Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/6ijz9JCpMkqG4sOQfb9hQUsxN7Q.roa
File: 6ijz9JCpMkqG4sOQfb9hQUsxN7Q.roa (raw, json)
Hash identifier: XU5Be8sRrKEXPDQ8YMQGup3u4LZee3a93Pws2omqS4U=
Subject key identifier: EA:28:F3:F4:90:A9:32:4A:86:E2:C3:90:7D:BF:61:41:4B:31:37:B4
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0183C6BB9EAD7108451665ABC208E831333B
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/6ijz9JCpMkqG4sOQfb9hQUsxN7Q.roa
Signing time: Tue 11 Oct 2022 11:08:48 +0000
ROA not before: Tue 11 Oct 2022 11:08:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 46.23.100.0/22 maxlen: 22
85.158.146.0/24 maxlen: 24
5.178.0.0/22 maxlen: 22
5.10.240.0/20 maxlen: 20
185.81.216.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:bb:9e:ad:71:08:45:16:65:ab:c2:08:e8:31:33:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Oct 11 11:08:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea28f3f490a9324a86e2c3907dbf61414b3137b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:61:03:9b:03:26:42:07:54:f4:74:2f:e7:d9:
9a:e2:0f:e8:67:55:6a:70:3c:42:98:c6:fa:86:db:
a1:f5:39:97:d6:34:10:27:25:79:27:20:25:a5:3d:
07:02:1b:8d:2c:9f:63:11:35:14:0a:7f:59:37:e8:
15:80:3f:d5:1a:dc:65:f9:c6:68:e7:42:da:fe:f4:
67:2b:ff:ea:f0:c2:db:1c:34:29:8a:0f:72:b7:d2:
c0:f4:7d:93:d5:92:7b:ce:4f:d1:b5:e9:c1:9d:7e:
06:fc:61:ff:42:6a:ba:db:07:79:56:c6:5b:5a:a1:
70:73:e9:4b:51:c6:ba:9c:88:12:d0:8d:46:98:e0:
5d:f3:95:ac:a4:fa:1f:6a:83:29:9c:30:cd:04:65:
df:22:2e:6f:16:78:c4:88:66:da:e0:c8:30:e2:64:
50:30:4d:4a:62:93:5b:8c:06:89:fd:dc:60:d0:47:
34:dc:08:b1:8d:12:ca:9f:e7:8e:1f:65:fc:37:25:
90:50:4d:5d:9d:9d:46:59:0f:16:4a:c0:3c:87:39:
08:f6:05:47:93:4a:93:53:d3:10:1b:19:fd:6c:65:
90:31:5c:9c:da:25:b1:ee:4e:35:0e:23:f1:e8:8d:
4a:96:a9:41:1d:71:27:df:4c:ac:da:cb:1a:a5:8f:
9b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:28:F3:F4:90:A9:32:4A:86:E2:C3:90:7D:BF:61:41:4B:31:37:B4
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/6ijz9JCpMkqG4sOQfb9hQUsxN7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/20
5.178.0.0/22
46.23.100.0/22
85.158.146.0/24
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
70:96:12:b7:59:ab:67:2e:d5:a3:d5:b7:48:6e:82:5e:6d:4a:
e9:ed:a2:bf:fc:86:8e:f8:7f:05:75:69:c8:c9:75:a8:7c:c1:
ea:73:13:71:f9:df:5f:01:24:f3:3c:4b:c5:ab:53:58:99:9e:
a8:95:dc:4f:c4:a6:25:90:86:ff:89:73:11:29:85:84:2e:28:
6b:94:42:01:b0:be:f2:b6:eb:6f:dc:a8:29:b6:ff:3d:38:cf:
c1:58:fd:24:40:24:c8:df:00:e1:f3:a1:96:a1:a3:77:70:d7:
e1:9f:d8:08:60:85:17:70:ed:52:80:c1:b7:b3:13:83:2f:2a:
a4:71:66:af:6f:e0:20:ca:b2:e1:b0:27:be:88:34:d9:84:4a:
b5:01:e1:49:b1:ab:15:cb:7f:7a:93:c5:2c:9b:8c:f6:e7:ad:
b9:39:ae:57:c2:b4:a6:ce:1f:4f:ab:d4:f9:a0:47:29:69:84:
0c:9c:ec:c8:81:7f:54:af:62:c5:5b:07:5d:8b:e3:69:52:72:
47:81:81:84:74:c6:5c:73:f2:9c:05:cd:a7:7b:d1:45:17:7c:
61:58:d1:fd:ce:b8:b1:f9:00:bd:e9:a4:e2:ad:95:f1:2a:63:
d5:d4:3f:2d:e1:8e:7e:9f:27:d6:df:19:71:32:98:05:9a:52:
31:9d:ac:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYPGu56tcQhFFmWrwgjoMTM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMDExMTEwODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTI4ZjNmNDkwYTkzMjRhODZlMmMzOTA3ZGJmNjE0MTRiMzEzN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWEDmwMmQgdU9HQv59ma4g/oZ1Vq
cDxCmMb6htuh9TmX1jQQJyV5JyAlpT0HAhuNLJ9jETUUCn9ZN+gVgD/VGtxl+cZo
50La/vRnK//q8MLbHDQpig9yt9LA9H2T1ZJ7zk/RtenBnX4G/GH/Qmq62wd5VsZb
WqFwc+lLUca6nIgS0I1GmOBd85WspPofaoMpnDDNBGXfIi5vFnjEiGba4Mgw4mRQ
ME1KYpNbjAaJ/dxg0Ec03AixjRLKn+eOH2X8NyWQUE1dnZ1GWQ8WSsA8hzkI9gVH
k0qTU9MQGxn9bGWQMVyc2iWx7k41DiPx6I1KlqlBHXEn30ys2ssapY+bcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOoo8/SQqTJKhuLDkH2/YUFLMTe0MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvNmlqejlKQ3BNa3FHNHNPUWZiOWhRVXN4TjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEBQrwAwQC
BbIAAwQCLhdkAwQAVZ6SAwQCuVHYMA0GCSqGSIb3DQEBCwUAA4IBAQBwlhK3Watn
LtWj1bdIboJebUrp7aK//IaO+H8FdWnIyXWofMHqcxNx+d9fASTzPEvFq1NYmZ6o
ldxPxKYlkIb/iXMRKYWELihrlEIBsL7ytutv3Kgptv89OM/BWP0kQCTI3wDh86GW
oaN3cNfhn9gIYIUXcO1SgMG3sxODLyqkcWavb+AgyrLhsCe+iDTZhEq1AeFJsasV
y396k8Usm4z25625Oa5XwrSmzh9Pq9T5oEcpaYQMnOzIgX9Ur2LFWwddi+NpUnJH
gYGEdMZcc/KcBc2ne9FFF3xhWNH9zrix+QC96aTirZXxKmPV1D8t4Y5+nyfW3xlx
MpgFmlIxnayP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org