Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/eqJctSfTaLLI5N-dICoUa8JGbqE.roa
File: eqJctSfTaLLI5N-dICoUa8JGbqE.roa (raw, json)
Hash identifier: atIEppoL3AyV3AkEBnNgtfYDdEsGj0IhgU+1TAfV3CU=
Subject key identifier: 7A:A2:5C:B5:27:D3:68:B2:C8:E4:DF:9D:20:2A:14:6B:C2:46:6E:A1
Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89
Certificate serial: 04552114
Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/eqJctSfTaLLI5N-dICoUa8JGbqE.roa
Signing time: Sat 01 Jan 2022 12:58:14 +0000
ROA not before: Sat 01 Jan 2022 12:58:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204798
IP address blocks: 185.239.178.0/24 maxlen: 24
185.239.177.0/24 maxlen: 24
185.239.179.0/24 maxlen: 24
185.239.176.0/24 maxlen: 24
2a0f:c9c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72687892 (0x4552114)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89
Validity
Not Before: Jan 1 12:58:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7aa25cb527d368b2c8e4df9d202a146bc2466ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2d:5c:be:47:be:7f:16:59:81:8e:8c:d1:33:
63:b9:9c:27:3a:07:fa:21:b6:90:5d:6b:cf:db:e2:
bc:c2:60:4e:6a:6d:c7:92:f0:a7:0c:37:e3:69:c5:
00:cf:da:df:e9:a6:94:9d:00:43:4b:18:06:5e:c5:
20:ce:1f:c0:37:97:13:4a:b9:ad:b4:4c:14:4a:d9:
dd:9c:7e:7c:bd:38:ef:10:ce:f0:bd:f4:70:3d:ae:
f3:58:28:87:4b:51:4b:e9:78:60:ec:7e:de:d4:24:
6b:5f:9d:9c:f9:a8:f0:b0:59:36:c1:d3:2b:b7:32:
cb:26:ef:91:70:a5:66:50:1a:4c:4a:80:8d:14:55:
a4:39:6c:af:71:ee:c2:fd:ac:1f:e8:d3:3f:c7:92:
9c:0a:3f:c7:83:13:9d:2d:b7:39:33:e7:f6:56:e0:
3f:0d:72:c7:fa:80:ab:26:d2:4c:c3:23:c8:ad:4c:
39:70:16:28:9e:82:43:2b:d5:a0:35:27:10:1b:ba:
18:41:f6:f8:97:e9:5a:38:23:fa:4b:66:32:33:02:
77:f7:03:92:ed:a8:c8:bd:16:b3:1a:85:5e:ba:7b:
c8:a3:dc:5f:b2:78:68:d6:5b:c4:03:64:d7:b6:06:
31:51:a1:c7:02:de:37:cf:f3:2e:4c:6a:ef:12:65:
10:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A2:5C:B5:27:D3:68:B2:C8:E4:DF:9D:20:2A:14:6B:C2:46:6E:A1
X509v3 Authority Key Identifier:
keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/eqJctSfTaLLI5N-dICoUa8JGbqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.176.0/22
IPv6:
2a0f:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
cd:8c:eb:76:07:1d:b3:05:b8:d0:07:f4:11:4a:d7:10:23:1a:
ac:70:cc:52:8a:96:7d:11:de:cd:8d:ea:2f:de:cb:c9:27:73:
05:37:bc:fe:01:d5:4f:c2:d0:54:b8:df:22:6b:55:87:68:d9:
f0:57:86:e1:c7:a4:b3:fb:72:ac:aa:63:27:97:f8:1a:80:c3:
0c:b0:66:7e:1f:31:07:cb:a4:3a:a9:d6:87:a4:a2:25:99:3e:
1e:ef:77:86:49:79:8a:74:2b:3e:86:71:f0:fa:b5:5d:ec:ea:
0b:97:33:03:ba:07:52:85:33:52:b2:88:07:bf:a0:6a:8b:9c:
5a:b3:44:08:a2:b1:2c:38:7d:70:ab:2b:e4:81:5b:e9:de:9f:
dd:45:ad:d6:e4:d2:48:3b:22:a1:54:d3:7f:72:54:89:4a:46:
14:5f:e8:09:52:f2:07:a6:e4:f8:d3:94:54:20:c7:bb:79:b4:
a9:9f:d2:1d:0f:73:af:0a:57:a7:11:c0:d1:2a:7f:17:96:36:
b1:8f:5c:1c:3c:14:cf:35:0e:4c:4b:3d:7d:29:79:5f:76:a8:
0b:09:4b:b9:b4:0a:a8:10:77:70:f6:d0:cc:42:33:31:8d:03:
7e:0d:6a:32:f5:26:cf:f4:0a:f2:a1:f5:70:0e:64:79:d7:29:
3a:1c:8d:47
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBFUhFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Njc4NTc3M2RmMzEzYjkxNzExYmY2YmM1YjE0OWVjYzI0NmI5ZTg5MB4XDTIyMDEw
MTEyNTgxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2FhMjVjYjUyN2Qz
NjhiMmM4ZTRkZjlkMjAyYTE0NmJjMjQ2NmVhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJctXL5Hvn8WWYGOjNEzY7mcJzoH+iG2kF1rz9vivMJgTmpt
x5Lwpww342nFAM/a3+mmlJ0AQ0sYBl7FIM4fwDeXE0q5rbRMFErZ3Zx+fL047xDO
8L30cD2u81goh0tRS+l4YOx+3tQka1+dnPmo8LBZNsHTK7cyyybvkXClZlAaTEqA
jRRVpDlsr3Huwv2sH+jTP8eSnAo/x4MTnS23OTPn9lbgPw1yx/qAqybSTMMjyK1M
OXAWKJ6CQyvVoDUnEBu6GEH2+JfpWjgj+ktmMjMCd/cDku2oyL0WsxqFXrp7yKPc
X7J4aNZbxANk17YGMVGhxwLeN8/zLkxq7xJlEIECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR6oly1J9Nossjk350gKhRrwkZuoTAfBgNVHSMEGDAWgBSmeFdz3zE7kXEb
9rxbFJ7MJGueiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BuaFhjOTh4TzVGeEdfYThXeFNlekNScm5vay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvYWU5MjExLWM1MmQtNDgwZC1hNTkxLWQ3NTg2OWMwYzcxZS8x
L2VxSmN0U2ZUYUxMSTVOLWRJQ29VYThKR2JxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
YWU5MjExLWM1MmQtNDgwZC1hNTkxLWQ3NTg2OWMwYzcxZS8xL3BuaFhjOTh4TzVG
eEdfYThXeFNlekNScm5vay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnvsDANBAIAAjAHAwUDKg/JwDAN
BgkqhkiG9w0BAQsFAAOCAQEAzYzrdgcdswW40Af0EUrXECMarHDMUoqWfRHezY3q
L97LySdzBTe8/gHVT8LQVLjfImtVh2jZ8FeG4ceks/tyrKpjJ5f4GoDDDLBmfh8x
B8ukOqnWh6SiJZk+Hu93hkl5inQrPoZx8Pq1XezqC5czA7oHUoUzUrKIB7+gaouc
WrNECKKxLDh9cKsr5IFb6d6f3UWt1uTSSDsioVTTf3JUiUpGFF/oCVLyB6bk+NOU
VCDHu3m0qZ/SHQ9zrwpXpxHA0Sp/F5Y2sY9cHDwUzzUOTEs9fSl5X3aoCwlLubQK
qBB3cPbQzEIzMY0Dfg1qMvUmz/QK8qH1cA5kedcpOhyNRw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:16 2023 by rpki-client on console-ams.rpki-client.org