Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/FmFloIC2NOytgQcI_JM1lU98KY0.roa
File: FmFloIC2NOytgQcI_JM1lU98KY0.roa (raw, json)
Hash identifier: Ucdy1XuNLRwKLGV3Po1NIDBZGq3Q0Ko+vMiY6BcjUqo=
Subject key identifier: 16:61:65:A0:80:B6:34:EC:AD:81:07:08:FC:93:35:95:4F:7C:29:8D
Certificate issuer: /CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Certificate serial: 0133B26F
Authority key identifier: B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/FmFloIC2NOytgQcI_JM1lU98KY0.roa
Signing time: Sat 01 Jan 2022 11:01:21 +0000
ROA not before: Sat 01 Jan 2022 11:01:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43139
IP address blocks: 185.199.96.0/22 maxlen: 22
91.196.148.0/22 maxlen: 22
94.158.80.0/20 maxlen: 20
178.158.192.0/18 maxlen: 24
109.207.192.0/20 maxlen: 20
2a0a:9b40::/29 maxlen: 29
2001:67c:738::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20165231 (0x133b26f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Validity
Not Before: Jan 1 11:01:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=166165a080b634ecad810708fc9335954f7c298d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b6:9e:03:01:27:89:e6:8f:17:fc:6b:1c:bc:
64:60:95:45:e1:68:3d:5f:e7:7a:e7:b4:39:be:e5:
47:c3:bd:c5:0a:d1:23:6f:57:36:dc:d5:94:7e:02:
6b:8d:a3:ae:21:7d:78:20:64:6e:31:e0:66:10:ba:
ac:b1:16:31:92:de:1b:75:b2:38:f9:f9:bb:6c:4a:
07:12:a4:24:e4:90:ab:09:2d:87:93:8a:7c:dc:79:
1b:97:d7:81:6f:20:7a:c2:ab:93:5b:d2:54:a5:1d:
b2:fe:be:89:01:c4:e9:9d:37:ef:cd:55:a3:f4:87:
bd:76:ba:cf:4f:6a:3d:ae:2c:ac:f0:cc:88:88:0d:
50:4a:5c:c9:8b:c5:04:d5:d7:39:6e:30:44:17:46:
f1:06:ab:d3:82:11:f1:b0:c3:cb:cd:51:b3:0a:e7:
4f:c9:05:b7:a1:8a:e5:0c:ad:2a:82:c2:ce:aa:26:
5e:4c:32:e0:b6:e4:c4:38:50:c5:f0:2b:3d:f8:b2:
46:f6:2c:cd:c2:bc:90:32:a9:1b:21:11:14:86:9d:
81:aa:5f:20:fa:b0:c2:95:cb:51:48:88:89:49:24:
32:a9:d9:d4:36:ca:5c:05:d3:20:9e:82:44:f3:b3:
24:c5:fe:8a:ed:9e:7d:bf:09:a4:5a:93:13:3b:04:
43:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:61:65:A0:80:B6:34:EC:AD:81:07:08:FC:93:35:95:4F:7C:29:8D
X509v3 Authority Key Identifier:
keyid:B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/FmFloIC2NOytgQcI_JM1lU98KY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.148.0/22
94.158.80.0/20
109.207.192.0/20
178.158.192.0/18
185.199.96.0/22
IPv6:
2001:67c:738::/48
2a0a:9b40::/29
Signature Algorithm: sha256WithRSAEncryption
87:f7:f6:1a:ab:ab:cf:b9:d0:d8:67:0c:82:ee:2d:00:ee:a1:
ec:eb:6f:25:9b:d5:f4:89:82:3d:89:7a:65:63:44:25:ed:77:
