Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/eCKFK7Lq1gaopmjWTqG9ojduyXU.roa
File: eCKFK7Lq1gaopmjWTqG9ojduyXU.roa (raw, json)
Hash identifier: 7/ZA4+VOECB26/fhmiL/jIaRC1sQa22GXsspp4mHrAo=
Subject key identifier: 78:22:85:2B:B2:EA:D6:06:A8:A6:68:D6:4E:A1:BD:A2:37:6E:C9:75
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 0B3ECFD0
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/eCKFK7Lq1gaopmjWTqG9ojduyXU.roa
Signing time: Sat 01 Jan 2022 08:59:16 +0000
ROA not before: Sat 01 Jan 2022 08:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56910
IP address blocks: 185.36.232.0/22 maxlen: 24
31.177.56.0/21 maxlen: 24
185.109.16.0/22 maxlen: 24
185.106.36.0/22 maxlen: 24
188.214.127.0/24 maxlen: 24
2a04:3e00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188665808 (0xb3ecfd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 1 08:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7822852bb2ead606a8a668d64ea1bda2376ec975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0d:ca:57:41:d5:e3:11:2b:11:e8:a9:3f:0f:
ba:6b:6b:14:ba:a6:ae:0d:ed:ad:f2:b1:52:fe:45:
bc:7f:77:3a:21:4c:73:61:4c:6f:a2:f8:fe:7a:44:
e2:74:d7:ab:88:bf:5e:0e:c8:7a:df:d0:06:c4:0a:
7f:c8:ec:3f:4a:9a:0d:3c:02:d1:f6:df:9f:33:cd:
f9:25:6c:3f:41:35:9e:63:60:c8:90:6c:45:6d:c7:
f4:d5:42:4d:43:19:cd:e6:d1:2e:d2:0b:a6:7f:64:
34:d3:3e:57:53:93:b0:34:7b:d1:5d:90:42:9c:e1:
fe:16:60:3d:82:c6:26:76:8c:bc:47:f4:7b:05:7f:
21:db:eb:cd:0c:c6:7c:ac:fa:a0:ac:41:50:32:19:
bc:1f:8c:d2:df:f7:06:3b:2e:11:c7:81:b4:54:a0:
0a:26:65:5f:79:5c:08:db:ac:46:3a:f2:71:f6:d9:
2a:19:a6:63:7d:3b:82:f1:2f:e2:c3:a2:da:66:7d:
90:bb:ef:ba:b8:c8:5d:1c:15:3e:71:01:5e:c7:d6:
c3:78:59:6c:2b:2c:68:c4:c5:8c:24:ae:8f:65:79:
9f:76:89:24:bd:a7:e5:44:c5:2d:a7:92:5c:da:a6:
6f:51:ac:bd:b3:1b:08:2e:69:f9:b2:6a:9c:75:2a:
a2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:22:85:2B:B2:EA:D6:06:A8:A6:68:D6:4E:A1:BD:A2:37:6E:C9:75
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/eCKFK7Lq1gaopmjWTqG9ojduyXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.56.0/21
185.36.232.0/22
185.106.36.0/22
185.109.16.0/22
188.214.127.0/24
IPv6:
2a04:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
1b:3f:06:ac:2f:aa:33:28:86:35:f1:9f:86:b6:83:99:d9:a8:
16:da:72:b2:82:da:7e:d7:de:e6:4d:e7:03:d8:56:2e:29:ca:
e7:be:9d:54:7f:b4:fa:a3:cb:04:0d:a5:91:4a:d7:16:ca:0e:
