Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/b7YJ1WssQKMMPF9yr_15k0T3rt8.roa
File: b7YJ1WssQKMMPF9yr_15k0T3rt8.roa (raw, json)
Hash identifier: UzLDiJRijzGU+lU81XGTEnXktSRnBcAmArlpc6MkXw8=
Subject key identifier: 6F:B6:09:D5:6B:2C:40:A3:0C:3C:5F:72:AF:FD:79:93:44:F7:AE:DF
Certificate issuer: /CN=3edf7b2d68ba76a0bd1ba7e9d29fac5852316b9c
Certificate serial: 01E3EDBD
Authority key identifier: 3E:DF:7B:2D:68:BA:76:A0:BD:1B:A7:E9:D2:9F:AC:58:52:31:6B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/b7YJ1WssQKMMPF9yr_15k0T3rt8.roa
Signing time: Sat 01 Jan 2022 00:55:26 +0000
ROA not before: Sat 01 Jan 2022 00:55:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44489
IP address blocks: 178.217.144.0/21 maxlen: 21
185.15.144.0/22 maxlen: 22
91.235.200.0/23 maxlen: 23
178.255.168.0/21 maxlen: 21
92.62.224.0/20 maxlen: 20
2a02:768::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31714749 (0x1e3edbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3edf7b2d68ba76a0bd1ba7e9d29fac5852316b9c
Validity
Not Before: Jan 1 00:55:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fb609d56b2c40a30c3c5f72affd799344f7aedf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:85:26:2d:4c:a7:7c:51:3e:a8:f2:80:d5:dc:
1d:74:78:01:78:a7:36:50:b0:3d:c8:6f:9d:9a:58:
6b:f8:bf:5e:10:b2:e5:41:39:db:d5:4d:19:aa:32:
5b:c9:29:b4:58:84:44:09:96:b7:83:21:0c:58:ce:
1a:44:b6:37:5a:54:21:df:5c:26:13:09:5d:8a:d9:
73:c5:8b:ab:ea:b3:e2:a9:1b:aa:bd:af:58:cd:5a:
16:2f:62:5f:60:2d:fa:14:8c:28:87:c8:a6:9f:d0:
03:d2:7a:31:23:e5:66:5e:20:b6:d3:fe:bb:8a:74:
e2:2f:fb:4c:61:9a:9a:b7:f6:83:f7:57:9f:57:64:
e1:ba:8c:f7:dc:f3:23:1d:95:77:05:fc:e6:9b:a8:
c0:db:3f:b2:ca:23:dd:b4:ad:39:9f:a3:bc:eb:23:
05:50:45:39:d5:66:5c:f3:f8:a5:5b:f9:a9:5f:4b:
03:04:6f:f2:2a:50:72:94:65:03:6b:cf:39:2f:a6:
34:2f:da:f5:2b:55:ba:d1:89:f0:a7:e7:41:0c:2a:
94:34:fe:85:75:dd:8f:02:a3:2f:5f:e8:3d:cc:89:
41:49:6a:5f:48:b8:0f:a1:3c:7a:a5:de:1c:06:5f:
34:ad:48:01:29:22:98:ff:95:e0:16:c2:ad:ef:91:
96:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B6:09:D5:6B:2C:40:A3:0C:3C:5F:72:AF:FD:79:93:44:F7:AE:DF
X509v3 Authority Key Identifier:
keyid:3E:DF:7B:2D:68:BA:76:A0:BD:1B:A7:E9:D2:9F:AC:58:52:31:6B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/b7YJ1WssQKMMPF9yr_15k0T3rt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/Pt97LWi6dqC9G6fp0p-sWFIxa5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.200.0/23
92.62.224.0/20
178.217.144.0/21
178.255.168.0/21
185.15.144.0/22
IPv6:
2a02:768::/32
Signature Algorithm: sha256WithRSAEncryption
