Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/EHm_FokvR7qHkP6VUdcbRD4FXwI.roa
File: EHm_FokvR7qHkP6VUdcbRD4FXwI.roa (raw, json)
Hash identifier: r/FDMmutkcHFNWJWhSrMCoKjcywLi7KyfxYyneFsfJY=
Subject key identifier: 10:79:BF:16:89:2F:47:BA:87:90:FE:95:51:D7:1B:44:3E:05:5F:02
Certificate issuer: /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial: 0184BD0A2C47CDA2C6A989D608A56D38A862
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/EHm_FokvR7qHkP6VUdcbRD4FXwI.roa
Signing time: Mon 28 Nov 2022 07:01:11 +0000
ROA not before: Mon 28 Nov 2022 07:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 394094
IP address blocks: 185.106.241.0/24 maxlen: 24
185.106.243.0/24 maxlen: 24
31.25.199.0/24 maxlen: 24
2a06:4101::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:0a:2c:47:cd:a2:c6:a9:89:d6:08:a5:6d:38:a8:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Validity
Not Before: Nov 28 07:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1079bf16892f47ba8790fe9551d71b443e055f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ca:90:b8:ab:30:f4:05:50:cb:b5:e4:3a:43:
c8:27:30:28:ad:87:b2:a1:93:c5:cc:cd:4c:f0:42:
fc:cc:5e:03:5b:97:f8:8c:32:4f:0f:33:6d:64:65:
b4:ca:69:0c:e4:86:cb:2c:50:84:09:d8:90:ad:0f:
0a:df:dc:ba:76:d7:b8:4d:b9:15:0a:50:73:e0:74:
6f:f1:6a:04:ef:a2:6d:6f:86:cf:5e:af:be:4f:6b:
05:c2:94:2e:e1:63:ca:b6:ab:3f:2c:76:3e:d8:8a:
d1:08:12:68:7c:f6:b3:00:02:73:86:9d:05:97:32:
b3:e4:62:b4:cb:5d:9c:e6:75:33:37:f0:24:d2:f6:
b7:81:33:53:00:62:42:65:0c:07:63:1c:29:66:20:
73:43:61:ea:1b:dc:91:99:50:69:ed:4c:ea:d5:fd:
7c:db:e8:26:0c:7d:ad:ed:e7:9d:0d:f9:8c:d8:c3:
46:97:84:bb:f2:ba:34:7b:7b:58:92:86:a6:da:ac:
45:fa:35:49:1e:0b:cb:be:f3:40:c2:b7:d2:db:86:
44:6d:45:e2:85:c3:f2:dd:96:de:9a:7c:4d:e5:e3:
9a:a2:e3:aa:ec:07:50:58:53:15:13:18:84:e0:e4:
d8:0c:74:08:96:36:31:d9:33:06:38:4b:27:47:54:
aa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:79:BF:16:89:2F:47:BA:87:90:FE:95:51:D7:1B:44:3E:05:5F:02
X509v3 Authority Key Identifier:
keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/EHm_FokvR7qHkP6VUdcbRD4FXwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.199.0/24
185.106.241.0/24
185.106.243.0/24
IPv6:
2a06:4101::/32
Signature Algorithm: sha256WithRSAEncryption
34:4a:c9:8a:07:e0:52:06:3d:9b:d1:8b:40:62:7b:3d:1c:2e:
dc:84:78:e2:37:ee:c5:94:df:d5:7f:85:d9:ca:7f:fe:0a:45:
fa:7a:6c:29:9a:d9:81:2d:bf:d9:c7:91:fd:e6:76:63:c3:1d:
25:96:5b:eb:d1:66:4a:a1:35:c9:de:23:df:58:97:61:2b:8a:
3a:22:fa:ad:9b:b3:63:fc:02:82:be:71:38:62:f7:8c:d8:b3:
fe:a4:0b:b7:84:15:ec:2b:1e:03:0a:99:17:3c:68:8b:7f:b1:
a7:3b:a8:22:45:44:31:f9:50:fa:f9:1e:1b:9f:08:38:2b:0f:
af:8c:ff:42:64:9b:b8:12:b9:d0:8f:43:1c:ef:30:8a:70:0e:
3c:1b:a1:6c:52:27:a7:b6:49:60:eb:8d:ee:99:3e:8c:ae:43:
94:a3:4c:cc:7d:37:49:f6:82:44:7a:39:8d:51:97:3c:62:89:
5b:fe:2c:54:81:25:f0:72:65:cf:19:47:49:cb:07:71:ed:f5:
c5:cf:fd:44:65:eb:3c:bf:90:fd:3d:17:1f:8b:57:c4:5d:0b:
2e:a0:cc:10:fc:da:38:60:2a:72:ed:65:8e:7a:2e:b1:67:91:
c2:c5:2a:48:ba:60:23:5f:c7:b1:0e:75:73:1f:b1:98:56:78:
a8:dc:3e:03
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYS9CixHzaLGqYnWCKVtOKhiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjIxMTI4MDcwMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc5YmYxNjg5MmY0N2JhODc5MGZlOTU1MWQ3MWI0NDNlMDU1ZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8qQuKsw9AVQy7XkOkPIJzAorYey
oZPFzM1M8EL8zF4DW5f4jDJPDzNtZGW0ymkM5IbLLFCECdiQrQ8K39y6dte4TbkV
ClBz4HRv8WoE76Jtb4bPXq++T2sFwpQu4WPKtqs/LHY+2IrRCBJofPazAAJzhp0F
lzKz5GK0y12c5nUzN/Ak0va3gTNTAGJCZQwHYxwpZiBzQ2HqG9yRmVBp7Uzq1f18
2+gmDH2t7eedDfmM2MNGl4S78ro0e3tYkoam2qxF+jVJHgvLvvNAwrfS24ZEbUXi
hcPy3ZbemnxN5eOaouOq7AdQWFMVExiE4OTYDHQIljYx2TMGOEsnR1Sq+wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBB5vxaJL0e6h5D+lVHXG0Q+BV8CMB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvRUhtX0Zva3ZSN3FIa1A2VlVkY2JSRDRGWHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAHxnHAwQA
uWrxAwQAuWrzMA0EAgACMAcDBQAqBkEBMA0GCSqGSIb3DQEBCwUAA4IBAQA0SsmK
B+BSBj2b0YtAYns9HC7chHjiN+7FlN/Vf4XZyn/+CkX6emwpmtmBLb/Zx5H95nZj
wx0lllvr0WZKoTXJ3iPfWJdhK4o6Ivqtm7Nj/AKCvnE4YveM2LP+pAu3hBXsKx4D
CpkXPGiLf7GnO6giRUQx+VD6+R4bnwg4Kw+vjP9CZJu4ErnQj0Mc7zCKcA48G6Fs
Uientklg643umT6MrkOUo0zMfTdJ9oJEejmNUZc8Yolb/ixUgSXwcmXPGUdJywdx
7fXFz/1EZes8v5D9PRcfi1fEXQsuoMwQ/No4YCpy7WWOei6xZ5HCxSpIumAjX8ex
DnVzH7GYVnio3D4D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org