Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/fkFKGMJLE__TMoPiVFEchCYNDhA.roa
File: fkFKGMJLE__TMoPiVFEchCYNDhA.roa (raw, json)
Hash identifier: eUiw6FiDGUYTdasUEVwOMk73reZS4G7j9eCGOltJmZU=
Subject key identifier: 7E:41:4A:18:C2:4B:13:FF:D3:32:83:E2:54:51:1C:84:26:0D:0E:10
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 018456BD187FF3431841CF7E473F22F132C5
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/fkFKGMJLE__TMoPiVFEchCYNDhA.roa
Signing time: Tue 08 Nov 2022 10:15:43 +0000
ROA not before: Tue 08 Nov 2022 10:15:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203936
IP address blocks: 185.118.188.0/22 maxlen: 24
45.148.72.0/24 maxlen: 24
45.148.75.0/24 maxlen: 24
45.148.74.0/24 maxlen: 24
45.148.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:bd:18:7f:f3:43:18:41:cf:7e:47:3f:22:f1:32:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Nov 8 10:15:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e414a18c24b13ffd33283e254511c84260d0e10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cf:c2:7c:6e:d0:0a:e5:7e:bf:ef:6e:c1:97:
36:67:14:4a:86:e6:5a:a5:2e:80:97:21:ff:26:76:
3e:09:49:7a:b5:de:ed:0f:bd:9e:67:85:de:b9:04:
b9:25:3f:57:76:0f:36:d0:71:cd:b9:4b:87:7f:57:
f4:ae:89:75:f1:32:1b:30:18:d6:cd:dd:14:a7:3d:
de:56:11:42:54:d6:d1:f1:9c:50:71:cb:b9:cb:f6:
6e:0b:98:8f:d8:ed:37:99:0a:8d:b4:07:42:63:74:
6f:db:b7:a5:4a:7c:59:7a:4e:60:f9:94:7d:04:a7:
dc:cd:84:51:f6:f3:ca:9b:c5:36:8a:22:55:4f:0f:
56:ea:52:71:4d:23:7d:83:f8:58:a1:ac:87:f5:4b:
84:d8:d1:c7:92:65:4b:7f:f1:83:32:95:41:b3:66:
17:7b:1c:b4:33:1b:99:24:1d:d0:0e:52:11:2c:30:
78:55:dc:e7:3d:ed:41:f2:a4:5f:83:78:53:7b:fc:
71:62:78:79:1b:49:4a:8e:16:d9:76:71:fc:df:60:
dd:dc:e1:6d:8f:54:72:07:11:dd:2c:8d:d8:70:ca:
0f:a1:79:ef:2a:0c:46:72:a6:43:48:ba:53:df:eb:
99:02:9f:08:b9:1c:03:d5:8a:aa:67:0a:9b:d9:50:
ab:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:41:4A:18:C2:4B:13:FF:D3:32:83:E2:54:51:1C:84:26:0D:0E:10
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/fkFKGMJLE__TMoPiVFEchCYNDhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.72.0/22
185.118.188.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:a7:db:7f:44:58:18:82:4d:e6:9b:bf:89:3b:c1:34:66:60:
0b:58:f0:a1:05:78:21:ce:a4:1e:29:8d:44:de:c7:f0:20:c0:
60:10:e8:64:d1:ea:67:e7:34:84:6c:fa:fc:2a:11:6a:ce:ac:
5c:7e:64:3f:ca:d4:9f:cb:c3:0b:90:9d:62:f3:c5:2d:c6:b7:
ae:4f:78:29:4f:91:1c:6a:84:90:9e:7d:0c:8c:9a:c5:3c:ae:
f1:36:08:a1:e6:15:4f:bc:d8:de:c1:60:f7:eb:e8:28:ec:08:
c5:22:05:ea:0a:f5:6d:f1:e1:05:3c:b0:fd:7b:74:85:78:f6:
ac:76:b0:74:7c:34:eb:4b:19:5f:86:7c:4d:7b:ff:fe:82:58:
47:d1:06:89:51:16:03:51:13:e0:44:8b:95:69:3e:67:cc:a1:
78:4f:20:12:46:df:11:d0:74:f1:14:b3:ce:52:f6:21:d9:b8:
da:e4:7b:47:8c:e1:b0:0e:de:bc:69:1b:b9:e5:ec:7e:91:37:
30:f4:90:26:c8:e7:2b:23:24:a4:83:85:6e:d3:a7:20:4b:05:
83:e2:0a:96:90:3a:a2:7f:4a:05:ab:0e:d0:3c:1d:dd:cd:18:
99:f8:1e:b1:02:c4:4f:77:22:be:f9:25:e4:2d:c7:b1:47:f1:
74:c0:fc:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRWvRh/80MYQc9+Rz8i8TLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjIxMTA4MTAxNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQxNGExOGMyNGIxM2ZmZDMzMjgzZTI1NDUxMWM4NDI2MGQwZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc/CfG7QCuV+v+9uwZc2ZxRKhuZa
pS6AlyH/JnY+CUl6td7tD72eZ4XeuQS5JT9Xdg820HHNuUuHf1f0rol18TIbMBjW
zd0Upz3eVhFCVNbR8ZxQccu5y/ZuC5iP2O03mQqNtAdCY3Rv27elSnxZek5g+ZR9
BKfczYRR9vPKm8U2iiJVTw9W6lJxTSN9g/hYoayH9UuE2NHHkmVLf/GDMpVBs2YX
exy0MxuZJB3QDlIRLDB4VdznPe1B8qRfg3hTe/xxYnh5G0lKjhbZdnH832Dd3OFt
j1RyBxHdLI3YcMoPoXnvKgxGcqZDSLpT3+uZAp8IuRwD1YqqZwqb2VCrZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH5BShjCSxP/0zKD4lRRHIQmDQ4QMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvZmtGS0dNSkxFX19UTW9QaVZGRWNoQ1lORGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZRIAwQC
uXa8MA0GCSqGSIb3DQEBCwUAA4IBAQClp9t/RFgYgk3mm7+JO8E0ZmALWPChBXgh
zqQeKY1E3sfwIMBgEOhk0epn5zSEbPr8KhFqzqxcfmQ/ytSfy8MLkJ1i88Utxreu
T3gpT5EcaoSQnn0MjJrFPK7xNgih5hVPvNjewWD36+go7AjFIgXqCvVt8eEFPLD9
e3SFePasdrB0fDTrSxlfhnxNe//+glhH0QaJURYDURPgRIuVaT5nzKF4TyASRt8R
0HTxFLPOUvYh2bja5HtHjOGwDt68aRu55ex+kTcw9JAmyOcrIySkg4Vu06cgSwWD
4gqWkDqif0oFqw7QPB3dzRiZ+B6xAsRPdyK++SXkLcexR/F0wPzY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:11 2023 by rpki-client on console-fra.rpki-client.org