Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/6L2s_4wRiUsQfX5j0TcmQg7eNug.roa
File: 6L2s_4wRiUsQfX5j0TcmQg7eNug.roa (raw, json)
Hash identifier: oVyyGMSO1ABslYHqX4fAAvMWdT/jcQc80kWU9MBr4EY=
Subject key identifier: E8:BD:AC:FF:8C:11:89:4B:10:7D:7E:63:D1:37:26:42:0E:DE:36:E8
Certificate issuer: /CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
Certificate serial: 0AF050EF
Authority key identifier: CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/6L2s_4wRiUsQfX5j0TcmQg7eNug.roa
Signing time: Mon 16 May 2022 10:06:29 +0000
ROA not before: Mon 16 May 2022 10:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203101
IP address blocks: 72.46.154.0/23 maxlen: 23
172.93.4.0/23 maxlen: 23
199.195.130.0/23 maxlen: 23
199.5.180.0/23 maxlen: 23
185.98.100.0/22 maxlen: 22
45.56.224.0/22 maxlen: 22
45.56.224.0/21 maxlen: 22
45.56.233.0/24 maxlen: 24
45.56.232.0/24 maxlen: 24
45.56.228.0/22 maxlen: 22
45.56.238.0/23 maxlen: 23
45.56.236.0/22 maxlen: 23
45.56.234.0/23 maxlen: 23
45.56.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183521519 (0xaf050ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
Validity
Not Before: May 16 10:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8bdacff8c11894b107d7e63d13726420ede36e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0f:5c:b5:b9:3a:55:e4:46:9d:2b:7d:76:7c:
06:31:d4:53:cd:13:a6:bd:7d:cb:4e:1d:5c:2a:a5:
4c:06:49:87:6a:11:ef:de:c5:c9:15:be:2c:df:06:
d0:33:ae:38:7b:ad:77:d1:0e:db:ce:aa:13:4f:f7:
3a:aa:8b:34:e5:e6:2b:e2:d0:9c:17:70:cc:85:7f:
f4:ff:f5:17:8f:e7:e3:b7:be:42:03:b4:e6:74:00:
b4:ed:c9:8d:ce:20:99:89:fb:6a:d7:21:b0:ba:e8:
92:d5:46:fd:10:14:55:7c:72:4b:2d:07:4c:46:d1:
22:51:38:85:9e:02:c6:c2:2d:e7:68:9c:6b:1b:bf:
5e:59:76:9e:17:bc:34:09:6c:5e:01:46:90:e0:81:
8f:5d:79:1a:4b:96:e7:ef:ab:13:50:1e:e5:5a:37:
41:0f:94:07:bc:64:dc:2a:cb:7b:6b:2f:ee:64:81:
66:e1:67:93:75:23:34:ac:76:49:8b:35:81:64:93:
1b:49:33:c3:16:88:00:fa:f3:66:07:07:a0:7f:c0:
5c:43:44:79:71:7f:d9:11:3b:62:f0:0e:9e:fe:d0:
b5:37:d7:ff:57:79:b3:14:1c:db:25:b2:11:5d:d0:
a1:66:05:68:72:53:07:80:4f:72:36:0f:06:1b:aa:
cd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:BD:AC:FF:8C:11:89:4B:10:7D:7E:63:D1:37:26:42:0E:DE:36:E8
X509v3 Authority Key Identifier:
keyid:CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/6L2s_4wRiUsQfX5j0TcmQg7eNug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ysIWQb28-sJMVLakhZSDxeQWQLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.56.224.0/19
72.46.154.0/23
172.93.4.0/23
185.98.100.0/22
199.5.180.0/23
199.195.130.0/23
Signature Algorithm: sha256WithRSAEncryption
