Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/eckL6KEGz59n40KsnblCYTK7mKQ.roa
File: eckL6KEGz59n40KsnblCYTK7mKQ.roa (raw, json)
Hash identifier: zX4O8ag+KprQtkl1UBaj7fZNFbjW953gTl9Q5BgCx+8=
Subject key identifier: 79:C9:0B:E8:A1:06:CF:9F:67:E3:42:AC:9D:B9:42:61:32:BB:98:A4
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0185432C6A27467BCDE0275B1D7EF37DCCC3
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/eckL6KEGz59n40KsnblCYTK7mKQ.roa
Signing time: Sat 24 Dec 2022 08:07:42 +0000
ROA not before: Sat 24 Dec 2022 08:07:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210392
IP address blocks: 85.133.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:2c:6a:27:46:7b:cd:e0:27:5b:1d:7e:f3:7d:cc:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 24 08:07:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79c90be8a106cf9f67e342ac9db9426132bb98a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:76:df:a4:52:30:62:2a:11:7d:36:c0:1f:cd:
82:b2:57:30:69:6d:23:d9:a8:82:15:e9:91:ae:40:
6d:94:8b:d5:24:69:71:b3:2a:2a:e0:dc:6b:2f:34:
91:17:37:b0:7c:56:f8:06:16:e0:0d:b4:0e:a0:d7:
fd:0a:d1:fa:0f:73:ce:8b:0d:7f:28:e7:55:9d:72:
ac:6b:09:b1:f6:ec:bf:24:b4:e5:48:e6:d8:55:45:
15:a6:5e:31:a3:7a:41:32:f1:41:0c:31:7b:95:cb:
c8:ec:c6:15:b3:f3:2d:5d:be:c4:2a:f4:87:53:3c:
84:27:37:b7:97:7c:ab:9a:cc:f3:c8:fb:08:4a:95:
12:70:3d:62:cc:57:a9:90:c3:ca:07:f1:d9:e0:a2:
13:ad:fb:53:58:8e:81:29:5c:fc:1b:76:7b:bd:34:
ff:ba:5b:69:fc:d8:03:12:21:30:59:71:f2:19:18:
92:fa:5a:1f:db:30:9f:53:74:3c:5f:ca:10:f0:29:
b2:b7:38:25:4f:37:f9:c9:cb:ec:88:8e:f5:1f:35:
42:51:f9:48:96:3a:ea:4f:47:f2:be:82:60:e0:64:
e5:e6:1d:bd:27:f4:21:e6:ad:e0:66:94:f4:cd:c2:
d9:ba:79:80:f7:5c:36:4a:af:d7:6d:72:22:bf:bb:
07:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C9:0B:E8:A1:06:CF:9F:67:E3:42:AC:9D:B9:42:61:32:BB:98:A4
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/eckL6KEGz59n40KsnblCYTK7mKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.224.0/24
Signature Algorithm: sha256WithRSAEncryption
49:33:f9:54:2d:ae:b3:4b:07:62:53:66:ea:ef:01:57:f3:f3:
f9:28:d0:40:98:c5:50:da:29:9a:09:d9:91:1f:87:eb:36:a6:
ce:1e:c7:71:33:42:0a:64:05:cd:f3:f2:60:e5:a0:27:90:76:
fc:04:ba:73:fd:71:7f:d7:c5:bc:65:5e:eb:94:04:6b:bd:c1:
6e:a6:10:c9:82:8a:79:4c:45:6a:59:51:24:87:93:74:67:a4:
ae:2f:8f:ef:ef:b5:b9:75:e2:b2:55:b0:ff:89:bd:c1:e1:fb:
4f:30:78:7b:8b:db:a7:a7:18:86:11:1c:6b:7d:22:0b:fc:6a:
b9:8b:6d:b9:86:37:0d:55:c5:6f:ac:90:0b:05:c2:1c:f8:7d:
54:9f:eb:ac:52:57:fb:7c:bc:35:95:dc:17:b5:0d:bb:e2:5c:
2f:5f:45:7b:45:bc:ec:49:be:96:55:44:e0:ae:26:e2:42:81:
47:56:32:9c:f5:12:41:de:67:d9:94:c8:f9:63:fc:d0:a6:bc:
1c:d3:f4:14:72:fc:1a:db:ee:f2:2b:26:e8:50:ae:81:e6:f0:
66:46:61:78:ee:ab:05:b7:c9:00:68:d4:04:ed:61:74:35:fa:
a6:8a:2f:2e:dc:f0:dc:3c:c0:33:9a:3f:46:4e:e2:e6:a7:88:
a0:c2:36:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVDLGonRnvN4CdbHX7zfczDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjI0MDgwNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWM5MGJlOGExMDZjZjlmNjdlMzQyYWM5ZGI5NDI2MTMyYmI5OGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnbfpFIwYioRfTbAH82CslcwaW0j
2aiCFemRrkBtlIvVJGlxsyoq4NxrLzSRFzewfFb4BhbgDbQOoNf9CtH6D3POiw1/
KOdVnXKsawmx9uy/JLTlSObYVUUVpl4xo3pBMvFBDDF7lcvI7MYVs/MtXb7EKvSH
UzyEJze3l3yrmszzyPsISpUScD1izFepkMPKB/HZ4KITrftTWI6BKVz8G3Z7vTT/
ultp/NgDEiEwWXHyGRiS+lof2zCfU3Q8X8oQ8CmytzglTzf5ycvsiI71HzVCUflI
ljrqT0fyvoJg4GTl5h29J/Qh5q3gZpT0zcLZunmA91w2Sq/XbXIiv7sH6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHnJC+ihBs+fZ+NCrJ25QmEyu5ikMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZWNrTDZLRUd6NTluNDBLc25ibENZVEs3bUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYXgMA0G
CSqGSIb3DQEBCwUAA4IBAQBJM/lULa6zSwdiU2bq7wFX8/P5KNBAmMVQ2imaCdmR
H4frNqbOHsdxM0IKZAXN8/Jg5aAnkHb8BLpz/XF/18W8ZV7rlARrvcFuphDJgop5
TEVqWVEkh5N0Z6SuL4/v77W5deKyVbD/ib3B4ftPMHh7i9unpxiGERxrfSIL/Gq5
i225hjcNVcVvrJALBcIc+H1Un+usUlf7fLw1ldwXtQ274lwvX0V7RbzsSb6WVUTg
ribiQoFHVjKc9RJB3mfZlMj5Y/zQprwc0/QUcvwa2+7yKyboUK6B5vBmRmF47qsF
t8kAaNQE7WF0Nfqmii8u3PDcPMAzmj9GTuLmp4igwjah
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org