Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/58We5hAQ7Glbb1kQPujrtFhLMck.roa
File: 58We5hAQ7Glbb1kQPujrtFhLMck.roa (raw, json)
Hash identifier: NS4D2HuJoGQfDcphTbQRTA7wx2nGTKxpg5j0Rgh5tRY=
Subject key identifier: E7:C5:9E:E6:10:10:EC:69:5B:6F:59:10:3E:E8:EB:B4:58:4B:31:C9
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 026F2539
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/58We5hAQ7Glbb1kQPujrtFhLMck.roa
Signing time: Thu 27 Jan 2022 10:35:54 +0000
ROA not before: Thu 27 Jan 2022 10:35:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 85.158.145.0/24 maxlen: 24
109.205.213.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
109.205.211.0/24 maxlen: 24
109.205.215.0/24 maxlen: 24
88.151.192.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
88.151.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40838457 (0x26f2539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 27 10:35:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7c59ee61010ec695b6f59103ee8ebb4584b31c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ad:1d:92:0f:2b:af:9d:8b:f0:12:a9:a0:05:
46:7c:d8:81:28:86:54:22:b0:56:42:40:bb:6a:e9:
c4:01:84:d7:04:9b:04:f7:52:a3:e0:c2:a9:7e:67:
a4:cb:19:7c:5c:57:7c:1e:90:b0:d2:12:6b:72:8d:
3d:09:c9:67:23:7e:70:d7:c3:cc:95:e3:26:c1:94:
61:b2:56:4a:bd:66:74:05:2a:83:7f:c0:81:a8:5e:
f4:a3:a0:fb:91:97:ae:cc:f3:cd:13:4c:23:3c:ed:
64:b7:b5:ac:38:9e:c4:5e:6e:4a:27:97:5e:7e:c9:
6a:d6:ee:4b:e5:b5:7b:c3:eb:d1:81:36:37:b4:54:
4c:81:26:0c:5a:20:94:51:e5:b7:2e:b6:d5:dc:2c:
5d:fc:ae:6a:69:c0:5c:f9:1a:89:83:d2:34:4e:b0:
25:e5:96:3b:cb:cb:47:89:15:4a:17:64:a2:2e:3c:
15:ed:62:53:49:45:51:df:52:f5:68:49:5b:2e:d8:
68:8c:8d:da:89:72:0e:d1:43:43:57:16:d8:60:81:
fe:4d:9a:d7:26:56:eb:df:70:84:04:0c:34:dc:be:
b8:25:39:a9:64:48:f7:69:a7:52:f5:cd:3e:5f:cc:
d8:eb:43:11:f1:19:be:b1:ff:cb:bd:54:73:7b:c8:
36:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C5:9E:E6:10:10:EC:69:5B:6F:59:10:3E:E8:EB:B4:58:4B:31:C9
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/58We5hAQ7Glbb1kQPujrtFhLMck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.145.0/24
88.151.192.0/24
88.151.195.0-88.151.196.255
109.205.211.0-109.205.213.255
109.205.215.0/24
Signature Algorithm: sha256WithRSAEncryption
90:8b:10:04:9a:22:46:16:26:73:2e:2c:44:34:c8:c5:0b:5a:
48:a1:5b:fe:d8:65:9b:6e:be:94:73:e2:3d:05:58:b4:88:52:
1b:2f:58:5e:72:16:92:27:7d:a0:de:dd:ab:64:f7:c8:f7:51:
93:e5:d4:55:ba:ca:93:e3:05:69:e4:ba:5d:9f:26:1e:aa:f1:
aa:b1:8b:dd:67:54:5e:3e:12:6a:23:30:3b:be:f4:f9:3f:d3:
3d:ca:33:3c:68:32:5d:89:b3:c7:a2:3b:46:fe:76:aa:46:00:
aa:e0:b0:69:2c:eb:9b:cc:0d:11:4c:35:ba:40:a0:b7:45:ea:
f2:41:b7:7c:7d:62:20:16:a9:fe:fd:d5:17:6e:85:f0:ca:48:
58:8e:40:5e:44:b8:96:cc:59:92:e4:26:31:14:15:3c:8a:6e:
88:bb:b6:46:02:9d:60:6b:22:4c:ca:d9:65:ea:ca:b7:0b:8c:
4a:11:99:69:e7:c2:4b:03:53:7f:7e:0e:32:2a:6d:1a:2f:1c:
65:5f:e7:e0:00:b2:8c:ab:a7:ed:4f:17:53:ec:9c:3c:38:6f:
26:aa:c7:fa:79:48:0d:de:ea:a5:4a:00:c5:49:5b:b1:1c:a3:
17:64:e0:cc:5b:2f:f0:4a:fd:74:55:63:a0:47:6b:61:a5:7f:
5d:d1:05:a6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEAm8lOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDEy
NzEwMzU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdjNTllZTYxMDEw
ZWM2OTViNmY1OTEwM2VlOGViYjQ1ODRiMzFjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqtHZIPK6+di/ASqaAFRnzYgSiGVCKwVkJAu2rpxAGE1wSb
BPdSo+DCqX5npMsZfFxXfB6QsNISa3KNPQnJZyN+cNfDzJXjJsGUYbJWSr1mdAUq
g3/Agahe9KOg+5GXrszzzRNMIzztZLe1rDiexF5uSieXXn7JatbuS+W1e8Pr0YE2
N7RUTIEmDFoglFHlty621dwsXfyuamnAXPkaiYPSNE6wJeWWO8vLR4kVShdkoi48
Fe1iU0lFUd9S9WhJWy7YaIyN2olyDtFDQ1cW2GCB/k2a1yZW699whAQMNNy+uCU5
qWRI92mnUvXNPl/M2OtDEfEZvrH/y71Uc3vINpECAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBTnxZ7mEBDsaVtvWRA+6Ou0WEsxyTAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
LzU4V2U1aEFRN0dsYmIxa1FQdWpydEZoTE1jay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLgMEAFWekQMEAFiXwDAMAwQAWJfDAwQA
WJfEMAwDBABtzdMDBAFtzdQDBABtzdcwDQYJKoZIhvcNAQELBQADggEBAJCLEASa
IkYWJnMuLEQ0yMULWkihW/7YZZtuvpRz4j0FWLSIUhsvWF5yFpInfaDe3atk98j3
UZPl1FW6ypPjBWnkul2fJh6q8aqxi91nVF4+EmojMDu+9Pk/0z3KMzxoMl2Js8ei
O0b+dqpGAKrgsGks65vMDRFMNbpAoLdF6vJBt3x9YiAWqf791RduhfDKSFiOQF5E
uJbMWZLkJjEUFTyKboi7tkYCnWBrIkzK2WXqyrcLjEoRmWnnwksDU39+DjIqbRov
HGVf5+AAsoyrp+1PF1PsnDw4byaqx/p5SA3e6qVKAMVJW7Ecoxdk4MxbL/BK/XRV
Y6BHa2Glf13RBaY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org