Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/SHownKteSTMWcty0JJqC-rO6S2U.roa
File: SHownKteSTMWcty0JJqC-rO6S2U.roa (raw, json)
Hash identifier: BlEnHvfIqv657csd0T3OPHO0LxTiVQcYc19q6TS5ZeY=
Subject key identifier: 48:7A:30:9C:AB:5E:49:33:16:72:DC:B4:24:9A:82:FA:B3:BA:4B:65
Certificate issuer: /CN=eecc4cf37241ced1467c918aa276d388b0a82ed5
Certificate serial: 2A2110E4
Authority key identifier: EE:CC:4C:F3:72:41:CE:D1:46:7C:91:8A:A2:76:D3:88:B0:A8:2E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7sxM83JBztFGfJGKonbTiLCoLtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/SHownKteSTMWcty0JJqC-rO6S2U.roa
Signing time: Thu 28 Apr 2022 12:34:16 +0000
ROA not before: Thu 28 Apr 2022 12:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39505
IP address blocks: 87.247.250.0/24 maxlen: 24
93.93.8.0/24 maxlen: 24
87.247.248.0/24 maxlen: 24
87.247.249.0/24 maxlen: 24
87.247.254.0/24 maxlen: 24
93.93.12.0/24 maxlen: 24
87.247.255.0/24 maxlen: 24
93.93.13.0/24 maxlen: 24
78.40.136.0/24 maxlen: 24
78.40.137.0/24 maxlen: 24
78.40.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 706810084 (0x2a2110e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eecc4cf37241ced1467c918aa276d388b0a82ed5
Validity
Not Before: Apr 28 12:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=487a309cab5e49331672dcb4249a82fab3ba4b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:26:9c:4b:f1:33:06:04:4b:5b:68:ab:34:7f:
0e:99:a2:ff:38:9f:e7:39:e3:83:25:a4:cb:6a:75:
53:f6:3b:69:73:81:b5:af:6a:9d:a7:c5:57:bb:04:
5b:e7:dc:d2:72:2b:40:01:f7:54:3b:0f:f6:8c:74:
18:15:e3:ca:04:38:89:d8:bc:d0:7d:26:92:e5:82:
fc:a9:d3:2e:08:45:ba:cf:32:81:79:21:77:ef:6e:
c6:e1:b0:b9:b1:2d:13:9c:8e:bd:ca:56:00:7a:24:
65:ad:aa:a0:06:a7:69:b2:87:65:15:41:2e:78:fd:
27:86:ea:3c:2b:26:d9:7d:76:87:9e:88:6f:f2:81:
dd:6b:d2:e1:0d:69:d1:fd:71:36:67:dc:1a:16:a6:
65:ec:e1:d3:0c:ca:d6:2a:a2:30:bb:73:ed:17:86:
8b:64:db:91:f1:f1:ba:76:fb:46:e0:ec:52:3c:ad:
f7:08:d3:b8:a8:9b:0b:70:1f:8d:e0:9e:eb:6f:cd:
63:13:43:69:59:f8:4a:76:36:57:60:50:21:ff:af:
cd:9e:40:46:34:23:01:c6:b6:12:cd:60:06:50:4e:
ec:e0:81:8f:98:5a:0a:d8:e7:ce:72:fb:4e:ba:d2:
9c:ab:db:9f:85:17:9f:2d:89:ca:70:eb:5f:d2:5d:
42:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:7A:30:9C:AB:5E:49:33:16:72:DC:B4:24:9A:82:FA:B3:BA:4B:65
X509v3 Authority Key Identifier:
keyid:EE:CC:4C:F3:72:41:CE:D1:46:7C:91:8A:A2:76:D3:88:B0:A8:2E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7sxM83JBztFGfJGKonbTiLCoLtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/SHownKteSTMWcty0JJqC-rO6S2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/cf7d93-a076-49ff-9baf-5a37af43904c/1/7sxM83JBztFGfJGKonbTiLCoLtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.136.0-78.40.138.255
