Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/eelkm6zlTy_uiQ6SPhISyMDNrY0.roa
File: eelkm6zlTy_uiQ6SPhISyMDNrY0.roa (raw, json)
Hash identifier: J1454yC5YDt+hDRdtcXfaXdd14ITx4Ns9MBUttpR04Y=
Subject key identifier: 79:E9:64:9B:AC:E5:4F:2F:EE:89:0E:92:3E:12:12:C8:C0:CD:AD:8D
Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Certificate serial: 018239E768E1BF8DB96D09D2A2C1E532A4CD
Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/eelkm6zlTy_uiQ6SPhISyMDNrY0.roa
Signing time: Tue 26 Jul 2022 09:47:23 +0000
ROA not before: Tue 26 Jul 2022 09:47:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200000
IP address blocks: 185.233.120.0/22 maxlen: 22
185.124.8.0/22 maxlen: 22
185.233.136.0/22 maxlen: 22
37.139.64.0/21 maxlen: 21
185.39.224.0/22 maxlen: 22
185.233.152.0/22 maxlen: 23
185.149.40.0/22 maxlen: 22
185.233.116.0/22 maxlen: 22
185.235.168.0/22 maxlen: 22
45.154.218.0/24 maxlen: 24
109.205.96.0/21 maxlen: 21
185.104.44.0/22 maxlen: 22
185.104.45.0/24 maxlen: 24
185.65.244.0/22 maxlen: 22
185.226.24.0/22 maxlen: 22
185.225.212.0/22 maxlen: 22
185.25.116.0/22 maxlen: 22
185.68.16.0/24 maxlen: 24
185.68.16.0/22 maxlen: 22
185.233.36.0/22 maxlen: 22
185.233.40.0/22 maxlen: 22
185.233.44.0/22 maxlen: 22
185.130.120.0/22 maxlen: 22
185.69.152.0/22 maxlen: 22
185.239.180.0/22 maxlen: 22
185.234.176.0/22 maxlen: 22
2a0c:c80::/29 maxlen: 29
2a0c:6080::/29 maxlen: 29
2a0c:684::/30 maxlen: 30
2a0c:d80::/29 maxlen: 29
2a0c:e80::/29 maxlen: 29
2a04:8000::/29 maxlen: 29
2a0d:6500::/29 maxlen: 29
2a0d:1100::/29 maxlen: 29
2a05:480::/29 maxlen: 29
2a0c:680::/29 maxlen: 29
2a0c:780::/29 maxlen: 29
2a00:7a60::/32 maxlen: 32
2a06:6440::/29 maxlen: 29
2a0c:681::/32 maxlen: 32
2a0c:682::/31 maxlen: 31
2a0c:a80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:39:e7:68:e1:bf:8d:b9:6d:09:d2:a2:c1:e5:32:a4:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Validity
Not Before: Jul 26 09:47:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79e9649bace54f2fee890e923e1212c8c0cdad8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5c:1a:2d:f8:50:c9:57:57:13:1c:d7:fb:8e:
7f:a1:2a:4d:83:51:66:72:1f:c6:eb:c2:86:0c:87:
85:98:85:e1:f6:83:9c:84:57:54:e1:36:8d:c6:e0:
96:6d:86:81:53:34:0f:b8:a0:d5:09:ff:e6:49:55:
ea:4a:b2:d9:d7:1c:69:57:1a:0a:36:38:53:08:c0:
03:ac:a5:07:e5:3c:cf:c3:8c:f6:92:56:10:ae:58:
e0:7e:04:97:00:f9:7f:1e:43:1c:c1:05:ff:37:d2:
bf:7d:24:0f:ae:9c:dd:68:9b:d4:1f:34:12:1a:07:
4a:27:a7:b7:4d:79:c8:28:a6:5f:7d:bd:9a:0a:40:
8f:39:91:bd:d7:92:55:93:80:7f:af:e4:74:ee:15:
13:85:0c:ca:34:04:3d:95:c3:b9:47:40:76:bd:5a:
84:5b:2c:e7:9d:07:da:43:d8:f6:c0:6b:49:08:e7:
ce:11:42:04:66:cf:41:cb:d5:42:b4:33:6e:c8:94:
bc:cc:dd:8e:d8:75:6e:c4:31:f2:34:68:2f:b4:29:
35:66:8e:25:64:55:0e:80:d1:8a:b8:3b:5a:b3:d0:
58:9b:c3:43:8d:4d:95:db:6a:4f:da:10:0e:1d:cd:
f7:cb:56:20:7b:ec:c0:51:86:43:40:41:c0:6f:30:
a5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E9:64:9B:AC:E5:4F:2F:EE:89:0E:92:3E:12:12:C8:C0:CD:AD:8D
X509v3 Authority Key Identifier:
keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/eelkm6zlTy_uiQ6SPhISyMDNrY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.64.0/21
45.154.218.0/24
109.205.96.0/21
185.25.116.0/22
185.39.224.0/22
