Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/fhgrPvmfqfMGhaQltXmtx0AqkY4.roa
File: fhgrPvmfqfMGhaQltXmtx0AqkY4.roa (raw, json)
Hash identifier: BNkgMUdfUiO1UIYG3fOfnM0YBBdw/fXjutIkHqGo4is=
Subject key identifier: 7E:18:2B:3E:F9:9F:A9:F3:06:85:A4:25:B5:79:AD:C7:40:2A:91:8E
Certificate issuer: /CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9
Certificate serial: 018318715372AB0B268CC3C7AD0A58763051
Authority key identifier: 5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/fhgrPvmfqfMGhaQltXmtx0AqkY4.roa
Signing time: Wed 07 Sep 2022 14:53:43 +0000
ROA not before: Wed 07 Sep 2022 14:53:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56911
IP address blocks: 176.58.80.0/21 maxlen: 21
185.169.238.0/23 maxlen: 24
185.169.237.0/24 maxlen: 24
185.169.236.0/24 maxlen: 24
185.169.236.0/23 maxlen: 24
185.49.248.0/22 maxlen: 24
185.146.64.0/24 maxlen: 24
2a0a:7300::/32 maxlen: 36
2a01:a620::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:71:53:72:ab:0b:26:8c:c3:c7:ad:0a:58:76:30:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9
Validity
Not Before: Sep 7 14:53:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e182b3ef99fa9f30685a425b579adc7402a918e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f8:51:63:26:ad:70:ea:17:d3:15:d3:f1:fb:
5c:63:7e:0a:bb:5d:37:ae:27:d6:b9:8d:53:dd:e4:
a8:e9:32:bb:7a:15:64:87:d4:ae:ba:5b:8d:e6:78:
c1:c4:47:66:8e:2a:0b:7b:89:36:05:b0:90:6c:58:
a3:2d:04:e9:75:f2:62:c6:a7:57:f9:38:19:13:a5:
01:dc:fe:df:5e:e5:39:b1:41:3c:50:46:f2:0a:aa:
7c:97:42:f7:64:9f:3e:bb:5c:88:8f:fb:72:c5:ff:
10:d9:10:3d:6b:3a:60:9f:7e:d7:6b:d2:1a:56:9d:
91:ca:4f:ea:0c:a7:13:0f:f2:0e:de:70:3e:80:4b:
34:ab:92:ec:64:ae:49:c9:c7:8d:ec:88:83:f1:a8:
83:ce:12:ed:72:88:0f:13:8c:3e:4e:64:b6:dc:da:
ff:3e:a2:22:a1:bd:bf:0a:a6:4c:83:ec:cb:c4:53:
9a:95:02:0b:ed:ef:06:7a:75:12:84:a1:0c:c4:03:
eb:8c:9b:c6:26:c5:37:74:9d:29:37:ad:b4:c4:3d:
26:69:12:71:43:36:cd:e6:31:d2:9e:1f:ff:46:90:
c8:57:ff:b7:d2:77:14:91:19:a8:98:75:f7:d1:01:
15:19:59:8e:be:bb:45:e6:d2:a7:6f:ee:a8:0e:8b:
c6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:18:2B:3E:F9:9F:A9:F3:06:85:A4:25:B5:79:AD:C7:40:2A:91:8E
X509v3 Authority Key Identifier:
keyid:5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/fhgrPvmfqfMGhaQltXmtx0AqkY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.80.0/21
185.49.248.0/22
185.146.64.0/24
185.169.236.0/22
IPv6:
2a01:a620::/32
2a0a:7300::/32
