Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/4ZVna0oIluyu6Pijz-VKCcwF9D8.roa
File: 4ZVna0oIluyu6Pijz-VKCcwF9D8.roa (raw, json)
Hash identifier: b5nErcyXwUb/TvIVwOUBA/C7L1wJiMS8EQBdtVymzNw=
Subject key identifier: E1:95:67:6B:4A:08:96:EC:AE:E8:F8:A3:CF:E5:4A:09:CC:05:F4:3F
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0183D64CBB829A6C677A5FF6BADC12F253C8
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/4ZVna0oIluyu6Pijz-VKCcwF9D8.roa
Signing time: Fri 14 Oct 2022 11:41:36 +0000
ROA not before: Fri 14 Oct 2022 11:41:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 85.158.146.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
5.178.1.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
5.178.0.0/24 maxlen: 24
5.10.240.0/20 maxlen: 20
185.81.216.0/22 maxlen: 22
46.23.103.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.100.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:4c:bb:82:9a:6c:67:7a:5f:f6:ba:dc:12:f2:53:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Oct 14 11:41:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e195676b4a0896ecaee8f8a3cfe54a09cc05f43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ac:8d:f1:b9:64:60:fc:3d:f4:26:ab:d5:05:
7b:2d:f0:91:9c:fe:c5:70:50:83:4c:90:6a:e0:3e:
44:5b:7f:82:e2:ad:53:1e:87:35:9c:b1:e8:51:f5:
b5:01:33:47:ae:e8:a9:40:af:fa:cb:a0:d0:8c:d5:
0f:a4:52:12:02:e9:79:5f:ca:28:60:15:d1:72:86:
f8:24:b4:26:85:e6:4e:1f:5f:88:dd:07:90:27:8a:
5d:e8:eb:c7:7a:a2:98:6c:8d:8c:f0:ea:ed:cc:6e:
ea:56:48:86:d2:d9:7f:ad:d5:aa:ff:3f:3c:4a:c9:
b4:b5:40:2f:2f:ac:f8:30:85:1f:84:0c:8c:9f:13:
fe:75:64:db:a5:40:a5:93:39:de:e9:94:02:2f:7c:
68:37:e6:e1:b0:90:a2:6d:58:e9:53:79:f9:e5:15:
95:a5:ee:7a:cb:83:47:68:1a:d4:3f:f5:09:53:03:
41:58:07:b5:d3:34:bc:cc:b3:ff:fb:ee:c0:da:2c:
e5:06:ff:60:22:55:d0:1c:35:d6:33:0a:9e:a5:a9:
29:e0:2c:ab:e9:9c:32:81:20:c6:94:17:7e:43:1f:
7d:68:b7:14:ba:28:21:05:4d:0b:a3:32:80:33:bc:
0f:9c:da:18:cd:15:61:4a:ce:58:5a:71:84:a9:ab:
5a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:95:67:6B:4A:08:96:EC:AE:E8:F8:A3:CF:E5:4A:09:CC:05:F4:3F
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/4ZVna0oIluyu6Pijz-VKCcwF9D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/20
5.178.0.0/22
37.128.200.0/22
46.23.100.0/22
85.158.146.0/24
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:09:59:6b:f0:14:f0:47:4c:fa:20:93:d5:e3:3e:cd:1d:98:
8f:a8:bd:56:8c:3e:a7:38:75:66:be:29:9b:32:e3:2d:ac:f8:
e9:2b:1a:e1:b4:dc:9d:30:02:62:c3:48:70:46:39:40:9a:17:
88:a3:49:32:0a:7a:56:8e:75:8a:51:fc:88:42:75:b4:bb:b2:
15:59:9f:f5:07:5b:0d:d8:3b:bb:84:9e:d3:54:e5:1d:1f:69:
5e:83:b1:8e:71:f1:c8:1b:b0:37:27:a4:60:2a:2d:90:ca:30:
43:9e:d7:b6:a8:b0:c3:2f:dd:b4:c5:e8:8e:eb:4c:3c:16:77:
e5:5d:4b:89:ac:03:73:69:b4:34:4b:f3:1b:47:33:99:b0:ee:
7e:18:9d:71:17:46:c5:c5:1c:b6:f6:2e:79:90:4c:6d:2e:24:
f3:d0:53:ba:36:4a:8a:b4:4b:b2:c6:de:bc:5c:f9:8c:b0:7a:
5a:f9:07:ea:a2:12:ce:47:5f:81:99:94:40:e7:01:44:b7:75:
de:b2:b4:2e:7b:4b:9d:e7:9e:c7:4e:24:d7:a9:12:d7:68:b1:
d9:00:55:da:8d:3c:b2:7c:2c:1d:0a:f2:01:34:c1:55:b9:4a:
2b:4e:36:b5:08:2c:30:e7:97:ff:d7:e3:57:da:2f:2e:e2:0b:
81:a0:f3:af
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYPWTLuCmmxnel/2utwS8lPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMDE0MTE0MTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTk1Njc2YjRhMDg5NmVjYWVlOGY4YTNjZmU1NGEwOWNjMDVmNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqyN8blkYPw99Car1QV7LfCRnP7F
cFCDTJBq4D5EW3+C4q1THoc1nLHoUfW1ATNHruipQK/6y6DQjNUPpFISAul5X8oo
YBXRcob4JLQmheZOH1+I3QeQJ4pd6OvHeqKYbI2M8OrtzG7qVkiG0tl/rdWq/z88
Ssm0tUAvL6z4MIUfhAyMnxP+dWTbpUClkzne6ZQCL3xoN+bhsJCibVjpU3n55RWV
pe56y4NHaBrUP/UJUwNBWAe10zS8zLP/++7A2izlBv9gIlXQHDXWMwqepakp4Cyr
6ZwygSDGlBd+Qx99aLcUuighBU0LozKAM7wPnNoYzRVhSs5YWnGEqataXwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOGVZ2tKCJbsruj4o8/lSgnMBfQ/MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvNFpWbmEwb0lsdXl1NlBpanotVktDY3dGOUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEBQrwAwQC
BbIAAwQCJYDIAwQCLhdkAwQAVZ6SAwQCuVHYMA0GCSqGSIb3DQEBCwUAA4IBAQCh
CVlr8BTwR0z6IJPV4z7NHZiPqL1WjD6nOHVmvimbMuMtrPjpKxrhtNydMAJiw0hw
RjlAmheIo0kyCnpWjnWKUfyIQnW0u7IVWZ/1B1sN2Du7hJ7TVOUdH2leg7GOcfHI
G7A3J6RgKi2QyjBDnte2qLDDL920xeiO60w8FnflXUuJrANzabQ0S/MbRzOZsO5+
GJ1xF0bFxRy29i55kExtLiTz0FO6NkqKtEuyxt68XPmMsHpa+QfqohLOR1+BmZRA
5wFEt3XesrQue0ud557HTiTXqRLXaLHZAFXajTyyfCwdCvIBNMFVuUorTja1CCww
55f/1+NX2i8u4guBoPOv
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org