Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/0eavFY9te1_0F7SiADNdO_twWh8.roa
File: 0eavFY9te1_0F7SiADNdO_twWh8.roa (raw, json)
Hash identifier: Kmxdxnwfsi1/ORCokd/jDyeiImf+IGKLv/Ty+PEcXkw=
Subject key identifier: D1:E6:AF:15:8F:6D:7B:5F:F4:17:B4:A2:00:33:5D:3B:FB:70:5A:1F
Certificate issuer: /CN=1cdab70524fd51313b84f5d8f46362a3d8c80814
Certificate serial: 105076C1
Authority key identifier: 1C:DA:B7:05:24:FD:51:31:3B:84:F5:D8:F4:63:62:A3:D8:C8:08:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/0eavFY9te1_0F7SiADNdO_twWh8.roa
Signing time: Sat 01 Jan 2022 05:02:39 +0000
ROA not before: Sat 01 Jan 2022 05:02:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39781
IP address blocks: 185.106.216.0/22 maxlen: 24
193.227.107.0/24 maxlen: 24
79.98.56.0/21 maxlen: 24
2a02:1758::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 273708737 (0x105076c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cdab70524fd51313b84f5d8f46362a3d8c80814
Validity
Not Before: Jan 1 05:02:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1e6af158f6d7b5ff417b4a200335d3bfb705a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:74:23:43:b4:2a:78:44:29:17:92:81:c9:fa:
93:72:73:30:91:31:fe:9c:17:8b:79:01:ab:7a:b0:
b9:9a:93:19:92:39:09:cf:a1:e3:f3:da:9c:33:d4:
46:ba:22:07:68:b6:aa:0c:d3:d2:0e:8b:09:64:2f:
94:8c:4b:ff:0f:18:ca:9b:06:33:7c:86:71:0c:26:
47:01:c9:13:f1:ca:91:e7:22:dd:5a:5e:a1:6f:fc:
d5:00:f9:ba:f0:3b:cd:e5:17:d1:90:3f:66:78:cc:
15:89:8b:bc:c2:c6:71:8f:44:23:90:c8:c7:ba:31:
d3:c0:eb:b5:ae:fa:28:7e:26:fb:5a:bc:d0:bc:d9:
fd:83:7d:9e:ce:a8:26:db:6c:8b:b5:07:8c:07:63:
99:b3:ac:1e:d2:99:6b:6e:e4:79:6b:35:fa:42:0d:
3f:00:3b:e6:76:17:4f:a4:4a:65:e5:a9:03:37:d3:
e8:ef:67:d3:d9:f4:b8:2a:80:66:d9:d4:7f:4a:4b:
80:06:7c:cb:f4:a5:f6:0f:5f:7b:8b:36:14:9e:52:
a7:6a:63:9d:cd:71:ea:07:7e:b7:d8:10:4b:fb:4d:
2e:b6:b2:c4:07:62:9b:91:fd:13:cc:fd:f5:be:bb:
cf:20:d3:9d:0c:37:dc:bc:73:b4:92:ce:aa:50:8e:
c5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E6:AF:15:8F:6D:7B:5F:F4:17:B4:A2:00:33:5D:3B:FB:70:5A:1F
X509v3 Authority Key Identifier:
keyid:1C:DA:B7:05:24:FD:51:31:3B:84:F5:D8:F4:63:62:A3:D8:C8:08:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/0eavFY9te1_0F7SiADNdO_twWh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.56.0/21
185.106.216.0/22
193.227.107.0/24
IPv6:
2a02:1758::/29
Signature Algorithm: sha256WithRSAEncryption
8d:3f:24:c1:fb:c7:09:90:b2:8a:b2:aa:cb:96:f6:29:64:89:
