Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/1-9FXxTjath2UsVeVQN70T6ZGqn0.roa
File: 1-9FXxTjath2UsVeVQN70T6ZGqn0.roa (raw, json)
Hash identifier: VvjyD1SRl8gJqN7NoDnyMZWFHqcXZVLmY2liU4/YD+o=
Subject key identifier: FB:D1:57:C5:38:DA:B6:1D:94:B1:57:95:40:DE:F4:4F:A6:46:AA:7D
Certificate issuer: /CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Certificate serial: 03E04FA4
Authority key identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/1-9FXxTjath2UsVeVQN70T6ZGqn0.roa
Signing time: Sat 01 Jan 2022 14:59:26 +0000
ROA not before: Sat 01 Jan 2022 14:59:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12481
IP address blocks: 94.142.144.0/21 maxlen: 21
5.100.232.0/21 maxlen: 21
212.103.192.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65032100 (0x3e04fa4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Validity
Not Before: Jan 1 14:59:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbd157c538dab61d94b1579540def44fa646aa7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:02:f0:b6:96:f0:63:5d:0d:8c:9f:28:78:43:
07:fc:38:c0:2e:ab:bc:cb:f0:88:1b:28:c5:c1:c5:
11:8b:1c:69:c2:0f:10:c2:15:fc:d4:7e:13:89:bd:
d4:e6:ff:8a:d0:57:51:ad:12:61:f2:90:02:3b:a6:
5f:08:b0:3d:10:c2:cd:39:cc:89:55:ac:32:33:b1:
95:4a:45:a8:2d:d0:ee:c6:da:18:92:b4:36:50:1a:
1f:12:db:17:09:55:e5:e8:60:aa:fa:dc:16:48:ee:
f5:46:3d:54:43:12:9a:ed:58:13:61:f0:54:b7:04:
56:52:cc:5d:b6:44:82:8f:ae:e2:6d:2e:2e:66:48:
c4:1e:81:9f:36:27:83:00:f9:55:92:27:5d:fc:05:
b6:4d:09:a1:20:2a:b1:f8:d4:76:82:58:d2:6f:67:
72:24:45:90:25:eb:9b:8c:fb:27:f2:a3:40:1b:e9:
3b:f7:3d:74:95:cb:70:f6:05:27:4e:72:38:d9:a4:
7b:f8:f3:7d:a7:bf:73:96:f6:47:6d:20:9b:e7:7c:
8f:5c:d3:44:70:8a:47:1a:93:fb:45:a9:42:de:b8:
ba:74:15:01:fb:74:88:cc:f5:0e:43:dd:da:8c:7f:
72:63:4a:13:54:f9:12:e8:00:27:2b:82:19:29:ba:
70:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D1:57:C5:38:DA:B6:1D:94:B1:57:95:40:DE:F4:4F:A6:46:AA:7D
X509v3 Authority Key Identifier:
keyid:31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/1-9FXxTjath2UsVeVQN70T6ZGqn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.232.0/21
94.142.144.0/21
212.103.192.0/19
Signature Algorithm: sha256WithRSAEncryption
71:fa:ba:ca:55:7c:50:e5:9d:15:3c:32:6b:09:de:a4:9d:69:
75:61:40:66:50:d1:5f:f9:dc:40:1a:a7:74:95:f3:9c:d1:2a:
f8:45:68:07:c4:1a:6e:ca:d8:cf:89:a8:df:0a:4f:5c:13:5f:
2b:11:bb:73:6d:39:5f:72:bf:ac:77:53:bd:43:70:1e:45:d4:
34:7f:fe:5b:10:0d:36:5b:0d:26:80:e4:a1:00:2a:34:9e:47:
bd:76:ee:ae:5a:d8:87:4b:c2:61:7a:d6:6b:ec:5b:e8:64:5c:
d5:e8:28:1c:b8:69:87:13:01:b5:b1:4e:dc:68:0b:ac:91:2a:
c8:ff:96:ae:44:0e:cc:e8:13:a6:cf:5c:b3:70:bb:28:78:ed:
33:09:90:54:de:8b:17:85:b9:0d:ef:f5:85:43:8d:d6:b4:6f:
71:6a:27:8d:d7:5b:f2:2a:f2:46:ed:ca:bc:0f:92:3d:a7:fe:
55:99:b9:2e:77:d4:69:ea:31:eb:bc:30:41:9f:ea:87:b4:f2:
76:db:72:35:f0:5d:52:1d:39:ee:fb:be:27:1d:10:30:14:1f:
5c:ce:b6:2c:f0:bf:9a:1d:cc:0a:0c:e8:b0:67:09:9b:5f:9d:
63:86:7e:b0:5d:10:aa:21:92:3c:9b:b6:79:cf:75:83:69:80:
0c:0c:d9:7f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIEA+BPpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MWIwZjY0YzY5ZDMzMGI2NmViY2QwM2E5YmYwZmRjMTlmMzE0N2Q4MB4XDTIyMDEw
MTE0NTkyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmJkMTU3YzUzOGRh
YjYxZDk0YjE1Nzk1NDBkZWY0NGZhNjQ2YWE3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4C8LaW8GNdDYyfKHhDB/w4wC6rvMvwiBsoxcHFEYscacIP
EMIV/NR+E4m91Ob/itBXUa0SYfKQAjumXwiwPRDCzTnMiVWsMjOxlUpFqC3Q7sba
GJK0NlAaHxLbFwlV5ehgqvrcFkju9UY9VEMSmu1YE2HwVLcEVlLMXbZEgo+u4m0u
LmZIxB6BnzYngwD5VZInXfwFtk0JoSAqsfjUdoJY0m9nciRFkCXrm4z7J/KjQBvp
O/c9dJXLcPYFJ05yONmke/jzfae/c5b2R20gm+d8j1zTRHCKRxqT+0WpQt64unQV
Aft0iMz1DkPd2ox/cmNKE1T5EugAJyuCGSm6cN0CAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBT70VfFONq2HZSxV5VA3vRPpkaqfTAfBgNVHSMEGDAWgBQxsPZMadMwtm68
0Dqb8P3BnzFH2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01iRDJUR25UTUxadXZOQTZtX0Q5d1o4eFI5Zy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMmZiNDczLThlNmItNGYwZC1hZDMwLWQ0OTM0NDkzYTY3OS8x
LzEtOUZYeFRqYXRoMlVzVmVWUU43MFQ2WkdxbjAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBm
LzJmYjQ3My04ZTZiLTRmMGQtYWQzMC1kNDkzNDQ5M2E2NzkvMS9NYkQyVEduVE1M
WnV2TkE2bV9EOXdaOHhSOWcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
KwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAMFZOgDBANejpADBAXUZ8AwDQYJ
KoZIhvcNAQELBQADggEBAHH6uspVfFDlnRU8MmsJ3qSdaXVhQGZQ0V/53EAap3SV
85zRKvhFaAfEGm7K2M+JqN8KT1wTXysRu3NtOV9yv6x3U71DcB5F1DR//lsQDTZb
DSaA5KEAKjSeR7127q5a2IdLwmF61mvsW+hkXNXoKBy4aYcTAbWxTtxoC6yRKsj/
lq5EDszoE6bPXLNwuyh47TMJkFTeixeFuQ3v9YVDjda0b3FqJ43XW/Iq8kbtyrwP
kj2n/lWZuS531GnqMeu8MEGf6oe08nbbcjXwXVIdOe77vicdEDAUH1zOtizwv5od
zAoM6LBnCZtfnWOGfrBdEKohkjybtnnPdYNpgAwM2X8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:51 2023 by rpki-client on console-fra.rpki-client.org