Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/fyI3kB5lW1n1RjffBbd5nAyZtZY.roa
File: fyI3kB5lW1n1RjffBbd5nAyZtZY.roa (raw, json)
Hash identifier: 8xb+5AQob45hwWvlD0aAKimzDUhbIeIyKUoyAbmcajc=
Subject key identifier: 7F:22:37:90:1E:65:5B:59:F5:46:37:DF:05:B7:79:9C:0C:99:B5:96
Certificate issuer: /CN=cf9625541abe6b5ae926671daa98ac6d8094ec7b
Certificate serial: 02A20C4D
Authority key identifier: CF:96:25:54:1A:BE:6B:5A:E9:26:67:1D:AA:98:AC:6D:80:94:EC:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z5YlVBq-a1rpJmcdqpisbYCU7Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/fyI3kB5lW1n1RjffBbd5nAyZtZY.roa
Signing time: Sat 01 Jan 2022 03:52:03 +0000
ROA not before: Sat 01 Jan 2022 03:52:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45033
IP address blocks: 185.138.196.0/24 maxlen: 24
185.138.197.0/24 maxlen: 24
185.138.198.0/24 maxlen: 24
185.138.199.0/24 maxlen: 24
185.43.131.0/24 maxlen: 24
185.43.130.0/24 maxlen: 24
2a07:f80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44174413 (0x2a20c4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf9625541abe6b5ae926671daa98ac6d8094ec7b
Validity
Not Before: Jan 1 03:52:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f2237901e655b59f54637df05b7799c0c99b596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bc:5d:df:22:d0:c5:b8:e0:47:6e:b5:4f:74:
d3:e1:79:b3:7e:10:4e:27:46:87:da:25:07:7f:03:
e7:96:2f:d9:1b:85:93:7f:a7:1f:6d:ca:c8:07:ac:
68:2e:38:86:af:5b:a6:72:09:95:34:43:36:ce:1b:
15:79:28:b9:a5:4c:13:78:c2:b5:e9:8d:cc:ad:0a:
55:31:97:b6:d8:e1:5c:fb:3b:8e:51:5f:a6:fc:b6:
39:08:16:f0:01:b8:56:0c:9e:99:af:6b:52:d8:a2:
8a:66:ac:31:27:87:cd:fb:d5:b0:40:aa:19:15:5c:
8b:db:af:7b:cb:53:72:f3:de:49:47:72:b7:d2:51:
9a:d1:7f:08:0e:a8:9d:8d:bd:57:50:c0:24:bc:22:
bb:d4:65:81:6b:89:f3:91:fb:95:8e:4f:57:7f:4f:
d4:61:bf:e3:19:46:94:f3:71:56:51:cc:6e:02:4a:
da:46:f1:05:50:b3:3d:bf:4b:a3:2b:f5:3f:f8:7b:
f6:f1:0d:0d:f3:18:fb:09:a6:ce:c7:bd:15:14:45:
17:cd:89:e1:bc:80:53:e6:6d:e6:51:5a:1f:4a:91:
98:0f:c0:69:d6:6f:d0:a5:fd:5f:bd:ab:e5:6b:2d:
4e:b3:4b:ee:d6:83:81:61:43:64:32:75:2c:19:ec:
7a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:22:37:90:1E:65:5B:59:F5:46:37:DF:05:B7:79:9C:0C:99:B5:96
X509v3 Authority Key Identifier:
keyid:CF:96:25:54:1A:BE:6B:5A:E9:26:67:1D:AA:98:AC:6D:80:94:EC:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z5YlVBq-a1rpJmcdqpisbYCU7Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/fyI3kB5lW1n1RjffBbd5nAyZtZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/132ed3-434d-4d49-95ca-59a587bdea3f/1/z5YlVBq-a1rpJmcdqpisbYCU7Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.130.0/23
