Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/Cxs6crFm5oyHV7Ev3mI8G2BE5dw.roa
File: Cxs6crFm5oyHV7Ev3mI8G2BE5dw.roa (raw, json)
Hash identifier: RdsYWq9M8ZIJiiC/1EC2MoBmwBzAc8kMg2IvTPLAPzs=
Subject key identifier: 0B:1B:3A:72:B1:66:E6:8C:87:57:B1:2F:DE:62:3C:1B:60:44:E5:DC
Certificate issuer: /CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Certificate serial: 442EE859
Authority key identifier: E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/Cxs6crFm5oyHV7Ev3mI8G2BE5dw.roa
Signing time: Sat 01 Jan 2022 10:55:04 +0000
ROA not before: Sat 01 Jan 2022 10:55:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42514
IP address blocks: 46.22.240.0/20 maxlen: 20
95.141.176.0/20 maxlen: 20
178.17.128.0/20 maxlen: 20
128.204.160.0/19 maxlen: 19
185.12.84.0/22 maxlen: 22
94.102.16.0/20 maxlen: 20
2a02:2648::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1143924825 (0x442ee859)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Validity
Not Before: Jan 1 10:55:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b1b3a72b166e68c8757b12fde623c1b6044e5dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3c:78:ff:f7:33:97:1d:6b:66:e7:3e:18:5a:
32:7b:c8:42:3d:0c:dc:df:df:b9:3e:0e:cc:ca:0f:
90:18:49:82:75:cc:a3:1c:02:14:ff:59:31:3e:32:
47:49:a4:7d:5f:7a:50:9a:f1:3c:ab:cc:ff:a9:0f:
4b:a3:e9:49:5c:f9:a6:36:6c:9d:be:83:38:7a:ee:
76:a2:bd:7b:18:0b:b6:d9:0a:5a:f7:8a:91:10:9d:
e1:45:f1:2e:a8:45:5f:d9:e9:ce:8a:44:3a:2b:1c:
fa:26:44:75:8e:52:83:53:47:c1:90:8c:cb:31:ce:
52:1c:af:5a:b8:6c:0f:9a:69:8a:d5:45:89:b2:31:
53:1c:ad:cf:75:fc:1c:b6:48:ba:73:37:28:7a:b5:
aa:a3:f1:d1:16:59:42:c2:8c:cb:30:fa:a6:a4:33:
12:f1:dc:bd:08:56:c7:3e:95:26:ba:25:2f:d0:15:
3b:09:a4:55:b8:32:b4:1f:d2:d8:81:36:5d:c9:96:
33:a5:64:b7:f3:8d:e9:40:ff:50:d4:af:de:3f:f1:
79:71:14:cc:27:da:67:a0:97:10:68:76:e9:60:e3:
8a:6e:c2:02:0d:cc:56:d5:63:f1:be:da:27:e0:92:
bb:42:ff:e2:83:1e:b3:13:b3:76:00:84:8c:12:84:
4b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:1B:3A:72:B1:66:E6:8C:87:57:B1:2F:DE:62:3C:1B:60:44:E5:DC
X509v3 Authority Key Identifier:
keyid:E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/Cxs6crFm5oyHV7Ev3mI8G2BE5dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/4JbEM2QAPsP398bqgVe4pQ9EDsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.240.0/20
94.102.16.0/20
95.141.176.0/20
128.204.160.0/19
178.17.128.0/20
185.12.84.0/22
IPv6:
2a02:2648::/29
Signature Algorithm: sha256WithRSAEncryption
57:b0:63:2c:bf:ea:a2:8a:cb:d6:b9:98:2d:9e:f0:63:83:c7:
