Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/fbUQqSCem-aA7yHVPsBHOVWvuaQ.roa
File: fbUQqSCem-aA7yHVPsBHOVWvuaQ.roa (raw, json)
Hash identifier: UIYlynT4rVCz/2A40hp9iU1olaRhp54A91GJo27OHA0=
Subject key identifier: 7D:B5:10:A9:20:9E:9B:E6:80:EF:21:D5:3E:C0:47:39:55:AF:B9:A4
Certificate issuer: /CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Certificate serial: 018520E6CD8E2E81E68EA26C5F140385FFDA
Authority key identifier: 5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/fbUQqSCem-aA7yHVPsBHOVWvuaQ.roa
Signing time: Sat 17 Dec 2022 16:24:34 +0000
ROA not before: Sat 17 Dec 2022 16:24:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34373
IP address blocks: 185.97.228.0/22 maxlen: 22
185.165.68.0/22 maxlen: 22
45.128.64.0/22 maxlen: 24
86.48.68.0/22 maxlen: 22
91.219.76.0/22 maxlen: 22
185.63.56.0/22 maxlen: 24
193.105.233.0/24 maxlen: 24
185.56.52.0/22 maxlen: 22
185.69.204.0/22 maxlen: 22
45.132.40.0/22 maxlen: 22
185.116.40.0/22 maxlen: 23
185.210.128.0/22 maxlen: 24
217.61.253.0/24 maxlen: 24
2a0b:ec00::/29 maxlen: 29
2a06:7bc0::/29 maxlen: 29
2a0b:57c0::/29 maxlen: 36
2a06:900::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:20:e6:cd:8e:2e:81:e6:8e:a2:6c:5f:14:03:85:ff:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Validity
Not Before: Dec 17 16:24:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7db510a9209e9be680ef21d53ec0473955afb9a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:32:97:af:93:da:6b:fa:a8:ad:7b:9f:89:12:
72:89:f8:38:78:cf:f9:34:8b:59:65:09:08:28:49:
1d:e2:15:24:b3:2c:ee:c9:6f:3b:a4:65:9f:94:90:
28:47:c4:23:48:f1:02:10:49:28:20:e0:1a:21:53:
72:52:e6:14:fa:1d:20:6a:02:f7:33:8c:25:58:6d:
22:45:d7:73:18:99:46:58:77:84:1f:40:96:35:1d:
7c:d6:49:2a:36:42:d3:50:58:9c:e7:37:89:1c:f8:
41:11:54:f9:ba:43:92:9d:f1:11:21:dd:e8:29:7e:
7e:97:58:d1:82:cb:e7:4d:0c:ed:f7:ec:e6:ff:08:
24:f2:44:23:59:c5:4a:a9:87:fc:92:13:e0:3a:d3:
17:63:84:b4:10:7b:c5:e1:70:ac:3f:9c:bb:2d:60:
37:d2:4e:b7:aa:90:9b:bb:c6:48:bc:ce:ce:1c:89:
19:42:c5:c8:d8:e6:5e:68:8e:3a:7e:53:e7:2b:04:
3d:9c:75:e1:d7:df:56:40:c2:3e:91:a9:06:cc:fe:
98:97:4e:79:c4:36:da:be:b5:2f:fe:95:52:93:66:
e6:70:5a:35:bd:95:bc:3e:49:92:90:14:17:22:77:
07:1a:da:2d:37:ed:6b:84:0e:4a:17:04:62:29:cc:
df:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B5:10:A9:20:9E:9B:E6:80:EF:21:D5:3E:C0:47:39:55:AF:B9:A4
X509v3 Authority Key Identifier:
keyid:5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/fbUQqSCem-aA7yHVPsBHOVWvuaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.64.0/22
45.132.40.0/22
86.48.68.0/22
91.219.76.0/22
185.56.52.0/22
185.63.56.0/22
185.69.204.0/22
185.97.228.0/22
185.116.40.0/22
185.165.68.0/22