185.138.196.0/22
IPv6:
2a07:f80::/29
Signature Algorithm: sha256WithRSAEncryption
8c:32:c1:1b:6b:3f:dc:3e:4f:d6:a5:f1:e8:fd:a2:03:0b:76:
95:c1:8e:b9:ba:8a:5d:08:ee:d6:11:fb:62:7d:08:05:86:9b:
de:87:29:a4:0a:72:7f:d9:35:ca:5a:2f:85:27:ac:a2:48:80:
d3:dc:77:38:19:e6:0e:4c:17:63:f6:a3:72:ca:ef:63:97:fb:
4d:8d:0a:b9:88:d0:b0:06:8c:82:c4:48:a3:82:b6:e3:62:84:
af:8f:de:48:81:54:b5:2f:b6:b6:25:ec:cc:11:1e:84:5a:8c:
04:e7:60:c7:b2:5f:bd:7a:78:b3:19:c8:05:bb:f5:9b:d9:5f:
22:05:ab:dc:44:58:60:04:5d:35:b9:5c:1c:e0:1f:c1:e1:a5:
d0:d9:0d:f0:99:88:aa:3e:e9:10:3d:dd:8e:da:06:13:c3:b6:
04:31:ed:f6:3b:7c:dd:30:f0:61:16:bd:b6:fa:fe:3d:72:01:
64:bb:6f:f4:f7:da:03:34:6c:fb:1c:d2:32:50:d3:ac:2a:d1:
97:76:4d:e7:17:ec:51:2b:38:d0:85:67:17:08:4f:b6:b5:e2:
ad:33:63:38:b9:e7:9e:8e:88:4c:34:19:70:6f:f4:ce:4f:d3:
7e:02:96:15:cb:0d:1b:a2:b4:12:3f:ae:ea:6b:9e:d5:83:be:
bd:1c:02:f3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAqIMTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Zjk2MjU1NDFhYmU2YjVhZTkyNjY3MWRhYTk4YWM2ZDgwOTRlYzdiMB4XDTIyMDEw
MTAzNTIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2YyMjM3OTAxZTY1
NWI1OWY1NDYzN2RmMDViNzc5OWMwYzk5YjU5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALa8Xd8i0MW44EdutU900+F5s34QTidGh9olB38D55Yv2RuF
k3+nH23KyAesaC44hq9bpnIJlTRDNs4bFXkouaVME3jCtemNzK0KVTGXttjhXPs7
jlFfpvy2OQgW8AG4Vgyema9rUtiiimasMSeHzfvVsECqGRVci9uve8tTcvPeSUdy
t9JRmtF/CA6onY29V1DAJLwiu9RlgWuJ85H7lY5PV39P1GG/4xlGlPNxVlHMbgJK
2kbxBVCzPb9Loyv1P/h79vENDfMY+wmmzse9FRRFF82J4byAU+Zt5lFaH0qRmA/A
adZv0KX9X72r5WstTrNL7taDgWFDZDJ1LBnselkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR/IjeQHmVbWfVGN98Ft3mcDJm1ljAfBgNVHSMEGDAWgBTPliVUGr5rWukm
Zx2qmKxtgJTsezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3o1WWxWQnEtYTFycEptY2RxcGlzYllDVTdIcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvMTMyZWQzLTQzNGQtNGQ0OS05NWNhLTU5YTU4N2JkZWEzZi8x
L2Z5STNrQjVsVzFuMVJqZmZCYmQ1bkF5WnRaWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
MTMyZWQzLTQzNGQtNGQ0OS05NWNhLTU5YTU4N2JkZWEzZi8xL3o1WWxWQnEtYTFy
cEptY2RxcGlzYllDVTdIcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAbkrggMEArmKxDANBAIAAjAHAwUD
KgcPgDANBgkqhkiG9w0BAQsFAAOCAQEAjDLBG2s/3D5P1qXx6P2iAwt2lcGOubqK
XQju1hH7Yn0IBYab3ocppApyf9k1ylovhSesokiA09x3OBnmDkwXY/ajcsrvY5f7
TY0KuYjQsAaMgsRIo4K242KEr4/eSIFUtS+2tiXszBEehFqMBOdgx7JfvXp4sxnI
Bbv1m9lfIgWr3ERYYARdNblcHOAfweGl0NkN8JmIqj7pED3djtoGE8O2BDHt9jt8
3TDwYRa9tvr+PXIBZLtv9PfaAzRs+xzSMlDTrCrRl3ZN5xfsUSs40IVnFwhPtrXi
rTNjOLnnno6ITDQZcG/0zk/TfgKWFcsNG6K0Ej+u6mue1YO+vRwC8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:48 2024 by rpki-client on console-fra.rpki-client.org