Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/FAN9fzW7oXWZsRi0KSQxnAJRSaw.roa
File: FAN9fzW7oXWZsRi0KSQxnAJRSaw.roa (raw, json)
Hash identifier: QE7BfbrmnFcadSBVmlZTF/d+cS+rl/HztAOx1An9Q7c=
Subject key identifier: 14:03:7D:7F:35:BB:A1:75:99:B1:18:B4:29:24:31:9C:02:51:49:AC
Certificate issuer: /CN=9e441e9e705ada3f9c1e827cd276dbd097487608
Certificate serial: FD3FF1
Authority key identifier: 9E:44:1E:9E:70:5A:DA:3F:9C:1E:82:7C:D2:76:DB:D0:97:48:76:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkQennBa2j-cHoJ80nbb0JdIdgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/FAN9fzW7oXWZsRi0KSQxnAJRSaw.roa
Signing time: Sat 01 Jan 2022 10:59:01 +0000
ROA not before: Sat 01 Jan 2022 10:59:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43848
IP address blocks: 193.188.16.0/22 maxlen: 24
185.135.17.0/24 maxlen: 24
185.135.16.0/24 maxlen: 24
85.255.144.0/20 maxlen: 20
85.255.157.0/24 maxlen: 24
85.255.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16596977 (0xfd3ff1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e441e9e705ada3f9c1e827cd276dbd097487608
Validity
Not Before: Jan 1 10:59:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14037d7f35bba17599b118b42924319c025149ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:13:d4:b3:b3:9e:dd:71:21:7b:ec:5d:14:df:
df:d7:87:1a:93:66:6a:b6:3f:eb:7d:c1:77:a0:ff:
5c:69:16:5d:47:cb:99:9d:d8:75:d2:bc:8c:47:e9:
05:b6:6f:7e:d0:ac:57:ac:02:0c:c0:a6:e0:76:5a:
6b:77:95:e3:ac:86:22:85:01:95:d1:c6:41:d7:3c:
a6:02:7c:4f:e7:c2:cf:86:6a:06:34:7e:a9:80:42:
bc:dc:18:7c:75:1d:82:86:27:86:e1:49:b2:11:0d:
fd:35:81:0b:73:4a:3d:01:b3:3d:17:a1:cd:63:44:
1f:95:73:2c:86:98:4a:72:0d:eb:2a:5f:d1:39:66:
bf:2c:d1:ab:4c:8f:e4:8b:21:06:f5:79:9c:2c:1d:
48:a2:dc:dc:88:28:2f:8c:d3:68:0f:2c:97:4a:d6:
fc:d7:15:9a:ec:eb:21:cb:6b:56:05:66:bc:e3:03:
b4:94:14:f6:08:a6:88:e4:d1:b0:ad:60:a6:f1:7e:
e0:bc:78:36:09:a9:b8:ce:e8:f0:3b:6b:00:cc:e2:
6c:4b:0e:60:4e:e7:43:79:fd:f6:ae:ac:71:37:63:
46:d3:0e:52:bc:29:7e:e0:eb:c7:6c:e7:23:04:9f:
65:c3:30:18:a1:0e:cb:ea:f1:fc:d0:7d:0f:70:b8:
e0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:03:7D:7F:35:BB:A1:75:99:B1:18:B4:29:24:31:9C:02:51:49:AC
X509v3 Authority Key Identifier:
keyid:9E:44:1E:9E:70:5A:DA:3F:9C:1E:82:7C:D2:76:DB:D0:97:48:76:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkQennBa2j-cHoJ80nbb0JdIdgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/FAN9fzW7oXWZsRi0KSQxnAJRSaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/nkQennBa2j-cHoJ80nbb0JdIdgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.144.0/20
185.135.16.0/23
