Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/fmOUjnX-oKBhZgSlkWKTetqiXLM.roa
File: fmOUjnX-oKBhZgSlkWKTetqiXLM.roa (raw, json)
Hash identifier: oZyT+1Frj5XWsmNzz+Jtr4SaH+Znl/0O/DJYoN9sBAA=
Subject key identifier: 7E:63:94:8E:75:FE:A0:A0:61:66:04:A5:91:62:93:7A:DA:A2:5C:B3
Certificate issuer: /CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Certificate serial: 06A67CA0
Authority key identifier: F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/fmOUjnX-oKBhZgSlkWKTetqiXLM.roa
Signing time: Sat 01 Jan 2022 09:54:40 +0000
ROA not before: Sat 01 Jan 2022 09:54:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201791
IP address blocks: 195.35.114.0/23 maxlen: 24
185.103.76.0/22 maxlen: 22
2a06:2a80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111574176 (0x6a67ca0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Validity
Not Before: Jan 1 09:54:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e63948e75fea0a0616604a59162937adaa25cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:61:77:f2:b7:f7:6d:ee:59:64:60:6e:6a:9b:
a6:46:45:88:d1:af:18:a7:0a:2f:da:db:13:7d:63:
2b:aa:0c:26:0e:90:8c:bb:76:9e:50:bc:a8:5d:8a:
c7:e0:c9:cd:06:2f:64:06:1c:c6:82:42:71:fc:4b:
b7:14:97:a1:ee:79:6c:b0:bd:62:65:fd:a7:01:6e:
11:3d:a4:44:2e:2b:24:0a:85:e5:66:54:cc:70:1b:
2a:db:6e:f9:e1:18:f7:54:04:f5:76:c3:85:5c:b1:
42:4d:bb:13:00:7b:0a:c1:b5:8e:1e:bb:78:4c:32:
1a:a0:74:5a:ae:98:61:e2:10:bb:2d:34:1c:57:cf:
86:f4:d8:cb:d2:de:3a:27:1b:61:a2:12:8f:73:e2:
13:74:37:ad:48:9e:50:d9:19:13:e7:a0:e4:d8:af:
28:c6:80:5e:eb:42:4e:b8:4e:b9:64:01:24:65:ca:
47:b9:39:e1:e7:8d:1f:b8:bf:ff:03:75:39:b6:7e:
22:0c:d9:0b:3a:49:14:78:38:fa:ad:f8:4d:aa:f6:
3c:eb:95:62:8a:4b:e8:15:80:10:4b:f8:25:dc:51:
cb:88:86:e7:0b:f4:1e:4b:28:aa:a8:76:55:fc:01:
0f:83:2c:d1:40:8a:16:49:de:9c:58:64:37:f9:97:
7b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:63:94:8E:75:FE:A0:A0:61:66:04:A5:91:62:93:7A:DA:A2:5C:B3
X509v3 Authority Key Identifier:
keyid:F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/fmOUjnX-oKBhZgSlkWKTetqiXLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.76.0/22
195.35.114.0/23
IPv6:
2a06:2a80::/29
Signature Algorithm: sha256WithRSAEncryption
7b:04:51:9c:a5:d6:e4:a5:cc:9b:5a:be:e6:e6:92:cc:f7:dd:
ab:a5:6b:2c:23:18:ac:20:f5:f2:c3:b1:29:11:d8:3c:84:93:
07:fd:9a:97:ca:92:1c:a6:56:a1:0e:fc:84:2c:21:0f:a0:40:
