Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/EFIgYc-2SXcs_x8PtcM8r1DJEic.roa
File: EFIgYc-2SXcs_x8PtcM8r1DJEic.roa (raw, json)
Hash identifier: dDuSa+m41808Cq6BdUXdwrGhi2fpIYRnSqstCo8Ahq4=
Subject key identifier: 10:52:20:61:CF:B6:49:77:2C:FF:1F:0F:B5:C3:3C:AF:50:C9:12:27
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0183EB01E093DF64DB1821ADDB0D5A852657
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/EFIgYc-2SXcs_x8PtcM8r1DJEic.roa
Signing time: Tue 18 Oct 2022 12:11:52 +0000
ROA not before: Tue 18 Oct 2022 12:11:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6900
IP address blocks: 195.203.156.0/22 maxlen: 22
217.27.4.0/24 maxlen: 24
217.27.6.0/24 maxlen: 24
195.203.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:eb:01:e0:93:df:64:db:18:21:ad:db:0d:5a:85:26:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Oct 18 12:11:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10522061cfb649772cff1f0fb5c33caf50c91227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9c:8a:30:ef:06:f1:0f:ab:c4:e7:ab:ff:dc:
f8:f2:fb:31:65:1f:3e:6e:1e:8d:1d:89:32:39:68:
0c:bd:6e:52:70:b1:b1:63:c9:8e:f3:2f:5c:72:09:
4f:82:5d:30:e1:08:00:89:44:15:df:d8:ac:19:65:
66:f4:0d:06:d3:5e:f5:b4:f9:57:af:f7:03:d3:44:
f5:9c:54:5f:8b:db:3a:6b:10:96:a4:03:79:59:3a:
a5:e7:c3:0c:25:e0:ef:1f:ec:c3:38:6f:4f:5e:03:
40:be:c0:6f:18:45:11:a7:fb:49:30:75:7e:d6:5b:
b0:f3:55:e1:09:c6:2d:a9:7c:7b:fa:21:cb:63:f1:
88:46:34:4b:2e:71:92:3f:30:04:df:aa:6f:ba:37:
2f:58:fc:bc:f9:26:ee:29:56:ab:dd:3f:fb:f4:78:
48:05:94:d7:fa:b8:4a:03:93:f9:e2:fd:36:a7:e5:
b2:95:37:98:b3:4e:bf:d7:b1:ae:52:a3:8c:2c:31:
e0:0e:ac:42:b5:36:35:cf:a3:b6:c6:51:5b:fd:dc:
09:05:e6:9e:64:8d:dc:c6:a9:af:6b:08:26:9a:8c:
e1:d2:55:d8:46:68:62:d0:eb:e4:af:89:74:03:17:
3d:e8:b8:20:1d:4c:d8:87:95:1d:be:db:7f:00:a8:
e7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:52:20:61:CF:B6:49:77:2C:FF:1F:0F:B5:C3:3C:AF:50:C9:12:27
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/EFIgYc-2SXcs_x8PtcM8r1DJEic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.203.127.0/24
195.203.156.0/22
217.27.4.0/24
217.27.6.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ec:fb:c0:75:04:78:d5:3a:e9:d4:20:66:39:bc:42:a7:88:
f5:86:e9:b8:69:87:ac:87:b8:29:5e:fa:54:00:c3:69:16:c3:
65:49:6a:0a:99:cc:ef:ea:fa:78:6a:af:6b:c2:da:64:8a:e0:
da:72:1e:a9:ba:f4:d5:41:2c:81:93:c9:02:6d:b5:77:55:2f:
a1:3d:ff:4b:c6:64:4d:6f:d3:e7:ed:09:31:3f:c4:5b:41:52:
6f:c6:7e:95:29:34:47:8b:bd:fc:59:a8:44:71:3e:1b:ea:83:
bc:9f:c2:23:9e:1d:29:36:22:20:ac:b3:21:ff:fe:a9:cf:34:
12:f5:17:0b:57:2c:ac:71:00:a0:4f:6a:22:78:45:ad:b1:45:
20:e5:f2:0c:a1:47:0a:76:0b:1e:fe:3a:51:8f:e8:5d:5c:94:
2e:d0:4e:54:86:fd:b8:8a:2a:c2:9a:49:6f:7c:af:fc:89:d4:
9b:80:1c:9d:42:cc:8e:bc:ab:cf:9b:0c:5a:71:68:00:34:3a:
5a:98:71:2a:50:f6:67:0e:69:bc:71:29:76:58:db:4d:b6:49:
9a:ca:97:aa:d4:f8:4b:56:68:4c:e2:8b:64:f3:93:6b:b5:40:
93:42:55:fa:a9:3b:8e:5d:79:dc:25:bf:ce:0c:ea:62:ab:e5:
e7:92:3a:e7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPrAeCT32TbGCGt2w1ahSZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjIxMDE4MTIxMTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDUyMjA2MWNmYjY0OTc3MmNmZjFmMGZiNWMzM2NhZjUwYzkxMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZyKMO8G8Q+rxOer/9z48vsxZR8+
bh6NHYkyOWgMvW5ScLGxY8mO8y9ccglPgl0w4QgAiUQV39isGWVm9A0G0171tPlX
r/cD00T1nFRfi9s6axCWpAN5WTql58MMJeDvH+zDOG9PXgNAvsBvGEURp/tJMHV+
1luw81XhCcYtqXx7+iHLY/GIRjRLLnGSPzAE36pvujcvWPy8+SbuKVar3T/79HhI
BZTX+rhKA5P54v02p+WylTeYs06/17GuUqOMLDHgDqxCtTY1z6O2xlFb/dwJBeae
ZI3cxqmvawgmmozh0lXYRmhi0Ovkr4l0Axc96LggHUzYh5Udvtt/AKjnxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBBSIGHPtkl3LP8fD7XDPK9QyRInMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvRUZJZ1ljLTJTWGNzX3g4UHRjTThyMURKRWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAw8t/AwQC
w8ucAwQA2RsEAwQA2RsGMA0GCSqGSIb3DQEBCwUAA4IBAQAi7PvAdQR41Trp1CBm
ObxCp4j1hum4aYesh7gpXvpUAMNpFsNlSWoKmczv6vp4aq9rwtpkiuDach6puvTV
QSyBk8kCbbV3VS+hPf9LxmRNb9Pn7QkxP8RbQVJvxn6VKTRHi738WahEcT4b6oO8
n8Ijnh0pNiIgrLMh//6pzzQS9RcLVyyscQCgT2oieEWtsUUg5fIMoUcKdgse/jpR
j+hdXJQu0E5Uhv24iirCmklvfK/8idSbgBydQsyOvKvPmwxacWgANDpamHEqUPZn
Dmm8cSl2WNtNtkmaypeq1PhLVmhM4otk85NrtUCTQlX6qTuOXXncJb/ODOpiq+Xn
kjrn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:18 2024 by rpki-client on console-ams.rpki-client.org