Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/1fvhZlbLgznll5PKJLix2FiZ0C4.roa
File: 1fvhZlbLgznll5PKJLix2FiZ0C4.roa (raw, json)
Hash identifier: u1rkFgLJ0ZQUGSxmJUCupBu+DA1id97qbml9YeXmfeI=
Subject key identifier: D5:FB:E1:66:56:CB:83:39:E5:97:93:CA:24:B8:B1:D8:58:99:D0:2E
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 01853FF0C4141213AC3EC6630F98E320A4D9
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/1fvhZlbLgznll5PKJLix2FiZ0C4.roa
Signing time: Fri 23 Dec 2022 17:03:41 +0000
ROA not before: Fri 23 Dec 2022 17:03:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49453
IP address blocks: 185.152.92.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:f0:c4:14:12:13:ac:3e:c6:63:0f:98:e3:20:a4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Dec 23 17:03:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5fbe16656cb8339e59793ca24b8b1d85899d02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:00:92:f4:79:01:f6:f0:1c:55:a7:e8:3d:29:
93:b2:c2:96:08:76:f6:30:5a:90:46:a0:9b:13:cd:
4e:e7:60:aa:ec:41:be:a4:51:ff:41:f2:3d:5d:d4:
31:40:2f:a0:14:b3:9b:d1:54:21:7c:ba:b7:c3:49:
22:6e:53:92:f7:fd:fe:94:89:de:aa:34:26:75:43:
6b:9e:42:a9:ea:4b:ba:85:7f:66:47:c8:dd:9c:d6:
b2:0e:1b:f1:1b:4f:fe:0f:26:a6:eb:71:fa:df:e0:
de:24:d5:5c:92:83:7c:c0:29:e5:72:8a:c7:da:2d:
4e:ba:c0:b1:84:e4:55:cb:78:7c:51:f8:5e:34:7e:
e5:28:e4:76:69:c3:4f:ee:b3:b3:0a:b2:ca:73:5c:
c3:af:e0:4b:be:fe:30:fb:96:f3:b5:a2:7d:59:c4:
49:4f:85:74:b4:07:09:6b:e3:2f:d8:eb:fa:9b:71:
dc:a2:9c:e1:b5:88:d5:0c:07:05:0d:75:2c:e5:a8:
95:60:e7:e7:0d:6a:14:91:bd:5d:8b:d4:76:26:35:
14:ab:fb:ef:6a:0c:9f:b5:69:1d:67:ff:fc:3a:ce:
f5:9a:1d:79:28:89:50:6a:8a:7a:3f:76:eb:21:41:
8b:3f:fa:c8:59:51:84:19:93:d6:03:fe:03:75:22:
55:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:FB:E1:66:56:CB:83:39:E5:97:93:CA:24:B8:B1:D8:58:99:D0:2E
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/1fvhZlbLgznll5PKJLix2FiZ0C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.92.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:ae:d3:df:db:e7:d9:8b:f4:6a:2b:5a:e6:f6:29:a9:f1:39:
c9:24:b6:84:e5:1e:c5:f2:3a:09:9a:ab:76:20:f4:43:41:e7:
1a:45:f0:50:a3:d6:4e:df:0e:6c:32:3c:16:b4:47:6f:2f:71:
56:ca:3e:47:0d:2f:56:c2:7f:c2:3e:e1:89:2e:79:6f:6c:8b:
b7:69:ae:72:76:4f:ca:17:8a:dd:d8:16:17:80:8d:d7:98:dc:
bb:1b:70:ea:36:5d:1b:b1:7f:9d:2d:e9:63:9e:8e:db:2f:a6:
de:c5:7b:69:e5:63:fd:20:c3:61:68:ab:96:26:80:ae:36:e0:
2e:d4:8b:ef:cf:d1:64:ce:ce:89:c1:1c:fe:e1:68:e6:b2:df:
1b:1e:2d:9c:ca:19:c4:19:64:8b:2b:03:43:80:5a:f0:0c:e1:
eb:c9:34:0e:0b:5b:f4:f7:34:cd:0b:38:e5:77:88:7d:02:52:
6e:15:9c:86:47:95:43:51:03:4d:11:96:20:07:5b:3f:a6:91:
3e:db:3c:f9:96:f9:9f:26:af:f8:04:d4:df:95:a7:aa:f7:50:
c9:e7:97:40:b3:35:67:fa:3d:58:c8:29:e0:d2:7c:2f:ce:d4:
ae:8a:c8:65:bc:82:19:9e:1a:ae:a1:a0:d8:48:63:54:46:63:
f6:b5:a5:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU/8MQUEhOsPsZjD5jjIKTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjIxMjIzMTcwMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWZiZTE2NjU2Y2I4MzM5ZTU5NzkzY2EyNGI4YjFkODU4OTlkMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQCS9HkB9vAcVafoPSmTssKWCHb2
MFqQRqCbE81O52Cq7EG+pFH/QfI9XdQxQC+gFLOb0VQhfLq3w0kiblOS9/3+lIne
qjQmdUNrnkKp6ku6hX9mR8jdnNayDhvxG0/+Dyam63H63+DeJNVckoN8wCnlcorH
2i1OusCxhORVy3h8UfheNH7lKOR2acNP7rOzCrLKc1zDr+BLvv4w+5bztaJ9WcRJ
T4V0tAcJa+Mv2Ov6m3HcopzhtYjVDAcFDXUs5aiVYOfnDWoUkb1di9R2JjUUq/vv
agyftWkdZ//8Os71mh15KIlQaop6P3brIUGLP/rIWVGEGZPWA/4DdSJVuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNX74WZWy4M55ZeTyiS4sdhYmdAuMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvMWZ2aFpsYkxnem5sbDVQS0pMaXgyRmlaMEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZhcMA0G
CSqGSIb3DQEBCwUAA4IBAQCgrtPf2+fZi/RqK1rm9imp8TnJJLaE5R7F8joJmqt2
IPRDQecaRfBQo9ZO3w5sMjwWtEdvL3FWyj5HDS9Wwn/CPuGJLnlvbIu3aa5ydk/K
F4rd2BYXgI3XmNy7G3DqNl0bsX+dLeljno7bL6bexXtp5WP9IMNhaKuWJoCuNuAu
1Ivvz9Fkzs6JwRz+4Wjmst8bHi2cyhnEGWSLKwNDgFrwDOHryTQOC1v09zTNCzjl
d4h9AlJuFZyGR5VDUQNNEZYgB1s/ppE+2zz5lvmfJq/4BNTflaeq91DJ55dAszVn
+j1YyCng0nwvztSuishlvIIZnhquoaDYSGNURmP2taX4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org