Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/lF0pvYZnvygO7NiM2MNaiN_1KDc.roa
File: lF0pvYZnvygO7NiM2MNaiN_1KDc.roa (raw, json)
Hash identifier: HC/Fd7uRkRpkeVfhFQJZZ9QyxEVA+Q80qAJh81SMRoQ=
Subject key identifier: 94:5D:29:BD:86:67:BF:28:0E:EC:D8:8C:D8:C3:5A:88:DF:F5:28:37
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 4479BE14
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/lF0pvYZnvygO7NiM2MNaiN_1KDc.roa
Signing time: Sat 01 Jan 2022 03:58:25 +0000
ROA not before: Sat 01 Jan 2022 03:58:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16236
IP address blocks: 194.2.86.0/24 maxlen: 24
194.250.98.0/24 maxlen: 24
194.2.132.0/24 maxlen: 24
194.2.133.0/24 maxlen: 24
90.115.208.0/24 maxlen: 24
90.115.209.0/24 maxlen: 24
194.3.4.0/24 maxlen: 24
194.2.57.0/24 maxlen: 24
81.255.178.0/24 maxlen: 24
194.2.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1148829204 (0x4479be14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 03:58:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=945d29bd8667bf280eecd88cd8c35a88dff52837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:db:4b:38:f1:06:c3:03:0e:03:df:84:b7:26:
9a:e6:44:4e:a1:58:b4:8d:60:69:1f:5d:f7:03:1e:
f1:2d:4a:60:bf:da:92:a4:05:c1:95:9d:d1:a1:6f:
a6:18:39:d7:09:58:3e:b3:91:e0:c9:83:94:7d:d8:
85:7b:6f:6c:8e:46:db:be:42:23:b3:56:c6:4c:6d:
fe:fa:f3:94:d1:0b:f8:c7:3b:22:b4:8e:fd:89:f5:
b5:f9:28:e5:c4:8a:8c:25:ec:5b:33:1d:27:1d:e1:
e3:bf:9e:9c:c2:69:89:72:da:50:ce:78:7f:a6:b6:
64:0f:04:91:dc:ba:f9:ff:93:5b:3e:dd:0f:ca:f8:
83:b5:b8:71:58:82:6b:60:d0:95:53:28:ec:da:42:
1c:65:ff:e8:15:2a:13:7a:1a:2c:73:3d:5b:75:44:
bb:b1:25:73:a6:2a:ce:bd:f0:84:42:de:fe:d1:30:
17:a1:94:6a:10:26:3c:4f:ab:4f:2d:79:29:1e:5c:
ee:4d:9e:90:92:9e:83:b2:a0:c7:00:c8:6a:5d:e8:
37:a3:9b:7f:39:5a:36:b8:51:dd:8f:fd:b5:0e:f9:
ed:87:73:c9:62:6c:3f:d6:c0:b2:85:71:1d:55:c3:
3c:73:34:21:65:45:03:c6:77:e0:0c:1d:7f:63:af:
48:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:5D:29:BD:86:67:BF:28:0E:EC:D8:8C:D8:C3:5A:88:DF:F5:28:37
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/lF0pvYZnvygO7NiM2MNaiN_1KDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.255.178.0/24
90.115.208.0/23
194.2.56.0/23
194.2.86.0/24
194.2.132.0/23
194.3.4.0/24
194.250.98.0/24
Signature Algorithm: sha256WithRSAEncryption
52:75:f0:59:7c:fe:97:0f:8a:5a:db:7c:a5:b8:ea:4b:78:bc:
f6:d4:4c:39:af:5c:2a:b8:b4:bd:b7:94:2a:24:8c:b5:f9:87:
12:13:4d:7b:6b:dc:38:76:0b:33:9e:8d:78:e6:20:a1:5c:47:
7d:4b:87:ec:85:4f:66:98:04:f3:eb:50:b9:44:26:52:5a:f2:
fb:34:02:22:4c:e7:6a:6f:22:6f:cf:33:70:08:53:a7:09:5d:
f3:a8:0f:cc:9b:fb:71:a0:ac:5e:c8:62:e0:70:c3:f9:94:77:
f6:ef:97:37:b1:53:0b:95:07:8e:5a:8c:21:ee:3b:7b:1f:fd:
79:02:38:dc:8e:2d:56:94:0d:3c:dd:e1:e7:54:9d:4f:81:ec:
b0:e2:d5:de:fb:75:36:02:2f:da:aa:30:bf:ed:b4:c6:55:15:
59:85:57:7b:f9:9f:ca:b7:f4:40:7f:ac:f2:7a:31:cc:6a:8e:
e1:1b:63:93:73:04:bc:ce:a2:34:c1:23:1c:db:cd:eb:62:44:
0c:4d:5b:eb:62:26:d1:5a:a7:28:08:79:a2:5f:a1:ab:9d:44:
43:8b:9e:27:a7:23:ee:93:33:9d:dd:38:7a:b7:ae:24:e7:3e:
22:60:e5:91:46:eb:34:1e:a2:e1:8c:06:3a:ae:ac:e4:5b:27:
ba:4b:dd:b1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIERHm+FDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEw
MTAzNTgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ1ZDI5YmQ4NjY3
YmYyODBlZWNkODhjZDhjMzVhODhkZmY1MjgzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/bSzjxBsMDDgPfhLcmmuZETqFYtI1gaR9d9wMe8S1KYL/a
kqQFwZWd0aFvphg51wlYPrOR4MmDlH3YhXtvbI5G275CI7NWxkxt/vrzlNEL+Mc7
IrSO/Yn1tfko5cSKjCXsWzMdJx3h47+enMJpiXLaUM54f6a2ZA8Ekdy6+f+TWz7d
D8r4g7W4cViCa2DQlVMo7NpCHGX/6BUqE3oaLHM9W3VEu7Elc6Yqzr3whELe/tEw
F6GUahAmPE+rTy15KR5c7k2ekJKeg7KgxwDIal3oN6ObfzlaNrhR3Y/9tQ757Ydz
yWJsP9bAsoVxHVXDPHM0IWVFA8Z34Awdf2OvSC8CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSUXSm9hme/KA7s2IzYw1qI3/UoNzAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
L2xGMHB2WVpudnlnTzdOaU0yTU5haU5fMUtEYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAFH/sgMEAVpz0AMEAcICOAMEAMIC
VgMEAcIChAMEAMIDBAMEAML6YjANBgkqhkiG9w0BAQsFAAOCAQEAUnXwWXz+lw+K
Wtt8pbjqS3i89tRMOa9cKri0vbeUKiSMtfmHEhNNe2vcOHYLM56NeOYgoVxHfUuH
7IVPZpgE8+tQuUQmUlry+zQCIkznam8ib88zcAhTpwld86gPzJv7caCsXshi4HDD
+ZR39u+XN7FTC5UHjlqMIe47ex/9eQI43I4tVpQNPN3h51SdT4HssOLV3vt1NgIv
2qowv+20xlUVWYVXe/mfyrf0QH+s8noxzGqO4Rtjk3MEvM6iNMEjHNvN62JEDE1b
62Im0VqnKAh5ol+hq51EQ4ueJ6cj7pMznd04ereuJOc+ImDlkUbrNB6i4YwGOq6s
5FsnukvdsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org