74:6a:88:df:1c:c0:aa:a7:8a:11:ab:8f:a0:b1:23:f8:42:c3:
85:25:a8:0f:f5:64:c3:f1:d8:12:cd:ce:1b:d6:00:1e:b2:9c:
43:bd:54:a1:fa:29:bc:ac:8a:4e:5f:33:01:67:6b:40:20:99:
05:97:6a:8f:99:1d:ac:ac:7f:67:7b:5c:08:9d:d0:f4:df:91:
4e:f9:ad:88:34:48:39:82:91:de:38:5b:8e:1f:9e:f1:81:3f:
80:e6:bf:2c:8a:71:f7:53:10:8d:be:15:ee:f3:a0:f8:a4:7b:
68:ff:47:4c:13:0b:e7:e8:40:b3:9d:fa:fc:57:56:74:0a:2c:
70:82:20:bc:17:bc:fd:21:84:30:11:ce:a6:c8:9f:f1:c6:d4:
df:53:9b:dc:89:8a:75:ff:cd:94:88:63:8f:2f:bf:7c:76:7c:
b2:0d:c6:f3:28:58:bd:90:58:42:28:08:49:af:75:d1:1d:29:
dc:46:36:11:b0:11:74:0b:26:5e:e8:b3:c9:02:a7:9e:98:d2:
f6:29:48:82:0e:1c:61:b4:86:98:10:cb:a8:fa:3e:20:2a:37:
c0:75:80:c8:c6:e9:c8:8b:a7:f8:ae:19:3e:c0:dc:50:c9:a8:
4e:7f:53:97:95:3a:2a:95:cd:2f:04:dc:5d:f5:87:a6:4a:70:
26:2b:ba:3b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECvBQ7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWMyMTY0MWJkYmNmYWMyNGM1NGI2YTQ4NTk0ODNjNWU0MTY0MGI2MB4XDTIyMDUx
NjEwMDYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThiZGFjZmY4YzEx
ODk0YjEwN2Q3ZTYzZDEzNzI2NDIwZWRlMzZlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgPXLW5OlXkRp0rfXZ8BjHUU80Tpr19y04dXCqlTAZJh2oR
797FyRW+LN8G0DOuOHutd9EO286qE0/3OqqLNOXmK+LQnBdwzIV/9P/1F4/n47e+
QgO05nQAtO3Jjc4gmYn7atchsLroktVG/RAUVXxySy0HTEbRIlE4hZ4CxsIt52ic
axu/Xll2nhe8NAlsXgFGkOCBj115GkuW5++rE1Ae5Vo3QQ+UB7xk3CrLe2sv7mSB
ZuFnk3UjNKx2SYs1gWSTG0kzwxaIAPrzZgcHoH/AXENEeXF/2RE7YvAOnv7QtTfX
/1d5sxQc2yWyEV3QoWYFaHJTB4BPcjYPBhuqzXUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTovaz/jBGJSxB9fmPRNyZCDt426DAfBgNVHSMEGDAWgBTKwhZBvbz6wkxU
tqSFlIPF5BZAtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lzSVdRYjI4LXNKTVZMYWtoWlNEeGVRV1FMWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvODc3ZTQwLTZjYTEtNGEyYi04OWE1LThhYmY1ZWU2YzRhZC8x
LzZMMnNfNHdSaVVzUWZYNWowVGNtUWc3ZU51Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ODc3ZTQwLTZjYTEtNGEyYi04OWE1LThhYmY1ZWU2YzRhZC8xL3lzSVdRYjI4LXNK
TVZMYWtoWlNEeGVRV1FMWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEBS044AMEAUgumgMEAaxdBAMEArli
ZAMEAccFtAMEAcfDgjANBgkqhkiG9w0BAQsFAAOCAQEAdGqI3xzAqqeKEauPoLEj
+ELDhSWoD/Vkw/HYEs3OG9YAHrKcQ71UofopvKyKTl8zAWdrQCCZBZdqj5kdrKx/
Z3tcCJ3Q9N+RTvmtiDRIOYKR3jhbjh+e8YE/gOa/LIpx91MQjb4V7vOg+KR7aP9H
TBML5+hAs536/FdWdAoscIIgvBe8/SGEMBHOpsif8cbU31Ob3ImKdf/NlIhjjy+/
fHZ8sg3G8yhYvZBYQigISa910R0p3EY2EbARdAsmXuizyQKnnpjS9ilIgg4cYbSG
mBDLqPo+ICo3wHWAyMbpyIun+K4ZPsDcUMmoTn9Tl5U6KpXNLwTcXfWHpkpwJiu6
Ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:56 2024 by rpki-client on console-ams.rpki-client.org