Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/cv7B_q_0wWeJjDTuNG4AThoIYoU.roa
File: cv7B_q_0wWeJjDTuNG4AThoIYoU.roa (raw, json)
Hash identifier: s3qJ7zqtrSMuV31q0k6iLBy/PCxrRWcjcZJSoFmPpeA=
Subject key identifier: 72:FE:C1:FE:AF:F4:C1:67:89:8C:34:EE:34:6E:00:4E:1A:08:62:85
Certificate issuer: /CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Certificate serial: 0184C2B213A2107D1E6DFA10ADDDEAC3A799
Authority key identifier: BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/cv7B_q_0wWeJjDTuNG4AThoIYoU.roa
Signing time: Tue 29 Nov 2022 09:22:40 +0000
ROA not before: Tue 29 Nov 2022 09:22:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34219
IP address blocks: 178.255.16.0/22 maxlen: 22
178.255.22.0/24 maxlen: 24
178.255.20.0/23 maxlen: 23
159.253.112.0/22 maxlen: 22
159.253.118.0/24 maxlen: 24
159.253.116.0/23 maxlen: 23
159.253.119.0/24 maxlen: 24
93.94.4.0/23 maxlen: 23
185.2.56.0/22 maxlen: 22
2a03:1e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:b2:13:a2:10:7d:1e:6d:fa:10:ad:dd:ea:c3:a7:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Validity
Not Before: Nov 29 09:22:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72fec1feaff4c167898c34ee346e004e1a086285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e4:2e:a2:da:8b:38:c5:96:7d:e4:03:9b:01:
89:e1:ad:84:e3:48:47:b7:ed:4a:7f:8d:3a:9b:ce:
e3:8e:41:b9:9c:91:e6:db:63:07:27:af:6b:5a:4f:
c2:e0:01:ad:72:dc:68:4c:8a:c5:4e:b3:f7:a9:1a:
b2:8a:2a:22:66:90:0a:b0:89:aa:ce:9b:27:ee:bc:
1c:39:bf:3f:f7:41:7a:75:e9:8f:2f:9a:cb:a2:1a:
5b:83:8c:4e:9e:ec:d2:55:8d:d9:32:5b:fd:e6:d1:
43:d9:bc:e1:c0:34:59:a4:b9:c5:48:ec:62:11:0e:
ed:3e:e9:de:3f:96:00:a9:34:d0:bf:1d:bc:b2:4b:
45:ba:37:31:d8:a6:2f:09:32:d4:c0:f0:64:3c:af:
2f:68:82:45:39:7f:17:88:cc:f5:e1:06:98:c3:ff:
d0:e7:82:0c:e2:df:a0:0b:ab:82:93:76:f4:59:12:
a2:59:20:a8:cf:4f:ec:ce:92:ed:98:68:cb:b8:3c:
a5:22:48:12:4d:b3:6c:e2:f3:2b:45:cd:65:50:67:
a4:1e:f3:69:d7:b9:37:36:96:de:8a:ee:e9:af:48:
e5:e9:36:54:0c:08:9f:fb:26:c0:4c:6f:b6:d1:3e:
4f:cf:e5:5f:a4:7b:54:b4:70:9e:92:8a:fc:e2:cd:
2c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FE:C1:FE:AF:F4:C1:67:89:8C:34:EE:34:6E:00:4E:1A:08:62:85
X509v3 Authority Key Identifier:
keyid:BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/cv7B_q_0wWeJjDTuNG4AThoIYoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.4.0/23
159.253.112.0/21
178.255.16.0-178.255.22.255
185.2.56.0/22
IPv6:
