Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/FNRK8aPzTsd5E2KV3zUlVqq__vY.roa
File: FNRK8aPzTsd5E2KV3zUlVqq__vY.roa (raw, json)
Hash identifier: wR5R/9/qjIQeUI62tV2LUhZPCsLITdKNf/zB6G/XCT0=
Subject key identifier: 14:D4:4A:F1:A3:F3:4E:C7:79:13:62:95:DF:35:25:56:AA:BF:FE:F6
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0183FAFDAA8AB2B7D969A414982D75403580
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/FNRK8aPzTsd5E2KV3zUlVqq__vY.roa
Signing time: Fri 21 Oct 2022 14:41:11 +0000
ROA not before: Fri 21 Oct 2022 14:41:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.13.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.12.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:fd:aa:8a:b2:b7:d9:69:a4:14:98:2d:75:40:35:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Oct 21 14:41:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14d44af1a3f34ec779136295df352556aabffef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:87:c3:02:f0:09:e4:c6:9f:d4:e8:31:2b:ef:
27:fa:6c:8c:9d:a1:ca:e8:98:eb:7e:91:75:ad:71:
85:ea:0a:cc:3b:cd:b1:0b:93:63:0f:86:b5:d1:54:
40:91:88:7e:5a:2d:8d:80:0a:49:72:d7:e6:cc:87:
65:1b:10:88:b1:a1:96:a6:57:0e:6a:47:02:da:31:
f7:66:61:8f:1d:0f:8d:5e:c7:fc:2e:58:11:d1:bf:
38:62:16:66:7c:63:9b:22:dc:57:af:68:89:5c:b3:
12:2e:63:74:ee:5b:15:76:8e:95:70:4f:94:e6:73:
68:a5:4e:6b:3b:c1:72:7d:b8:ef:4c:25:dd:cd:95:
ca:1f:77:db:99:fc:54:0f:be:24:d3:4d:a3:cb:5f:
de:d5:97:95:47:fe:22:ca:d9:a2:1b:f8:7b:1d:5e:
e9:23:63:58:3f:41:04:c0:13:54:d7:e7:f9:02:fe:
5b:db:08:ec:c4:db:79:03:94:dd:d9:22:dc:fe:29:
69:73:d0:33:21:76:3e:33:e1:13:b6:d8:ed:5e:b7:
b6:e7:9f:b6:53:16:44:66:7a:6f:20:d9:5f:1a:ab:
93:01:2a:94:17:e2:f6:ec:fe:8b:23:c8:32:8f:27:
c9:7d:9d:77:c2:c4:48:73:a2:1d:c9:d7:8d:23:9c:
e3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D4:4A:F1:A3:F3:4E:C7:79:13:62:95:DF:35:25:56:AA:BF:FE:F6
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/FNRK8aPzTsd5E2KV3zUlVqq__vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/22
94.154.36.0/24
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
10:aa:b2:79:94:59:1c:d9:bf:c3:2e:76:5e:af:f8:52:ef:d3:
a6:55:75:ef:0e:a4:64:ed:95:19:25:7c:d5:c6:53:01:35:7c:
c9:25:fe:94:69:05:97:41:a2:d9:b9:89:d7:73:77:c9:a6:b5:
83:0e:62:13:01:62:f0:ba:64:32:31:d6:9e:8c:2f:64:d5:56:
33:49:18:27:27:59:40:7e:5c:99:bc:72:a7:c2:96:b0:8c:2b:
35:7b:ac:8a:6f:eb:7a:66:ad:7b:a5:5a:5e:05:5f:47:54:ca:
9d:9d:a8:34:31:2b:73:ba:d3:dd:b6:40:16:87:b8:9e:09:f4:
d9:9f:11:6f:b7:54:f5:4d:ff:42:61:ea:df:91:16:d2:21:27:
5f:5b:0e:72:22:b5:16:95:20:a7:de:61:50:f0:4f:9f:a5:06:
dd:98:0b:3b:2b:d6:5c:04:25:e1:48:5b:f8:d2:60:f3:1d:f3:
20:3c:88:33:9d:c0:70:0d:cb:ba:38:38:36:2d:67:41:1c:fb:
54:31:48:d6:74:25:d7:89:42:9d:3a:6d:34:e3:53:62:9e:82:
9c:ab:ab:c0:32:d1:4b:a0:52:a5:e3:05:b9:7e:15:d7:7f:55:
b7:f8:9b:95:fb:ee:2a:0d:91:7d:e8:dd:c7:50:c4:b0:e1:36:
e5:7f:b2:c8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYP6/aqKsrfZaaQUmC11QDWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjIxMDIxMTQ0MTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQ0NGFmMWEzZjM0ZWM3NzkxMzYyOTVkZjM1MjU1NmFhYmZmZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4fDAvAJ5Maf1OgxK+8n+myMnaHK
6JjrfpF1rXGF6grMO82xC5NjD4a10VRAkYh+Wi2NgApJctfmzIdlGxCIsaGWplcO
akcC2jH3ZmGPHQ+NXsf8LlgR0b84YhZmfGObItxXr2iJXLMSLmN07lsVdo6VcE+U
5nNopU5rO8FyfbjvTCXdzZXKH3fbmfxUD74k002jy1/e1ZeVR/4iytmiG/h7HV7p
I2NYP0EEwBNU1+f5Av5b2wjsxNt5A5Td2SLc/ilpc9AzIXY+M+ETttjtXre255+2
UxZEZnpvINlfGquTASqUF+L27P6LI8gyjyfJfZ13wsRIc6IdydeNI5zjnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBTUSvGj807HeRNild81JVaqv/72MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvRk5SSzhhUHpUc2Q1RTJLVjN6VWxWcXFfX3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+QMAwQA
XpokAwQAXpomMA0GCSqGSIb3DQEBCwUAA4IBAQAQqrJ5lFkc2b/DLnZer/hS79Om
VXXvDqRk7ZUZJXzVxlMBNXzJJf6UaQWXQaLZuYnXc3fJprWDDmITAWLwumQyMdae
jC9k1VYzSRgnJ1lAflyZvHKnwpawjCs1e6yKb+t6Zq17pVpeBV9HVMqdnag0MStz
utPdtkAWh7ieCfTZnxFvt1T1Tf9CYerfkRbSISdfWw5yIrUWlSCn3mFQ8E+fpQbd
mAs7K9ZcBCXhSFv40mDzHfMgPIgzncBwDcu6ODg2LWdBHPtUMUjWdCXXiUKdOm00
41NinoKcq6vAMtFLoFKl4wW5fhXXf1W3+JuV++4qDZF96N3HUMSw4Tblf7LI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-fra.rpki-client.org