Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/FNGTn80dxFscEWnZkytsTTYcpXw.roa
File: FNGTn80dxFscEWnZkytsTTYcpXw.roa (raw, json)
Hash identifier: +lfdVi4eMammLUBpxOIRCX2Z5fkh4MxC6re9gh+tM3Q=
Subject key identifier: 14:D1:93:9F:CD:1D:C4:5B:1C:11:69:D9:93:2B:6C:4D:36:1C:A5:7C
Certificate issuer: /CN=50c006d6401ef42fa50e24095500b2fdafad5baa
Certificate serial: 04E93B6E
Authority key identifier: 50:C0:06:D6:40:1E:F4:2F:A5:0E:24:09:55:00:B2:FD:AF:AD:5B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMAG1kAe9C-lDiQJVQCy_a-tW6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/FNGTn80dxFscEWnZkytsTTYcpXw.roa
Signing time: Sat 01 Jan 2022 08:55:30 +0000
ROA not before: Sat 01 Jan 2022 08:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51618
IP address blocks: 185.132.214.0/24 maxlen: 24
185.132.214.0/23 maxlen: 23
185.132.215.0/24 maxlen: 24
185.132.212.0/22 maxlen: 22
185.132.212.0/23 maxlen: 23
185.132.212.0/24 maxlen: 24
185.132.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82393966 (0x4e93b6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c006d6401ef42fa50e24095500b2fdafad5baa
Validity
Not Before: Jan 1 08:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14d1939fcd1dc45b1c1169d9932b6c4d361ca57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0a:fa:7e:52:1a:27:8a:b6:6e:60:77:3a:75:
ff:0d:75:9d:02:e8:55:89:95:e2:52:b2:e3:ae:8b:
5f:29:d5:3c:b0:59:cb:79:ab:c6:54:15:47:57:0c:
0e:89:f2:f0:76:ab:ae:33:74:1a:6e:1e:21:2e:1c:
dd:9c:86:78:2b:06:d5:05:14:be:26:e8:6e:69:b3:
59:e2:10:b8:ad:22:fe:84:95:11:f3:9b:c5:f0:67:
46:6c:4b:3a:ce:a4:7a:f2:5a:2d:2c:ed:61:e9:9d:
73:2f:0a:e3:26:34:fa:ed:1f:af:b3:94:ca:36:77:
83:c6:c3:bb:bc:91:5d:59:04:55:e1:11:4e:00:1c:
e0:03:fa:3e:8f:87:d4:42:da:ec:53:cf:b8:10:b0:
2d:aa:a3:dc:98:77:2c:7e:b0:2a:5a:0e:69:e3:25:
e9:2c:07:60:3d:c8:09:20:3b:4c:47:2f:78:49:7c:
87:56:2d:f0:8c:d6:6f:0b:2d:40:3e:d3:89:fe:78:
1b:a4:33:ad:a5:ea:cf:7f:49:69:a9:03:5f:b6:8a:
4d:5d:c3:0c:85:5d:90:7f:1a:bf:96:ed:e8:3a:5a:
02:75:8e:2a:64:5a:76:58:3b:57:19:5c:34:05:0f:
70:54:5a:7a:d4:b4:aa:93:d7:df:bb:53:1b:55:96:
ce:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D1:93:9F:CD:1D:C4:5B:1C:11:69:D9:93:2B:6C:4D:36:1C:A5:7C
X509v3 Authority Key Identifier:
keyid:50:C0:06:D6:40:1E:F4:2F:A5:0E:24:09:55:00:B2:FD:AF:AD:5B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMAG1kAe9C-lDiQJVQCy_a-tW6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/FNGTn80dxFscEWnZkytsTTYcpXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/dfab36-657f-4e02-8361-c2dcdc85e584/1/UMAG1kAe9C-lDiQJVQCy_a-tW6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.212.0/22