c8:ba:84:02:4a:ea:4d:b4:70:84:2e:92:46:73:25:c8:f3:00:
9e:e0:19:7f:c4:cd:af:98:d8:99:f3:d5:0d:27:a9:77:20:fe:
77:69:f6:f6:a2:98:c3:be:53:2d:b8:d6:b4:ee:54:66:8f:f7:
84:11:de:26:95:14:3a:06:6e:00:35:cc:6f:1c:e7:12:62:ae:
a1:00:0c:bc:e8:88:83:2f:e9:d6:ed:6e:86:16:14:4f:cd:bc:
2f:6e:fa:70:c7:57:f9:9e:24:72:4c:4e:3a:fb:83:89:c5:68:
b1:7f:20:57:b6:2b:16:b3:4c:ec:1d:3b:cd:ff:da:4c:81:47:
f1:ac:76:eb:93:5c:e0:cc:2c:87:f4:7d:d1:27:fa:c9:77:9b:
40:39:d3:7f:31:77:37:b7:a8:ec:61:a3:57:99:e6:57:31:30:
2f:40:08:6e:21:04:65:82:b4:98:01:1b:f3:c7:99:45:d3:e5:
4f:c4:89:d5:cd:9f:39:6e:b8:3b:ce:6e:bb:bf:91:99:32:bc:
5a:26:28:f9:b4:53:0d:94:78:7d:81:ad:f9:6e:3d:bc:6b:09:
10:00:12:d7:92:94:5a:d7:28:44:bf:d3:c6:14:fe:0b:71:a3:
80:9f:9d:d3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEEFB2wTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Y2RhYjcwNTI0ZmQ1MTMxM2I4NGY1ZDhmNDYzNjJhM2Q4YzgwODE0MB4XDTIyMDEw
MTA1MDIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFlNmFmMTU4ZjZk
N2I1ZmY0MTdiNGEyMDAzMzVkM2JmYjcwNWExZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK50I0O0KnhEKReSgcn6k3JzMJEx/pwXi3kBq3qwuZqTGZI5
Cc+h4/PanDPURroiB2i2qgzT0g6LCWQvlIxL/w8YypsGM3yGcQwmRwHJE/HKkeci
3VpeoW/81QD5uvA7zeUX0ZA/ZnjMFYmLvMLGcY9EI5DIx7ox08Drta76KH4m+1q8
0LzZ/YN9ns6oJttsi7UHjAdjmbOsHtKZa27keWs1+kINPwA75nYXT6RKZeWpAzfT
6O9n09n0uCqAZtnUf0pLgAZ8y/Sl9g9fe4s2FJ5Sp2pjnc1x6gd+t9gQS/tNLray
xAdim5H9E8z99b67zyDTnQw33LxztJLOqlCOxbsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTR5q8Vj217X/QXtKIAM107+3BaHzAfBgNVHSMEGDAWgBQc2rcFJP1RMTuE
9dj0Y2Kj2MgIFDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hOcTNCU1Q5VVRFN2hQWFk5R05pbzlqSUNCUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvMTkwMTdhLTRmY2MtNGZhZC1hNTcyLTk5ZjY5M2U0NTA2MS8x
LzBlYXZGWTl0ZTFfMEY3U2lBRE5kT190d1doOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
MTkwMTdhLTRmY2MtNGZhZC1hNTcyLTk5ZjY5M2U0NTA2MS8xL0hOcTNCU1Q5VVRF
N2hQWFk5R05pbzlqSUNCUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA09iOAMEArlq2AMEAMHjazANBAIA
AjAHAwUDKgIXWDANBgkqhkiG9w0BAQsFAAOCAQEAjT8kwfvHCZCyirKqy5b2KWSJ
yLqEAkrqTbRwhC6SRnMlyPMAnuAZf8TNr5jYmfPVDSepdyD+d2n29qKYw75TLbjW
tO5UZo/3hBHeJpUUOgZuADXMbxznEmKuoQAMvOiIgy/p1u1uhhYUT828L276cMdX
+Z4kckxOOvuDicVosX8gV7YrFrNM7B07zf/aTIFH8ax265Nc4Mwsh/R90Sf6yXeb
QDnTfzF3N7eo7GGjV5nmVzEwL0AIbiEEZYK0mAEb88eZRdPlT8SJ1c2fOW64O85u
u7+RmTK8WiYo+bRTDZR4fYGt+W49vGsJEAAS15KUWtcoRL/TxhT+C3GjgJ+d0w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:38 2025 by rpki-client