Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8d991e-3ece-4a11-b463-751cf3a5e1e1/1/_0_JFTj95Xiz28tdWOcb4551mQI.roa
File: _0_JFTj95Xiz28tdWOcb4551mQI.roa (raw, json)
Hash identifier: k2bsOlsDuHPK7dNf75OmYuzViBh5npEkbIkFvnc3bpI=
Subject key identifier: FF:4F:C9:15:38:FD:E5:78:B3:DB:CB:5D:58:E7:1B:E3:9E:75:99:02
Certificate issuer: /CN=14a6b0862b2b303b302c3c2349a5ac8d0f906b06
Certificate serial: 091CA3F8
Authority key identifier: 14:A6:B0:86:2B:2B:30:3B:30:2C:3C:23:49:A5:AC:8D:0F:90:6B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FKawhisrMDswLDwjSaWsjQ-QawY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/8d991e-3ece-4a11-b463-751cf3a5e1e1/1/_0_JFTj95Xiz28tdWOcb4551mQI.roa
Signing time: Sat 01 Jan 2022 02:56:17 +0000
ROA not before: Sat 01 Jan 2022 02:56:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209318
IP address blocks: 85.209.208.0/22 maxlen: 24
2a09:9fc0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152871928 (0x91ca3f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14a6b0862b2b303b302c3c2349a5ac8d0f906b06
Validity
Not Before: Jan 1 02:56:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff4fc91538fde578b3dbcb5d58e71be39e759902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c5:38:86:6f:b9:6d:45:3d:dc:f9:4f:68:70:
d4:97:0e:cb:f6:75:4e:22:c0:f6:af:31:70:59:03:
37:f2:4d:51:e5:56:74:4a:af:c1:3d:3b:9f:99:48:
82:51:cb:ec:90:9d:25:92:ee:33:ca:20:60:b4:e6:
d4:75:ac:f8:fd:45:78:a6:4f:2f:53:e3:5b:ba:72:
42:89:2f:79:fb:87:d1:03:94:8e:d9:70:d9:e1:dd:
7d:82:c0:db:b3:17:6c:bc:de:a7:99:a2:2a:82:39:
fa:ee:ee:0d:f2:ed:3e:cb:e8:d8:5d:02:75:51:9c:
8d:cd:51:52:94:b3:04:6d:f8:98:27:2b:e2:d8:e2:
9d:fb:15:ce:f1:16:98:f2:63:4e:a2:b6:8a:04:9e:
29:dc:f5:82:06:3f:7a:ae:3a:cf:f3:95:47:f7:f6:
a8:1d:d8:a5:f1:b6:63:fb:47:d0:f4:3d:bc:2e:97:
bb:64:58:9c:fa:7a:79:15:d9:f3:e4:28:95:05:a2:
cb:43:ac:3b:76:93:5b:db:6a:9f:ec:f8:19:2e:bc:
3f:c4:45:9b:7b:9c:f3:53:02:cc:3b:af:3e:a5:0c:
7a:1b:fa:f3:1c:1e:48:35:ab:da:38:b9:27:a4:b7:
0a:c7:0f:4d:03:19:c9:32:b5:70:72:d5:29:58:e3:
45:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4F:C9:15:38:FD:E5:78:B3:DB:CB:5D:58:E7:1B:E3:9E:75:99:02
X509v3 Authority Key Identifier:
keyid:14:A6:B0:86:2B:2B:30:3B:30:2C:3C:23:49:A5:AC:8D:0F:90:6B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKawhisrMDswLDwjSaWsjQ-QawY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8d991e-3ece-4a11-b463-751cf3a5e1e1/1/_0_JFTj95Xiz28tdWOcb4551mQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8d991e-3ece-4a11-b463-751cf3a5e1e1/1/FKawhisrMDswLDwjSaWsjQ-QawY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.208.0/22