30:e4:d7:ff:fe:35:dc:5a:b7:41:14:5e:33:82:23:a0:c6:95:
67:a9:1f:16:41:4d:1d:c6:4c:48:89:29:82:cd:39:62:e1:69:
8f:39:ad:b8:0e:4a:b2:03:d2:65:03:37:5c:d1:7d:2e:67:94:
67:e7:3c:e4:b0:89:8b:ef:f7:39:59:63:2e:cb:71:07:72:88:
db:17:b2:81:bf:43:03:8a:1f:34:8b:5d:47:b0:2e:1d:ba:43:
a0:75:e1:54:0f:d4:f0:17:f7:2a:21:30:07:06:79:ca:4c:72:
77:1d:05:49:93:22:8b:3d:48:95:f5:6b:75:4a:0d:33:76:bb:
ac:43:15:49:a1:7d:62:36:f9:37:ad:f2:f3:84:4e:96:d8:48:
51:89:60:ce:17:ab:7a:d2:81:12:53:f9:06:bd:c5:92:dd:27:
e6:eb:c5:7e:30:e2:f1:4d:57:ef:86:5a:dc:3c:73:c6:d5:51:
74:98:34:52:af:4f:c4:49:50:17:f5:68:68:c5:14:fc:86:d9:
a1:1d:81:cc:55:e0:d2:72:23:61:fe:2e:39:8c:fc:f7:d5:48:
d0:09:0e:42:fc:b7:26:b3:57:52:dc:c3:d8:5e:6e:02:bb:0a:
8a:8a:c9:bc:40:4d:8e:94:94:c8:4b:1d:54:1f:b6:4d:18:e3:
38:71:82:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEAePtvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWRmN2IyZDY4YmE3NmEwYmQxYmE3ZTlkMjlmYWM1ODUyMzE2YjljMB4XDTIyMDEw
MTAwNTUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZiNjA5ZDU2YjJj
NDBhMzBjM2M1ZjcyYWZmZDc5OTM0NGY3YWVkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2FJi1Mp3xRPqjygNXcHXR4AXinNlCwPchvnZpYa/i/XhCy
5UE529VNGaoyW8kptFiERAmWt4MhDFjOGkS2N1pUId9cJhMJXYrZc8WLq+qz4qkb
qr2vWM1aFi9iX2At+hSMKIfIpp/QA9J6MSPlZl4gttP+u4p04i/7TGGamrf2g/dX
n1dk4bqM99zzIx2VdwX85puowNs/ssoj3bStOZ+jvOsjBVBFOdVmXPP4pVv5qV9L
AwRv8ipQcpRlA2vPOS+mNC/a9StVutGJ8KfnQQwqlDT+hXXdjwKjL1/oPcyJQUlq
X0i4D6E8eqXeHAZfNK1IASkimP+V4BbCre+RliECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRvtgnVayxAoww8X3Kv/XmTRPeu3zAfBgNVHSMEGDAWgBQ+33staLp2oL0b
p+nSn6xYUjFrnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1B0OTdMV2k2ZHFDOUc2ZnAwcC1zV0ZJeGE1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvZmU5ZDFkLTRhZGUtNDYzMC04YWJhLWY4ZjBjN2Q2NjJlNy8x
L2I3WUoxV3NzUUtNTVBGOXlyXzE1azBUM3J0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
ZmU5ZDFkLTRhZGUtNDYzMC04YWJhLWY4ZjBjN2Q2NjJlNy8xL1B0OTdMV2k2ZHFD
OUc2ZnAwcC1zV0ZJeGE1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAVvryAMEBFw+4AMEA7LZkAMEA7L/
qAMEArkPkDANBAIAAjAHAwUAKgIHaDANBgkqhkiG9w0BAQsFAAOCAQEAMOTX//41
3Fq3QRReM4IjoMaVZ6kfFkFNHcZMSIkpgs05YuFpjzmtuA5KsgPSZQM3XNF9LmeU
Z+c85LCJi+/3OVljLstxB3KI2xeygb9DA4ofNItdR7AuHbpDoHXhVA/U8Bf3KiEw
BwZ5ykxydx0FSZMiiz1IlfVrdUoNM3a7rEMVSaF9Yjb5N63y84ROlthIUYlgzher
etKBElP5Br3Fkt0n5uvFfjDi8U1X74Za3DxzxtVRdJg0Uq9PxElQF/VoaMUU/IbZ
oR2BzFXg0nIjYf4uOYz899VI0AkOQvy3JrNXUtzD2F5uArsKiorJvEBNjpSUyEsd
VB+2TRjjOHGCow==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:35 2023 by rpki-client on console-fra.rpki-client.org