Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/1ef119-2bae-42e4-b02f-7e18fd6afdfd/1/e6-ASUDpK4FIbEJ5oeLQkHWTM4o.roa
File: e6-ASUDpK4FIbEJ5oeLQkHWTM4o.roa (raw, json)
Hash identifier: 7WrJ2Gp70/GF2L8JGEaqaPvjAqol7A9JATCcWv2fhrI=
Subject key identifier: 7B:AF:80:49:40:E9:2B:81:48:6C:42:79:A1:E2:D0:90:75:93:33:8A
Certificate issuer: /CN=10a69541eb068e6d2e596c481d93fd6bf9771267
Certificate serial: 37AD696E
Authority key identifier: 10:A6:95:41:EB:06:8E:6D:2E:59:6C:48:1D:93:FD:6B:F9:77:12:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKaVQesGjm0uWWxIHZP9a_l3Emc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/1ef119-2bae-42e4-b02f-7e18fd6afdfd/1/e6-ASUDpK4FIbEJ5oeLQkHWTM4o.roa
Signing time: Sat 01 Jan 2022 04:03:31 +0000
ROA not before: Sat 01 Jan 2022 04:03:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20811
IP address blocks: 217.199.0.0/19 maxlen: 24
89.190.160.0/19 maxlen: 24
46.234.224.0/19 maxlen: 24
93.89.48.0/20 maxlen: 24
84.18.128.0/19 maxlen: 24
37.186.128.0/18 maxlen: 24
185.6.192.0/22 maxlen: 24
95.171.32.0/19 maxlen: 24
2a02:490::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934111598 (0x37ad696e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10a69541eb068e6d2e596c481d93fd6bf9771267
Validity
Not Before: Jan 1 04:03:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7baf804940e92b81486c4279a1e2d0907593338a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d4:56:11:84:5e:fc:d7:f7:3d:17:83:dd:8c:
a4:84:a6:43:7e:58:56:30:f2:87:ad:85:a5:5a:6c:
85:eb:c3:af:1f:82:ba:14:e6:96:e5:bf:2b:c3:1a:
c3:d7:b1:b8:4d:01:7b:25:d4:f7:16:b5:f2:72:cb:
9f:40:03:4e:86:a3:5a:b2:b0:69:e2:9b:9e:59:c7:
45:a5:e8:47:62:ae:e2:c8:49:ff:ba:23:80:58:32:
75:bd:26:f5:c4:1e:3c:76:96:61:d7:99:7f:69:e6:
83:bf:76:d8:4d:e1:28:cf:f7:8d:06:03:db:ac:75:
ab:f0:f7:df:87:a8:b7:5e:5c:22:3c:b9:ce:36:ed:
75:01:6d:cc:c4:b9:d2:d7:bb:d6:56:75:21:5f:46:
a4:c0:83:63:f5:0f:ee:2f:71:da:a5:01:58:dd:80:
87:ef:c3:65:80:96:c6:75:49:a7:31:05:f4:3a:56:
a1:5e:d1:b8:dd:34:8b:78:22:b8:3d:ff:b8:f9:df:
98:46:36:5a:76:78:7a:e4:3a:60:33:8d:bd:12:2b:
a7:9f:0b:50:06:42:c7:06:0a:47:38:fb:da:dd:e8:
c7:ec:5e:4c:54:f0:f1:ef:ad:d4:26:a5:f8:74:20:
0b:c4:8a:67:32:31:d0:ae:2d:a2:83:f3:49:9e:21:
cd:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:AF:80:49:40:E9:2B:81:48:6C:42:79:A1:E2:D0:90:75:93:33:8A
X509v3 Authority Key Identifier:
keyid:10:A6:95:41:EB:06:8E:6D:2E:59:6C:48:1D:93:FD:6B:F9:77:12:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKaVQesGjm0uWWxIHZP9a_l3Emc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/1ef119-2bae-42e4-b02f-7e18fd6afdfd/1/e6-ASUDpK4FIbEJ5oeLQkHWTM4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/1ef119-2bae-42e4-b02f-7e18fd6afdfd/1/EKaVQesGjm0uWWxIHZP9a_l3Emc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.186.128.0/18
