Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/FpaHOdTaEhA1wLDdOBwMDVxso70.roa
File: FpaHOdTaEhA1wLDdOBwMDVxso70.roa (raw, json)
Hash identifier: nRtbBO8+gwHQvUoS+O3r7Ip4ZoOd0xS7tkXZ7olFcRY=
Subject key identifier: 16:96:87:39:D4:DA:12:10:35:C0:B0:DD:38:1C:0C:0D:5C:6C:A3:BD
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018505B92FD3FCE000308214C0E28589F808
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/FpaHOdTaEhA1wLDdOBwMDVxso70.roa
Signing time: Mon 12 Dec 2022 09:45:00 +0000
ROA not before: Mon 12 Dec 2022 09:45:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.42.0/24 maxlen: 24
94.154.43.0/24 maxlen: 24
94.154.40.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.44.0/24 maxlen: 24
94.154.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:b9:2f:d3:fc:e0:00:30:82:14:c0:e2:85:89:f8:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Dec 12 09:45:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16968739d4da121035c0b0dd381c0c0d5c6ca3bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:91:f3:a0:d8:a0:48:7e:c0:82:5f:c2:a3:5c:
b3:4c:58:ab:43:14:80:de:6f:f5:89:0c:e2:a0:8b:
3d:c0:84:bd:94:9e:43:dd:b6:03:04:39:7f:e4:6d:
80:d3:4b:bd:a9:e7:ba:94:a0:ef:b0:2d:8e:a9:47:
75:7e:8d:cf:79:64:0a:57:78:28:b9:31:24:82:f5:
b6:2e:7f:c3:e9:95:d4:63:d4:0a:ce:47:fe:3c:49:
48:0f:75:cc:24:80:9a:a7:76:26:26:bc:0c:f2:6c:
07:f9:d0:3f:02:c6:7c:fd:a5:49:d6:e0:f7:9e:06:
b6:51:c7:d8:b4:3d:7c:6f:c3:69:b1:a0:19:96:f6:
52:95:ee:b0:af:0f:43:d3:f5:19:79:28:a1:90:ba:
3c:0c:b5:cb:13:34:8a:93:17:b9:20:91:3e:4a:6b:
be:a1:ba:0b:c3:de:7b:4c:ff:c0:8f:60:ad:5c:80:
ec:e3:ff:c6:94:e0:35:bc:68:34:6e:59:e6:0f:6d:
ad:78:30:3f:08:60:85:e9:49:b8:da:1a:87:15:f8:
86:47:0b:1c:ff:fc:3c:78:08:bd:7d:1f:c5:64:e6:
00:3f:ae:85:b9:bf:b6:7e:9e:a0:45:db:69:c2:df:
f8:0f:3a:48:d6:ca:4f:67:df:05:ae:21:74:d0:13:
93:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:96:87:39:D4:DA:12:10:35:C0:B0:DD:38:1C:0C:0D:5C:6C:A3:BD
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/FpaHOdTaEhA1wLDdOBwMDVxso70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0-94.154.45.255
Signature Algorithm: sha256WithRSAEncryption
51:b9:36:7c:8a:2b:bb:9d:27:57:9e:9b:28:d4:6c:61:39:49:
29:d5:e3:81:65:00:fc:5f:02:13:0c:79:78:61:d2:fa:e3:71:
ae:a7:a0:65:4c:60:ef:11:20:6e:11:50:dd:cd:3f:52:4d:40:
8b:af:20:7b:de:a5:6a:e4:18:3b:55:c1:45:30:75:64:e3:83:
62:e7:d7:ee:92:2d:75:04:d6:d6:df:4c:a0:ec:4d:33:e4:c3:
a7:27:5e:5c:e6:fa:d4:0d:4c:c2:0f:e5:ed:2a:10:8e:1c:32:
29:0a:74:cf:1c:21:e8:df:71:98:c0:d0:12:b9:fa:d7:73:66:
29:49:2a:f0:19:15:7f:47:b0:b3:57:55:ae:3f:6e:de:ea:f4:
60:56:e7:6a:4f:28:e2:7a:14:31:d9:b2:c6:76:60:cf:5f:9d:
39:30:a0:6c:bf:49:d0:74:04:6f:3e:c6:99:62:ef:02:ad:cd:
1d:eb:17:14:a8:53:14:c2:18:ef:b5:17:b2:d2:2b:1c:80:d1:
96:5d:96:84:82:eb:7e:6c:5b:b3:41:30:5a:67:e4:c1:de:1e:
a7:0c:c7:ea:98:cb:e8:90:d7:3a:e1:0e:4a:f7:64:87:ba:28:
d8:4a:e6:4b:fc:80:69:d7:75:0c:b9:41:00:4b:b1:ad:dd:31:
ea:08:c0:03
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYUFuS/T/OAAMIIUwOKFifgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjIxMjEyMDk0NTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjk2ODczOWQ0ZGExMjEwMzVjMGIwZGQzODFjMGMwZDVjNmNhM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5HzoNigSH7Agl/Co1yzTFirQxSA
3m/1iQzioIs9wIS9lJ5D3bYDBDl/5G2A00u9qee6lKDvsC2OqUd1fo3PeWQKV3go
uTEkgvW2Ln/D6ZXUY9QKzkf+PElID3XMJICap3YmJrwM8mwH+dA/AsZ8/aVJ1uD3
nga2UcfYtD18b8NpsaAZlvZSle6wrw9D0/UZeSihkLo8DLXLEzSKkxe5IJE+Smu+
oboLw957TP/Aj2CtXIDs4//GlOA1vGg0blnmD22teDA/CGCF6Um42hqHFfiGRwsc
//w8eAi9fR/FZOYAP66Fub+2fp6gRdtpwt/4DzpI1spPZ98FriF00BOTnwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBaWhznU2hIQNcCw3TgcDA1cbKO9MB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvRnBhSE9kVGFFaEExd0xEZE9Cd01EVnhzbzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANemigD
BAFemiwwDQYJKoZIhvcNAQELBQADggEBAFG5NnyKK7udJ1eemyjUbGE5SSnV44Fl
APxfAhMMeXhh0vrjca6noGVMYO8RIG4RUN3NP1JNQIuvIHvepWrkGDtVwUUwdWTj
g2Ln1+6SLXUE1tbfTKDsTTPkw6cnXlzm+tQNTMIP5e0qEI4cMikKdM8cIejfcZjA
0BK5+tdzZilJKvAZFX9HsLNXVa4/bt7q9GBW52pPKOJ6FDHZssZ2YM9fnTkwoGy/
SdB0BG8+xpli7wKtzR3rFxSoUxTCGO+1F7LSKxyA0ZZdloSC635sW7NBMFpn5MHe
HqcMx+qYy+iQ1zrhDkr3ZIe6KNhK5kv8gGnXdQy5QQBLsa3dMeoIwAM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:31 2024 by rpki-client on console-fra.rpki-client.org