Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/fRHZ8UyWlTd5BDz08vgYFd-x0J0.roa
File: fRHZ8UyWlTd5BDz08vgYFd-x0J0.roa (raw, json)
Hash identifier: 2FXwEWquBN3gk6En1uiKE3FFQbRsktcfXc0yyqrh2XU=
Subject key identifier: 7D:11:D9:F1:4C:96:95:37:79:04:3C:F4:F2:F8:18:15:DF:B1:D0:9D
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01823F8B328CDED3849245DA6AE9A570D440
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/fRHZ8UyWlTd5BDz08vgYFd-x0J0.roa
Signing time: Wed 27 Jul 2022 12:04:23 +0000
ROA not before: Wed 27 Jul 2022 12:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/22 maxlen: 22
2a0d:4a40::/29 maxlen: 29
2a04:27c0::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3f:8b:32:8c:de:d3:84:92:45:da:6a:e9:a5:70:d4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Jul 27 12:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d11d9f14c96953779043cf4f2f81815dfb1d09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0a:b4:d6:e8:4e:42:f4:57:70:c2:b3:15:0b:
eb:16:4a:82:09:b2:e6:12:d8:fa:d7:8d:94:50:8a:
9e:1f:59:64:11:de:e2:ec:e4:38:c1:48:c2:cb:0f:
da:c2:62:56:b3:50:55:b6:27:0c:ea:2a:2f:ce:da:
77:c0:72:f8:a4:33:39:af:ff:0f:ea:ab:26:ca:ea:
c6:a2:77:ce:9b:07:a9:b4:fd:50:e4:fd:b1:bd:55:
31:07:c4:e8:de:96:ef:e7:1b:70:a6:94:39:ab:99:
8b:2f:93:e7:9d:4c:6e:8e:c3:31:7e:b2:a1:5f:7f:
13:61:b1:24:86:85:4e:f7:93:28:f5:d3:fe:c5:26:
6e:c5:96:d6:58:4e:00:bd:55:98:72:ec:56:32:eb:
a3:d4:21:bb:1e:a2:d8:0d:88:84:ca:99:f9:93:e7:
68:16:4a:ad:06:26:90:e7:96:ae:60:e7:9c:03:d3:
94:95:57:e4:87:80:90:c3:0c:08:b2:69:69:b1:4c:
00:44:40:46:57:3e:fd:73:32:92:ba:a1:1a:4a:62:
a7:5f:da:83:ef:19:d1:98:ba:52:66:d5:fc:ad:bb:
42:08:ac:3b:34:ea:46:10:11:09:8a:7b:65:fc:90:
70:ca:c4:03:36:dc:68:97:57:2d:83:06:f4:9e:5d:
2b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:11:D9:F1:4C:96:95:37:79:04:3C:F4:F2:F8:18:15:DF:B1:D0:9D
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/fRHZ8UyWlTd5BDz08vgYFd-x0J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/23
109.74.31.0/24
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:d0:ce:7b:c3:4b:c7:3a:69:0b:5f:3e:5c:de:0d:2d:f3:7d:
d2:31:bd:ab:04:25:e5:8d:5b:46:50:2f:c5:1a:80:df:f2:68:
aa:86:bb:33:9f:bd:61:70:a6:36:12:c3:98:c9:2b:07:1f:4c:
c5:e7:ee:8a:42:22:7f:78:c5:59:3b:5d:9d:98:70:d4:89:d5:
8b:05:cb:4f:a6:ae:45:33:d8:b3:9e:65:5c:35:47:00:d2:27:
49:fc:f9:71:bd:69:70:64:bd:5b:ab:c4:c9:8e:af:6f:d9:c9:
86:5b:bf:09:c2:4f:8c:4c:68:18:42:32:0b:2c:79:c8:12:b7:
eb:62:4b:24:f0:71:c0:08:35:5c:0a:73:db:91:04:df:2d:ca:
f0:e7:52:3b:f6:79:c6:d8:67:ca:f7:17:96:d3:25:1b:b9:85:
2e:7c:22:9e:1a:d4:3c:4e:ba:dd:30:49:84:b7:a2:92:95:e3:
11:ba:6a:e1:6b:90:33:b3:3d:3b:c2:fe:34:4d:61:bf:3d:91:
ea:22:d8:b2:9a:b3:0f:fe:fc:9f:b6:e3:1b:0e:3b:b9:35:c7:
6f:f7:2e:f0:ae:59:c2:87:93:62:94:4c:83:6c:b5:08:bf:3d:
5e:03:f2:b2:7d:26:c6:16:c1:42:f2:3f:5b:b5:d2:94:bd:3c:
05:94:c4:c0
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYI/izKM3tOEkkXaaumlcNRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjIwNzI3MTIwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDExZDlmMTRjOTY5NTM3NzkwNDNjZjRmMmY4MTgxNWRmYjFkMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAq01uhOQvRXcMKzFQvrFkqCCbLm
Etj6142UUIqeH1lkEd7i7OQ4wUjCyw/awmJWs1BVticM6iovztp3wHL4pDM5r/8P
6qsmyurGonfOmweptP1Q5P2xvVUxB8To3pbv5xtwppQ5q5mLL5PnnUxujsMxfrKh
X38TYbEkhoVO95Mo9dP+xSZuxZbWWE4AvVWYcuxWMuuj1CG7HqLYDYiEypn5k+do
FkqtBiaQ55auYOecA9OUlVfkh4CQwwwIsmlpsUwAREBGVz79czKSuqEaSmKnX9qD
7xnRmLpSZtX8rbtCCKw7NOpGEBEJintl/JBwysQDNtxol1ctgwb0nl0rjQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFH0R2fFMlpU3eQQ89PL4GBXfsdCdMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvZlJIWjhVeVdsVGQ1QkR6MDh2Z1lGZC14MEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQDH6uYAwQC
LUL8AwQCLY4YAwQBbUocAwQAbUofAwQCuTVkAwQCuel8AwQBwnFQAwQBwnFeMCIE
AgACMBwDBQMqBCfAAwUDKg1CwAMFAyoNSkADBQMqDtTAMA0GCSqGSIb3DQEBCwUA
A4IBAQCh0M57w0vHOmkLXz5c3g0t833SMb2rBCXljVtGUC/FGoDf8miqhrszn71h
cKY2EsOYySsHH0zF5+6KQiJ/eMVZO12dmHDUidWLBctPpq5FM9iznmVcNUcA0idJ
/PlxvWlwZL1bq8TJjq9v2cmGW78Jwk+MTGgYQjILLHnIErfrYksk8HHACDVcCnPb
kQTfLcrw51I79nnG2GfK9xeW0yUbuYUufCKeGtQ8TrrdMEmEt6KSleMRumrha5Az
sz07wv40TWG/PZHqItiymrMP/vyftuMbDju5Ncdv9y7wrlnCh5NilEyDbLUIvz1e
A/KyfSbGFsFC8j9btdKUvTwFlMTA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:08 2025 by rpki-client