Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/EkTuVl2vN0gQGHCFqCZJZavTIi0.roa
File: EkTuVl2vN0gQGHCFqCZJZavTIi0.roa (raw, json)
Hash identifier: EX/mlGhmY2NKXKCyUM/vjHLoQQfIe749tOpUcHaIAk0=
Subject key identifier: 12:44:EE:56:5D:AF:37:48:10:18:70:85:A8:26:49:65:AB:D3:22:2D
Certificate issuer: /CN=573104ff3568cb99b7f5024e73ff2aea0563ce6a
Certificate serial: 0222DCD5
Authority key identifier: 57:31:04:FF:35:68:CB:99:B7:F5:02:4E:73:FF:2A:EA:05:63:CE:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VzEE_zVoy5m39QJOc_8q6gVjzmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/EkTuVl2vN0gQGHCFqCZJZavTIi0.roa
Signing time: Sat 01 Jan 2022 12:03:58 +0000
ROA not before: Sat 01 Jan 2022 12:03:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211960
IP address blocks: 193.228.137.0/24 maxlen: 24
2a04:1ac1:1::/48 maxlen: 48
2001:67c:2924::/48 maxlen: 48
2a04:1ac0:fff3::/48 maxlen: 48
2a04:1ac1:2::/48 maxlen: 48
2a04:1ac0:fff4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35839189 (0x222dcd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=573104ff3568cb99b7f5024e73ff2aea0563ce6a
Validity
Not Before: Jan 1 12:03:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1244ee565daf374810187085a8264965abd3222d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:83:f6:34:f9:c3:24:fb:f2:8a:c8:17:ca:35:
b3:b0:9b:40:91:8f:e4:75:ec:56:24:ea:79:4d:8d:
b6:85:58:25:06:42:d4:a1:7a:93:04:fe:95:35:d0:
a9:4e:a5:d1:0d:a9:a8:e0:7c:ad:8c:31:69:c9:71:
dc:7a:32:8c:df:48:d6:ab:6a:26:13:5d:ec:17:72:
e5:42:e8:05:04:56:d1:da:32:24:36:57:8e:5e:fc:
1e:54:16:a1:06:62:43:cf:c1:b9:20:15:60:7c:65:
c3:00:16:b0:9d:5f:49:7b:b6:6f:81:f3:88:b9:59:
56:f5:9a:96:71:c2:d9:12:b3:8a:39:20:4e:5e:d1:
55:ee:b9:ae:24:ae:06:69:2b:4e:f3:5d:51:69:41:
4d:bb:16:63:96:84:ea:63:a9:0e:be:a9:ec:6b:db:
ad:2a:65:09:ae:c8:c4:67:9a:02:c0:48:df:68:d4:
fa:4b:c8:56:f3:21:d1:ce:89:7f:a8:d1:06:3c:51:
82:ca:b2:5b:9f:51:c9:c5:d0:53:a5:57:c2:a9:f1:
e1:81:9a:2e:fd:3c:63:0a:e0:23:ac:f2:04:a8:0b:
75:c7:9c:68:8d:33:c8:b3:bc:92:4b:04:b9:c9:80:
97:d8:c4:e6:86:6d:fe:d1:dd:32:6a:f5:96:00:a8:
13:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:44:EE:56:5D:AF:37:48:10:18:70:85:A8:26:49:65:AB:D3:22:2D
X509v3 Authority Key Identifier:
keyid:57:31:04:FF:35:68:CB:99:B7:F5:02:4E:73:FF:2A:EA:05:63:CE:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VzEE_zVoy5m39QJOc_8q6gVjzmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/EkTuVl2vN0gQGHCFqCZJZavTIi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/VzEE_zVoy5m39QJOc_8q6gVjzmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.137.0/24
IPv6:
2001:67c:2924::/48
2a04:1ac0:fff3::-2a04:1ac0:fff4:ffff:ffff:ffff:ffff:ffff
