Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/_Pg7j6yElA1VuXGqeHWgnResTLs.roa
File: _Pg7j6yElA1VuXGqeHWgnResTLs.roa (raw, json)
Hash identifier: nG+42b6VXLlYKVFDwrSzpzUyt3WqPCn1z3hTYF1m+JI=
Subject key identifier: FC:F8:3B:8F:AC:84:94:0D:55:B9:71:AA:78:75:A0:9D:17:AC:4C:BB
Certificate issuer: /CN=851272e4e8186b9cf3d1eb42665c53ce714f4d4b
Certificate serial: 018562815977E684AA0599E8903E0E960A57
Authority key identifier: 85:12:72:E4:E8:18:6B:9C:F3:D1:EB:42:66:5C:53:CE:71:4F:4D:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hRJy5OgYa5zz0etCZlxTznFPTUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/_Pg7j6yElA1VuXGqeHWgnResTLs.roa
Signing time: Fri 30 Dec 2022 10:08:42 +0000
ROA not before: Fri 30 Dec 2022 10:08:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20572
IP address blocks: 195.190.8.0/24 maxlen: 24
2001:67c:2ae4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:81:59:77:e6:84:aa:05:99:e8:90:3e:0e:96:0a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851272e4e8186b9cf3d1eb42665c53ce714f4d4b
Validity
Not Before: Dec 30 10:08:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fcf83b8fac84940d55b971aa7875a09d17ac4cbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:c8:65:04:29:16:ce:ee:8c:87:dc:03:1a:
74:b2:f4:62:87:08:e6:98:52:63:db:70:10:3e:de:
de:a6:e1:f3:e6:65:a6:b9:6a:9d:1b:11:c9:f2:c5:
f9:6d:be:6f:48:81:f6:a8:54:73:bd:85:ac:1a:fb:
80:7c:53:60:ce:5d:c6:1b:82:be:e1:d2:d9:b8:2b:
04:ab:2a:bd:33:4c:18:ba:06:09:0f:25:2e:ec:df:
08:bd:f3:e6:50:43:47:8a:9e:00:81:6d:7e:3b:58:
c1:c8:45:93:ba:33:a0:14:0b:bf:2b:e9:fd:d9:56:
15:a5:60:e1:b6:35:f2:bb:ce:c8:b0:51:72:5e:a6:
75:30:84:a2:1c:8d:de:d4:07:87:01:58:dd:bf:a7:
3f:09:5f:78:be:20:c1:b8:ac:c9:6d:46:90:e1:f6:
44:5f:4f:ef:14:57:ee:63:69:28:8f:4f:a2:d2:2c:
1e:f6:06:7e:15:5b:39:9e:bb:ea:ee:7d:c7:e6:af:
09:6d:85:ce:85:fb:b5:4d:99:72:2f:ed:8e:6d:40:
c3:d8:b9:9b:59:36:f5:20:80:97:1e:c1:a4:71:74:
3d:9b:d9:22:82:5b:19:ba:5e:65:cc:0f:87:25:f7:
65:ef:d0:10:51:39:86:13:f8:45:20:79:34:e5:6b:
89:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F8:3B:8F:AC:84:94:0D:55:B9:71:AA:78:75:A0:9D:17:AC:4C:BB
X509v3 Authority Key Identifier:
keyid:85:12:72:E4:E8:18:6B:9C:F3:D1:EB:42:66:5C:53:CE:71:4F:4D:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRJy5OgYa5zz0etCZlxTznFPTUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/_Pg7j6yElA1VuXGqeHWgnResTLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/hRJy5OgYa5zz0etCZlxTznFPTUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.8.0/24
IPv6:
2001:67c:2ae4::/48
