 19
5.173.224.0/20 maxlen: 20
188.33.64.0/18 maxlen: 18
185.89.184.0/22 maxlen: 22
5.173.240.0/20 maxlen: 20
188.33.0.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 461814102 (0x1b86b956)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Validity
Not Before: Jan 1 09:00:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd2e9e3fda40dbed87fbe82666edadede0b8441a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:91:74:12:37:ad:b3:e2:00:ba:22:73:38:1c:
6f:96:6f:f4:43:52:57:17:db:c1:3a:7a:bd:f9:4f:
2c:f8:87:97:fa:be:64:fc:51:bb:13:32:96:36:b6:
d4:e2:4e:fb:40:5f:bf:fe:84:3e:69:2d:88:05:88:
bd:34:b0:e1:41:fa:a0:17:c6:05:a1:e8:03:93:d8:
0c:9c:db:64:30:0f:11:28:12:61:7e:d9:92:0d:b7:
4e:00:cb:20:5b:5f:1d:2e:94:6d:9a:8f:5f:e6:0f:
6c:84:bb:a1:35:1c:06:c5:02:07:86:58:89:b8:fd:
ec:d1:52:ff:0e:19:87:76:55:e4:f7:f3:e7:d4:48:
d2:73:9b:56:35:dd:28:c8:c7:37:b4:6b:4a:ac:8c:
d3:23:17:9e:de:9a:d7:95:45:b9:00:e7:ce:7d:b4:
9c:45:fd:b7:10:be:1d:cb:a1:e3:f5:0e:2b:19:77:
6a:75:3a:a5:22:e4:e9:d9:db:4e:5d:a3:98:aa:e8:
25:26:e9:5c:37:c6:6f:e4:3f:b3:8c:0e:ff:8c:40:
b1:8b:1a:c6:61:44:e2:38:36:7b:28:b7:80:39:bc:
47:42:d0:4e:fa:36:f1:5c:54:55:64:87:bc:db:3f:
02:50:51:e2:e6:59:a3:9f:ef:fb:00:72:a5:19:b1:
c8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2E:9E:3F:DA:40:DB:ED:87:FB:E8:26:66:ED:AD:ED:E0:B8:44:1A
X509v3 Authority Key Identifier:
keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/vS6eP9pA2-2H--gmZu2t7eC4RBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.173.224.0/19
185.89.184.0/22
188.33.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:a8:d4:a2:50:9a:56:26:5a:b4:90:e4:64:94:98:16:3c:2a:
e4:70:e2:46:3d:02:c3:0d:92:26:fe:8c:ee:14:83:54:0e:24:
d5:be:96:ef:bd:2c:1d:a1:64:e7:23:dd:55:42:fe:83:64:e4:
d5:4d:a6:7c:27:9e:81:07:ff:2c:7d:cf:11:b7:a8:20:59:7a:
be:ef:4c:6a:15:e4:cf:2f:72:32:67:85:0f:18:64:a2:42:94:
17:d1:6b:b3:57:37:dd:97:6d:79:eb:23:c2:a9:68:fb:b3:49:
b5:c1:3f:fc:a3:3d:c6:dc:2a:00:0a:9f:70:fb:de:59:b5:77:
6d:11:81:66:c3:33:c8:5c:51:53:64:5f:9b:56:45:21:24:a8:
4c:32:a2:4f:bb:df:3a:9a:b5:eb:72:02:28:16:c6:55:6c:bd:
cd:7e:89:aa:f8:7e:56:eb:6a:14:fb:29:47:27:67:4a:4d:28:
18:a1:7e:a3:73:7d:c1:f4:1e:c3:da:5a:2d:dc:b6:45:e7:df:
5a:1a:aa:b6:12:6e:82:19:db:3d:ef:9b:ff:e2:bd:1c:bb:c8:
e1:90:ae:88:0c:27:9b:c1:f0:0f:d8:78:e4:f4:f2:ab:64:47:
4e:b4:56:d8:23:fa:48:b3:db:ef:ed:4a:ff:d5:e7:74:2b:0f:
a7:23:a1:2d
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIEG4a5VjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NjFjMDdjOTUxNDg4ZjA0Y2IzYjBmZDMzOGFmODRkNzdlNDZiZjUyMB4XDTIyMDEw
MTA5MDAwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQyZTllM2ZkYTQw
ZGJlZDg3ZmJlODI2NjZlZGFkZWRlMGI4NDQxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuRdBI3rbPiALoiczgcb5Zv9ENSVxfbwTp6vflPLPiHl/q+
ZPxRuxMylja21OJO+0Bfv/6EPmktiAWIvTSw4UH6oBfGBaHoA5PYDJzbZDAPESgS
YX7Zkg23TgDLIFtfHS6UbZqPX+YPbIS7oTUcBsUCB4ZYibj97NFS/w4Zh3ZV5Pfz
59RI0nObVjXdKMjHN7RrSqyM0yMXnt6a15VFuQDnzn20nEX9txC+Hcuh4/UOKxl3
anU6pSLk6dnbTl2jmKroJSbpXDfGb+Q/s4wO/4xAsYsaxmFE4jg2eyi3gDm8R0LQ
Tvo28VxUVWSHvNs/AlBR4uZZo5/v+wBypRmxyB8CAwEAAaOCAhQwggIQMB0GA1Ud
DgQWBBS9Lp4/2kDb7Yf76CZm7a3t4LhEGjAfBgNVHSMEGDAWgBTmHAfJUUiPBMs7
D9M4r4TXfka/UjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVod0h5VkZJandUTE93X1RPSy1FMTM1R3YxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvMmRiYTVjLTlhOTAtNDA1Mi1hMWViLTZhODQ3N2NiNmMyYS8x
L3ZTNmVQOXBBMi0ySC0tZ21adTJ0N2VDNFJCby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
MmRiYTVjLTlhOTAtNDA1Mi1hMWViLTZhODQ3N2NiNmMyYS8xLzVod0h5VkZJandU
TE93X1RPSy1FMTM1R3YxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAq
BggrBgEFBQcBBwEB/wQbMBkwFwQCAAEwEQMEBQWt4AMEArlZuAMDALwhMA0GCSqG
SIb3DQEBCwUAA4IBAQA0qNSiUJpWJlq0kORklJgWPCrkcOJGPQLDDZIm/ozuFINU
DiTVvpbvvSwdoWTnI91VQv6DZOTVTaZ8J56BB/8sfc8Rt6ggWXq+70xqFeTPL3Iy
Z4UPGGSiQpQX0WuzVzfdl2156yPCqWj7s0m1wT/8oz3G3CoACp9w+95ZtXdtEYFm
wzPIXFFTZF+bVkUhJKhMMqJPu986mrXrcgIoFsZVbL3Nfomq+H5W62oU+ylHJ2dK
TSgYoX6jc33B9B7D2lot3LZF599aGqq2Em6CGds975v/4r0cu8jhkK6IDCebwfAP
2Hjk9PKrZEdOtFbYI/pIs9vv7Ur/1ed0Kw+nI6Et
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:03 2024 by rpki-client on console-ams.rpki-client.org