2a04:1ac1:1::-2a04:1ac1:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
86:54:08:30:ec:7d:38:d5:f4:f5:a7:76:29:ab:51:fa:9c:78:
5d:06:0d:ae:08:5a:61:91:8a:a7:cd:61:5c:e0:61:a6:1c:14:
5a:c8:26:5a:78:33:d7:1a:39:8a:da:3b:20:b1:f4:6d:f0:8f:
5c:eb:2f:5d:0a:83:14:ce:67:6e:7e:d1:f9:7f:7c:0b:95:4f:
c3:cb:47:e8:6c:ec:a1:bc:69:4d:35:a2:56:c5:60:72:e1:fd:
e7:5f:fe:69:d2:e3:e0:83:31:d3:41:cc:c9:71:c2:77:80:aa:
7c:f0:f5:a0:5e:1a:c8:c4:a4:95:98:91:1c:66:44:84:ba:45:
7d:59:3a:b0:76:64:25:cd:8c:08:c4:77:94:dd:7e:52:c0:83:
83:0e:d0:02:fe:7b:bd:5f:fb:df:a2:91:ab:81:04:cd:03:84:
9e:a1:fc:7e:1c:5f:e5:05:18:63:fe:e6:96:65:ae:dc:3a:b8:
01:e4:3f:64:b7:be:3b:67:f8:ae:79:9f:66:06:f2:40:7d:a2:
99:dd:67:df:d4:1e:2e:f8:3a:2b:ef:99:54:80:b1:8d:f8:86:
69:c7:84:b7:ec:b2:f2:19:57:12:ed:4c:6b:f4:20:8e:c2:8e:
74:90:25:61:6b:13:ae:6d:47:d2:b3:45:68:28:ef:55:bd:76:
fa:e9:a7:99
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEAiLc1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzMxMDRmZjM1NjhjYjk5YjdmNTAyNGU3M2ZmMmFlYTA1NjNjZTZhMB4XDTIyMDEw
MTEyMDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTI0NGVlNTY1ZGFm
Mzc0ODEwMTg3MDg1YTgyNjQ5NjVhYmQzMjIyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmD9jT5wyT78orIF8o1s7CbQJGP5HXsViTqeU2NtoVYJQZC
1KF6kwT+lTXQqU6l0Q2pqOB8rYwxaclx3HoyjN9I1qtqJhNd7Bdy5ULoBQRW0doy
JDZXjl78HlQWoQZiQ8/BuSAVYHxlwwAWsJ1fSXu2b4HziLlZVvWalnHC2RKzijkg
Tl7RVe65riSuBmkrTvNdUWlBTbsWY5aE6mOpDr6p7GvbrSplCa7IxGeaAsBI32jU
+kvIVvMh0c6Jf6jRBjxRgsqyW59RycXQU6VXwqnx4YGaLv08YwrgI6zyBKgLdcec
aI0zyLO8kksEucmAl9jE5oZt/tHdMmr1lgCoE+sCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBQSRO5WXa83SBAYcIWoJkllq9MiLTAfBgNVHSMEGDAWgBRXMQT/NWjLmbf1
Ak5z/yrqBWPOajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Z6RUVfelZveTVtMzlRSk9jXzhxNmdWanptby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvM2U3NmZjLTVkY2QtNGJhNS04NDk1LTE5OThjYjlkMDY1Yy8x
L0VrVHVWbDJ2TjBnUUdIQ0ZxQ1pKWmF2VElpMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
M2U3NmZjLTVkY2QtNGJhNS04NDk1LTE5OThjYjlkMDY1Yy8xL1Z6RUVfelZveTVt
MzlRSk9jXzhxNmdWanptby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwDAQCAAEwBgMEAMHkiTA3BAIAAjAxAwcAIAEGfCkk
MBIDBwAqBBrA//MDBwAqBBrA//QwEgMHACoEGsEAAQMHACoEGsEAAjANBgkqhkiG
9w0BAQsFAAOCAQEAhlQIMOx9ONX09ad2KatR+px4XQYNrghaYZGKp81hXOBhphwU
WsgmWngz1xo5ito7ILH0bfCPXOsvXQqDFM5nbn7R+X98C5VPw8tH6GzsobxpTTWi
VsVgcuH951/+adLj4IMx00HMyXHCd4CqfPD1oF4ayMSklZiRHGZEhLpFfVk6sHZk
Jc2MCMR3lN1+UsCDgw7QAv57vV/736KRq4EEzQOEnqH8fhxf5QUYY/7mlmWu3Dq4
AeQ/ZLe+O2f4rnmfZgbyQH2imd1n39QeLvg6K++ZVICxjfiGaceEt+yy8hlXEu1M
a/QgjsKOdJAlYWsTrm1H0rNFaCjvVb12+umnmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:04 2024 by rpki-client on console-ams.rpki-client.org