185.210.128.0/22
193.105.233.0/24
217.61.253.0/24
IPv6:
2a06:900::/29
2a06:7bc0::/29
2a0b:57c0::/29
2a0b:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
19:d9:5d:2a:82:8e:6f:43:da:ae:5c:ba:a2:f1:e7:55:3e:78:
66:9a:15:b2:e3:e9:70:b4:50:fd:8f:26:5a:70:63:a6:96:c3:
0f:bd:2a:b7:0a:23:9f:5a:b5:d9:bf:fc:df:b4:dc:42:01:71:
c7:7a:c0:f1:14:5d:d6:0d:df:3c:f9:ac:09:ff:0c:02:05:f5:
60:a6:a3:21:c0:bc:77:72:c0:20:8e:85:2f:63:9c:11:f9:6e:
b5:8b:e7:ad:f8:23:bc:65:ef:2a:6d:68:d4:03:7d:64:ed:ef:
b6:ac:c3:b0:7b:ed:b1:94:af:e6:c2:66:04:cd:61:ad:24:cd:
f0:bd:ea:11:35:4b:db:36:bc:40:5c:4c:2b:1e:64:b5:93:df:
e3:78:d5:7d:f8:0f:64:2f:2d:56:0f:5b:32:b2:57:f3:ef:eb:
d7:97:dc:43:f9:17:af:a6:d5:af:21:ad:5f:24:c2:63:f9:d9:
3d:60:c4:a2:4e:2c:2d:48:9e:db:ce:a2:ff:b1:e0:58:d1:93:
95:0a:1d:8b:02:71:b0:18:a2:8d:d0:90:54:95:fd:7f:3c:45:
10:8f:15:3b:b1:7f:4d:51:de:86:7e:f3:51:b9:a0:31:3f:3a:
e5:79:0b:89:8f:47:56:f1:f3:2f:c6:bb:ad:17:d9:eb:35:0e:
0f:b9:8b:b8
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYUg5s2OLoHmjqJsXxQDhf/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWE4MWFhOWIyMTk3ZDkxMjdiNDQyNTI1MTAwZmZhYTM2
ZTBkNTIwHhcNMjIxMjE3MTYyNDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGI1MTBhOTIwOWU5YmU2ODBlZjIxZDUzZWMwNDczOTU1YWZiOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijKXr5Paa/qorXufiRJyifg4eM/5
NItZZQkIKEkd4hUksyzuyW87pGWflJAoR8QjSPECEEkoIOAaIVNyUuYU+h0gagL3
M4wlWG0iRddzGJlGWHeEH0CWNR181kkqNkLTUFic5zeJHPhBEVT5ukOSnfERId3o
KX5+l1jRgsvnTQzt9+zm/wgk8kQjWcVKqYf8khPgOtMXY4S0EHvF4XCsP5y7LWA3
0k63qpCbu8ZIvM7OHIkZQsXI2OZeaI46flPnKwQ9nHXh199WQMI+kakGzP6Yl055
xDbavrUv/pVSk2bmcFo1vZW8PkmSkBQXIncHGtotN+1rhA5KFwRiKczftQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFH21EKkgnpvmgO8h1T7ARzlVr7mkMB8GA1UdIwQY
MBaAFFvqgaqbIZfZEntEJSUQD/qjbg1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQt
ZmMwZGQ5MjUyYzlhLzEvZmJVUXFTQ2VtLWFBN3lIVlBzQkhPVld2dWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQtZmMwZGQ5MjUyYzlh
LzEvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowVAQCAAEwTgMEAi2AQAME
Ai2EKAMEAlYwRAMEAlvbTAMEArk4NAMEArk/OAMEArlFzAMEArlh5AMEArl0KAME
ArmlRAMEArnSgAMEAMFp6QMEANk9/TAiBAIAAjAcAwUDKgYJAAMFAyoGe8ADBQMq
C1fAAwUDKgvsADANBgkqhkiG9w0BAQsFAAOCAQEAGdldKoKOb0Parly6ovHnVT54
ZpoVsuPpcLRQ/Y8mWnBjppbDD70qtwojn1q12b/837TcQgFxx3rA8RRd1g3fPPms
Cf8MAgX1YKajIcC8d3LAII6FL2OcEflutYvnrfgjvGXvKm1o1AN9ZO3vtqzDsHvt
sZSv5sJmBM1hrSTN8L3qETVL2za8QFxMKx5ktZPf43jVffgPZC8tVg9bMrJX8+/r
15fcQ/kXr6bVryGtXyTCY/nZPWDEok4sLUie286i/7HgWNGTlQodiwJxsBiijdCQ
VJX9fzxFEI8VO7F/TVHehn7zUbmgMT865XkLiY9HVvHzL8a7rRfZ6zUOD7mLuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:18 2024 by rpki-client on console-ams.rpki-client.org