Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/f1xyEkIk602RAl68MkYbWc3U4vs.roa
File: f1xyEkIk602RAl68MkYbWc3U4vs.roa (raw, json)
Hash identifier: AGS0FI5upf0cXYzrKhs+wl627Dmg9wb4uLgMpucKbx4=
Subject key identifier: 7F:5C:72:12:42:24:EB:4D:91:02:5E:BC:32:46:1B:59:CD:D4:E2:FB
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0185655A1A46BEFC70E2B11C615A04778663
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/f1xyEkIk602RAl68MkYbWc3U4vs.roa
Signing time: Fri 30 Dec 2022 23:24:41 +0000
ROA not before: Fri 30 Dec 2022 23:24:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58329
IP address blocks: 185.158.249.0/24 maxlen: 24
194.76.225.0/24 maxlen: 24
31.214.157.0/24 maxlen: 24
193.242.210.0/23 maxlen: 23
79.132.129.0/24 maxlen: 24
79.132.128.0/24 maxlen: 24
2001:67c:2ae8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:65:5a:1a:46:be:fc:70:e2:b1:1c:61:5a:04:77:86:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Dec 30 23:24:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f5c72124224eb4d91025ebc32461b59cdd4e2fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f5:fe:3d:d3:39:17:82:c2:1d:83:16:8c:12:
44:62:d4:c3:de:54:2b:9c:ef:aa:8a:a0:12:cb:0c:
71:90:e4:18:ec:fe:76:54:5c:f3:f2:18:76:6f:70:
22:9e:ba:2c:17:fd:c6:5a:f1:50:83:72:7f:2a:f7:
d0:04:c1:1b:a3:9a:ea:82:30:18:81:b9:17:7b:5e:
94:38:f3:38:fc:e2:07:1c:ff:09:93:1c:c6:5e:4c:
72:e4:22:2d:66:64:67:24:60:26:d5:9e:c0:a4:54:
c9:1c:6f:8f:de:05:e0:1b:79:c8:11:6b:36:19:b6:
52:49:f2:0e:60:ce:7e:01:79:d7:63:31:09:8a:45:
13:41:8b:59:f4:ee:4c:61:47:b3:17:52:2c:95:e7:
69:a5:c9:93:53:73:cc:1e:26:c5:ba:8a:a2:94:9c:
d8:d5:1e:de:b0:6c:69:62:8f:46:d9:66:d8:7e:88:
2b:df:cd:33:29:b2:2d:a9:3e:15:cb:51:96:79:9c:
aa:c7:09:5c:01:17:d9:5f:bc:ce:76:03:73:46:c6:
99:19:91:ee:48:d0:30:ab:d9:a9:c4:fa:b5:a7:a9:
a6:a3:bf:8d:9c:49:e3:99:91:9b:2a:82:78:a2:05:
5b:0a:99:6a:62:fa:e0:b1:bd:c9:90:aa:e0:eb:d9:
05:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5C:72:12:42:24:EB:4D:91:02:5E:BC:32:46:1B:59:CD:D4:E2:FB
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/f1xyEkIk602RAl68MkYbWc3U4vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.157.0/24
79.132.128.0/23
185.158.249.0/24
193.242.210.0/23
194.76.225.0/24
IPv6:
2001:67c:2ae8::/48
Signature Algorithm: sha256WithRSAEncryption
9e:45:27:48:5b:7c:74:ec:98:b3:1d:65:fc:88:44:24:44:1f:
b6:ca:3b:84:0d:2d:52:2a:43:b3:68:fc:43:05:89:f2:fe:95:
5f:cd:66:69:eb:bc:bc:50:c9:40:82:53:61:c2:63:0e:b3:25:
fd:56:a9:7b:cd:e5:02:3f:fc:d7:91:97:49:e8:9a:93:bf:cf:
73:0a:e0:3d:3b:32:46:0d:8d:fd:d3:48:e7:91:dc:fd:ac:c7:
d1:28:e3:3c:88:b7:38:62:dd:e3:5b:2b:11:31:79:07:97:e1:
e1:b0:0f:4c:36:2a:cc:c6:48:e1:c1:ea:18:59:06:ea:ab:e1:
62:ea:b6:56:d7:7e:4d:ef:e7:d9:6e:a6:05:92:4e:e1:07:04:
4a:98:5d:ed:30:11:5c:dd:f3:02:fa:64:9c:ad:ea:c3:fc:55:
e4:05:67:db:81:ac:c7:dc:8f:3c:8b:83:8a:fb:e2:78:9f:c2:
f2:a5:f1:1b:2f:e0:16:45:79:71:4d:93:e5:dc:7d:f8:e4:dd:
8f:6a:ee:ce:20:f5:35:46:d6:c3:dc:49:81:c2:47:03:fa:90:
cc:bd:64:d3:3a:6e:b0:af:b2:ff:4c:89:54:29:e4:22:6e:11:
1d:20:14:cc:f9:74:de:d0:3d:17:55:9a:5e:ca:3b:af:89:a8:
5f:43:a9:24
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVlWhpGvvxw4rEcYVoEd4ZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjIxMjMwMjMyNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjVjNzIxMjQyMjRlYjRkOTEwMjVlYmMzMjQ2MWI1OWNkZDRlMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/X+PdM5F4LCHYMWjBJEYtTD3lQr
nO+qiqASywxxkOQY7P52VFzz8hh2b3AinrosF/3GWvFQg3J/KvfQBMEbo5rqgjAY
gbkXe16UOPM4/OIHHP8JkxzGXkxy5CItZmRnJGAm1Z7ApFTJHG+P3gXgG3nIEWs2
GbZSSfIOYM5+AXnXYzEJikUTQYtZ9O5MYUezF1IsledppcmTU3PMHibFuoqilJzY
1R7esGxpYo9G2WbYfogr380zKbItqT4Vy1GWeZyqxwlcARfZX7zOdgNzRsaZGZHu
SNAwq9mpxPq1p6mmo7+NnEnjmZGbKoJ4ogVbCplqYvrgsb3JkKrg69kFnQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFH9cchJCJOtNkQJevDJGG1nN1OL7MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvZjF4eUVrSWs2MDJSQWw2OE1rWWJXYzNVNHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAH9adAwQB
T4SAAwQAuZ75AwQBwfLSAwQAwkzhMA8EAgACMAkDBwAgAQZ8KugwDQYJKoZIhvcN
AQELBQADggEBAJ5FJ0hbfHTsmLMdZfyIRCREH7bKO4QNLVIqQ7No/EMFifL+lV/N
ZmnrvLxQyUCCU2HCYw6zJf1WqXvN5QI//NeRl0nompO/z3MK4D07MkYNjf3TSOeR
3P2sx9Eo4zyItzhi3eNbKxExeQeX4eGwD0w2KszGSOHB6hhZBuqr4WLqtlbXfk3v
59lupgWSTuEHBEqYXe0wEVzd8wL6ZJyt6sP8VeQFZ9uBrMfcjzyLg4r74nifwvKl
8Rsv4BZFeXFNk+Xcffjk3Y9q7s4g9TVG1sPcSYHCRwP6kMy9ZNM6brCvsv9MiVQp
5CJuER0gFMz5dN7QPRdVml7KO6+JqF9DqSQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org