Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/65Fgs9gi9Dx1fReGih4ehsLMttk.roa
File: 65Fgs9gi9Dx1fReGih4ehsLMttk.roa (raw, json)
Hash identifier: a3FJ0EkD8OcQ9w+Cb7zJjMT7FSdXLfNQ1qOIraE3CqA=
Subject key identifier: EB:91:60:B3:D8:22:F4:3C:75:7D:17:86:8A:1E:1E:86:C2:CC:B6:D9
Certificate issuer: /CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Certificate serial: 0181D6D00F20DD2345D560C8B99BE3BF9897
Authority key identifier: EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/65Fgs9gi9Dx1fReGih4ehsLMttk.roa
Signing time: Thu 07 Jul 2022 03:59:28 +0000
ROA not before: Thu 07 Jul 2022 03:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 193.32.178.0/24 maxlen: 24
193.32.179.0/24 maxlen: 24
193.32.177.0/24 maxlen: 24
185.236.23.0/24 maxlen: 24
185.236.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d6:d0:0f:20:dd:23:45:d5:60:c8:b9:9b:e3:bf:98:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Validity
Not Before: Jul 7 03:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb9160b3d822f43c757d17868a1e1e86c2ccb6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f0:10:18:93:4d:3d:6f:76:ea:93:9d:13:29:
06:9d:af:46:d0:ba:d4:87:50:41:bc:99:d0:e7:d5:
5d:c8:47:0a:c0:f1:c1:d3:e7:5a:e2:ab:88:15:d0:
89:46:79:7b:ca:f7:7b:d5:83:88:0f:fa:bc:0e:34:
8e:70:c1:0e:60:dc:b3:0f:7f:1e:51:c5:c9:b8:1f:
09:46:a9:2f:27:51:43:d1:45:37:22:5a:d5:af:af:
33:81:59:4b:c8:8c:b4:73:d3:a6:9b:e1:24:ac:32:
63:7f:35:52:53:91:bd:af:e7:2b:9c:bd:8d:41:d0:
aa:dc:33:e1:6a:be:4f:be:87:8d:cf:49:ed:d2:e0:
17:f2:f7:a0:e6:43:13:24:d2:10:c4:eb:0a:d7:f0:
89:4c:43:1c:79:58:b1:02:bf:b2:79:a2:33:0e:a3:
c1:e7:e5:ae:b1:f9:b1:a9:3a:ae:9d:04:dc:bc:64:
70:be:82:fd:f8:e4:c9:44:c7:cc:16:96:93:02:19:
1b:d3:03:96:9a:ac:ba:22:91:bd:4d:78:ee:03:2c:
eb:ee:4f:a8:e0:55:84:d3:5f:8d:4b:a0:ec:a8:27:
76:03:f3:06:d9:24:ba:af:4f:0a:6e:86:94:87:28:
91:1e:72:62:58:47:3e:f9:34:ab:cb:31:b3:cd:84:
59:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:91:60:B3:D8:22:F4:3C:75:7D:17:86:8A:1E:1E:86:C2:CC:B6:D9
X509v3 Authority Key Identifier:
keyid:EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/65Fgs9gi9Dx1fReGih4ehsLMttk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.22.0/23
193.32.177.0-193.32.179.255
Signature Algorithm: sha256WithRSAEncryption
2c:44:54:36:b2:b1:8c:68:f4:b5:26:20:b8:d7:0a:8e:8a:6e:
aa:32:9d:38:c4:b2:95:8f:5f:fd:d3:b2:96:d1:c9:ee:79:a5:
40:6c:20:24:a3:74:5a:6d:e9:37:b4:f4:e1:d0:25:bc:72:ef:
f3:91:0c:0d:a9:05:0b:c1:95:25:4b:18:c0:93:07:dd:44:ed:
2e:f9:c0:59:51:5c:d2:49:3f:25:b8:c1:5e:b0:e1:84:58:0a:
62:c9:36:d8:ce:bd:27:a4:58:b6:c4:0c:09:22:17:f5:b8:2e:
4c:ee:f5:c7:f4:c6:bc:b7:4f:a6:12:c9:ff:a2:9f:d5:62:c5:
c2:1f:ee:48:5c:17:7b:c5:cd:1a:dc:e2:ae:04:8b:22:ec:08:
44:98:a7:67:69:98:fa:bc:ff:99:36:ad:a3:a0:76:8b:37:88:
56:d4:c8:87:90:b4:59:df:94:38:ef:9b:b6:cc:40:9f:6f:ea:
43:67:26:d9:2b:7b:9d:57:38:14:2a:a2:c3:09:b3:1b:49:97:
7b:31:e5:21:bf:e2:05:fc:2b:b2:2b:e4:17:f6:f9:18:5e:73:
77:d0:ad:a5:38:1f:e0:93:90:0c:6f:ea:a5:78:e8:e4:c2:7c:
00:a4:53:8f:9a:5f:0e:15:75:96:05:8b:bf:8d:26:14:51:1f:
0e:1a:36:f8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYHW0A8g3SNF1WDIuZvjv5iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjdjYTlmZmFmZTcyYTMwOTY2ZjdlNDNkOTJiNThlNzc0
Y2U3NDEwHhcNMjIwNzA3MDM1OTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjkxNjBiM2Q4MjJmNDNjNzU3ZDE3ODY4YTFlMWU4NmMyY2NiNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/AQGJNNPW926pOdEykGna9G0LrU
h1BBvJnQ59VdyEcKwPHB0+da4quIFdCJRnl7yvd71YOID/q8DjSOcMEOYNyzD38e
UcXJuB8JRqkvJ1FD0UU3IlrVr68zgVlLyIy0c9Omm+EkrDJjfzVSU5G9r+crnL2N
QdCq3DPhar5PvoeNz0nt0uAX8veg5kMTJNIQxOsK1/CJTEMceVixAr+yeaIzDqPB
5+WusfmxqTqunQTcvGRwvoL9+OTJRMfMFpaTAhkb0wOWmqy6IpG9TXjuAyzr7k+o
4FWE01+NS6DsqCd2A/MG2SS6r08KboaUhyiRHnJiWEc++TSryzGzzYRZ2QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOuRYLPYIvQ8dX0XhooeHobCzLbZMB8GA1UdIwQY
MBaAFOz3yp/6/nKjCWb35D2StY53TOdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUt
OTgxZmJiMzQ0MmRkLzEvNjVGZ3M5Z2k5RHgxZlJlR2loNGVoc0xNdHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUtOTgxZmJiMzQ0MmRk
LzEvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBuewWMAwD
BADBILEDBALBILAwDQYJKoZIhvcNAQELBQADggEBACxEVDaysYxo9LUmILjXCo6K
bqoynTjEspWPX/3TspbRye55pUBsICSjdFpt6Te09OHQJbxy7/ORDA2pBQvBlSVL
GMCTB91E7S75wFlRXNJJPyW4wV6w4YRYCmLJNtjOvSekWLbEDAkiF/W4Lkzu9cf0
xry3T6YSyf+in9VixcIf7khcF3vFzRrc4q4EiyLsCESYp2dpmPq8/5k2raOgdos3
iFbUyIeQtFnflDjvm7bMQJ9v6kNnJtkre51XOBQqosMJsxtJl3sx5SG/4gX8K7Ir
5Bf2+Rhec3fQraU4H+CTkAxv6qV46OTCfACkU4+aXw4VdZYFi7+NJhRRHw4aNvg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:35 2023 by rpki-client on console-fra.rpki-client.org