Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/92d208-a22a-421c-8c5b-eaf9da4adef6/1/EPpkQz9342iULuyCTRFGNnJQsV8.roa
File: EPpkQz9342iULuyCTRFGNnJQsV8.roa (raw, json)
Hash identifier: pq2aeVL4PDtOkO1/eyT+a5r5V0r/lGB+1EUOBHwINIg=
Subject key identifier: 10:FA:64:43:3F:77:E3:68:94:2E:EC:82:4D:11:46:36:72:50:B1:5F
Certificate issuer: /CN=fa55d2877132aaadcdf54058acbf9e07eddb598c
Certificate serial: 0184CD75321F26B299060F50C53829C3E98C
Authority key identifier: FA:55:D2:87:71:32:AA:AD:CD:F5:40:58:AC:BF:9E:07:ED:DB:59:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-lXSh3Eyqq3N9UBYrL-eB-3bWYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/92d208-a22a-421c-8c5b-eaf9da4adef6/1/EPpkQz9342iULuyCTRFGNnJQsV8.roa
Signing time: Thu 01 Dec 2022 11:32:00 +0000
ROA not before: Thu 01 Dec 2022 11:32:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25009
IP address blocks: 185.21.112.0/22 maxlen: 24
2a03:240::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:75:32:1f:26:b2:99:06:0f:50:c5:38:29:c3:e9:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa55d2877132aaadcdf54058acbf9e07eddb598c
Validity
Not Before: Dec 1 11:32:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10fa64433f77e368942eec824d1146367250b15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:77:5e:61:2d:2c:78:73:16:d3:c3:c7:b3:07:
b8:58:eb:a7:ce:50:08:b9:aa:53:5f:1a:98:94:e6:
fb:56:f0:0b:c2:00:b1:66:8e:91:e6:57:e3:0a:45:
0b:c5:46:97:8d:ec:30:dd:1d:d5:db:4e:5b:b0:a6:
a9:4e:b6:c9:50:70:43:54:90:99:fa:e6:42:7b:e6:
bb:28:68:2d:32:69:47:1f:a8:74:c4:7e:9a:80:d5:
62:c1:d0:af:e9:53:d2:ff:d9:0f:86:58:7e:c8:02:
55:ed:a8:3d:8e:73:1c:40:0d:a1:c2:c6:6a:ac:ef:
cc:17:d6:b8:a9:55:8b:d8:c5:28:97:5b:32:c4:54:
1b:8f:14:52:81:c4:7d:21:b3:b9:9f:27:21:36:b9:
17:87:6b:20:03:9c:60:09:73:cf:33:37:b3:29:c9:
4c:ce:f8:9e:11:b2:7d:e7:b3:cc:bc:cc:12:df:5e:
80:26:6f:1a:31:7a:8c:02:93:cb:13:15:e1:92:84:
98:36:04:d8:15:df:24:03:fe:a2:a6:af:c9:a8:20:
d4:21:4a:bc:8c:33:93:6c:54:73:5d:a6:91:39:c2:
fc:35:a9:84:6c:39:d4:2c:a8:8f:52:98:57:a8:11:
ba:ca:50:1b:34:c7:35:f2:7f:64:ce:a9:e3:5b:a6:
4c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FA:64:43:3F:77:E3:68:94:2E:EC:82:4D:11:46:36:72:50:B1:5F
X509v3 Authority Key Identifier:
keyid:FA:55:D2:87:71:32:AA:AD:CD:F5:40:58:AC:BF:9E:07:ED:DB:59:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-lXSh3Eyqq3N9UBYrL-eB-3bWYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/92d208-a22a-421c-8c5b-eaf9da4adef6/1/EPpkQz9342iULuyCTRFGNnJQsV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/92d208-a22a-421c-8c5b-eaf9da4adef6/1/1-lXSh3Eyqq3N9UBYrL-eB-3bWYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.112.0/22