193.188.16.0/22
Signature Algorithm: sha256WithRSAEncryption
12:cd:eb:87:a7:2b:2c:21:b2:82:f2:53:1a:1d:a6:b8:67:4d:
f3:26:24:0d:b9:f4:41:df:6c:d6:1d:d9:a3:71:ed:d0:b1:f9:
48:c2:e5:b0:c2:cb:90:3f:b2:a8:2f:e2:66:3e:d6:18:d2:18:
cc:bb:99:7d:c9:47:ef:3b:9f:01:e2:d7:5e:85:d6:b7:da:e6:
04:07:3e:34:03:fd:f9:df:24:3a:b4:99:7a:f7:b1:6f:a8:ff:
b6:7e:3f:ce:2f:91:18:42:60:80:6a:15:12:6d:f9:c9:f7:43:
38:5e:b4:f3:e1:fa:4b:57:a6:82:0f:dd:f1:01:e5:a1:89:01:
e9:24:82:02:f0:74:01:65:93:84:93:0a:44:2a:26:08:0e:b8:
29:83:06:e9:ba:f1:71:ea:e1:a9:07:bf:ec:ba:7a:a6:a3:3f:
5b:36:ba:f9:3b:af:80:f1:b1:06:8a:a2:47:56:06:c7:1e:2b:
d0:e7:a9:17:d7:cd:f0:3b:ac:3b:ee:cb:6b:58:33:78:b1:1c:
42:40:a1:55:ee:6d:e7:f9:08:a1:b8:6e:4d:e4:2e:4b:4b:f3:
97:53:76:9b:4a:47:e9:c3:d3:0c:54:5d:bd:73:0a:a8:53:2a:
48:90:13:27:db:5a:4d:9f:b4:c3:de:4f:75:ed:e9:86:48:e9:
b0:22:df:4d
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAP0/8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTQ0MWU5ZTcwNWFkYTNmOWMxZTgyN2NkMjc2ZGJkMDk3NDg3NjA4MB4XDTIyMDEw
MTEwNTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQwMzdkN2YzNWJi
YTE3NTk5YjExOGI0MjkyNDMxOWMwMjUxNDlhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgT1LOznt1xIXvsXRTf39eHGpNmarY/633Bd6D/XGkWXUfL
mZ3YddK8jEfpBbZvftCsV6wCDMCm4HZaa3eV46yGIoUBldHGQdc8pgJ8T+fCz4Zq
BjR+qYBCvNwYfHUdgoYnhuFJshEN/TWBC3NKPQGzPRehzWNEH5VzLIaYSnIN6ypf
0TlmvyzRq0yP5IshBvV5nCwdSKLc3IgoL4zTaA8sl0rW/NcVmuzrIctrVgVmvOMD
tJQU9gimiOTRsK1gpvF+4Lx4NgmpuM7o8DtrAMzibEsOYE7nQ3n99q6scTdjRtMO
UrwpfuDrx2znIwSfZcMwGKEOy+rx/NB9D3C44BUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQUA31/NbuhdZmxGLQpJDGcAlFJrDAfBgNVHSMEGDAWgBSeRB6ecFraP5we
gnzSdtvQl0h2CDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25rUWVubkJhMmotY0hvSjgwbmJiMEpkSWRnZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvY2UxNmY3LWI4NjgtNGI0Yy05ZDliLTkzMmQxNmIwOGRmMC8x
L0ZBTjlmelc3b1hXWnNSaTBLU1F4bkFKUlNhdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
Y2UxNmY3LWI4NjgtNGI0Yy05ZDliLTkzMmQxNmIwOGRmMC8xL25rUWVubkJhMmot
Y0hvSjgwbmJiMEpkSWRnZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBFX/kAMEAbmHEAMEAsG8EDANBgkq
hkiG9w0BAQsFAAOCAQEAEs3rh6crLCGygvJTGh2muGdN8yYkDbn0Qd9s1h3Zo3Ht
0LH5SMLlsMLLkD+yqC/iZj7WGNIYzLuZfclH7zufAeLXXoXWt9rmBAc+NAP9+d8k
OrSZevexb6j/tn4/zi+RGEJggGoVEm35yfdDOF608+H6S1emgg/d8QHloYkB6SSC
AvB0AWWThJMKRComCA64KYMG6brxcerhqQe/7Lp6pqM/Wza6+TuvgPGxBoqiR1YG
xx4r0OepF9fN8DusO+7La1gzeLEcQkChVe5t5/kIobhuTeQuS0vzl1N2m0pH6cPT
DFRdvXMKqFMqSJATJ9taTZ+0w95Pde3phkjpsCLfTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:44 2024 by rpki-client on console-ams.rpki-client.org