Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/N4RbNDMiVi2O1GXCTEvNxU_1ejc.roa
File: N4RbNDMiVi2O1GXCTEvNxU_1ejc.roa (raw, json)
Hash identifier: S0MddYTX7zKlrns4u6R/CZ5snxq7XC4ktCMCkWWv08Q=
Subject key identifier: 37:84:5B:34:33:22:56:2D:8E:D4:65:C2:4C:4B:CD:C5:4F:F5:7A:37
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01840F9B15DC645FBBB739C3CDE5F2A9DCA6
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/N4RbNDMiVi2O1GXCTEvNxU_1ejc.roa
Signing time: Tue 25 Oct 2022 14:45:32 +0000
ROA not before: Tue 25 Oct 2022 14:45:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21769
IP address blocks: 185.199.116.0/22 maxlen: 22
103.63.28.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
45.127.248.0/22 maxlen: 22
185.195.212.0/22 maxlen: 22
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
14.102.224.0/20 maxlen: 20
2a09:1e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:9b:15:dc:64:5f:bb:b7:39:c3:cd:e5:f2:a9:dc:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Oct 25 14:45:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37845b343322562d8ed465c24c4bcdc54ff57a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:51:40:81:02:8e:93:70:7e:67:6c:19:70:4a:
da:69:5c:6f:2b:a6:80:84:a0:4b:c7:2d:6e:71:64:
1a:64:f5:7c:a6:f4:c9:cc:66:59:9d:64:2e:9e:d9:
ea:88:8d:88:6a:05:b3:ae:d1:e6:ff:48:23:6a:21:
83:96:df:80:0a:9d:20:11:e8:04:95:19:48:78:56:
81:61:29:e2:b1:1d:20:17:43:f5:b8:36:3e:ec:d1:
6a:57:d7:3f:ad:d1:93:e2:a7:0d:30:9d:f3:02:b6:
27:c7:23:fc:83:9e:99:20:20:d1:76:ea:e3:93:fd:
ce:2a:df:a4:dd:36:48:4e:55:e6:9c:fb:15:0f:a8:
3a:0f:ec:1e:ab:cd:9c:21:e9:8e:43:a4:82:a2:b1:
5f:3d:97:6e:bf:bd:68:e3:ff:40:1a:0a:b2:16:99:
9b:80:82:65:a1:40:b0:04:4a:8f:e3:df:6f:c1:21:
cf:c0:76:70:14:f9:12:4d:64:0c:0e:19:08:eb:f5:
99:17:52:45:6a:9f:90:76:a7:00:8c:53:c5:a5:3f:
93:98:d1:10:d2:f5:e1:63:d4:b3:2f:56:2f:1a:f0:
21:6f:5c:ea:aa:58:9b:3e:c7:65:f7:4d:5e:b3:45:
c7:7c:64:b4:56:b7:de:99:16:64:e0:82:9d:38:53:
a6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:84:5B:34:33:22:56:2D:8E:D4:65:C2:4C:4B:CD:C5:4F:F5:7A:37
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/N4RbNDMiVi2O1GXCTEvNxU_1ejc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.224.0/20
45.127.248.0/22
103.63.28.0/22
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
7e:e4:1c:c3:5e:9a:0b:ce:7f:78:8e:8e:15:1c:99:c8:a1:33:
23:73:0f:4a:cf:68:00:bb:d8:dc:a7:8d:7a:9c:76:6b:ed:8d:
a7:5c:fa:a0:a4:f6:81:dc:7b:dc:fe:15:2f:69:03:d1:d6:16:
b1:86:0b:ec:99:9d:9c:b5:9d:5e:ce:51:10:49:b3:97:7e:ed:
97:69:e3:4b:a1:dc:c3:41:23:09:c9:8c:75:85:a1:c8:e7:07:
7c:19:2e:d6:d8:cb:fa:c8:1a:6c:33:a4:c8:dc:b4:c0:7f:7b:
51:0b:b9:ca:fc:44:80:e6:74:f2:56:a1:a1:00:a7:a7:5d:e6:
92:19:80:63:8e:e5:ae:99:e0:6d:60:30:a3:33:81:1f:7d:78:
62:e2:ea:46:b2:27:aa:65:11:8a:88:e5:4e:1e:12:a6:b1:35:
95:c6:34:1d:b4:29:21:3e:ec:ec:1b:40:52:eb:84:1b:e0:a6:
e2:b7:2a:4d:57:f7:ad:89:50:1c:0f:87:b5:b1:1f:2a:6d:5d:
05:1b:63:aa:c6:fe:4f:13:b0:2a:73:37:17:e6:a7:ef:41:ab:
62:82:a6:ec:01:01:b4:03:c9:a0:b0:34:99:02:58:f3:1c:3a:
5d:bd:b0:11:0b:77:16:c6:dd:60:d7:61:c9:5f:a9:db:18:0d:
cb:59:74:e1
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYQPmxXcZF+7tznDzeXyqdymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjIxMDI1MTQ0NTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzg0NWIzNDMzMjI1NjJkOGVkNDY1YzI0YzRiY2RjNTRmZjU3YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31FAgQKOk3B+Z2wZcEraaVxvK6aA
hKBLxy1ucWQaZPV8pvTJzGZZnWQuntnqiI2IagWzrtHm/0gjaiGDlt+ACp0gEegE
lRlIeFaBYSnisR0gF0P1uDY+7NFqV9c/rdGT4qcNMJ3zArYnxyP8g56ZICDRdurj
k/3OKt+k3TZITlXmnPsVD6g6D+weq82cIemOQ6SCorFfPZduv71o4/9AGgqyFpmb
gIJloUCwBEqP499vwSHPwHZwFPkSTWQMDhkI6/WZF1JFap+QdqcAjFPFpT+TmNEQ
0vXhY9SzL1YvGvAhb1zqqlibPsdl901es0XHfGS0VrfemRZk4IKdOFOmFwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDeEWzQzIlYtjtRlwkxLzcVP9Xo3MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvTjRSYk5ETWlWaTJPMUdYQ1RFdk54VV8xZWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEDmbgAwQC
LX/4AwQCZz8cAwQCucPUAwQCucPcAwQCucS8AwQCucd0AwQCwl0EMA0EAgACMAcD
BQMqCR6AMA0GCSqGSIb3DQEBCwUAA4IBAQB+5BzDXpoLzn94jo4VHJnIoTMjcw9K
z2gAu9jcp416nHZr7Y2nXPqgpPaB3Hvc/hUvaQPR1haxhgvsmZ2ctZ1ezlEQSbOX
fu2XaeNLodzDQSMJyYx1haHI5wd8GS7W2Mv6yBpsM6TI3LTAf3tRC7nK/ESA5nTy
VqGhAKenXeaSGYBjjuWumeBtYDCjM4EffXhi4upGsieqZRGKiOVOHhKmsTWVxjQd
tCkhPuzsG0BS64Qb4KbitypNV/etiVAcD4e1sR8qbV0FG2Oqxv5PE7AqczcX5qfv
QatigqbsAQG0A8mgsDSZAljzHDpdvbARC3cWxt1g12HJX6nbGA3LWXTh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:54 2023 by rpki-client on console-fra.rpki-client.org