b2:87:36:8f:aa:b1:97:d0:ce:74:65:53:11:f5:f4:ae:4d:19:
f9:c0:4f:ca:d8:7f:9f:e4:fe:cd:22:5a:84:0d:7f:ba:f5:7f:
a3:c2:58:9e:0e:24:60:52:66:74:0d:2c:ee:dd:fb:24:27:d8:
e5:05:37:c1:4d:01:1c:16:ab:fb:9b:6e:18:ce:c1:38:5a:8b:
0b:7d:80:6c:27:bd:3a:fd:af:4f:2f:31:fe:c8:19:cf:ce:d0:
0a:7c:38:28:48:cd:69:b8:84:a2:f5:ab:c9:86:d7:6b:90:03:
0b:df:75:1b:ce:89:90:5e:97:97:92:b0:8c:b3:68:73:68:f7:
e4:29:c2:64:ee:ca:cb:71:d2:0a:4c:28:92:c9:4a:bc:0f:4d:
22:c3:d4:af:d8:14:91:b9:a0:4d:eb:d2:79:f8:ee:b5:3c:c4:
b6:e6:90:2c:0e:5d:ad:da:97:85:90:95:8e:4e:28:7a:5e:d0:
20:be:2c:1b:b0:6f:f0:bf:d9:df:81:42:19:a9:ec:17:45:6c:
0d:0c:5f:67:8c:cb:67:67:71:e8:b1:44:45:8e:cb:c7:a1:b9:
be:c1:4c:32
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEATOybzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MzkzZGY4NzdiZjJmMGNmMDFhOTcxODk3M2VhZWVlODdiMDY5N2Q5MB4XDTIyMDEw
MTExMDEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY2MTY1YTA4MGI2
MzRlY2FkODEwNzA4ZmM5MzM1OTU0ZjdjMjk4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+2ngMBJ4nmjxf8axy8ZGCVReFoPV/neue0Ob7lR8O9xQrR
I29XNtzVlH4Ca42jriF9eCBkbjHgZhC6rLEWMZLeG3WyOPn5u2xKBxKkJOSQqwkt
h5OKfNx5G5fXgW8gesKrk1vSVKUdsv6+iQHE6Z03781Vo/SHvXa6z09qPa4srPDM
iIgNUEpcyYvFBNXXOW4wRBdG8Qar04IR8bDDy81RswrnT8kFt6GK5QytKoLCzqom
Xkwy4LbkxDhQxfArPfiyRvYszcK8kDKpGyERFIadgapfIPqwwpXLUUiIiUkkMqnZ
1DbKXAXTIJ6CRPOzJMX+iu2efb8JpFqTEzsEQ10CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQWYWWggLY07K2BBwj8kzWVT3wpjTAfBgNVHSMEGDAWgBSzk9+He/LwzwGp
cYlz6u7oewaX2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3M1UGZoM3Z5OE04QnFYR0pjLXJ1NkhzR2w5ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvOTM3NWUzLTM3N2UtNGI3MC1iYTM2LTM5NmJjNzIwZTJiNC8x
L0ZtRmxvSUMyTk95dGdRY0lfSk0xbFU5OEtZMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
OTM3NWUzLTM3N2UtNGI3MC1iYTM2LTM5NmJjNzIwZTJiNC8xL3M1UGZoM3Z5OE04
QnFYR0pjLXJ1NkhzR2w5ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wJAQCAAEwHgMEAlvElAMEBF6eUAMEBG3PwAMEBrKe
wAMEArnHYDAWBAIAAjAQAwcAIAEGfAc4AwUDKgqbQDANBgkqhkiG9w0BAQsFAAOC
AQEAh/f2Gqurz7nQ2GcMgu4tAO6h7OtvJZvV9ImCPYl6ZWNEJe13soc2j6qxl9DO
dGVTEfX0rk0Z+cBPyth/n+T+zSJahA1/uvV/o8JYng4kYFJmdA0s7t37JCfY5QU3
wU0BHBar+5tuGM7BOFqLC32AbCe9Ov2vTy8x/sgZz87QCnw4KEjNabiEovWryYbX
a5ADC991G86JkF6Xl5KwjLNoc2j35CnCZO7Ky3HSCkwokslKvA9NIsPUr9gUkbmg
TevSefjutTzEtuaQLA5drdqXhZCVjk4oel7QIL4sG7Bv8L/Z34FCGansF0VsDQxf
Z4zLZ2dx6LFERY7Lx6G5vsFMMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:08 2024 by rpki-client on console-fra.rpki-client.org