Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/FIOky-QUmGB03sY-Oc1JOU_6S44.roa
File: FIOky-QUmGB03sY-Oc1JOU_6S44.roa (raw, json)
Hash identifier: zZSMF50aQkc/QnrOt/JO5abb5x6OlNfSfulYCJGgfSw=
Subject key identifier: 14:83:A4:CB:E4:14:98:60:74:DE:C6:3E:39:CD:49:39:4F:FA:4B:8E
Certificate issuer: /CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4
Certificate serial: 024A2C0A
Authority key identifier: 77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/FIOky-QUmGB03sY-Oc1JOU_6S44.roa
Signing time: Sat 01 Jan 2022 01:57:27 +0000
ROA not before: Sat 01 Jan 2022 01:57:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35070
IP address blocks: 185.223.228.0/22 maxlen: 24
185.223.228.0/24 maxlen: 24
185.223.231.0/24 maxlen: 24
185.223.230.0/24 maxlen: 24
185.223.229.0/24 maxlen: 24
2a0d:4040::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38415370 (0x24a2c0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4
Validity
Not Before: Jan 1 01:57:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1483a4cbe414986074dec63e39cd49394ffa4b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a7:ca:7e:00:52:f2:1e:cd:0d:cd:54:05:44:
fb:fa:a7:d0:b6:77:10:f8:2b:56:0d:62:5d:35:a5:
13:1a:4c:7b:bd:2c:86:cf:84:4b:ae:81:34:ad:61:
8b:e3:d3:b0:e6:a8:0e:9b:50:fc:d1:e4:61:6c:20:
88:a4:83:a7:ce:27:5c:35:44:e8:5c:e2:98:02:12:
c7:93:53:b8:6e:b0:34:a7:9d:34:89:52:08:c5:69:
54:37:59:0d:cd:4d:4f:7d:e5:dd:24:25:4a:aa:b6:
f8:ef:ed:fc:3e:3b:05:82:68:6b:7a:09:d2:6b:9a:
08:1d:c0:dc:29:28:bf:9b:42:e4:a5:6e:ee:d5:35:
d0:a4:a2:2c:42:1a:e1:36:36:ed:fc:3c:9d:77:20:
dc:bd:d8:dd:1e:f1:6e:0e:3d:42:78:36:25:33:59:
47:3a:96:4e:2e:cb:8a:11:f0:2e:40:6d:be:86:59:
b8:cf:2c:d1:94:9f:bd:2c:d7:27:24:fa:6d:01:d7:
26:0d:95:52:99:b1:2d:a8:63:fb:02:95:2f:3e:b1:
50:bd:7d:77:25:4f:fb:2c:28:4a:b2:18:c0:19:48:
38:36:67:ee:c4:c6:a7:8e:43:87:39:fa:9a:10:70:
6c:b4:07:37:b3:b1:40:25:a0:a7:37:45:4e:f9:f9:
aa:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:83:A4:CB:E4:14:98:60:74:DE:C6:3E:39:CD:49:39:4F:FA:4B:8E
X509v3 Authority Key Identifier:
keyid:77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/FIOky-QUmGB03sY-Oc1JOU_6S44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/d8xGrelXyPBmpcb-JTEKTPWn6dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.228.0/22
IPv6:
2a0d:4040::/29
Signature Algorithm: sha256WithRSAEncryption
50:c7:01:21:f1:d0:a6:d8:9e:d1:33:51:e6:ab:a7:08:de:f1:
15:cb:05:f2:7f:38:5e:fa:7c:35:f6:67:ba:6f:99:b4:19:f7:
