Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/si86P2roze0igJYi9Um3cS6A3mA.roa
File: si86P2roze0igJYi9Um3cS6A3mA.roa (raw, json)
Hash identifier: 0pThpokNIJFC38siqboWSESpeHFfhZ0/71KD7eDRtpM=
Subject key identifier: B2:2F:3A:3F:6A:E8:CD:ED:22:80:96:22:F5:49:B7:71:2E:80:DE:60
Certificate issuer: /CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Certificate serial: 0184DEDF529350DD1822899276AE5E8BB1E3
Authority key identifier: FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/si86P2roze0igJYi9Um3cS6A3mA.roa
Signing time: Sun 04 Dec 2022 20:41:28 +0000
ROA not before: Sun 04 Dec 2022 20:41:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50272
IP address blocks: 185.41.64.0/22 maxlen: 24
62.24.32.0/19 maxlen: 19
185.155.140.0/22 maxlen: 24
185.155.143.0/24 maxlen: 24
2a03:1400::/32 maxlen: 32
2a07:33c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:de:df:52:93:50:dd:18:22:89:92:76:ae:5e:8b:b1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Validity
Not Before: Dec 4 20:41:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b22f3a3f6ae8cded22809622f549b7712e80de60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bf:b6:10:9a:27:b8:00:97:1e:8e:eb:7c:08:
dd:1c:13:ce:01:46:ef:c1:1f:9e:57:b6:28:e3:63:
5e:28:e9:db:a0:78:70:c4:51:55:ff:b0:7c:1f:f0:
5e:b0:70:92:ff:95:60:dc:f2:bc:d9:c8:71:8d:ff:
d8:1d:ad:58:80:ac:45:c9:21:13:29:61:e2:a1:a3:
bb:b0:be:3c:39:fb:9b:55:f4:0d:3f:a7:09:af:55:
a7:44:80:02:0e:64:19:d8:36:16:4f:31:d7:e7:d3:
eb:a2:9d:fd:cb:83:61:e5:ec:29:88:c1:e7:12:34:
ae:80:4e:06:1e:3f:72:31:6d:bd:03:07:bf:ec:d5:
99:33:de:2d:f4:e9:ca:55:89:6b:08:ba:64:a5:d5:
07:a4:56:cf:2a:83:5e:4e:24:e1:9f:f5:65:82:6e:
c6:26:6b:25:4e:36:e0:e5:34:c0:0a:90:f1:6e:b2:
e8:c1:9e:29:4c:9b:29:22:b5:2d:1f:32:a2:27:d4:
31:cf:53:b6:bd:29:22:4c:5c:cb:23:58:01:5f:81:
45:8d:d8:b5:47:90:e5:91:94:39:01:b5:74:67:4e:
32:4b:23:0c:9f:8b:4f:e5:10:47:f1:fc:a0:a6:dc:
49:01:1a:b9:a5:aa:64:a3:e6:34:32:ec:66:06:ca:
06:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2F:3A:3F:6A:E8:CD:ED:22:80:96:22:F5:49:B7:71:2E:80:DE:60
X509v3 Authority Key Identifier:
keyid:FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/si86P2roze0igJYi9Um3cS6A3mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.24.32.0/19
185.41.64.0/22
185.155.140.0/22
IPv6:
2a03:1400::/32
2a07:33c0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:7f:a9:48:6b:30:b3:9f:5a:36:d8:29:e0:41:23:75:4d:1c:
9e:ce:dc:59:42:59:ed:f1:e1:bb:9f:92:52:9d:53:1b:18:74:
bb:fe:70:51:02:04:1f:1f:24:b8:52:59:93:3a:a7:fc:de:9a:
0d:2b:6f:36:57:b5:63:8b:dd:0b:0a:57:f2:64:f3:94:b9:b7:
6d:0d:34:a4:a7:c5:a0:97:d2:2e:87:2d:d8:c5:d1:6f:43:a0:
f9:3d:bb:aa:09:bc:7c:c7:b8:6e:29:db:98:ce:d3:9a:de:64:
be:0c:07:41:2e:10:89:75:87:25:21:c7:d5:3d:d5:dd:63:d9:
8c:99:e4:89:ec:b3:d0:8d:03:b9:4c:32:4d:a2:f9:95:f5:1b:
0b:45:60:30:59:7b:59:cb:63:db:f9:1d:57:44:49:7e:e5:2e:
29:fc:97:2f:33:3d:63:1e:b1:f6:c9:ce:03:3d:84:ef:74:f1:
dd:df:c9:12:d1:22:99:5a:9d:e0:ac:b2:89:17:1e:04:de:a7:
bd:59:b7:d9:41:7d:91:04:d2:28:c0:e1:9d:c1:02:38:b2:b5:
4b:a3:e7:79:00:7f:6a:ff:03:f4:63:0a:b2:7c:9b:de:f6:88:
ce:e1:b3:c2:31:f7:89:c5:de:98:7d:b3:64:41:60:54:c2:8a:
60:29:7b:10
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYTe31KTUN0YIomSdq5ei7HjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYTk4YjFkMGVjY2NjNGY2ZmYxYTdlN2RiODRiNGJiMmY1
NWIwOGQwHhcNMjIxMjA0MjA0MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjJmM2EzZjZhZThjZGVkMjI4MDk2MjJmNTQ5Yjc3MTJlODBkZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7+2EJonuACXHo7rfAjdHBPOAUbv
wR+eV7Yo42NeKOnboHhwxFFV/7B8H/BesHCS/5Vg3PK82chxjf/YHa1YgKxFySET
KWHioaO7sL48OfubVfQNP6cJr1WnRIACDmQZ2DYWTzHX59Prop39y4Nh5ewpiMHn
EjSugE4GHj9yMW29Awe/7NWZM94t9OnKVYlrCLpkpdUHpFbPKoNeTiThn/Vlgm7G
JmslTjbg5TTACpDxbrLowZ4pTJspIrUtHzKiJ9Qxz1O2vSkiTFzLI1gBX4FFjdi1
R5DlkZQ5AbV0Z04ySyMMn4tP5RBH8fygptxJARq5papko+Y0MuxmBsoGxwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLIvOj9q6M3tIoCWIvVJt3EugN5gMB8GA1UdIwQY
MBaAFPypix0OzMxPb/Gn59uEtLsvVbCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzIt
NThmMGYzMjVjMmI4LzEvc2k4NlAycm96ZTBpZ0pZaTlVbTNjUzZBM21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzItNThmMGYzMjVjMmI4
LzEvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQFPhggAwQC
uSlAAwQCuZuMMBQEAgACMA4DBQAqAxQAAwUDKgczwDANBgkqhkiG9w0BAQsFAAOC
AQEASn+pSGsws59aNtgp4EEjdU0cns7cWUJZ7fHhu5+SUp1TGxh0u/5wUQIEHx8k
uFJZkzqn/N6aDStvNle1Y4vdCwpX8mTzlLm3bQ00pKfFoJfSLoct2MXRb0Og+T27
qgm8fMe4binbmM7Tmt5kvgwHQS4QiXWHJSHH1T3V3WPZjJnkieyz0I0DuUwyTaL5
lfUbC0VgMFl7Wctj2/kdV0RJfuUuKfyXLzM9Yx6x9snOAz2E73Tx3d/JEtEimVqd
4KyyiRceBN6nvVm32UF9kQTSKMDhncECOLK1S6PneQB/av8D9GMKsnyb3vaIzuGz
wjH3icXemH2zZEFgVMKKYCl7EA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org