Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/fcHbwKhrr4uKKraDzBb25lc7IG8.roa
File: fcHbwKhrr4uKKraDzBb25lc7IG8.roa (raw, json)
Hash identifier: z1Nbk5ebamwSe/ltlicj1o5ANsmLWNqculcl2GrFGoo=
Subject key identifier: 7D:C1:DB:C0:A8:6B:AF:8B:8A:2A:B6:83:CC:16:F6:E6:57:3B:20:6F
Certificate issuer: /CN=6c890ef6a88ab33fa5a206760768dd3251c238af
Certificate serial: 0AE70C1A
Authority key identifier: 6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/fcHbwKhrr4uKKraDzBb25lc7IG8.roa
Signing time: Sat 01 Jan 2022 08:54:02 +0000
ROA not before: Sat 01 Jan 2022 08:54:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41652
IP address blocks: 185.212.225.0/24 maxlen: 24
185.212.226.0/24 maxlen: 24
185.212.224.0/22 maxlen: 22
185.212.224.0/24 maxlen: 24
185.212.227.0/24 maxlen: 24
2a0b:7cc0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182914074 (0xae70c1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c890ef6a88ab33fa5a206760768dd3251c238af
Validity
Not Before: Jan 1 08:54:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7dc1dbc0a86baf8b8a2ab683cc16f6e6573b206f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0a:99:9a:79:6d:d3:dd:2b:e2:2a:5f:7f:b7:
a3:90:46:d5:67:90:5f:4b:94:42:b3:73:ac:14:75:
0d:44:26:7a:29:e0:dc:22:91:a9:f2:52:08:83:3c:
46:fa:51:86:ac:a5:4c:b5:55:5c:50:fb:6d:ec:c0:
e7:db:c0:de:dc:d8:c4:80:c4:47:ec:a7:7c:2a:5f:
fb:b8:a2:d8:04:da:41:47:61:21:d4:a6:25:0e:c3:
25:c9:fd:4c:52:b3:56:f0:be:25:a0:b6:5c:bc:1b:
c7:f4:ea:7e:c8:c9:04:21:1d:16:fc:6a:88:46:f0:
6d:bb:20:00:91:4a:63:4f:0f:30:e4:fc:e2:3c:c3:
3d:63:74:19:b2:9b:4c:b3:8f:e0:d6:64:81:2f:cc:
22:14:f6:b6:70:60:b3:d3:2a:a6:20:29:1f:2c:ad:
73:f7:32:9c:70:eb:11:6e:b3:e3:67:7d:a5:76:e6:
8c:bb:e8:ce:38:05:02:9b:5b:07:61:eb:96:79:ed:
59:f4:59:8d:0a:ee:5f:7c:4d:31:d4:1e:7a:81:6b:
49:f4:18:2f:f8:48:07:29:8a:2a:e0:10:15:e2:0b:
cd:6d:ed:10:ab:db:d6:56:5a:60:ce:2b:ee:7e:35:
bb:48:78:41:db:50:1d:96:b9:2b:17:75:86:d0:7c:
26:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C1:DB:C0:A8:6B:AF:8B:8A:2A:B6:83:CC:16:F6:E6:57:3B:20:6F
X509v3 Authority Key Identifier:
keyid:6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/fcHbwKhrr4uKKraDzBb25lc7IG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/bIkO9qiKsz-logZ2B2jdMlHCOK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.224.0/22
IPv6:
2a0b:7cc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
20:d3:a4:fb:c1:7b:87:d1:d6:d0:47:6d:b8:82:b9:f4:0c:5e:
