Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/aAgYhdcej0NmK9OqSGYy8xFfPSg.roa
File: aAgYhdcej0NmK9OqSGYy8xFfPSg.roa (raw, json)
Hash identifier: O7h8GjPa0wMvuNd23GHvFQTkZLXBORrjQTy4hN67hV4=
Subject key identifier: 68:08:18:85:D7:1E:8F:43:66:2B:D3:AA:48:66:32:F3:11:5F:3D:28
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 0876A84B
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/aAgYhdcej0NmK9OqSGYy8xFfPSg.roa
Signing time: Sat 01 Jan 2022 00:53:33 +0000
ROA not before: Sat 01 Jan 2022 00:53:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204390
IP address blocks: 88.119.212.0/22 maxlen: 22
85.206.56.0/22 maxlen: 22
85.206.17.0/24 maxlen: 24
85.206.124.0/24 maxlen: 24
85.206.125.0/24 maxlen: 24
85.206.120.0/22 maxlen: 22
212.59.26.0/24 maxlen: 24
85.206.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141994059 (0x876a84b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 1 00:53:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68081885d71e8f43662bd3aa486632f3115f3d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:38:c5:20:ae:dd:d7:b7:8c:99:c7:fb:67:35:
12:f2:6e:e5:ff:7d:59:1a:78:a6:94:e6:ef:10:24:
6e:cd:03:43:1e:de:e7:4d:8f:b5:4d:29:16:4f:a9:
5b:3e:a7:da:06:cd:2b:31:5b:ae:52:03:80:89:4d:
7b:23:1d:e6:91:22:18:8f:1e:fc:21:29:c9:87:d4:
9d:4f:13:45:4c:9d:9d:a2:35:c3:31:50:5e:b6:78:
84:d3:ee:85:e2:0f:21:35:c0:9d:96:95:26:12:6a:
4e:80:a0:8d:40:81:4d:bf:f5:f2:8c:f7:2d:f2:7f:
7a:4d:af:a7:ad:52:f5:4c:63:0e:a6:45:27:fe:f6:
9c:83:21:61:88:3a:99:eb:f6:e5:25:2d:c6:32:45:
ba:fa:83:56:2f:3b:fc:d8:94:a9:4b:83:ac:1b:df:
c4:56:16:80:22:22:8a:5e:33:e5:c5:43:17:c6:01:
0e:54:2f:85:36:71:00:c5:6c:13:6f:a7:b0:66:c6:
a6:f6:e4:c9:6e:48:48:20:ad:9e:48:57:60:44:e3:
03:6e:5c:9a:47:dd:f9:ac:70:31:ce:13:c5:2a:a6:
43:db:28:dc:e8:17:f8:f3:ca:3c:5a:ac:b4:39:a0:
ca:37:2f:e8:a0:21:6e:85:09:b9:a4:2e:5e:46:fe:
2a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:08:18:85:D7:1E:8F:43:66:2B:D3:AA:48:66:32:F3:11:5F:3D:28
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/aAgYhdcej0NmK9OqSGYy8xFfPSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.17.0/24
85.206.56.0/22
85.206.120.0-85.206.126.255
88.119.212.0/22
212.59.26.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:76:ce:25:39:43:f0:52:3f:5c:86:88:ff:05:9a:49:fd:62:
8e:da:06:7c:e3:e4:ba:f7:cf:12:55:4c:a2:25:2b:32:6c:02:
fe:19:05:52:a3:4f:58:d9:6d:9f:cb:fd:82:89:67:09:30:42:
af:40:00:86:9e:27:62:eb:a2:37:1e:98:f6:db:45:cb:91:43:
f1:92:db:c4:6d:f0:30:4e:2e:a3:59:15:d2:0a:01:66:5e:da:
7e:bc:ef:43:b3:00:f2:ed:6f:83:01:19:7f:f4:50:27:84:4b:
b4:ae:03:7f:20:d5:24:a7:36:59:50:4f:53:97:94:3f:bd:b0:
ee:d2:ba:31:02:cb:3e:a0:64:62:2d:0b:7a:b3:b8:e7:46:c2:
0f:42:99:7c:de:01:18:26:53:07:39:0a:b9:5d:da:89:11:b9:
8f:a9:e3:ed:91:dc:25:88:da:94:ab:8d:40:92:d2:c3:85:b9:
13:f2:57:ba:1d:a3:3d:a0:24:76:57:8c:29:88:89:09:8f:90:
0c:c4:fa:83:4d:7f:c8:52:8b:c6:cb:0f:99:e7:08:2b:77:32:
a2:01:8a:93:94:13:87:36:cc:d9:cd:92:96:85:7a:5f:2b:40:
44:af:41:1e:e5:a9:d4:0d:b3:21:b1:06:1f:19:01:e9:17:f9:
aa:54:5f:3f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECHaoSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjk4NzI0NDYxMWI1MjMwNTM2NzQ0YjZhODlmMDQ0ZjMyZjQ2MmVhMB4XDTIyMDEw
MTAwNTMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgwODE4ODVkNzFl
OGY0MzY2MmJkM2FhNDg2NjMyZjMxMTVmM2QyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQ4xSCu3de3jJnH+2c1EvJu5f99WRp4ppTm7xAkbs0DQx7e
502PtU0pFk+pWz6n2gbNKzFbrlIDgIlNeyMd5pEiGI8e/CEpyYfUnU8TRUydnaI1
wzFQXrZ4hNPuheIPITXAnZaVJhJqToCgjUCBTb/18oz3LfJ/ek2vp61S9UxjDqZF
J/72nIMhYYg6mev25SUtxjJFuvqDVi87/NiUqUuDrBvfxFYWgCIiil4z5cVDF8YB
DlQvhTZxAMVsE2+nsGbGpvbkyW5ISCCtnkhXYETjA25cmkfd+axwMc4TxSqmQ9so
3OgX+PPKPFqstDmgyjcv6KAhboUJuaQuXkb+KkMCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRoCBiF1x6PQ2Yr06pIZjLzEV89KDAfBgNVHSMEGDAWgBT7mHJEYRtSMFNn
RLaonwRPMvRi6jAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ0LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEv
MS9hQWdZaGRjZWowTm1LOU9xU0dZeTh4RmZQU2cucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0
LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEvMS8xLTVoeVJHRWJV
akJUWjBTMnFKOEVUekwwWXVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVc4RAwQCVc44MAwDBANVzngD
BABVzn4DBAJYd9QDBADUOxowDQYJKoZIhvcNAQELBQADggEBAD52ziU5Q/BSP1yG
iP8Fmkn9Yo7aBnzj5Lr3zxJVTKIlKzJsAv4ZBVKjT1jZbZ/L/YKJZwkwQq9AAIae
J2LrojcemPbbRcuRQ/GS28Rt8DBOLqNZFdIKAWZe2n6870OzAPLtb4MBGX/0UCeE
S7SuA38g1SSnNllQT1OXlD+9sO7SujECyz6gZGItC3qzuOdGwg9CmXzeARgmUwc5
Crld2okRuY+p4+2R3CWI2pSrjUCS0sOFuRPyV7odoz2gJHZXjCmIiQmPkAzE+oNN
f8hSi8bLD5nnCCt3MqIBipOUE4c2zNnNkpaFel8rQESvQR7lqdQNsyGxBh8ZAekX
+apUXz8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:14 2023 by rpki-client on console-fra.rpki-client.org