4e:b6:b3:fc:c8:63:4b:4b:8a:57:87:06:92:f9:d0:21:9d:b4:
fa:86:43:b2:f4:6e:b3:bb:50:67:ba:a2:f9:ad:15:77:a3:ce:
01:4f:ee:2b:7c:69:f3:3c:02:e3:2a:b5:8d:59:32:57:36:d6:
96:4a:2f:72:cb:c9:5a:b1:ad:8f:ca:98:39:1e:77:e9:61:00:
e3:47:5a:67:7b:c3:c7:35:45:50:c4:8b:7e:3c:42:e8:60:49:
12:f0:a5:a9:ed:7d:07:d2:4e:a9:2f:7a:ab:c9:47:0a:4f:46:
76:f4:49:2b:86:b4:15:25:8b:f9:91:a7:a3:b0:95:e1:a4:3d:
f2:78:3e:9a:9a:2c:7e:30:ff:0a:21:ab:29:91:b9:ee:cb:ba:
fd:d1:fc:bc:5b:5b:75:37:60:6a:7c:45:6a:81:b2:b4:00:a5:
6d:70:85:ad:b6:25:78:7d:76:87:f0:e5:16:4d:de:bc:14:ce:
c6:1f:bf:46:8f:b0:a7:2e:25:0b:bf:0d:5c:34:51:cd:ae:83:
06:29:f6:f5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBqZ8oDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTZiMjA0OWIzYTlhYTZmMjM2OGU2ZWViNGJmY2QxNjc5NTNhNWU5MB4XDTIyMDEw
MTA5NTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U2Mzk0OGU3NWZl
YTBhMDYxNjYwNGE1OTE2MjkzN2FkYWEyNWNiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALthd/K3923uWWRgbmqbpkZFiNGvGKcKL9rbE31jK6oMJg6Q
jLt2nlC8qF2Kx+DJzQYvZAYcxoJCcfxLtxSXoe55bLC9YmX9pwFuET2kRC4rJAqF
5WZUzHAbKttu+eEY91QE9XbDhVyxQk27EwB7CsG1jh67eEwyGqB0Wq6YYeIQuy00
HFfPhvTYy9LeOicbYaISj3PiE3Q3rUieUNkZE+eg5NivKMaAXutCTrhOuWQBJGXK
R7k54eeNH7i//wN1ObZ+IgzZCzpJFHg4+q34Tar2POuVYopL6BWAEEv4JdxRy4iG
5wv0Hksoqqh2VfwBD4Ms0UCKFknenFhkN/mXe1cCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR+Y5SOdf6goGFmBKWRYpN62qJcszAfBgNVHSMEGDAWgBT1ayBJs6mqbyNo
5u60v80WeVOl6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlXc2dTYk9wcW04amFPYnV0TF9ORm5sVHBlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvZDFhNzFjLWI4ZjgtNDEyZC05ZGExLTI0MDFiNzQyMDZmMy8x
L2ZtT1Vqblgtb0tCaFpnU2xrV0tUZXRxaVhMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
ZDFhNzFjLWI4ZjgtNDEyZC05ZGExLTI0MDFiNzQyMDZmMy8xLzlXc2dTYk9wcW04
amFPYnV0TF9ORm5sVHBlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlnTAMEAcMjcjANBAIAAjAHAwUD
KgYqgDANBgkqhkiG9w0BAQsFAAOCAQEAewRRnKXW5KXMm1q+5uaSzPfdq6VrLCMY
rCD18sOxKRHYPISTB/2al8qSHKZWoQ78hCwhD6BATraz/MhjS0uKV4cGkvnQIZ20
+oZDsvRus7tQZ7qi+a0Vd6POAU/uK3xp8zwC4yq1jVkyVzbWlkovcsvJWrGtj8qY
OR536WEA40daZ3vDxzVFUMSLfjxC6GBJEvClqe19B9JOqS96q8lHCk9GdvRJK4a0
FSWL+ZGno7CV4aQ98ng+mposfjD/CiGrKZG57su6/dH8vFtbdTdganxFaoGytACl
bXCFrbYleH12h/DlFk3evBTOxh+/Ro+wpy4lC78NXDRRza6DBin29Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:53 2023 by rpki-client on console-ams.rpki-client.org