Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/fhFX-pZ-w6NIlMBBuSSQ32viUKY.roa
File: fhFX-pZ-w6NIlMBBuSSQ32viUKY.roa (raw, json)
Hash identifier: 3JB1xEMCWhqWAtQuVG7NcOHh4SZVMyt32nzPmFF1/DM=
Subject key identifier: 7E:11:57:FA:96:7E:C3:A3:48:94:C0:41:B9:24:90:DF:6B:E2:50:A6
Certificate issuer: /CN=eb091499adc769b0fba9fed3284543a7425c2351
Certificate serial: 05DC7959
Authority key identifier: EB:09:14:99:AD:C7:69:B0:FB:A9:FE:D3:28:45:43:A7:42:5C:23:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6wkUma3HabD7qf7TKEVDp0JcI1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/fhFX-pZ-w6NIlMBBuSSQ32viUKY.roa
Signing time: Sat 01 Jan 2022 13:59:34 +0000
ROA not before: Sat 01 Jan 2022 13:59:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207727
IP address blocks: 194.165.35.0/24 maxlen: 24
194.165.38.0/24 maxlen: 24
194.165.58.0/24 maxlen: 24
194.165.56.0/24 maxlen: 24
2a10:2a80:ac::/48 maxlen: 48
2a10:2a80:42::/48 maxlen: 48
2a10:2a80::/48 maxlen: 48
2a10:2a80:1ab::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98335065 (0x5dc7959)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb091499adc769b0fba9fed3284543a7425c2351
Validity
Not Before: Jan 1 13:59:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e1157fa967ec3a34894c041b92490df6be250a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f5:2f:37:0f:bd:c4:f2:9b:a7:1c:cd:07:8c:
b8:02:0e:89:93:7b:ea:37:35:18:7c:33:e3:61:2f:
82:00:07:35:0b:69:d7:ff:1b:47:b7:97:ef:18:50:
7f:12:5a:ae:8d:49:03:84:2e:39:98:9c:13:19:2f:
9f:ee:f7:87:e3:92:4b:52:90:67:30:2d:3b:ad:34:
a7:7c:b5:3f:71:76:f2:2f:80:54:57:a2:4b:6c:12:
d0:59:64:b2:64:6d:14:44:e7:7e:9d:b4:e8:d4:9d:
9d:83:d8:d4:46:be:29:f3:7f:b5:81:8f:73:1f:3b:
4e:6c:b7:bc:fc:bb:4c:5d:3e:89:4b:75:63:0f:df:
3b:2e:45:57:1e:3b:ae:c7:23:5d:e4:1c:d1:4a:39:
7e:c1:47:89:de:aa:75:74:82:a6:8b:b9:99:bb:4c:
1b:d6:ce:32:18:8d:e4:72:2b:36:d1:e6:55:c1:9c:
48:d6:32:d1:0b:36:94:5a:b8:be:a4:6b:4e:4d:38:
6e:eb:8b:2e:68:3e:ec:11:7d:e3:54:84:b1:4b:ae:
d0:f1:73:a6:76:87:37:09:9a:f6:76:66:6c:a0:1d:
f4:6c:3c:3d:53:95:68:7a:30:35:e6:a9:4d:e6:45:
03:9a:93:21:44:86:7b:5a:6b:90:9d:33:78:c2:34:
ba:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:11:57:FA:96:7E:C3:A3:48:94:C0:41:B9:24:90:DF:6B:E2:50:A6
X509v3 Authority Key Identifier:
keyid:EB:09:14:99:AD:C7:69:B0:FB:A9:FE:D3:28:45:43:A7:42:5C:23:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6wkUma3HabD7qf7TKEVDp0JcI1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/fhFX-pZ-w6NIlMBBuSSQ32viUKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/6wkUma3HabD7qf7TKEVDp0JcI1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.35.0/24
194.165.38.0/24
194.165.56.0/24
194.165.58.0/24
IPv6:
2a10:2a80::/48
