Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/1-_pecMDBjTwY7AcdB4waJEMMGqU.roa
File: 1-_pecMDBjTwY7AcdB4waJEMMGqU.roa (raw, json)
Hash identifier: ErRt+qXIOUXmiqsUOwv8TFb30tZnk28pLYKSikjhmlw=
Subject key identifier: FB:FA:5E:70:C0:C1:8D:3C:18:EC:07:1D:07:8C:1A:24:43:0C:1A:A5
Certificate issuer: /CN=6090cdd31d3a71da1ce4a4bd85f1987e3ca4eafa
Certificate serial: 013145A7
Authority key identifier: 60:90:CD:D3:1D:3A:71:DA:1C:E4:A4:BD:85:F1:98:7E:3C:A4:EA:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJDN0x06cdoc5KS9hfGYfjyk6vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/1-_pecMDBjTwY7AcdB4waJEMMGqU.roa
Signing time: Wed 25 May 2022 04:49:14 +0000
ROA not before: Wed 25 May 2022 04:49:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21453
IP address blocks: 80.84.112.0/20 maxlen: 20
178.167.0.0/18 maxlen: 18
178.167.0.0/17 maxlen: 17
212.7.224.0/19 maxlen: 19
94.253.0.0/18 maxlen: 18
94.253.0.0/17 maxlen: 17
178.167.96.0/19 maxlen: 19
80.252.128.0/19 maxlen: 19
94.253.96.0/19 maxlen: 19
178.167.64.0/19 maxlen: 19
185.5.148.0/22 maxlen: 22
88.84.192.0/19 maxlen: 19
95.183.64.0/18 maxlen: 18
178.57.224.0/19 maxlen: 19
94.253.64.0/20 maxlen: 20
2a01:4200::/32 maxlen: 32
2a01:4200::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20006311 (0x13145a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6090cdd31d3a71da1ce4a4bd85f1987e3ca4eafa
Validity
Not Before: May 25 04:49:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbfa5e70c0c18d3c18ec071d078c1a24430c1aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:80:f9:b1:31:16:15:36:41:c3:28:52:d7:d5:
32:82:aa:e3:11:94:48:03:1a:3a:3c:f0:7f:db:04:
08:d4:a8:5c:d4:24:80:c5:df:d0:ab:57:7f:65:dc:
1a:28:58:6c:e8:03:dc:0b:e3:53:df:17:14:f2:27:
7b:35:ce:f9:80:b6:03:c0:c0:6d:86:d8:31:ab:12:
3a:6b:a3:ad:43:3a:be:87:68:05:00:35:ad:a1:0f:
01:c5:d4:d5:92:2e:7c:b3:3b:ce:57:1a:a8:fc:1c:
76:60:2d:1a:06:bf:7c:a1:30:be:7f:1b:7a:ab:4b:
61:32:1e:3f:c5:33:4e:82:f1:8b:7e:29:58:1d:81:
de:55:50:78:53:87:76:35:50:29:97:16:e5:f8:96:
d0:a4:99:10:7f:5c:38:6e:6c:04:d8:1f:d9:e4:19:
5d:86:0f:7d:05:f2:45:ba:94:5d:2c:08:35:2c:7a:
00:71:83:cd:21:d6:1e:1f:61:97:ba:42:c1:ef:c7:
9c:52:da:cd:3e:a7:18:d5:ae:55:6f:59:a8:22:04:
04:ee:0b:02:6e:44:bb:f8:40:02:a2:21:9c:53:87:
13:88:65:04:91:43:08:cf:9a:32:b3:f5:7d:9b:b5:
d9:6a:2c:a1:d4:3a:a1:7b:00:e1:b4:4f:5b:0b:13:
d7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FA:5E:70:C0:C1:8D:3C:18:EC:07:1D:07:8C:1A:24:43:0C:1A:A5
X509v3 Authority Key Identifier:
keyid:60:90:CD:D3:1D:3A:71:DA:1C:E4:A4:BD:85:F1:98:7E:3C:A4:EA:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJDN0x06cdoc5KS9hfGYfjyk6vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/1-_pecMDBjTwY7AcdB4waJEMMGqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/YJDN0x06cdoc5KS9hfGYfjyk6vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.112.0/20