IPv6:
2a03:240::/32
Signature Algorithm: sha256WithRSAEncryption
1b:3a:f2:73:a0:e6:a8:82:6c:10:42:60:ad:c6:b7:11:91:b1:
79:88:63:03:90:4e:32:99:3a:a4:1b:04:e0:0f:00:6e:52:12:
1a:17:fb:aa:c3:ba:40:64:c3:57:0d:c3:f8:4a:48:56:79:25:
9f:51:24:a0:ba:ed:e5:13:92:c8:4f:ac:e6:21:e6:1a:08:b6:
b8:20:ef:52:b4:e9:80:d3:12:1a:7d:c3:3b:07:4e:1e:37:65:
3d:31:aa:a3:48:2e:19:94:ce:34:67:76:d9:8e:16:7a:6e:8c:
db:23:2e:71:98:a7:d4:7e:11:5c:db:ab:c4:90:42:2a:dd:ad:
a8:02:31:01:27:91:d2:a0:35:0e:6c:6f:24:30:b8:2e:ac:4a:
16:f2:23:1f:8a:d3:8b:34:8e:ea:08:b5:30:11:58:26:3c:62:
89:65:bf:56:14:82:60:b4:bb:9a:9a:18:a3:02:66:8d:d2:c4:
f7:5c:8b:04:38:d1:91:33:33:c3:2b:42:ae:1e:de:73:a9:14:
f0:73:8f:8d:92:55:51:83:74:7c:25:4b:d3:a8:71:85:6c:85:
7e:ed:48:d0:61:36:ae:bf:c2:79:9c:4b:2e:d2:6b:c0:e4:8d:
bb:09:53:46:2f:ea:aa:2c:db:e0:84:63:75:f5:2e:a0:b8:e8:
d9:93:c2:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTNdTIfJrKZBg9QxTgpw+mMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNTVkMjg3NzEzMmFhYWRjZGY1NDA1OGFjYmY5ZTA3ZWRk
YjU5OGMwHhcNMjIxMjAxMTEzMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZhNjQ0MzNmNzdlMzY4OTQyZWVjODI0ZDExNDYzNjcyNTBiMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXdeYS0seHMW08PHswe4WOunzlAI
uapTXxqYlOb7VvALwgCxZo6R5lfjCkULxUaXjeww3R3V205bsKapTrbJUHBDVJCZ
+uZCe+a7KGgtMmlHH6h0xH6agNViwdCv6VPS/9kPhlh+yAJV7ag9jnMcQA2hwsZq
rO/MF9a4qVWL2MUol1syxFQbjxRSgcR9IbO5nychNrkXh2sgA5xgCXPPMzezKclM
zvieEbJ957PMvMwS316AJm8aMXqMApPLExXhkoSYNgTYFd8kA/6ipq/JqCDUIUq8
jDOTbFRzXaaROcL8NamEbDnULKiPUphXqBG6ylAbNMc18n9kzqnjW6ZMRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBD6ZEM/d+NolC7sgk0RRjZyULFfMB8GA1UdIwQY
MBaAFPpV0odxMqqtzfVAWKy/ngft21mMMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1sWFNoM0V5cXEzTjlVQllyTC1lQi0zYldZdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIvOTJkMjA4LWEyMmEtNDIxYy04YzVi
LWVhZjlkYTRhZGVmNi8xL0VQcGtRejkzNDJpVUx1eUNUUkZHTm5KUXNWOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDIvOTJkMjA4LWEyMmEtNDIxYy04YzViLWVhZjlkYTRhZGVm
Ni8xLzEtbFhTaDNFeXFxM045VUJZckwtZUItM2JXWXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5FXAw
DQQCAAIwBwMFACoDAkAwDQYJKoZIhvcNAQELBQADggEBABs68nOg5qiCbBBCYK3G
txGRsXmIYwOQTjKZOqQbBOAPAG5SEhoX+6rDukBkw1cNw/hKSFZ5JZ9RJKC67eUT
kshPrOYh5hoItrgg71K06YDTEhp9wzsHTh43ZT0xqqNILhmUzjRndtmOFnpujNsj
LnGYp9R+EVzbq8SQQirdragCMQEnkdKgNQ5sbyQwuC6sShbyIx+K04s0juoItTAR
WCY8Yollv1YUgmC0u5qaGKMCZo3SxPdciwQ40ZEzM8MrQq4e3nOpFPBzj42SVVGD
dHwlS9OocYVshX7tSNBhNq6/wnmcSy7Sa8DkjbsJU0Yv6qos2+CEY3X1LqC46NmT
wjI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:46 2024 by rpki-client on console-fra.rpki-client.org