de:0b:1b:9d:6e:fc:ce:4b:43:b4:b2:42:c9:f7:47:fa:38:5b:
63:a3:22:b5:1d:7a:68:0b:1a:59:84:02:2d:9b:3e:44:36:cf:
df:19:42:20:97:ab:41:f8:b5:e8:9d:46:17:0b:b5:62:b0:1a:
c0:b6:cb:bc:53:c0:23:21:30:08:c1:6e:b6:4e:d9:15:ce:f3:
8b:b1:ff:b0:d3:94:2f:5b:b4:2d:19:b2:bb:2f:cf:fb:18:b2:
1f:2b:e3:b1:63:11:fb:70:6b:fa:e2:7c:b9:e5:20:8e:3c:2e:
ec:a9:62:43:08:36:39:f2:2e:d2:6b:68:5e:d9:05:c7:9e:c0:
68:b6:9d:0c:e4:f1:cc:1c:55:11:e5:28:df:b9:38:6f:b0:f2:
13:e1:26:8e:df:ad:1f:1b:e8:b6:12:de:d7:38:18:11:d9:25:
5d:e5:3e:83:4d:88:6d:d1:94:56:e9:c6:a6:a6:cc:ae:2a:c5:
01:5f:61:90:70:26:35:a4:79:e9:72:c1:2f:f8:ca:07:48:58:
ce:6a:59:71:5a:20:35:2d:1d:bd:e8:4f:3d:56:52:2c:6b:51:
ca:dd:66:fd:68:a2:d9:91:37:1a:4b:db:74:a5:dd:fe:b5:04:
e7:93:99:85
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIERC7oWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDk2YzQzMzY0MDAzZWMzZjdmN2M2ZWE4MTU3YjhhNTBmNDQwZWNjMB4XDTIyMDEw
MTEwNTUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGIxYjNhNzJiMTY2
ZTY4Yzg3NTdiMTJmZGU2MjNjMWI2MDQ0ZTVkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJs8eP/3M5cda2bnPhhaMnvIQj0M3N/fuT4OzMoPkBhJgnXM
oxwCFP9ZMT4yR0mkfV96UJrxPKvM/6kPS6PpSVz5pjZsnb6DOHrudqK9exgLttkK
WveKkRCd4UXxLqhFX9npzopEOisc+iZEdY5Sg1NHwZCMyzHOUhyvWrhsD5ppitVF
ibIxUxytz3X8HLZIunM3KHq1qqPx0RZZQsKMyzD6pqQzEvHcvQhWxz6VJrolL9AV
OwmkVbgytB/S2IE2XcmWM6Vkt/ON6UD/UNSv3j/xeXEUzCfaZ6CXEGh26WDjim7C
Ag3MVtVj8b7aJ+CSu0L/4oMesxOzdgCEjBKES78CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQLGzpysWbmjIdXsS/eYjwbYETl3DAfBgNVHSMEGDAWgBTglsQzZAA+w/f3
xuqBV7ilD0QOzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRKYkVNMlFBUHNQMzk4YnFnVmU0cFE5RURzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvYzNiY2U2LTU4ZmItNDg3NC04YjNlLTNhODVlZTRjODliYy8x
L0N4czZjckZtNW95SFY3RXYzbUk4RzJCRTVkdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
YzNiY2U2LTU4ZmItNDg3NC04YjNlLTNhODVlZTRjODliYy8xLzRKYkVNMlFBUHNQ
Mzk4YnFnVmU0cFE5RURzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBC4W8AMEBF5mEAMEBF+NsAMEBYDM
oAMEBLIRgAMEArkMVDANBAIAAjAHAwUDKgImSDANBgkqhkiG9w0BAQsFAAOCAQEA
V7BjLL/qoorL1rmYLZ7wY4PH3gsbnW78zktDtLJCyfdH+jhbY6MitR16aAsaWYQC
LZs+RDbP3xlCIJerQfi16J1GFwu1YrAawLbLvFPAIyEwCMFutk7ZFc7zi7H/sNOU
L1u0LRmyuy/P+xiyHyvjsWMR+3Br+uJ8ueUgjjwu7KliQwg2OfIu0mtoXtkFx57A
aLadDOTxzBxVEeUo37k4b7DyE+Emjt+tHxvothLe1zgYEdklXeU+g02IbdGUVunG
pqbMrirFAV9hkHAmNaR56XLBL/jKB0hYzmpZcVogNS0dvehPPVZSLGtRyt1m/Wii
2ZE3GkvbdKXd/rUE55OZhQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:29 2025 by rpki-client