bd:71:df:80:0c:f3:dc:87:4d:68:63:17:5c:cd:1c:6d:13:2e:
14:62:79:26:26:56:d6:63:79:86:d3:dc:6b:40:7a:cd:88:cf:
1d:92:b1:76:e3:98:f2:7d:eb:2c:f7:c3:5e:45:f6:46:bc:81:
6d:6d:eb:17:64:79:e3:5a:c0:fd:73:9e:6f:d1:a4:05:46:0b:
49:d6:e7:d1:90:5d:0b:56:a7:ef:95:e3:1a:8d:07:7a:95:b8:
7b:37:c5:7d:cd:a8:78:cb:96:8a:40:11:c4:10:43:8d:31:b1:
b7:f6:14:86:ac:b6:f9:2b:4c:6a:71:0f:ee:9d:d4:98:1b:97:
6c:ab:3f:22:70:e3:4b:d8:07:f9:76:e2:de:f8:bf:d7:51:5f:
d8:58:60:ce:05:79:68:de:59:d4:a1:57:12:df:fb:6f:1f:fd:
4f:56:3a:e7:2b:a8:88:52:2b:03:79:93:87:03:72:e7:47:56:
50:71:d2:4f:73:d7:a1:01:68:7e:20:b1:f4:aa:a8:39:3f:14:
de:e7:e4:8b:7a:20:61:38:40:5a:07:66:0d:32:c5:dc:c6:4d:
a9:b5:b0:5d:0b:bb:64:66:18:a8:27:9d:52:f1:fd:bd:09:f0:
01:d7:6d:76
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECucMGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Yzg5MGVmNmE4OGFiMzNmYTVhMjA2NzYwNzY4ZGQzMjUxYzIzOGFmMB4XDTIyMDEw
MTA4NTQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RjMWRiYzBhODZi
YWY4YjhhMmFiNjgzY2MxNmY2ZTY1NzNiMjA2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOUKmZp5bdPdK+IqX3+3o5BG1WeQX0uUQrNzrBR1DUQmeing
3CKRqfJSCIM8RvpRhqylTLVVXFD7bezA59vA3tzYxIDER+ynfCpf+7ii2ATaQUdh
IdSmJQ7DJcn9TFKzVvC+JaC2XLwbx/TqfsjJBCEdFvxqiEbwbbsgAJFKY08PMOT8
4jzDPWN0GbKbTLOP4NZkgS/MIhT2tnBgs9MqpiApHyytc/cynHDrEW6z42d9pXbm
jLvozjgFAptbB2HrlnntWfRZjQruX3xNMdQeeoFrSfQYL/hIBymKKuAQFeILzW3t
EKvb1lZaYM4r7n41u0h4QdtQHZa5Kxd1htB8JskCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBR9wdvAqGuvi4oqtoPMFvbmVzsgbzAfBgNVHSMEGDAWgBRsiQ72qIqzP6Wi
BnYHaN0yUcI4rzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJa085cWlLc3otbG9nWjJCMmpkTWxIQ09LOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvMmI3Y2QxLTQ5YjYtNDkyMS1hNWUxLTYxZjkxZWRlZGYwYS8x
L2ZjSGJ3S2hycjR1S0tyYUR6QmIyNWxjN0lHOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
MmI3Y2QxLTQ5YjYtNDkyMS1hNWUxLTYxZjkxZWRlZGYwYS8xL2JJa085cWlLc3ot
bG9nWjJCMmpkTWxIQ09LOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArnU4DAPBAIAAjAJAwcAKgt8wAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAg06T7wXuH0dbQR224grn0DF69cd+ADPPch01o
YxdczRxtEy4UYnkmJlbWY3mG09xrQHrNiM8dkrF245jyfess98NeRfZGvIFtbesX
ZHnjWsD9c55v0aQFRgtJ1ufRkF0LVqfvleMajQd6lbh7N8V9zah4y5aKQBHEEEON
MbG39hSGrLb5K0xqcQ/undSYG5dsqz8icONL2Af5duLe+L/XUV/YWGDOBXlo3lnU
oVcS3/tvH/1PVjrnK6iIUisDeZOHA3LnR1ZQcdJPc9ehAWh+ILH0qqg5PxTe5+SL
eiBhOEBaB2YNMsXcxk2ptbBdC7tkZhioJ51S8f29CfAB1212
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-fra.rpki-client.org