Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/FfKRlBqXJH91ABStZUPOgjoelRU.roa
File: FfKRlBqXJH91ABStZUPOgjoelRU.roa (raw, json)
Hash identifier: 7MDr38wMUmXXs9RPbYRjJTCvvDSnZlGvWMXHgjf5SW8=
Subject key identifier: 15:F2:91:94:1A:97:24:7F:75:00:14:AD:65:43:CE:82:3A:1E:95:15
Certificate issuer: /CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Certificate serial: 0184BE41E6C1D9AB82FE3BB0087A065B42C3
Authority key identifier: E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/FfKRlBqXJH91ABStZUPOgjoelRU.roa
Signing time: Mon 28 Nov 2022 12:41:40 +0000
ROA not before: Mon 28 Nov 2022 12:41:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39591
IP address blocks: 185.133.88.0/22 maxlen: 22
188.116.45.0/24 maxlen: 24
185.117.226.0/24 maxlen: 24
212.11.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:41:e6:c1:d9:ab:82:fe:3b:b0:08:7a:06:5b:42:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Validity
Not Before: Nov 28 12:41:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=15f291941a97247f750014ad6543ce823a1e9515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9a:6c:3c:ce:5f:6c:f8:b9:66:c9:5b:dc:df:
b1:03:9a:67:04:82:d2:a9:3f:d9:ce:58:34:dc:aa:
97:19:4c:9e:b9:34:e3:c2:b0:f8:39:f6:2b:e4:47:
53:20:86:8b:9f:ab:6c:e4:19:14:41:6a:fb:60:0c:
54:00:a6:bc:d5:c3:9f:2f:99:18:1c:d2:f0:55:d5:
21:c7:5d:2e:b5:01:5a:85:aa:9b:af:1d:81:6b:88:
2b:6a:e9:53:c2:83:c4:f7:d7:cd:55:0c:4a:6b:e2:
b5:2d:4f:73:c7:49:ba:b5:74:e7:95:a9:f2:1a:1d:
c2:50:02:2d:ea:32:1d:08:cb:a7:24:a1:20:59:07:
c7:9c:10:f9:5a:79:a3:f7:54:27:de:29:47:24:95:
6c:23:93:73:ff:82:f8:4d:f7:c8:0d:d3:fc:db:25:
1e:57:61:fe:65:42:5f:18:a2:0a:3e:8a:5e:f7:d7:
cf:f0:5e:18:b8:a1:18:0c:5a:84:c3:a0:d7:b7:e0:
b5:14:4b:dd:1e:2e:96:33:d7:70:30:ba:3e:27:99:
43:19:eb:32:fe:70:50:b4:ee:41:d4:3a:04:e0:a8:
71:07:ad:f4:d9:f4:68:79:d7:4a:43:97:69:b5:ca:
6e:ce:17:28:ef:54:94:58:f3:f6:25:71:e8:0a:51:
76:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F2:91:94:1A:97:24:7F:75:00:14:AD:65:43:CE:82:3A:1E:95:15
X509v3 Authority Key Identifier:
keyid:E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/FfKRlBqXJH91ABStZUPOgjoelRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.226.0/24
185.133.88.0/22
188.116.45.0/24
212.11.88.0/22
Signature Algorithm: sha256WithRSAEncryption
10:c2:f9:4d:37:fc:15:9b:66:07:b0:15:60:be:6a:ae:60:fa:
93:09:49:e1:82:29:93:8a:bb:6d:21:78:dc:04:0d:ac:ae:66:
d7:42:50:da:90:d9:8f:ea:72:6a:d0:33:16:63:56:2a:41:d7:
9e:b9:5e:53:4f:41:92:44:6b:a0:de:89:30:56:70:b8:dc:bd:
83:f1:62:c7:44:0b:7e:3f:c6:8a:a1:30:a4:69:bc:18:9d:f3:
d3:ce:a8:c5:3d:07:a2:13:56:d5:c3:d9:b0:39:4f:15:12:e6:
88:ca:00:93:9b:92:e6:08:21:28:e2:e9:43:15:c1:2a:e6:7b:
44:f4:7a:78:ec:9e:f1:89:f2:a6:97:fb:a7:a3:a3:65:61:c6:
9e:48:b6:69:dc:63:0a:01:ad:4a:1a:a3:b4:67:d5:37:b5:97:
3e:4a:d3:a1:03:e6:ca:51:26:f3:2d:1e:0d:2c:7c:04:f1:7a:
ef:4f:d5:7c:d6:19:10:8e:a6:a4:aa:03:96:7a:ff:33:2c:49:
fd:0c:40:8e:81:5b:78:e8:ff:89:bb:0a:6a:d1:3c:be:57:f8:
ed:3d:1c:84:b6:94:99:7a:48:2c:b4:a1:83:a3:da:d1:19:3d:
af:71:60:49:11:24:e7:e0:51:0a:ef:4a:df:c7:69:c8:ed:4b:
c5:c7:9a:26
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYS+QebB2auC/juwCHoGW0LDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzM0MGVlNWI5ZGFmMWE2ODE4ZjBkZjQwN2ZhNTk3NTg4
NmIxMGYwHhcNMjIxMTI4MTI0MTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWYyOTE5NDFhOTcyNDdmNzUwMDE0YWQ2NTQzY2U4MjNhMWU5NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5psPM5fbPi5Zslb3N+xA5pnBILS
qT/Zzlg03KqXGUyeuTTjwrD4OfYr5EdTIIaLn6ts5BkUQWr7YAxUAKa81cOfL5kY
HNLwVdUhx10utQFahaqbrx2Ba4graulTwoPE99fNVQxKa+K1LU9zx0m6tXTnlany
Gh3CUAIt6jIdCMunJKEgWQfHnBD5Wnmj91Qn3ilHJJVsI5Nz/4L4TffIDdP82yUe
V2H+ZUJfGKIKPope99fP8F4YuKEYDFqEw6DXt+C1FEvdHi6WM9dwMLo+J5lDGesy
/nBQtO5B1DoE4KhxB6302fRoeddKQ5dptcpuzhco71SUWPP2JXHoClF2ywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBXykZQalyR/dQAUrWVDzoI6HpUVMB8GA1UdIwQY
MBaAFOXDQO5bna8aaBjw30B/pZdYhrEPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2It
NmUxZjJmNjg1MWNmLzEvRmZLUmxCcVhKSDkxQUJTdFpVUE9nam9lbFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2ItNmUxZjJmNjg1MWNm
LzEvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuXXiAwQC
uYVYAwQAvHQtAwQC1AtYMA0GCSqGSIb3DQEBCwUAA4IBAQAQwvlNN/wVm2YHsBVg
vmquYPqTCUnhgimTirttIXjcBA2srmbXQlDakNmP6nJq0DMWY1YqQdeeuV5TT0GS
RGug3okwVnC43L2D8WLHRAt+P8aKoTCkabwYnfPTzqjFPQeiE1bVw9mwOU8VEuaI
ygCTm5LmCCEo4ulDFcEq5ntE9Hp47J7xifKml/uno6NlYcaeSLZp3GMKAa1KGqO0
Z9U3tZc+StOhA+bKUSbzLR4NLHwE8XrvT9V81hkQjqakqgOWev8zLEn9DECOgVt4
6P+Juwpq0Ty+V/jtPRyEtpSZekgstKGDo9rRGT2vcWBJESTn4FEK70rfx2nI7UvF
x5om
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:30 2023 by rpki-client on console-ams.rpki-client.org