Signature Algorithm: sha256WithRSAEncryption
67:b6:80:07:9e:76:d4:49:6e:f0:90:1a:ef:8c:da:2d:d0:5e:
e0:31:1d:ed:77:b4:8e:ea:08:3e:76:32:bb:d1:53:60:d5:a2:
56:5e:c3:54:6d:38:9e:4e:8a:6a:44:b2:60:f0:94:24:9c:76:
eb:02:43:8f:6d:f5:ab:97:08:74:04:cd:eb:42:68:99:3e:8a:
81:90:8b:ff:02:2e:87:4b:fa:08:a2:8a:d2:2e:34:66:ac:e3:
a7:70:22:db:56:9e:ba:47:60:77:f9:7b:15:83:c1:09:fe:ee:
2e:29:22:d0:96:16:ed:0d:18:c0:d4:f0:dd:e5:1f:40:82:d4:
33:04:89:fa:f0:87:47:37:91:90:5b:c6:a3:5e:b5:87:fb:f8:
bf:b9:ff:21:04:1a:5a:cf:a9:3f:8f:36:58:fd:a1:90:e6:1d:
51:da:20:47:b7:a1:c0:52:be:f9:d1:9d:0f:56:ec:8c:d3:ff:
e1:0a:1f:7a:e7:69:30:14:27:d2:e3:9c:33:c0:17:55:4d:cf:
bb:6d:7b:36:4c:86:53:1c:f6:ad:29:e1:82:77:d8:fc:97:7d:
d4:8a:93:b2:12:ce:a8:fc:23:95:21:a2:2d:dd:de:03:df:d8:
da:87:5e:a8:f0:78:53:56:24:03:0e:8b:63:94:c1:70:c4:55:
c1:0d:ee:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVigVl35oSqBZnokD4OlgpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MTI3MmU0ZTgxODZiOWNmM2QxZWI0MjY2NWM1M2NlNzE0
ZjRkNGIwHhcNMjIxMjMwMTAwODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y4M2I4ZmFjODQ5NDBkNTViOTcxYWE3ODc1YTA5ZDE3YWM0Y2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMfIZQQpFs7ujIfcAxp0svRihwjm
mFJj23AQPt7epuHz5mWmuWqdGxHJ8sX5bb5vSIH2qFRzvYWsGvuAfFNgzl3GG4K+
4dLZuCsEqyq9M0wYugYJDyUu7N8IvfPmUENHip4AgW1+O1jByEWTujOgFAu/K+n9
2VYVpWDhtjXyu87IsFFyXqZ1MISiHI3e1AeHAVjdv6c/CV94viDBuKzJbUaQ4fZE
X0/vFFfuY2koj0+i0iwe9gZ+FVs5nrvq7n3H5q8JbYXOhfu1TZlyL+2ObUDD2Lmb
WTb1IICXHsGkcXQ9m9kiglsZul5lzA+HJfdl79AQUTmGE/hFIHk05WuJOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPz4O4+shJQNVblxqnh1oJ0XrEy7MB8GA1UdIwQY
MBaAFIUScuToGGuc89HrQmZcU85xT01LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJKeTVPZ1lhNXp6MGV0Q1pseFR6bkZQVFVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lZDk0YjEtYjU3My00NWU0LTllMjEt
M2Y0MmM3MTc4MGJjLzEvX1BnN2o2eUVsQTFWdVhHcWVIV2duUmVzVExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lZDk0YjEtYjU3My00NWU0LTllMjEtM2Y0MmM3MTc4MGJj
LzEvaFJKeTVPZ1lhNXp6MGV0Q1pseFR6bkZQVFVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw74IMA8E
AgACMAkDBwAgAQZ8KuQwDQYJKoZIhvcNAQELBQADggEBAGe2gAeedtRJbvCQGu+M
2i3QXuAxHe13tI7qCD52MrvRU2DVolZew1RtOJ5OimpEsmDwlCScdusCQ49t9auX
CHQEzetCaJk+ioGQi/8CLodL+giiitIuNGas46dwIttWnrpHYHf5exWDwQn+7i4p
ItCWFu0NGMDU8N3lH0CC1DMEifrwh0c3kZBbxqNetYf7+L+5/yEEGlrPqT+PNlj9
oZDmHVHaIEe3ocBSvvnRnQ9W7IzT/+EKH3rnaTAUJ9LjnDPAF1VNz7ttezZMhlMc
9q0p4YJ32PyXfdSKk7ISzqj8I5Uhoi3d3gPf2NqHXqjweFNWJAMOi2OUwXDEVcEN
7rU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:18 2024 by rpki-client on console-fra.rpki-client.org