2a03:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
83:25:12:90:f0:1a:a2:54:62:1c:e5:a4:63:83:ad:88:28:ae:
4d:11:c9:4d:a3:cf:90:5c:74:f3:c5:d1:45:89:7f:8d:4c:41:
7b:c2:25:f0:03:00:3e:3a:1d:72:d5:64:cc:2a:01:e8:92:06:
19:83:70:52:2c:d5:2e:d4:c2:89:68:05:83:17:2e:fd:90:42:
d1:00:6b:84:6b:d0:38:8c:37:76:04:24:b0:1a:16:17:4a:88:
03:86:2e:3a:7d:52:29:25:6d:53:da:4b:8e:8a:4f:7d:2b:a2:
47:c9:58:ea:7a:c2:a5:15:8a:11:d1:89:53:4a:6d:39:45:12:
ec:54:f5:57:92:a9:c9:8d:d0:65:2b:99:51:34:f3:af:2d:09:
20:9b:0a:56:b0:67:6f:be:b8:f0:59:ae:d8:ee:ad:49:56:d0:
b4:61:09:35:c6:7d:11:cc:e1:78:be:76:e9:4d:14:67:14:d7:
62:d6:55:78:d4:db:20:0a:a8:13:af:b6:ab:38:91:81:9c:93:
8c:00:00:3a:d5:bd:ae:c3:0c:17:06:50:80:f0:e0:e4:ba:9b:
e7:fe:eb:41:2f:ab:91:57:99:3d:58:6d:49:38:42:5b:9e:a2:
87:95:93:ce:a9:e7:67:be:01:8e:8a:80:3a:72:bb:87:15:d3:
94:b1:e7:18
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYTCshOiEH0ebfoQrd3qw6eZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjQ5MzQ1N2IyZjAyZTY5Yjg1ZjcxOGRjYzE2YTlhOWVm
MGZjZDEwHhcNMjIxMTI5MDkyMjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZlYzFmZWFmZjRjMTY3ODk4YzM0ZWUzNDZlMDA0ZTFhMDg2Mjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeQuotqLOMWWfeQDmwGJ4a2E40hH
t+1Kf406m87jjkG5nJHm22MHJ69rWk/C4AGtctxoTIrFTrP3qRqyiioiZpAKsImq
zpsn7rwcOb8/90F6demPL5rLohpbg4xOnuzSVY3ZMlv95tFD2bzhwDRZpLnFSOxi
EQ7tPuneP5YAqTTQvx28sktFujcx2KYvCTLUwPBkPK8vaIJFOX8XiMz14QaYw//Q
54IM4t+gC6uCk3b0WRKiWSCoz0/szpLtmGjLuDylIkgSTbNs4vMrRc1lUGekHvNp
17k3Npbeiu7pr0jl6TZUDAif+ybATG+20T5Pz+VfpHtUtHCekor84s0sxwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHL+wf6v9MFniYw07jRuAE4aCGKFMB8GA1UdIwQY
MBaAFL+0k0V7LwLmm4X3GNzBapqe8PzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMt
MWY2NDA5ODQ4MTUwLzEvY3Y3Ql9xXzB3V2VKakRUdU5HNEFUaG9JWW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMtMWY2NDA5ODQ4MTUw
LzEvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQBXV4EAwQD
n/1wMAwDBASy/xADBACy/xYDBAK5AjgwDQQCAAIwBwMFACoDHgAwDQYJKoZIhvcN
AQELBQADggEBAIMlEpDwGqJUYhzlpGODrYgork0RyU2jz5BcdPPF0UWJf41MQXvC
JfADAD46HXLVZMwqAeiSBhmDcFIs1S7UwoloBYMXLv2QQtEAa4Rr0DiMN3YEJLAa
FhdKiAOGLjp9UiklbVPaS46KT30rokfJWOp6wqUVihHRiVNKbTlFEuxU9VeSqcmN
0GUrmVE0868tCSCbClawZ2++uPBZrtjurUlW0LRhCTXGfRHM4Xi+dulNFGcU12LW
VXjU2yAKqBOvtqs4kYGck4wAADrVva7DDBcGUIDw4OS6m+f+60Evq5FXmT1YbUk4
QlueooeVk86p52e+AY6KgDpyu4cV05Sx5xg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:58 2023 by rpki-client on console-fra.rpki-client.org