Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/fie9J7rLghfUepErwRcihaV1aUY.roa
File: fie9J7rLghfUepErwRcihaV1aUY.roa (raw, json)
Hash identifier: Cg2UENt6aedM7GWCnzgypkeI38go1oU5JEacpHEpcnw=
Subject key identifier: 7E:27:BD:27:BA:CB:82:17:D4:7A:91:2B:C1:17:22:85:A5:75:69:46
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0D2B888A
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/fie9J7rLghfUepErwRcihaV1aUY.roa
Signing time: Thu 05 May 2022 14:59:22 +0000
ROA not before: Thu 05 May 2022 14:59:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 194.163.71.0/24 maxlen: 24
194.233.49.0/24 maxlen: 24
212.224.6.0/24 maxlen: 24
195.180.176.0/24 maxlen: 24
195.252.174.0/24 maxlen: 24
195.180.188.0/24 maxlen: 24
195.180.189.0/24 maxlen: 24
194.233.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220956810 (0xd2b888a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: May 5 14:59:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e27bd27bacb8217d47a912bc1172285a5756946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8e:03:9d:96:83:1a:d1:0e:61:5d:b0:5c:a7:
d7:fe:8a:32:fb:09:93:12:5f:10:3b:b3:38:93:31:
a6:17:8c:7d:fe:b3:b5:25:89:96:a9:7f:04:83:e0:
25:45:6d:cb:0a:d5:6a:df:d0:ee:32:54:b2:5b:cc:
7e:39:51:bd:9b:1a:a2:62:24:69:62:68:f0:6d:83:
2b:e7:1b:6d:aa:4a:8d:78:9f:e7:3f:9b:ec:6d:b2:
2d:bb:0c:70:21:01:dd:e8:be:da:88:1a:81:2d:21:
61:a9:3d:0d:86:34:2b:df:62:23:84:e7:c5:3c:12:
5b:d2:62:9f:b0:8d:0e:00:d3:66:87:b3:f3:97:8b:
b8:9a:e9:b4:4e:00:78:83:28:1e:62:c1:44:8f:ab:
af:1f:f7:f0:cb:c5:df:d3:08:97:36:c4:eb:1f:bc:
b2:91:24:bc:9e:93:9b:bf:32:ae:2a:a8:b8:fb:90:
19:ef:34:36:97:85:85:bc:0d:70:83:ea:01:ab:bc:
11:1a:c4:24:4b:70:0a:ab:e0:e2:0f:28:64:d2:c1:
29:a1:3d:29:10:e4:a8:09:ad:a5:88:86:6a:96:87:
05:00:a0:bc:2e:67:67:72:03:0a:68:72:8d:2a:7d:
30:7d:b3:7b:9b:d7:d5:d9:be:1a:3a:9b:f4:ee:44:
d6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:27:BD:27:BA:CB:82:17:D4:7A:91:2B:C1:17:22:85:A5:75:69:46
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/fie9J7rLghfUepErwRcihaV1aUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.71.0/24
194.233.5.0/24
194.233.49.0/24
195.180.176.0/24
195.180.188.0/23
195.252.174.0/24
212.224.6.0/24
Signature Algorithm: sha256WithRSAEncryption
08:31:60:fd:7b:89:0d:67:f1:63:e2:61:6b:20:11:64:ee:7c:
c2:de:c8:e6:ed:96:13:44:fd:d7:c6:32:23:09:e0:de:4b:22:
14:b9:32:36:1d:45:34:08:39:17:61:6b:ce:4b:e8:00:d5:79:
c7:20:59:31:e7:eb:25:d1:56:54:db:0c:b1:0f:9c:17:cd:8d:
bc:ad:58:e0:dd:fe:f2:64:bd:13:2c:11:03:e7:24:ac:85:9a:
bd:c0:bc:86:5b:05:40:78:b0:d6:58:34:cb:dc:df:a1:19:ad:
ad:5a:b8:56:92:69:1d:c4:6f:1e:12:11:ed:00:61:da:e8:7a:
00:2b:d7:2b:ea:73:6a:64:59:e5:c4:15:d2:a0:2a:2e:fa:4f:
2a:45:62:da:6d:26:1b:78:a3:3c:d0:21:4f:0d:fa:8d:15:f6:
60:a7:41:1b:c8:13:9b:27:73:fc:48:bf:bb:be:b8:06:25:2e:
bf:56:06:92:06:a7:57:56:19:7b:36:50:0c:7b:33:dc:58:22:
26:bd:f6:f7:12:60:dc:9f:67:95:3a:fe:5c:98:ea:77:6b:a5:
e4:0e:16:5c:49:cf:32:b0:28:41:94:3e:39:bc:43:ce:03:6e:
e6:fc:d5:58:d7:9c:8c:d2:11:c8:e3:0b:45:77:9e:49:4d:b6:
b6:c3:0c:66
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDSuIijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDUw
NTE0NTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2UyN2JkMjdiYWNi
ODIxN2Q0N2E5MTJiYzExNzIyODVhNTc1Njk0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJiOA52WgxrRDmFdsFyn1/6KMvsJkxJfEDuzOJMxpheMff6z
tSWJlql/BIPgJUVtywrVat/Q7jJUslvMfjlRvZsaomIkaWJo8G2DK+cbbapKjXif
5z+b7G2yLbsMcCEB3ei+2ogagS0hYak9DYY0K99iI4TnxTwSW9Jin7CNDgDTZoez
85eLuJrptE4AeIMoHmLBRI+rrx/38MvF39MIlzbE6x+8spEkvJ6Tm78yriqouPuQ
Ge80NpeFhbwNcIPqAau8ERrEJEtwCqvg4g8oZNLBKaE9KRDkqAmtpYiGapaHBQCg
vC5nZ3IDCmhyjSp9MH2ze5vX1dm+Gjqb9O5E1gUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBR+J70nusuCF9R6kSvBFyKFpXVpRjAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L2ZpZTlKN3JMZ2hmVWVwRXJ3UmNpaGFWMWFVWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAMKjRwMEAMLpBQMEAMLpMQMEAMO0
sAMEAcO0vAMEAMP8rgMEANTgBjANBgkqhkiG9w0BAQsFAAOCAQEACDFg/XuJDWfx
Y+JhayARZO58wt7I5u2WE0T918YyIwng3ksiFLkyNh1FNAg5F2FrzkvoANV5xyBZ
MefrJdFWVNsMsQ+cF82NvK1Y4N3+8mS9EywRA+ckrIWavcC8hlsFQHiw1lg0y9zf
oRmtrVq4VpJpHcRvHhIR7QBh2uh6ACvXK+pzamRZ5cQV0qAqLvpPKkVi2m0mG3ij
PNAhTw36jRX2YKdBG8gTmydz/Ei/u764BiUuv1YGkganV1YZezZQDHsz3FgiJr32
9xJg3J9nlTr+XJjqd2ul5A4WXEnPMrAoQZQ+ObxDzgNu5vzVWNecjNIRyOMLRXee
SU22tsMMZg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org