185.65.244.0/22
185.68.16.0/22
185.69.152.0/22
185.104.44.0/22
185.124.8.0/22
185.130.120.0/22
185.149.40.0/22
185.225.212.0/22
185.226.24.0/22
185.233.36.0-185.233.47.255
185.233.116.0-185.233.123.255
185.233.136.0/22
185.233.152.0/22
185.234.176.0/22
185.235.168.0/22
185.239.180.0/22
IPv6:
2a00:7a60::/32
2a04:8000::/29
2a05:480::/29
2a06:6440::/29
2a0c:680::/29
2a0c:780::/29
2a0c:a80::/29
2a0c:c80::/29
2a0c:d80::/29
2a0c:e80::/29
2a0c:6080::/29
2a0d:1100::/29
2a0d:6500::/29
Signature Algorithm: sha256WithRSAEncryption
81:11:e9:ae:74:e8:37:82:24:44:e0:e6:bb:ab:8c:eb:55:bb:
57:af:8c:32:6d:c7:4d:70:da:e1:b1:c2:86:82:b7:80:e0:e1:
de:b4:08:f0:f2:a3:8e:12:df:0c:cf:c3:c6:3c:c6:78:d5:b8:
50:83:4a:05:5c:9d:d7:5e:20:38:30:5e:0d:06:be:8a:ab:ee:
8b:53:ee:a6:8c:8e:14:4a:66:54:cb:79:74:98:02:eb:63:5a:
73:03:a6:11:c2:57:03:58:b0:84:3e:26:84:a5:e3:c6:7a:f0:
d8:89:6b:a0:54:e4:13:bb:f1:93:0f:66:43:ac:1a:39:0e:af:
a4:ca:0a:6b:e7:ec:df:e1:c5:23:d1:dd:5f:83:7d:8f:3c:58:
b4:62:20:02:24:1f:dc:b7:c0:56:07:f5:32:a4:81:b8:1e:ce:
e3:4a:e1:cd:2f:54:a7:0a:fe:d5:46:c9:af:47:c2:b0:d1:03:
21:72:0f:d3:29:92:10:0b:85:96:5c:2d:ed:36:ee:98:42:f2:
4e:52:3f:98:57:49:1a:63:60:cb:65:9d:d5:b3:e8:32:93:71:
a8:c4:44:d2:c9:ac:87:5d:86:4b:f4:a8:a5:0f:c3:79:66:eb:
f1:d6:d9:ae:f2:e7:d4:f2:51:b5:e3:40:22:e0:48:b9:94:f1:
bf:ec:d0:39
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAYI552jhv425bQnSosHlMqTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGEwZTBiMWIyMWYwOTMzMzNjMDc0ODE0NWIxNjI4NDE4
Y2YyYjUwHhcNMjIwNzI2MDk0NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWU5NjQ5YmFjZTU0ZjJmZWU4OTBlOTIzZTEyMTJjOGMwY2RhZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1waLfhQyVdXExzX+45/oSpNg1Fm
ch/G68KGDIeFmIXh9oOchFdU4TaNxuCWbYaBUzQPuKDVCf/mSVXqSrLZ1xxpVxoK
NjhTCMADrKUH5TzPw4z2klYQrljgfgSXAPl/HkMcwQX/N9K/fSQPrpzdaJvUHzQS
GgdKJ6e3TXnIKKZffb2aCkCPOZG915JVk4B/r+R07hUThQzKNAQ9lcO5R0B2vVqE
WyznnQfaQ9j2wGtJCOfOEUIEZs9By9VCtDNuyJS8zN2O2HVuxDHyNGgvtCk1Zo4l
ZFUOgNGKuDtas9BYm8NDjU2V22pP2hAOHc33y1Yge+zAUYZDQEHAbzCliwIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFHnpZJus5U8v7okOkj4SEsjAza2NMB8GA1UdIwQY
MBaAFKyKDgsbIfCTMzwHSBRbFihBjPK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMt
ZGI4ZWZmMWIxMWEwLzEvZWVsa202emxUeV91aVE2U1BoSVN5TUROclkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMtZGI4ZWZmMWIxMWEw
LzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgZUEAgABMIGOAwQD
JYtAAwQALZraAwQDbc1gAwQCuRl0AwQCuSfgAwQCuUH0AwQCuUQQAwQCuUWYAwQC
uWgsAwQCuXwIAwQCuYJ4AwQCuZUoAwQCueHUAwQCueIYMAwDBAK56SQDBAS56SAw
DAMEArnpdAMEArnpeAMEArnpiAMEArnpmAMEArnqsAMEArnrqAMEArnvtDBhBAIA
AjBbAwUAKgB6YAMFAyoEgAADBQMqBQSAAwUDKgZkQAMFAyoMBoADBQMqDAeAAwUD
KgwKgAMFAyoMDIADBQMqDA2AAwUDKgwOgAMFAyoMYIADBQMqDREAAwUDKg1lADAN
BgkqhkiG9w0BAQsFAAOCAQEAgRHprnToN4IkRODmu6uM61W7V6+MMm3HTXDa4bHC
hoK3gODh3rQI8PKjjhLfDM/DxjzGeNW4UINKBVyd114gODBeDQa+iqvui1PupoyO
FEpmVMt5dJgC62NacwOmEcJXA1iwhD4mhKXjxnrw2IlroFTkE7vxkw9mQ6waOQ6v
pMoKa+fs3+HFI9HdX4N9jzxYtGIgAiQf3LfAVgf1MqSBuB7O40rhzS9Upwr+1UbJ
r0fCsNEDIXIP0ymSEAuFllwt7TbumELyTlI/mFdJGmNgy2Wd1bPoMpNxqMRE0sms
h12GS/SopQ/DeWbr8dbZrvLn1PJRteNAIuBIuZTxv+zQOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:07 2024 by rpki-client on console-ams.rpki-client.org