87.247.248.0-87.247.250.255
87.247.254.0/23
93.93.8.0/24
93.93.12.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:6e:91:38:d1:b2:a7:79:48:b1:fa:63:39:fe:cf:3f:ad:3e:
7c:29:34:1a:ed:cc:06:e5:8e:33:f8:d8:b9:d0:00:28:64:3f:
b6:0d:06:57:6a:db:da:a4:58:87:e0:71:59:2a:4c:f1:4d:b5:
23:07:fa:2b:06:8c:e9:95:0e:e8:9f:15:5c:da:31:f3:ae:ee:
0d:15:31:27:d6:28:8c:8f:19:f6:b3:8f:06:b2:c9:11:51:28:
c1:4a:a2:9c:64:56:da:1a:b2:a7:c9:36:78:2a:54:da:49:d9:
b8:39:36:18:5b:2a:a4:7c:96:e4:24:a1:de:bd:53:d9:d3:a2:
f0:be:ba:88:58:e1:0c:b2:c1:97:5b:e7:37:f2:d5:bd:ef:3a:
6b:c1:b1:56:1b:9a:50:f7:33:d8:cb:b9:ca:2c:39:92:d2:11:
52:cf:16:48:ef:65:27:58:29:8d:17:36:13:0c:6c:6c:32:94:
2d:19:3c:01:91:41:32:e8:18:f5:f3:39:bf:fb:de:f0:8b:90:
b8:bc:45:56:b4:fe:24:92:ad:d1:ef:24:83:3e:d9:f1:90:bd:
25:87:47:df:d6:3e:3b:c0:99:10:be:42:2f:9b:3a:f3:a5:10:
6f:42:69:b2:6b:ae:eb:1e:ac:94:58:47:e2:0f:78:91:95:e0:
1b:25:4e:52
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEKiEQ5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWNjNGNmMzcyNDFjZWQxNDY3YzkxOGFhMjc2ZDM4OGIwYTgyZWQ1MB4XDTIyMDQy
ODEyMzQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg3YTMwOWNhYjVl
NDkzMzE2NzJkY2I0MjQ5YTgyZmFiM2JhNGI2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIUmnEvxMwYES1toqzR/Dpmi/zif5znjgyWky2p1U/Y7aXOB
ta9qnafFV7sEW+fc0nIrQAH3VDsP9ox0GBXjygQ4idi80H0mkuWC/KnTLghFus8y
gXkhd+9uxuGwubEtE5yOvcpWAHokZa2qoAanabKHZRVBLnj9J4bqPCsm2X12h56I
b/KB3WvS4Q1p0f1xNmfcGhamZezh0wzK1iqiMLtz7ReGi2TbkfHxunb7RuDsUjyt
9wjTuKibC3AfjeCe62/NYxNDaVn4SnY2V2BQIf+vzZ5ARjQjAca2Es1gBlBO7OCB
j5haCtjnznL7TrrSnKvbn4UXny2JynDrX9JdQkECAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBRIejCcq15JMxZy3LQkmoL6s7pLZTAfBgNVHSMEGDAWgBTuzEzzckHO0UZ8
kYqidtOIsKgu1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdzeE04M0pCenRGR2ZKR0tvbmJUaUxDb0x0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvY2Y3ZDkzLWEwNzYtNDlmZi05YmFmLTVhMzdhZjQzOTA0Yy8x
L1NIb3duS3RlU1RNV2N0eTBKSnFDLXJPNlMyVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
Y2Y3ZDkzLWEwNzYtNDlmZi05YmFmLTVhMzdhZjQzOTA0Yy8xLzdzeE04M0pCenRG
R2ZKR0tvbmJUaUxDb0x0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLjAMAwQDTiiIAwQATiiKMAwDBANX9/gD
BABX9/oDBAFX9/4DBABdXQgDBAFdXQwwDQYJKoZIhvcNAQELBQADggEBABtukTjR
sqd5SLH6Yzn+zz+tPnwpNBrtzAbljjP42LnQAChkP7YNBldq29qkWIfgcVkqTPFN
tSMH+isGjOmVDuifFVzaMfOu7g0VMSfWKIyPGfazjwayyRFRKMFKopxkVtoasqfJ
NngqVNpJ2bg5NhhbKqR8luQkod69U9nTovC+uohY4QyywZdb5zfy1b3vOmvBsVYb
mlD3M9jLucosOZLSEVLPFkjvZSdYKY0XNhMMbGwylC0ZPAGRQTLoGPXzOb/73vCL
kLi8RVa0/iSSrdHvJIM+2fGQvSWHR9/WPjvAmRC+Qi+bOvOlEG9CabJrruserJRY
R+IPeJGV4BslTlI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:14 2024 by rpki-client on console-ams.rpki-client.org