2a10:2a80:42::/48
2a10:2a80:ac::/48
2a10:2a80:1ab::/48
Signature Algorithm: sha256WithRSAEncryption
38:df:a3:09:34:72:64:79:e7:23:8c:9b:59:a1:1c:be:16:3a:
51:18:3d:25:80:14:2d:18:35:b0:34:65:1f:95:bc:78:01:b8:
c4:ef:c6:ca:5c:b3:38:74:3b:98:45:ec:37:8a:85:20:d0:3c:
84:4e:d9:46:7d:ea:b9:2b:49:a6:e0:2e:3e:40:23:69:00:bf:
fa:2d:58:6a:89:a3:8b:14:6b:94:0b:0a:35:2d:06:d0:2a:05:
2e:fd:eb:b2:50:65:c8:c7:ab:6e:89:9e:65:d3:a7:ab:f2:de:
a3:53:af:6e:3d:c0:0d:03:c1:ef:c9:8c:70:f5:d4:fe:a9:fa:
e4:19:22:1a:d6:9c:ef:62:fb:7a:f5:8b:1d:c7:91:aa:f5:04:
55:87:26:c8:9d:9f:72:00:33:59:84:b6:61:25:9e:9a:43:e5:
4f:7c:64:65:54:ea:bb:44:03:49:dd:1e:9b:0a:83:d3:81:04:
d1:fd:0f:fc:3c:e5:0b:ee:29:15:16:91:14:61:b7:32:28:74:
c2:71:5a:d5:33:4b:0f:cf:f4:a6:61:e6:5a:87:4c:01:5e:73:
47:da:8d:96:fc:58:2b:8c:a6:1a:00:3d:08:8d:a0:30:5a:29:
09:ad:7d:5d:40:f2:2d:ac:d4:00:78:6a:b2:bd:a4:dc:1f:42:
86:78:9b:ed
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEBdx5WTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjA5MTQ5OWFkYzc2OWIwZmJhOWZlZDMyODQ1NDNhNzQyNWMyMzUxMB4XDTIyMDEw
MTEzNTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2UxMTU3ZmE5Njdl
YzNhMzQ4OTRjMDQxYjkyNDkwZGY2YmUyNTBhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMv1LzcPvcTym6cczQeMuAIOiZN76jc1GHwz42EvggAHNQtp
1/8bR7eX7xhQfxJaro1JA4QuOZicExkvn+73h+OSS1KQZzAtO600p3y1P3F28i+A
VFeiS2wS0FlksmRtFETnfp206NSdnYPY1Ea+KfN/tYGPcx87Tmy3vPy7TF0+iUt1
Yw/fOy5FVx47rscjXeQc0Uo5fsFHid6qdXSCpou5mbtMG9bOMhiN5HIrNtHmVcGc
SNYy0Qs2lFq4vqRrTk04buuLLmg+7BF941SEsUuu0PFzpnaHNwma9nZmbKAd9Gw8
PVOVaHowNeapTeZFA5qTIUSGe1prkJ0zeMI0uv8CAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBR+EVf6ln7Do0iUwEG5JJDfa+JQpjAfBgNVHSMEGDAWgBTrCRSZrcdpsPup
/tMoRUOnQlwjUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZ3a1VtYTNIYWJEN3FmN1RLRVZEcDBKY0kxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvYWQ0NmE1LWY5MDAtNGFkMS1iMjI5LWUxODQzNWU0MzJkYy8x
L2ZoRlgtcFotdzZOSWxNQkJ1U1NRMzJ2aVVLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
YWQ0NmE1LWY5MDAtNGFkMS1iMjI5LWUxODQzNWU0MzJkYy8xLzZ3a1VtYTNIYWJE
N3FmN1RLRVZEcDBKY0kxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwHgQCAAEwGAMEAMKlIwMEAMKlJgMEAMKlOAMEAMKl
OjAqBAIAAjAkAwcAKhAqgAAAAwcAKhAqgABCAwcAKhAqgACsAwcAKhAqgAGrMA0G
CSqGSIb3DQEBCwUAA4IBAQA436MJNHJkeecjjJtZoRy+FjpRGD0lgBQtGDWwNGUf
lbx4AbjE78bKXLM4dDuYRew3ioUg0DyETtlGfeq5K0mm4C4+QCNpAL/6LVhqiaOL
FGuUCwo1LQbQKgUu/euyUGXIx6tuiZ5l06er8t6jU69uPcANA8HvyYxw9dT+qfrk
GSIa1pzvYvt69Ysdx5Gq9QRVhybInZ9yADNZhLZhJZ6aQ+VPfGRlVOq7RANJ3R6b
CoPTgQTR/Q/8POUL7ikVFpEUYbcyKHTCcVrVM0sPz/SmYeZah0wBXnNH2o2W/Fgr
jKYaAD0IjaAwWikJrX1dQPItrNQAeGqyvaTcH0KGeJvt
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:52 2023 by rpki-client on console-fra.rpki-client.org