fa:45:f3:3c:db:5d:79:cf:bb:85:ae:f8:4b:ea:37:06:24:2a:
13:f9:b8:f6:e9:a0:18:a6:76:bb:3a:e1:1b:eb:39:c8:f8:78:
83:f6:13:a0:a6:98:c8:00:5e:66:67:59:cf:62:98:96:e0:e9:
7f:23:0f:1b:e5:47:58:5e:b6:cd:35:75:93:63:dd:3d:0e:4e:
1b:cb:37:6e:6d:9f:f0:61:c4:34:36:6e:68:3a:2b:3a:76:38:
23:b9:fc:45:88:4e:71:1f:79:8f:e0:94:20:10:ca:d9:13:8e:
8c:06:fa:44:4f:fc:b6:19:e4:ec:6c:f3:fd:1e:6d:ed:d3:44:
80:d5:3a:67:bf:2a:b3:71:5d:1f:76:b0:b8:21:df:dd:aa:27:
9a:f4:32:15:67:e6:16:83:46:0d:5d:21:28:9e:47:8c:51:33:
de:2e:b9:ce:4d:58:19:2d:7d:f6:55:e5:9f:93:a3:c3:9c:8a:
12:1b:d0:1f:6a:53:ec:2a:2b:0e:e0:c0:c0:f9:fe:86:7c:b8:
32:7b:e5:ec:a4:59:fa:f2:70:b6:30:cb:92:b8:eb:9e:19:86:
79:c3:59:d9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAkosCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2NjNDZhZGU5NTdjOGYwNjZhNWM2ZmUyNTMxMGE0Y2Y1YTdlOWQ0MB4XDTIyMDEw
MTAxNTcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQ4M2E0Y2JlNDE0
OTg2MDc0ZGVjNjNlMzljZDQ5Mzk0ZmZhNGI4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKnyn4AUvIezQ3NVAVE+/qn0LZ3EPgrVg1iXTWlExpMe70s
hs+ES66BNK1hi+PTsOaoDptQ/NHkYWwgiKSDp84nXDVE6FzimAISx5NTuG6wNKed
NIlSCMVpVDdZDc1NT33l3SQlSqq2+O/t/D47BYJoa3oJ0muaCB3A3Ckov5tC5KVu
7tU10KSiLEIa4TY27fw8nXcg3L3Y3R7xbg49Qng2JTNZRzqWTi7LihHwLkBtvoZZ
uM8s0ZSfvSzXJyT6bQHXJg2VUpmxLahj+wKVLz6xUL19dyVP+ywoSrIYwBlIODZn
7sTGp45Dhzn6mhBwbLQHN7OxQCWgpzdFTvn5qpUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQUg6TL5BSYYHTexj45zUk5T/pLjjAfBgNVHSMEGDAWgBR3zEat6VfI8Gal
xv4lMQpM9afp1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q4eEdyZWxYeVBCbXBjYi1KVEVLVFBXbjZkUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvZDYxYjU0LWVlOWYtNGUwMC1iMWUzLWY3ZDAyNzU2MDA1OC8x
L0ZJT2t5LVFVbUdCMDNzWS1PYzFKT1VfNlM0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
ZDYxYjU0LWVlOWYtNGUwMC1iMWUzLWY3ZDAyNzU2MDA1OC8xL2Q4eEdyZWxYeVBC
bXBjYi1KVEVLVFBXbjZkUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnf5DANBAIAAjAHAwUDKg1AQDAN
BgkqhkiG9w0BAQsFAAOCAQEAUMcBIfHQptie0TNR5qunCN7xFcsF8n84Xvp8NfZn
um+ZtBn3+kXzPNtdec+7ha74S+o3BiQqE/m49umgGKZ2uzrhG+s5yPh4g/YToKaY
yABeZmdZz2KYluDpfyMPG+VHWF62zTV1k2PdPQ5OG8s3bm2f8GHENDZuaDorOnY4
I7n8RYhOcR95j+CUIBDK2ROOjAb6RE/8thnk7Gzz/R5t7dNEgNU6Z78qs3FdH3aw
uCHf3aonmvQyFWfmFoNGDV0hKJ5HjFEz3i65zk1YGS199lXln5Ojw5yKEhvQH2pT
7CorDuDAwPn+hny4Mnvl7KRZ+vJwtjDLkrjrnhmGecNZ2Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:20 2023 by rpki-client on console-ams.rpki-client.org