Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ENaYXn73HK-hRWKunTE4JNaLzuM.roa
File: ENaYXn73HK-hRWKunTE4JNaLzuM.roa (raw, json)
Hash identifier: 2Nr3rNGMQ8zCxYzpuIVt0IXPA0wMVtMJQO61dbFwOec=
Subject key identifier: 10:D6:98:5E:7E:F7:1C:AF:A1:45:62:AE:9D:31:38:24:D6:8B:CE:E3
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018413C02D0297E8B1258A74FEC56866D2B2
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ENaYXn73HK-hRWKunTE4JNaLzuM.roa
Signing time: Wed 26 Oct 2022 10:04:32 +0000
ROA not before: Wed 26 Oct 2022 10:04:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 164.215.97.0/24 maxlen: 24
164.215.98.0/24 maxlen: 24
164.215.96.0/24 maxlen: 24
164.215.99.0/24 maxlen: 24
85.158.148.0/24 maxlen: 24
85.158.149.0/24 maxlen: 24
85.158.151.0/24 maxlen: 24
85.158.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:c0:2d:02:97:e8:b1:25:8a:74:fe:c5:68:66:d2:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Oct 26 10:04:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10d6985e7ef71cafa14562ae9d313824d68bcee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dd:34:77:11:bf:ce:30:76:2a:fd:65:ef:b9:
71:ff:43:df:df:dd:8a:04:31:19:b2:79:41:a2:f4:
dd:db:f4:57:da:56:a7:af:f9:67:ca:37:4d:67:2b:
45:8b:2c:bd:d5:24:3b:15:c1:f9:f5:01:8b:3c:6c:
5f:98:bd:07:1b:e9:cd:3f:74:ee:ba:2c:9e:fa:48:
a8:40:5c:64:c9:07:59:7b:25:de:88:b1:7d:55:b3:
4f:34:f3:db:0b:ee:68:4d:50:9b:ed:70:81:2f:e5:
9a:57:65:06:85:ef:bb:5f:df:3d:00:49:7b:ba:0b:
bb:bf:f4:7f:67:d4:6b:03:69:cc:b4:47:71:11:d9:
45:b9:ae:3c:46:cb:bc:43:e2:81:b4:70:7e:50:8a:
8b:29:8e:f1:78:af:53:c7:4b:2c:8f:05:49:2f:93:
dd:a3:70:cb:6f:e1:1f:c7:ca:0b:f4:85:30:0a:06:
ec:08:3f:62:b4:5e:96:69:fa:ae:d8:f0:94:6e:b6:
75:32:52:ff:37:42:1a:0d:6c:0a:b5:6a:a7:d8:34:
1f:df:72:8f:d8:56:d5:3c:56:18:2f:6e:91:29:c1:
5b:c4:52:91:fc:c8:f0:a7:70:06:7b:3c:10:52:7b:
7a:1f:0f:d3:0d:b2:e6:f4:7c:f4:99:12:47:11:e0:
5b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D6:98:5E:7E:F7:1C:AF:A1:45:62:AE:9D:31:38:24:D6:8B:CE:E3
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ENaYXn73HK-hRWKunTE4JNaLzuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.148.0/22
164.215.96.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:d3:a5:07:8c:a6:cf:28:02:4c:02:58:b9:db:4d:57:9d:a7:
74:b8:57:1d:fe:00:86:dd:a2:eb:d6:09:11:69:da:a5:8f:41:
80:df:db:0b:97:8a:16:fc:e9:b8:1e:4b:30:bc:60:ff:61:ef:
4d:5e:8c:33:7f:95:af:13:52:55:51:9e:fb:9d:08:29:44:15:
9c:ff:8e:3c:51:18:35:73:66:62:da:c7:dd:34:1f:36:97:86:
63:96:a2:a0:a4:fc:aa:f9:7b:f7:80:35:fb:67:00:ea:a1:20:
f6:a2:e0:88:06:41:1f:b6:51:07:ac:62:6d:b8:d5:0e:71:e7:
1a:a2:7a:86:9b:40:5c:dc:11:3a:ec:d2:9e:51:12:e7:60:7c:
c7:aa:0d:c7:a4:57:b0:59:a6:0a:9c:5f:0e:7d:4d:8e:1d:8e:
94:a6:cb:a4:90:11:88:74:b9:5d:73:92:38:67:a6:07:68:79:
f3:5c:36:c7:a9:cc:40:4f:50:99:f4:d6:c5:2f:0c:61:79:09:
ba:f8:43:93:12:55:45:bf:7d:fe:45:70:7d:9d:79:89:43:d5:
9b:6b:d7:08:0b:57:2b:a5:c9:52:57:5b:5f:1b:90:d1:d6:54:
fe:c6:f2:88:e4:08:85:b0:48:e7:27:22:66:e6:85:10:14:aa:
e1:c0:88:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQTwC0Cl+ixJYp0/sVoZtKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMDI2MTAwNDMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGQ2OTg1ZTdlZjcxY2FmYTE0NTYyYWU5ZDMxMzgyNGQ2OGJjZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd00dxG/zjB2Kv1l77lx/0Pf392K
BDEZsnlBovTd2/RX2lanr/lnyjdNZytFiyy91SQ7FcH59QGLPGxfmL0HG+nNP3Tu
uiye+kioQFxkyQdZeyXeiLF9VbNPNPPbC+5oTVCb7XCBL+WaV2UGhe+7X989AEl7
ugu7v/R/Z9RrA2nMtEdxEdlFua48Rsu8Q+KBtHB+UIqLKY7xeK9Tx0ssjwVJL5Pd
o3DLb+Efx8oL9IUwCgbsCD9itF6Wafqu2PCUbrZ1MlL/N0IaDWwKtWqn2DQf33KP
2FbVPFYYL26RKcFbxFKR/Mjwp3AGezwQUnt6Hw/TDbLm9Hz0mRJHEeBbjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBDWmF5+9xyvoUVirp0xOCTWi87jMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvRU5hWVhuNzNISy1oUldLdW5URTRKTmFMenVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVZ6UAwQC
pNdgMA0GCSqGSIb3DQEBCwUAA4IBAQDQ06UHjKbPKAJMAli5201Xnad0uFcd/gCG
3aLr1gkRadqlj0GA39sLl4oW/Om4HkswvGD/Ye9NXowzf5WvE1JVUZ77nQgpRBWc
/448URg1c2Zi2sfdNB82l4ZjlqKgpPyq+Xv3gDX7ZwDqoSD2ouCIBkEftlEHrGJt
uNUOcecaonqGm0Bc3BE67NKeURLnYHzHqg3HpFewWaYKnF8OfU2OHY6UpsukkBGI
dLldc5I4Z6YHaHnzXDbHqcxAT1CZ9NbFLwxheQm6+EOTElVFv33+RXB9nXmJQ9Wb
a9cIC1crpclSV1tfG5DR1lT+xvKI5AiFsEjnJyJm5oUQFKrhwIiA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org