Signature Algorithm: sha256WithRSAEncryption
71:7e:d0:89:5a:02:aa:18:02:d6:2a:30:20:a8:b1:7c:01:2d:
59:6e:09:7f:de:6d:44:0e:f8:85:97:d1:d2:9a:66:06:a9:6b:
7d:e8:97:5f:6e:6e:18:a7:3f:ae:c0:8e:63:82:da:2c:72:0d:
79:46:ef:61:bc:1e:c6:75:2e:64:15:1a:ec:0f:9a:9a:b4:bc:
4d:43:5b:db:1d:fb:3c:1d:11:96:52:fc:cd:03:67:88:7a:1e:
eb:c5:db:5f:c8:40:93:8a:e4:27:1f:21:e3:e3:ba:30:a3:c5:
99:1a:1f:52:67:79:e6:e5:b5:bb:c1:7f:15:de:92:e2:ea:bf:
2b:d0:d4:68:26:12:66:31:4c:2f:46:53:6c:10:48:82:da:7f:
50:55:84:ce:21:97:b2:31:a8:c3:62:6e:59:10:b3:f4:a6:32:
4c:45:39:6a:42:fe:57:7b:6b:65:eb:0f:67:64:84:5f:a9:7c:
7a:27:db:63:66:33:dd:68:58:72:e9:8d:5e:94:84:5c:26:40:
c6:ca:18:9b:a7:45:ad:f8:92:7a:42:ef:80:d1:bd:63:64:ab:
58:52:3b:a8:bf:33:1e:bf:90:66:c1:b8:9d:ee:be:ed:a3:89:
d7:31:98:eb:75:49:d8:9c:81:a7:c1:0d:10:e4:21:71:5c:2e:
f9:47:77:ae
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBOk7bjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGMwMDZkNjQwMWVmNDJmYTUwZTI0MDk1NTAwYjJmZGFmYWQ1YmFhMB4XDTIyMDEw
MTA4NTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRkMTkzOWZjZDFk
YzQ1YjFjMTE2OWQ5OTMyYjZjNGQzNjFjYTU3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOEK+n5SGieKtm5gdzp1/w11nQLoVYmV4lKy466LXynVPLBZ
y3mrxlQVR1cMDony8HarrjN0Gm4eIS4c3ZyGeCsG1QUUvibobmmzWeIQuK0i/oSV
EfObxfBnRmxLOs6kevJaLSztYemdcy8K4yY0+u0fr7OUyjZ3g8bDu7yRXVkEVeER
TgAc4AP6Po+H1ELa7FPPuBCwLaqj3Jh3LH6wKloOaeMl6SwHYD3ICSA7TEcveEl8
h1Yt8IzWbwstQD7Tif54G6QzraXqz39JaakDX7aKTV3DDIVdkH8av5bt6DpaAnWO
KmRadlg7VxlcNAUPcFRaetS0qpPX37tTG1WWzv8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQU0ZOfzR3EWxwRadmTK2xNNhylfDAfBgNVHSMEGDAWgBRQwAbWQB70L6UO
JAlVALL9r61bqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VNQUcxa0FlOUMtbERpUUpWUUN5X2EtdFc2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvZGZhYjM2LTY1N2YtNGUwMi04MzYxLWMyZGNkYzg1ZTU4NC8x
L0ZOR1RuODBkeEZzY0VXblpreXRzVFRZY3BYdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
ZGZhYjM2LTY1N2YtNGUwMi04MzYxLWMyZGNkYzg1ZTU4NC8xL1VNQUcxa0FlOUMt
bERpUUpWUUN5X2EtdFc2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmE1DANBgkqhkiG9w0BAQsFAAOC
AQEAcX7QiVoCqhgC1iowIKixfAEtWW4Jf95tRA74hZfR0ppmBqlrfeiXX25uGKc/
rsCOY4LaLHINeUbvYbwexnUuZBUa7A+amrS8TUNb2x37PB0RllL8zQNniHoe68Xb
X8hAk4rkJx8h4+O6MKPFmRofUmd55uW1u8F/Fd6S4uq/K9DUaCYSZjFML0ZTbBBI
gtp/UFWEziGXsjGow2JuWRCz9KYyTEU5akL+V3trZesPZ2SEX6l8eifbY2Yz3WhY
cumNXpSEXCZAxsoYm6dFrfiSekLvgNG9Y2SrWFI7qL8zHr+QZsG4ne6+7aOJ1zGY
63VJ2JyBp8ENEOQhcVwu+Ud3rg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:36 2025 by rpki-client