IPv6:
2a09:9fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:3b:20:2e:d4:55:0c:9c:c1:bb:6c:3f:82:f8:2d:51:cc:71:
9e:0e:fd:d7:8e:06:09:fd:7e:1d:d4:7b:e4:b2:f3:84:ea:51:
b1:de:fc:35:e5:19:44:15:b6:04:66:4b:d3:0e:36:67:42:6c:
ec:8c:e4:5b:cc:fa:81:ca:2e:7c:6c:48:6d:13:c1:50:be:2d:
d9:c6:26:4e:55:9e:4b:a8:b2:a7:4c:d5:e0:a9:44:84:c1:e3:
e4:79:0a:78:4f:91:f0:b1:90:91:4b:0a:88:f8:b4:cf:e8:34:
ba:41:f4:b2:bc:3b:89:4a:ae:fe:a0:57:55:e4:d2:9e:20:b4:
b5:4a:82:e1:d6:78:cb:21:ef:56:ce:83:09:c5:16:30:8a:52:
82:5c:67:f8:73:1f:78:65:97:21:bd:31:9b:af:6a:f8:9b:f0:
76:25:48:c4:16:74:e2:b5:db:09:19:94:c5:08:8a:c7:53:55:
00:ce:15:8d:89:98:94:f9:0c:f9:72:57:64:91:ee:d4:c7:29:
c1:35:51:40:c9:84:02:22:e4:52:74:05:b1:d6:30:3f:62:33:
2a:b8:87:10:a3:90:e7:af:b7:f7:46:f3:83:77:68:c1:ba:da:
63:f7:7d:6d:9e:19:1e:fe:4f:72:4c:0e:c6:b9:b6:ee:36:9d:
7c:05:33:34
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECRyj+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGE2YjA4NjJiMmIzMDNiMzAyYzNjMjM0OWE1YWM4ZDBmOTA2YjA2MB4XDTIyMDEw
MTAyNTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY0ZmM5MTUzOGZk
ZTU3OGIzZGJjYjVkNThlNzFiZTM5ZTc1OTkwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLFOIZvuW1FPdz5T2hw1JcOy/Z1TiLA9q8xcFkDN/JNUeVW
dEqvwT07n5lIglHL7JCdJZLuM8ogYLTm1HWs+P1FeKZPL1PjW7pyQokvefuH0QOU
jtlw2eHdfYLA27MXbLzep5miKoI5+u7uDfLtPsvo2F0CdVGcjc1RUpSzBG34mCcr
4tjinfsVzvEWmPJjTqK2igSeKdz1ggY/eq46z/OVR/f2qB3YpfG2Y/tH0PQ9vC6X
u2RYnPp6eRXZ8+QolQWiy0OsO3aTW9tqn+z4GS68P8RFm3uc81MCzDuvPqUMehv6
8xweSDWr2ji5J6S3CscPTQMZyTK1cHLVKVjjRT8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT/T8kVOP3leLPby11Y5xvjnnWZAjAfBgNVHSMEGDAWgBQUprCGKyswOzAs
PCNJpayND5BrBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZLYXdoaXNyTURzd0xEd2pTYVdzalEtUWF3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvOGQ5OTFlLTNlY2UtNGExMS1iNDYzLTc1MWNmM2E1ZTFlMS8x
L18wX0pGVGo5NVhpejI4dGRXT2NiNDU1MW1RSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
OGQ5OTFlLTNlY2UtNGExMS1iNDYzLTc1MWNmM2E1ZTFlMS8xL0ZLYXdoaXNyTURz
d0xEd2pTYVdzalEtUWF3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlXR0DANBAIAAjAHAwUDKgmfwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGjsgLtRVDJzBu2w/gvgtUcxxng79144GCf1+HdR7
5LLzhOpRsd78NeUZRBW2BGZL0w42Z0Js7IzkW8z6gcoufGxIbRPBUL4t2cYmTlWe
S6iyp0zV4KlEhMHj5HkKeE+R8LGQkUsKiPi0z+g0ukH0srw7iUqu/qBXVeTSniC0
tUqC4dZ4yyHvVs6DCcUWMIpSglxn+HMfeGWXIb0xm69q+JvwdiVIxBZ04rXbCRmU
xQiKx1NVAM4VjYmYlPkM+XJXZJHu1McpwTVRQMmEAiLkUnQFsdYwP2IzKriHEKOQ
56+390bzg3dowbraY/d9bZ4ZHv5PckwOxrm27jadfAUzNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:03 2024 by rpki-client on console-fra.rpki-client.org