Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/FQzlX8WRFQIK3i-cTOEDUZn8qss.roa
File: FQzlX8WRFQIK3i-cTOEDUZn8qss.roa (raw, json)
Hash identifier: RHifkep/LM5+btwx5dX78kukCW+S6Cbq5vIiZ+nkDl8=
Subject key identifier: 15:0C:E5:5F:C5:91:15:02:0A:DE:2F:9C:4C:E1:03:51:99:FC:AA:CB
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 01853FDACBE498C65211DE2C650B0C79068E
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/FQzlX8WRFQIK3i-cTOEDUZn8qss.roa
Signing time: Fri 23 Dec 2022 16:39:41 +0000
ROA not before: Fri 23 Dec 2022 16:39:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14576
IP address blocks: 85.239.35.0/24 maxlen: 24
85.239.48.0/22 maxlen: 24
85.239.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:da:cb:e4:98:c6:52:11:de:2c:65:0b:0c:79:06:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Dec 23 16:39:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=150ce55fc59115020ade2f9c4ce1035199fcaacb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:1e:cc:1d:05:40:6e:73:55:35:e7:de:8f:
97:90:8d:f8:ad:8c:26:b7:b3:50:e2:99:94:91:a7:
0f:ee:8d:1b:68:1d:cb:78:ce:e4:17:1a:37:42:0f:
2f:0b:0b:18:28:cb:b6:31:a6:fd:77:a8:ba:4f:2e:
a6:2b:43:85:7e:8a:8f:db:66:be:02:1d:63:29:6a:
05:4f:c4:7c:8e:99:a8:e6:7b:22:58:97:09:32:5a:
2a:eb:ac:4b:1e:e7:ca:62:97:f1:9e:c0:9b:68:ee:
cf:96:06:54:f4:ca:c6:be:c6:87:5b:6b:f0:d4:ff:
39:47:bc:0a:62:c2:51:ed:c5:4b:a9:d4:1d:b0:f3:
ed:4b:3c:23:d2:9e:0b:1a:68:20:89:93:f1:71:33:
cf:3c:20:49:41:1d:3b:76:69:81:03:13:0f:5d:fe:
60:ff:85:b4:92:34:17:05:f5:a2:85:52:2d:00:56:
d0:f5:dd:8f:91:70:e5:a0:48:f3:6d:11:c0:07:90:
53:32:69:c0:7a:a3:31:dd:bd:30:e5:d8:e3:5e:b0:
17:6e:f5:bc:a2:a6:ca:92:77:3f:5a:f2:62:d1:18:
a0:5d:a7:df:5d:31:e4:52:bc:84:b0:c4:fd:46:ee:
51:fa:8c:b4:89:8d:f4:ea:7f:85:1b:58:01:ea:38:
ed:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:0C:E5:5F:C5:91:15:02:0A:DE:2F:9C:4C:E1:03:51:99:FC:AA:CB
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/FQzlX8WRFQIK3i-cTOEDUZn8qss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.35.0/24
85.239.48.0/22
85.239.56.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:c2:77:32:06:0e:08:58:b3:3b:d0:b6:5b:cf:52:d3:a9:3f:
26:80:cc:d2:c4:00:89:cb:58:47:d6:78:08:d2:64:fd:5f:4f:
4b:2b:dd:31:b2:b2:68:93:1b:9b:98:d6:ac:da:70:74:30:f3:
32:4b:c2:bc:c0:86:46:19:3e:b2:1f:86:44:fa:b6:11:5c:3e:
aa:97:f4:78:2d:79:f0:d5:4a:b5:17:08:3e:c3:33:92:96:27:
05:d7:bb:d7:6e:c1:e8:3f:49:a2:e9:1c:e3:2f:a8:1d:79:b8:
fd:17:a0:ea:0a:c7:8c:61:06:eb:97:c1:27:46:bc:7e:88:48:
93:d0:10:ad:ed:72:20:00:36:9f:1c:cf:e0:a6:15:9b:58:2a:
2d:9b:31:81:db:69:de:c0:bf:e6:32:b1:b3:d9:da:a7:55:32:
a1:2c:6d:31:b1:52:c3:cd:80:19:f1:b1:fc:63:9c:86:ad:96:
73:04:b9:a8:ff:49:ea:7e:51:c2:21:c6:e3:7f:bf:49:a0:0f:
16:a4:3b:a3:dc:62:76:71:b7:21:2e:5b:57:42:ae:37:1b:91:
17:8b:62:88:90:38:cd:b0:05:4b:5a:b2:ea:20:59:d1:c6:9b:
98:ff:a2:05:25:a2:83:c6:28:b3:6e:16:e3:10:35:7f:c8:1b:
93:79:d8:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYU/2svkmMZSEd4sZQsMeQaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjIxMjIzMTYzOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTBjZTU1ZmM1OTExNTAyMGFkZTJmOWM0Y2UxMDM1MTk5ZmNhYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsYezB0FQG5zVTXn3o+XkI34rYwm
t7NQ4pmUkacP7o0baB3LeM7kFxo3Qg8vCwsYKMu2Mab9d6i6Ty6mK0OFfoqP22a+
Ah1jKWoFT8R8jpmo5nsiWJcJMloq66xLHufKYpfxnsCbaO7PlgZU9MrGvsaHW2vw
1P85R7wKYsJR7cVLqdQdsPPtSzwj0p4LGmggiZPxcTPPPCBJQR07dmmBAxMPXf5g
/4W0kjQXBfWihVItAFbQ9d2PkXDloEjzbRHAB5BTMmnAeqMx3b0w5djjXrAXbvW8
oqbKknc/WvJi0RigXaffXTHkUryEsMT9Ru5R+oy0iY306n+FG1gB6jjtdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBUM5V/FkRUCCt4vnEzhA1GZ/KrLMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvRlF6bFg4V1JGUUlLM2ktY1RPRURVWm44cXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVe8jAwQC
Ve8wAwQCVe84MA0GCSqGSIb3DQEBCwUAA4IBAQC2wncyBg4IWLM70LZbz1LTqT8m
gMzSxACJy1hH1ngI0mT9X09LK90xsrJokxubmNas2nB0MPMyS8K8wIZGGT6yH4ZE
+rYRXD6ql/R4LXnw1Uq1Fwg+wzOSlicF17vXbsHoP0mi6RzjL6gdebj9F6DqCseM
YQbrl8EnRrx+iEiT0BCt7XIgADafHM/gphWbWCotmzGB22newL/mMrGz2dqnVTKh
LG0xsVLDzYAZ8bH8Y5yGrZZzBLmo/0nqflHCIcbjf79JoA8WpDuj3GJ2cbchLltX
Qq43G5EXi2KIkDjNsAVLWrLqIFnRxpuY/6IFJaKDxiizbhbjEDV/yBuTedgH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:28 2024 by rpki-client on console-ams.rpki-client.org