80.252.128.0/19
88.84.192.0/19
94.253.0.0/17
95.183.64.0/18
178.57.224.0/19
178.167.0.0/17
185.5.148.0/22
212.7.224.0/19
IPv6:
2a01:4200::/30
Signature Algorithm: sha256WithRSAEncryption
8f:c1:97:de:ee:d5:67:0e:ef:ac:9e:36:c5:c4:a9:32:b1:f9:
71:ab:4f:19:7d:dd:f6:9b:d7:36:2d:f5:a3:5a:9a:60:20:16:
b4:2c:08:da:fc:d9:01:b7:07:f2:6b:0c:73:3e:aa:ac:26:c0:
57:d6:a5:63:04:77:ba:4d:fa:44:d9:8b:c8:c7:f7:e5:44:e1:
9a:a3:72:70:68:0b:f2:5d:c4:d4:24:be:ad:c6:ff:4e:41:64:
a1:bc:5b:29:c9:0f:b9:50:c7:3c:1a:fc:1e:62:5e:56:1e:a2:
12:ae:62:92:53:92:07:70:5e:6e:a2:ee:3a:9f:70:c0:31:fa:
c2:b9:b5:c8:8f:ad:a2:42:63:61:4f:57:02:ba:9f:89:f2:de:
35:5d:0d:17:02:27:5f:57:d9:d5:70:ea:cc:90:3b:6a:70:14:
d7:db:94:de:9e:e6:89:d1:94:fb:62:88:2c:f5:2e:99:e3:92:
41:20:eb:50:ce:18:f8:55:0b:c7:ae:2f:d8:b2:a9:dc:59:9b:
13:fe:05:57:b1:11:c0:f5:d8:92:6e:70:5b:7c:dc:1b:0d:44:
8d:86:ca:01:1b:85:5c:ad:29:a0:f6:5a:7f:5b:b4:72:28:a3:
a6:fa:fa:4b:36:8a:02:00:16:6e:e4:3b:bc:c3:5c:a4:b5:d8:
ba:cd:d6:30
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEATFFpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDkwY2RkMzFkM2E3MWRhMWNlNGE0YmQ4NWYxOTg3ZTNjYTRlYWZhMB4XDTIyMDUy
NTA0NDkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmJmYTVlNzBjMGMx
OGQzYzE4ZWMwNzFkMDc4YzFhMjQ0MzBjMWFhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqA+bExFhU2QcMoUtfVMoKq4xGUSAMaOjzwf9sECNSoXNQk
gMXf0KtXf2XcGihYbOgD3AvjU98XFPInezXO+YC2A8DAbYbYMasSOmujrUM6vodo
BQA1raEPAcXU1ZIufLM7zlcaqPwcdmAtGga/fKEwvn8beqtLYTIeP8UzToLxi34p
WB2B3lVQeFOHdjVQKZcW5fiW0KSZEH9cOG5sBNgf2eQZXYYPfQXyRbqUXSwINSx6
AHGDzSHWHh9hl7pCwe/HnFLazT6nGNWuVW9ZqCIEBO4LAm5Eu/hAAqIhnFOHE4hl
BJFDCM+aMrP1fZu12WosodQ6oXsA4bRPWwsT1+0CAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBT7+l5wwMGNPBjsBx0HjBokQwwapTAfBgNVHSMEGDAWgBRgkM3THTpx2hzk
pL2F8Zh+PKTq+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lKRE4weDA2Y2RvYzVLUzloZkdZZmp5azZ2by5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMDg5MDBmLWIzNjEtNDdhZC04OTNmLTczNTFmODY5YjQyYi8x
LzEtX3BlY01EQmpUd1k3QWNkQjR3YUpFTU1HcVUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE0
LzA4OTAwZi1iMzYxLTQ3YWQtODkzZi03MzUxZjg2OWI0MmIvMS9ZSkROMHgwNmNk
b2M1S1M5aGZHWWZqeWs2dm8uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
XgYIKwYBBQUHAQcBAf8ETzBNMDwEAgABMDYDBARQVHADBAVQ/IADBAVYVMADBAde
/QADBAZft0ADBAWyOeADBAeypwADBAK5BZQDBAXUB+AwDQQCAAIwBwMFAioBQgAw
DQYJKoZIhvcNAQELBQADggEBAI/Bl97u1WcO76yeNsXEqTKx+XGrTxl93fab1zYt
9aNammAgFrQsCNr82QG3B/JrDHM+qqwmwFfWpWMEd7pN+kTZi8jH9+VE4ZqjcnBo
C/JdxNQkvq3G/05BZKG8WynJD7lQxzwa/B5iXlYeohKuYpJTkgdwXm6i7jqfcMAx
+sK5tciPraJCY2FPVwK6n4ny3jVdDRcCJ19X2dVw6syQO2pwFNfblN6e5onRlPti
iCz1LpnjkkEg61DOGPhVC8euL9iyqdxZmxP+BVexEcD12JJucFt83BsNRI2GygEb
hVytKaD2Wn9btHIoo6b6+ks2igIAFm7kO7zDXKS12LrN1jA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:11 2024 by rpki-client on console-fra.rpki-client.org