Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/Ekf-27nxyjAcOnVQyuOdzZbg1fc.roa
File: Ekf-27nxyjAcOnVQyuOdzZbg1fc.roa (raw, json)
Hash identifier: Si2HkAq6nrMTklbGJImCwBjB52tLECW58TzzKowNRvM=
Subject key identifier: 12:47:FE:DB:B9:F1:CA:30:1C:3A:75:50:CA:E3:9D:CD:96:E0:D5:F7
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 0183839957EA0475859A9A9F47F1FFBD5265
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/Ekf-27nxyjAcOnVQyuOdzZbg1fc.roa
Signing time: Wed 28 Sep 2022 10:16:48 +0000
ROA not before: Wed 28 Sep 2022 10:16:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21069
IP address blocks: 46.231.200.0/21 maxlen: 24
81.173.82.0/23 maxlen: 24
81.173.84.0/22 maxlen: 24
81.173.88.0/21 maxlen: 24
185.46.56.0/22 maxlen: 24
80.74.128.0/20 maxlen: 24
80.74.144.0/20 maxlen: 24
94.126.16.0/21 maxlen: 24
2a00:1128::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:83:99:57:ea:04:75:85:9a:9a:9f:47:f1:ff:bd:52:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: Sep 28 10:16:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1247fedbb9f1ca301c3a7550cae39dcd96e0d5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:73:df:bf:48:b2:a0:d8:d2:d3:77:7e:30:08:
e8:40:7b:a6:c9:bb:35:b6:5b:5c:2b:3c:fa:be:39:
84:b3:d6:43:f9:4d:25:e8:a2:02:58:d7:ce:8d:df:
55:89:ce:9a:0b:c5:68:71:75:df:23:39:d5:6d:b7:
0b:b2:08:42:6b:e1:89:77:ce:a3:76:5f:00:7a:55:
a6:21:fd:0b:5b:f4:a9:80:47:87:36:ed:17:1b:ca:
cc:75:e2:f1:c2:6c:18:4e:92:56:75:55:f1:64:05:
c7:0f:37:73:cd:81:ee:60:57:e9:06:34:88:25:ec:
70:c1:3b:dd:ef:01:2e:a2:46:a3:a6:09:bd:58:c6:
6e:d6:c8:d0:f5:1f:a2:f4:6d:d5:38:4e:13:b7:ca:
dc:42:09:3a:27:6d:db:ca:2f:68:aa:0a:b4:98:fc:
e2:e5:af:ea:25:78:82:ec:01:f4:53:4f:88:1d:d0:
e3:56:17:01:65:4e:5d:c8:fc:08:2a:20:1b:c1:d1:
e0:9d:47:94:65:29:c3:96:91:eb:be:e1:00:25:95:
75:9c:91:55:e1:33:4b:ef:43:84:3f:e1:36:17:dd:
d9:bf:4c:97:fd:6a:38:7d:2a:05:4d:a4:75:29:a1:
bf:c9:89:e7:13:f3:71:a7:7e:00:95:13:91:52:b1:
6d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:47:FE:DB:B9:F1:CA:30:1C:3A:75:50:CA:E3:9D:CD:96:E0:D5:F7
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/Ekf-27nxyjAcOnVQyuOdzZbg1fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.200.0/21
80.74.128.0/19
81.173.82.0-81.173.95.255
94.126.16.0/21
185.46.56.0/22
IPv6:
2a00:1128::/32
Signature Algorithm: sha256WithRSAEncryption
c3:ca:27:ee:d0:7b:d7:ea:5e:eb:76:ac:f4:dd:06:da:70:8b:
67:ed:7e:c7:b0:e4:e5:7b:b9:2d:35:5b:9a:8d:5d:87:e1:37:
96:29:6f:39:c0:e2:1b:d5:2d:6c:1c:68:ae:39:da:62:42:dc:
ac:56:7e:d2:03:bd:24:b5:2c:75:69:12:0e:95:24:48:01:df:
32:4d:4d:81:50:c5:d1:12:55:16:aa:da:69:2d:9b:13:7a:8d:
f5:31:e3:ad:51:02:f0:47:a4:2c:bb:16:41:9e:0d:c5:85:c3:
d2:91:98:45:8d:24:46:8c:6b:df:b8:96:85:1b:0c:39:25:d7:
a9:e2:7b:d6:ed:93:df:a3:9a:da:25:3f:d6:bc:34:bb:77:a7:
74:fc:d4:ba:59:bc:0c:75:66:38:8d:c4:9a:cf:69:29:b3:ee:
71:51:e7:b1:02:58:2a:e7:3c:a0:30:52:b7:87:09:38:f1:51:
4d:a3:e4:f9:a2:c7:80:01:e2:0d:de:5b:74:db:44:70:28:4b:
17:aa:c9:f0:ed:63:d2:e9:1d:50:fd:0c:0c:b3:f8:42:b6:af:
e4:44:65:d9:a9:0c:92:04:68:e0:c6:31:bb:72:b1:d4:f7:07:
a6:0c:f8:cf:48:81:8d:fa:78:59:91:ce:05:da:43:6e:81:ae:
ce:fe:60:c7
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYODmVfqBHWFmpqfR/H/vVJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjIwOTI4MTAxNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQ3ZmVkYmI5ZjFjYTMwMWMzYTc1NTBjYWUzOWRjZDk2ZTBkNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnPfv0iyoNjS03d+MAjoQHumybs1
tltcKzz6vjmEs9ZD+U0l6KICWNfOjd9Vic6aC8VocXXfIznVbbcLsghCa+GJd86j
dl8AelWmIf0LW/SpgEeHNu0XG8rMdeLxwmwYTpJWdVXxZAXHDzdzzYHuYFfpBjSI
JexwwTvd7wEuokajpgm9WMZu1sjQ9R+i9G3VOE4Tt8rcQgk6J23byi9oqgq0mPzi
5a/qJXiC7AH0U0+IHdDjVhcBZU5dyPwIKiAbwdHgnUeUZSnDlpHrvuEAJZV1nJFV
4TNL70OEP+E2F93Zv0yX/Wo4fSoFTaR1KaG/yYnnE/Nxp34AlRORUrFtowIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBJH/tu58cowHDp1UMrjnc2W4NX3MB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvRWtmLTI3bnh5akFjT25WUXl1T2R6WmJnMWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDLufIAwQF
UEqAMAwDBAFRrVIDBAVRrUADBANefhADBAK5LjgwDQQCAAIwBwMFACoAESgwDQYJ
KoZIhvcNAQELBQADggEBAMPKJ+7Qe9fqXut2rPTdBtpwi2ftfsew5OV7uS01W5qN
XYfhN5YpbznA4hvVLWwcaK452mJC3KxWftIDvSS1LHVpEg6VJEgB3zJNTYFQxdES
VRaq2mktmxN6jfUx461RAvBHpCy7FkGeDcWFw9KRmEWNJEaMa9+4loUbDDkl16ni
e9btk9+jmtolP9a8NLt3p3T81LpZvAx1ZjiNxJrPaSmz7nFR57ECWCrnPKAwUreH
CTjxUU2j5Pmix4AB4g3eW3TbRHAoSxeqyfDtY9LpHVD9DAyz+EK2r+REZdmpDJIE
aODGMbtysdT3B6YM+M9IgY36eFmRzgXaQ26Brs7+YMc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:48 2024 by rpki-client on console-ams.rpki-client.org