Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/fCMKZ1TNeUjCKW7CFkRNMeegHBM.roa
File: fCMKZ1TNeUjCKW7CFkRNMeegHBM.roa (raw, json)
Hash identifier: oI2IfObzs/76j1PAxMEpuefwugsUPXudKs7sr8aoPqg=
Subject key identifier: 7C:23:0A:67:54:CD:79:48:C2:29:6E:C2:16:44:4D:31:E7:A0:1C:13
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 372C5B6C
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/fCMKZ1TNeUjCKW7CFkRNMeegHBM.roa
Signing time: Sat 01 Jan 2022 07:54:30 +0000
ROA not before: Sat 01 Jan 2022 07:54:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42418
IP address blocks: 185.25.143.0/24 maxlen: 24
80.70.0.0/24 maxlen: 24
2a02:22c8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925653868 (0x372c5b6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Jan 1 07:54:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c230a6754cd7948c2296ec216444d31e7a01c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:98:bf:ca:41:26:37:c8:10:dd:e3:cd:38:a8:
73:63:42:c8:61:15:9f:be:a6:40:2f:57:d4:e7:73:
24:dd:f4:e7:cb:4f:c8:c5:a2:a7:c3:32:34:bf:51:
d2:0c:d7:2a:27:76:d0:91:ea:b9:e5:f9:df:3b:30:
4b:95:20:42:32:ef:65:21:f7:3c:6d:f8:5d:03:9a:
a9:1a:b0:c4:91:e3:4f:41:02:ce:75:0b:25:85:df:
bd:a0:5d:e2:70:26:41:49:97:33:94:e1:76:56:2e:
cd:6f:2c:26:77:91:c0:3f:dc:a3:b4:54:c9:ff:6a:
27:c7:90:7b:36:bf:a3:d6:35:83:8b:ea:5f:fc:47:
13:01:07:0c:f5:20:ab:a2:cc:a0:08:b6:89:07:15:
4b:62:05:9f:bb:98:dd:2b:04:e3:c8:7e:44:87:10:
44:74:3d:a2:49:cf:ba:03:c3:02:f8:fc:a3:61:82:
63:5c:de:04:81:63:2e:e7:5f:17:3c:ea:2e:b2:15:
be:18:7a:89:62:bf:54:75:38:7d:37:32:76:cf:74:
99:9a:4f:70:43:b7:97:b2:38:86:f3:c4:a0:49:f0:
63:82:8d:d1:de:77:07:3e:5f:bb:2c:fb:2b:8b:c1:
54:08:b6:df:27:42:18:d3:00:fe:13:b6:77:67:0a:
38:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:23:0A:67:54:CD:79:48:C2:29:6E:C2:16:44:4D:31:E7:A0:1C:13
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/fCMKZ1TNeUjCKW7CFkRNMeegHBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.0.0/24
185.25.143.0/24
IPv6:
2a02:22c8::/48
Signature Algorithm: sha256WithRSAEncryption
31:d4:bc:d0:5d:48:27:dd:74:38:c7:fd:90:09:e5:4a:e1:cb:
cc:e8:28:89:3c:b4:0d:5a:32:50:bc:a4:79:9b:8e:ef:2a:d5:
6b:29:56:1f:e2:b2:b4:47:7e:0a:c1:43:de:d8:27:64:1c:02:
15:fc:b8:ed:5b:a0:8b:08:ec:5b:19:06:d8:0a:2a:75:cb:25:
2b:9f:5c:c3:f5:7e:31:94:d8:80:4e:75:aa:6b:20:af:74:85:
6a:12:61:e7:7b:b6:0f:32:75:19:d7:69:44:66:7a:57:00:49:
34:d6:0f:cb:d2:99:8f:fd:53:3e:9a:97:20:6a:4e:ec:a4:10:
49:11:55:70:b3:3c:91:5f:b2:ac:38:50:86:69:ee:e4:ae:a5:
d9:8e:cd:a7:6e:03:13:c2:10:e2:6c:50:91:99:64:b4:73:8b:
5a:21:a8:f7:be:22:9c:ba:2f:8c:71:b3:ac:f1:a0:2b:78:23:
b2:dc:ff:2f:56:0a:0d:f8:24:d7:b8:89:fa:ab:dc:3a:24:a1:
38:29:2d:ec:2e:14:93:8d:86:37:5f:0f:3e:45:5a:b9:00:89:
b6:e4:99:c1:29:e0:67:b6:a9:c7:1c:03:e5:6f:03:b3:b4:77:
ed:7c:a0:bc:90:0b:44:ad:1c:12:65:06:74:8a:f4:3e:4a:e8:
17:36:44:53
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIENyxbbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGU3MjA1ZjVkNDEyNTdhNmJiOTVmOTAwZWVjMGExMTIzZTc1MTY0MB4XDTIyMDEw
MTA3NTQzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MyMzBhNjc1NGNk
Nzk0OGMyMjk2ZWMyMTY0NDRkMzFlN2EwMWMxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANuYv8pBJjfIEN3jzTioc2NCyGEVn76mQC9X1OdzJN3058tP
yMWip8MyNL9R0gzXKid20JHqueX53zswS5UgQjLvZSH3PG34XQOaqRqwxJHjT0EC
znULJYXfvaBd4nAmQUmXM5ThdlYuzW8sJneRwD/co7RUyf9qJ8eQeza/o9Y1g4vq
X/xHEwEHDPUgq6LMoAi2iQcVS2IFn7uY3SsE48h+RIcQRHQ9oknPugPDAvj8o2GC
Y1zeBIFjLudfFzzqLrIVvhh6iWK/VHU4fTcyds90mZpPcEO3l7I4hvPEoEnwY4KN
0d53Bz5fuyz7K4vBVAi23ydCGNMA/hO2d2cKOJcCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBR8IwpnVM15SMIpbsIWRE0x56AcEzAfBgNVHSMEGDAWgBSk5yBfXUElemu5
X5AO7AoRI+dRZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BPY2dYMTFCSlhwcnVWLVFEdXdLRVNQblVXUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZjc2MWJkLTVjM2EtNGQyZi04Y2Q5LTNlNTljZTQ0NWIxYy8x
L2ZDTUtaMVROZVVqQ0tXN0NGa1JOTWVlZ0hCTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
Zjc2MWJkLTVjM2EtNGQyZi04Y2Q5LTNlNTljZTQ0NWIxYy8xL3BPY2dYMTFCSlhw
cnVWLVFEdXdLRVNQblVXUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAFBGAAMEALkZjzAPBAIAAjAJAwcA
KgIiyAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAx1LzQXUgn3XQ4x/2QCeVK4cvM6CiJ
PLQNWjJQvKR5m47vKtVrKVYf4rK0R34KwUPe2CdkHAIV/LjtW6CLCOxbGQbYCip1
yyUrn1zD9X4xlNiATnWqayCvdIVqEmHne7YPMnUZ12lEZnpXAEk01g/L0pmP/VM+
mpcgak7spBBJEVVwszyRX7KsOFCGae7krqXZjs2nbgMTwhDibFCRmWS0c4taIaj3
viKcui+McbOs8aAreCOy3P8vVgoN+CTXuIn6q9w6JKE4KS3sLhSTjYY3Xw8+RVq5
AIm25JnBKeBntqnHHAPlbwOztHftfKC8kAtErRwSZQZ0ivQ+SugXNkRT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:51 2024 by rpki-client on console-ams.rpki-client.org