Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/FkCnS2U_ERZmaJCkvOcZSBWFggM.roa
File: FkCnS2U_ERZmaJCkvOcZSBWFggM.roa (raw, json)
Hash identifier: /sRvl2SfASvOJCTP/rhO4rA0CRZWERJ7JjDbRFpuhuw=
Subject key identifier: 16:40:A7:4B:65:3F:11:16:66:68:90:A4:BC:E7:19:48:15:85:82:03
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 33DA77E4
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/FkCnS2U_ERZmaJCkvOcZSBWFggM.roa
Signing time: Sat 01 Jan 2022 04:55:30 +0000
ROA not before: Sat 01 Jan 2022 04:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8678
IP address blocks: 193.255.224.0/21 maxlen: 21
193.255.222.0/23 maxlen: 23
193.255.221.0/24 maxlen: 24
193.255.232.0/22 maxlen: 22
193.255.236.0/23 maxlen: 23
194.27.24.0/22 maxlen: 22
194.27.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 869955556 (0x33da77e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1640a74b653f1116666890a4bce7194815858203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e6:17:55:8b:0a:07:f3:d7:57:30:48:2d:15:
56:f8:d1:a9:87:0a:1c:95:1b:c2:38:f0:aa:b9:e5:
1c:42:95:de:5d:06:95:f9:1e:03:6a:78:53:e8:d8:
b6:fb:47:34:94:32:e7:2a:ea:66:fd:6e:c0:5f:0e:
83:91:06:9e:b7:ea:ee:d1:5d:9a:1b:60:09:57:ed:
f1:5d:9e:a7:7f:16:8e:8d:ac:42:87:ef:b8:99:43:
c6:05:c4:90:89:09:89:cc:93:6e:c0:b3:09:31:13:
a4:18:46:36:40:80:78:2f:be:bf:67:6a:eb:29:b0:
c2:d0:4e:c4:1a:9f:e7:fe:1d:1e:46:54:00:95:b4:
a1:5b:80:c8:54:05:e5:5d:e8:1a:b0:a2:9f:c0:29:
3f:bb:0b:e1:fc:ca:5f:c3:07:ca:fa:82:20:3d:bc:
f8:c0:34:e8:22:ac:eb:f8:c3:a7:43:54:48:ad:e2:
67:bd:c0:ba:d6:b3:f1:6e:33:49:26:63:0f:fc:e5:
d2:a9:94:88:1f:d8:13:b0:8b:e1:dc:00:4c:b9:3b:
37:2e:06:84:be:ff:a6:bb:34:9d:b9:26:8d:04:ca:
a6:2c:9b:a8:99:24:0c:e8:16:27:9e:aa:fd:b8:2d:
1d:9e:b9:99:af:45:3f:30:b9:48:9a:89:5e:60:90:
28:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:40:A7:4B:65:3F:11:16:66:68:90:A4:BC:E7:19:48:15:85:82:03
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/FkCnS2U_ERZmaJCkvOcZSBWFggM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.255.221.0-193.255.237.255
194.27.24.0-194.27.29.255
Signature Algorithm: sha256WithRSAEncryption
48:1c:2a:64:c0:af:d6:bc:dc:44:34:e7:84:e0:4e:50:1c:14:
5b:86:dc:c6:57:54:a9:de:44:39:2e:5b:de:cb:10:b7:99:cb:
d1:63:7d:b1:f7:4e:e5:23:97:7b:9c:fd:84:5c:4b:a6:c9:10:
6c:f9:b0:2f:b9:68:11:99:f8:0e:18:0a:7c:7c:b7:21:8d:fd:
6c:0e:c3:d6:8e:cf:b1:36:79:5d:aa:d6:80:cd:60:53:37:9e:
dc:cd:df:27:98:63:d5:85:fc:de:4f:ad:fc:3a:36:cd:ca:f7:
b9:97:7a:9a:3a:d1:9f:e6:24:ef:b4:e2:15:d1:a4:2e:bd:7d:
57:fe:3f:b1:bf:ae:8d:b4:6a:fe:b3:b1:30:25:13:3a:e0:87:
cb:4f:06:95:ad:63:f3:b0:fc:c5:e3:0b:fb:60:4b:d4:96:d0:
a1:e4:2a:4e:07:4c:45:a1:2f:b5:60:04:2c:35:12:82:f3:91:
3b:a8:ec:77:61:00:b9:17:9c:f2:22:f1:d9:f2:9a:c9:d4:3d:
16:b4:02:b6:52:43:78:5e:1a:dc:8b:61:03:ec:30:12:0f:fb:
5c:37:5f:7f:cc:f8:21:56:3e:4d:a7:89:bd:53:01:cd:1d:7b:
d5:7f:6a:82:50:0f:a8:d1:78:7c:b7:55:f8:c9:32:91:a5:98:
4a:75:f9:1f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEM9p35DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzUxOGQxODA5MjNhN2YzYzAwNjUzZWMxMmJjNzAyYjk1YWFiOTA3MB4XDTIyMDEw
MTA0NTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY0MGE3NGI2NTNm
MTExNjY2Njg5MGE0YmNlNzE5NDgxNTg1ODIwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHmF1WLCgfz11cwSC0VVvjRqYcKHJUbwjjwqrnlHEKV3l0G
lfkeA2p4U+jYtvtHNJQy5yrqZv1uwF8Og5EGnrfq7tFdmhtgCVft8V2ep38Wjo2s
QofvuJlDxgXEkIkJicyTbsCzCTETpBhGNkCAeC++v2dq6ymwwtBOxBqf5/4dHkZU
AJW0oVuAyFQF5V3oGrCin8ApP7sL4fzKX8MHyvqCID28+MA06CKs6/jDp0NUSK3i
Z73Autaz8W4zSSZjD/zl0qmUiB/YE7CL4dwATLk7Ny4GhL7/prs0nbkmjQTKpiyb
qJkkDOgWJ56q/bgtHZ65ma9FPzC5SJqJXmCQKNMCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBQWQKdLZT8RFmZokKS85xlIFYWCAzAfBgNVHSMEGDAWgBQ3UY0YCSOn88AG
U+wSvHArlaq5BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L04xR05HQWtqcF9QQUJsUHNFcnh3SzVXcXVRYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8x
L0ZrQ25TMlVfRVJabWFKQ2t2T2NaU0JXRmdnTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
ZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8xL04xR05HQWtqcF9Q
QUJsUHNFcnh3SzVXcXVRYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQAwf/dAwQBwf/sMAwDBAPCGxgD
BAHCGxwwDQYJKoZIhvcNAQELBQADggEBAEgcKmTAr9a83EQ054TgTlAcFFuG3MZX
VKneRDkuW97LELeZy9FjfbH3TuUjl3uc/YRcS6bJEGz5sC+5aBGZ+A4YCnx8tyGN
/WwOw9aOz7E2eV2q1oDNYFM3ntzN3yeYY9WF/N5Prfw6Ns3K97mXepo60Z/mJO+0
4hXRpC69fVf+P7G/ro20av6zsTAlEzrgh8tPBpWtY/Ow/MXjC/tgS9SW0KHkKk4H
TEWhL7VgBCw1EoLzkTuo7HdhALkXnPIi8dnymsnUPRa0ArZSQ3heGtyLYQPsMBIP
+1w3X3/M+CFWPk2nib1TAc0de9V/aoJQD6jReHy3VfjJMpGlmEp1+R8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:39 2024 by rpki-client on console-fra.rpki-client.org