9a:7f:e6:d9:4e:74:db:0c:f2:d4:c5:b8:bd:13:4a:91:c1:c7:
9d:5f:b6:94:43:4b:93:09:68:0a:a0:1b:45:66:1b:27:81:fe:
41:be:7a:f4:07:20:0b:75:34:43:2d:a3:b7:f6:5f:e4:4a:f5:
cb:f5:4a:86:cc:35:5a:04:b6:24:50:d4:9f:e4:f7:57:fe:0f:
41:13:56:ef:82:c4:05:63:2e:69:34:78:e8:01:ee:04:7c:a4:
42:7f:5e:87:26:81:33:01:5e:e8:0f:04:a3:d2:0c:44:e1:42:
83:f8:87:dd:59:5e:49:ec:29:6d:c9:82:d5:03:4d:f1:83:bb:
b6:23:13:39:e3:5b:c0:48:73:4c:63:ac:9e:85:7b:44:f3:bc:
f1:fe:29:7b:a7:3f:7b:69:38:48:3b:73:0a:e5:d7:2a:fd:62:
ad:f1:0a:36:39:6f:d1:bf:22:4e:d8:8c:ab:52:9f:01:9e:c9:
93:44:45:55:cd:da:8e:79:0f:9a:3c:4f:69:b5:bc:49:c5:d2:
25:61:c5:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECz7P0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzYwMGNiYWZkMjZmZWU1MDY0ZmM4OWYzMDFkZmM4ZTNjMWQzY2E1MB4XDTIyMDEw
MTA4NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzgyMjg1MmJiMmVh
ZDYwNmE4YTY2OGQ2NGVhMWJkYTIzNzZlYzk3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4NyldB1eMRKxHoqT8PumtrFLqmrg3trfKxUv5FvH93OiFM
c2FMb6L4/npE4nTXq4i/Xg7Iet/QBsQKf8jsP0qaDTwC0fbfnzPN+SVsP0E1nmNg
yJBsRW3H9NVCTUMZzebRLtILpn9kNNM+V1OTsDR70V2QQpzh/hZgPYLGJnaMvEf0
ewV/IdvrzQzGfKz6oKxBUDIZvB+M0t/3BjsuEceBtFSgCiZlX3lcCNusRjrycfbZ
KhmmY307gvEv4sOi2mZ9kLvvurjIXRwVPnEBXsfWw3hZbCssaMTFjCSuj2V5n3aJ
JL2n5UTFLaeSXNqmb1GsvbMbCC5p+bJqnHUqolsCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBR4IoUrsurWBqimaNZOob2iN27JdTAfBgNVHSMEGDAWgBTTYAy6/Sb+5QZP
yJ8wHfyOPB08pTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAyQU11djBtX3VVR1Q4aWZNQjM4amp3ZFBLVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvYjcwNjU4LWUxZGMtNDk0NC1hMDZiLTFjNjgwYWRmN2EyNi8x
L2VDS0ZLN0xxMWdhb3BtaldUcUc5b2pkdXlYVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
YjcwNjU4LWUxZGMtNDk0NC1hMDZiLTFjNjgwYWRmN2EyNi8xLzAyQU11djBtX3VV
R1Q4aWZNQjM4amp3ZFBLVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAx+xOAMEArkk6AMEArlqJAMEArlt
EAMEALzWfzANBAIAAjAHAwUDKgQ+ADANBgkqhkiG9w0BAQsFAAOCAQEAGz8GrC+q
MyiGNfGfhraDmdmoFtpysoLaftfe5k3nA9hWLinK576dVH+0+qPLBA2lkUrXFsoO
mn/m2U502wzy1MW4vRNKkcHHnV+2lENLkwloCqAbRWYbJ4H+Qb569AcgC3U0Qy2j
t/Zf5Er1y/VKhsw1WgS2JFDUn+T3V/4PQRNW74LEBWMuaTR46AHuBHykQn9ehyaB
MwFe6A8Eo9IMROFCg/iH3VleSewpbcmC1QNN8YO7tiMTOeNbwEhzTGOsnoV7RPO8
8f4pe6c/e2k4SDtzCuXXKv1irfEKNjlv0b8iTtiMq1KfAZ7Jk0RFVc3ajnkPmjxP
abW8ScXSJWHFRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:16 2024 by rpki-client on console-ams.rpki-client.org