46.234.224.0/19
84.18.128.0/19
89.190.160.0/19
93.89.48.0/20
95.171.32.0/19
185.6.192.0/22
217.199.0.0/19
IPv6:
2a02:490::/29
Signature Algorithm: sha256WithRSAEncryption
34:ca:db:0b:2d:1a:b7:07:33:03:4b:f8:79:9d:a5:4f:e5:5a:
a0:9b:4b:77:3c:84:01:32:c9:7a:86:c3:e1:ef:bd:67:79:12:
24:c7:c0:0d:b1:54:0f:35:1f:0e:65:9c:35:21:49:69:24:e7:
de:30:74:42:fb:12:b2:69:56:8f:3c:36:39:9a:a0:f3:73:a6:
f7:ae:b1:d8:10:f6:5f:75:53:5e:b5:85:37:78:f6:d6:d2:a8:
ff:a4:7b:f1:3a:1c:45:b2:0b:0c:a3:3f:63:fb:f4:4b:9f:80:
9b:87:26:85:1b:e4:ed:2f:88:87:f7:64:cc:8e:2c:7d:ce:13:
52:50:64:23:ba:18:cb:5f:90:cb:d6:8c:b1:6c:3b:c9:7f:6a:
f0:9c:56:49:51:5d:40:65:78:b5:a9:4a:9f:58:b5:fd:d8:59:
a2:be:96:f2:27:14:bf:cc:8d:0e:7b:2d:ac:c8:b5:61:ab:f6:
82:00:6b:2e:aa:70:4b:7e:41:88:ff:ba:68:b4:13:b7:a0:2f:
01:10:6b:a7:f7:1a:7e:53:a4:a1:ee:c3:de:cf:0a:d3:aa:3c:
c4:97:64:67:94:98:d8:ce:b5:9d:6b:1e:cc:3c:15:9f:c7:74:
a9:ff:98:c9:72:c5:d6:8f:be:2f:06:22:12:15:e5:a7:fd:ac:
78:43:8f:eb
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEN61pbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MGE2OTU0MWViMDY4ZTZkMmU1OTZjNDgxZDkzZmQ2YmY5NzcxMjY3MB4XDTIyMDEw
MTA0MDMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JhZjgwNDk0MGU5
MmI4MTQ4NmM0Mjc5YTFlMmQwOTA3NTkzMzM4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbUVhGEXvzX9z0Xg92MpISmQ35YVjDyh62FpVpshevDrx+C
uhTmluW/K8Maw9exuE0BeyXU9xa18nLLn0ADToajWrKwaeKbnlnHRaXoR2Ku4shJ
/7ojgFgydb0m9cQePHaWYdeZf2nmg7922E3hKM/3jQYD26x1q/D334eot15cIjy5
zjbtdQFtzMS50te71lZ1IV9GpMCDY/UP7i9x2qUBWN2Ah+/DZYCWxnVJpzEF9DpW
oV7RuN00i3giuD3/uPnfmEY2WnZ4euQ6YDONvRIrp58LUAZCxwYKRzj72t3ox+xe
TFTw8e+t1Cal+HQgC8SKZzIx0K4tooPzSZ4hzZ0CAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBR7r4BJQOkrgUhsQnmh4tCQdZMzijAfBgNVHSMEGDAWgBQQppVB6waObS5Z
bEgdk/1r+XcSZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VLYVZRZXNHam0wdVdXeElIWlA5YV9sM0VtYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvMWVmMTE5LTJiYWUtNDJlNC1iMDJmLTdlMThmZDZhZmRmZC8x
L2U2LUFTVURwSzRGSWJFSjVvZUxRa0hXVE00by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
MWVmMTE5LTJiYWUtNDJlNC1iMDJmLTdlMThmZDZhZmRmZC8xL0VLYVZRZXNHam0w
dVdXeElIWlA5YV9sM0VtYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBiW6gAMEBS7q4AMEBVQSgAMEBVm+
oAMEBF1ZMAMEBV+rIAMEArkGwAMEBdnHADANBAIAAjAHAwUDKgIEkDANBgkqhkiG
9w0BAQsFAAOCAQEANMrbCy0atwczA0v4eZ2lT+VaoJtLdzyEATLJeobD4e+9Z3kS
JMfADbFUDzUfDmWcNSFJaSTn3jB0QvsSsmlWjzw2OZqg83Om966x2BD2X3VTXrWF
N3j21tKo/6R78TocRbILDKM/Y/v0S5+Am4cmhRvk7S+Ih/dkzI4sfc4TUlBkI7oY
y1+Qy9aMsWw7yX9q8JxWSVFdQGV4talKn1i1/dhZor6W8icUv8yNDnstrMi1Yav2
ggBrLqpwS35BiP+6aLQTt6AvARBrp/caflOkoe7D3s8K06o8xJdkZ5SY2M61nWse
zDwVn8d0qf+YyXLF1o++LwYiEhXlp/2seEOP6w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:58 2023 by rpki-client on console-fra.rpki-client.org