Signature Algorithm: sha256WithRSAEncryption
73:26:89:10:5e:3c:e5:41:48:ac:5c:73:a3:07:dc:68:cd:8a:
d6:02:10:d3:fc:45:e3:d5:eb:6c:b2:db:d1:f5:c6:d5:73:6d:
cf:37:a7:a5:3b:fb:e1:b2:39:0e:06:e8:9a:a8:32:64:22:bc:
ad:6e:ea:a6:b5:23:31:cc:6e:80:6a:e0:b8:57:5d:16:a3:9c:
e1:4f:10:67:fe:99:7c:f7:5a:cb:02:31:9a:45:66:d8:7a:a9:
9e:9e:b3:22:8b:2c:51:93:28:b1:d1:60:49:e0:21:18:4d:12:
36:fd:2e:31:26:76:12:17:0c:be:cc:0e:fd:09:07:df:4b:68:
98:77:86:d5:18:1a:6d:58:d9:10:71:36:33:e5:17:bf:5b:fe:
2f:9e:f0:13:cb:60:c1:6b:0c:63:86:9e:b2:03:8b:af:b7:9e:
43:00:ba:ed:db:2f:25:5d:09:e5:7e:56:aa:04:80:93:5d:e4:
e7:c2:89:72:74:8c:6e:6d:30:cf:c9:73:61:88:aa:60:d6:03:
29:a7:f5:75:3f:77:66:d2:4b:c9:14:48:be:53:79:c8:61:68:
83:1f:29:9a:e3:59:81:1c:1d:45:81:ef:b6:06:84:ca:bf:b6:
aa:96:c5:a6:3b:08:f9:28:eb:9b:b6:9f:0c:25:4b:bc:8d:b1:
89:4b:f6:7d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYMYcVNyqwsmjMPHrQpYdjBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjVlZDA0MGVmZTJlNTgxNzU0ZGViNWMzY2Q4MmQ5OWRm
ZWU4ZDkwHhcNMjIwOTA3MTQ1MzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTE4MmIzZWY5OWZhOWYzMDY4NWE0MjViNTc5YWRjNzQwMmE5MThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfhRYyatcOoX0xXT8ftcY34Ku103
rifWuY1T3eSo6TK7ehVkh9SuuluN5njBxEdmjioLe4k2BbCQbFijLQTpdfJixqdX
+TgZE6UB3P7fXuU5sUE8UEbyCqp8l0L3ZJ8+u1yIj/tyxf8Q2RA9azpgn37Xa9Ia
Vp2Ryk/qDKcTD/IO3nA+gEs0q5LsZK5JyceN7IiD8aiDzhLtcogPE4w+TmS23Nr/
PqIiob2/CqZMg+zLxFOalQIL7e8GenUShKEMxAPrjJvGJsU3dJ0pN620xD0maRJx
QzbN5jHSnh//RpDIV/+30ncUkRmomHX30QEVGVmOvrtF5tKnb+6oDovGHQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFH4YKz75n6nzBoWkJbV5rcdAKpGOMB8GA1UdIwQY
MBaAFF317QQO/i5YF1TetcPNgtmd/ujZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMt
YmVmZTRiMzRjNmYwLzEvZmhnclB2bWZxZk1HaGFRbHRYbXR4MEFxa1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMtYmVmZTRiMzRjNmYw
LzEvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDsDpQAwQC
uTH4AwQAuZJAAwQCuansMBQEAgACMA4DBQAqAaYgAwUAKgpzADANBgkqhkiG9w0B
AQsFAAOCAQEAcyaJEF485UFIrFxzowfcaM2K1gIQ0/xF49XrbLLb0fXG1XNtzzen
pTv74bI5DgbomqgyZCK8rW7qprUjMcxugGrguFddFqOc4U8QZ/6ZfPdaywIxmkVm
2Hqpnp6zIossUZMosdFgSeAhGE0SNv0uMSZ2EhcMvswO/QkH30tomHeG1RgabVjZ
EHE2M+UXv1v+L57wE8tgwWsMY4aesgOLr7eeQwC67dsvJV0J5X5WqgSAk13k58KJ
cnSMbm0wz8lzYYiqYNYDKaf1dT93ZtJLyRRIvlN5yGFogx8pmuNZgRwdRYHvtgaE
yr+2qpbFpjsI+Sjrm7afDCVLvI2xiUv2fQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:21 2024 by rpki-client on console-fra.rpki-client.org