Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/FbCx7laHjp6yN3sg5keR-WC9jXg.roa
File: FbCx7laHjp6yN3sg5keR-WC9jXg.roa (raw, json)
Hash identifier: aWGOdgyBKvFBZp+PNWi4UnTiccq2VOK9d+vM8A3nzqk=
Subject key identifier: 15:B0:B1:EE:56:87:8E:9E:B2:37:7B:20:E6:47:91:F9:60:BD:8D:78
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0184BCECE08CE1356CCBF024935A5D0552BB
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/FbCx7laHjp6yN3sg5keR-WC9jXg.roa
Signing time: Mon 28 Nov 2022 06:29:11 +0000
ROA not before: Mon 28 Nov 2022 06:29:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48359
IP address blocks: 89.42.44.0/22 maxlen: 22
45.94.214.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bc:ec:e0:8c:e1:35:6c:cb:f0:24:93:5a:5d:05:52:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Nov 28 06:29:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=15b0b1ee56878e9eb2377b20e64791f960bd8d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7e:79:42:c7:9c:78:8c:72:0d:94:9e:3e:eb:
37:a2:24:34:2a:90:a7:13:20:34:be:9a:12:00:9b:
70:a7:1c:88:86:8f:12:2f:26:fe:fc:cb:85:1d:ec:
a9:a4:6c:79:b8:50:fa:90:09:98:7e:ea:74:17:8b:
41:01:9a:02:30:85:c9:82:e8:70:6e:ab:1a:5a:bd:
d4:af:56:dc:34:b5:88:a3:d9:5e:77:39:f1:6d:06:
d2:30:78:c2:96:92:b4:0a:d1:47:b9:04:eb:d8:ac:
49:89:d0:50:8d:06:9b:7c:e9:5b:19:9b:11:3f:ac:
fe:7d:ac:2d:7b:5a:1e:6d:1d:03:a8:26:75:e1:3b:
3e:6d:4e:51:0f:8f:2c:cd:ac:9f:03:3e:46:2b:8b:
68:38:77:30:aa:64:e4:28:27:75:e6:09:0b:48:c9:
4e:ea:25:29:2a:37:d7:b6:bc:c4:78:57:71:f2:70:
3e:ee:50:49:bd:3a:69:0f:41:3f:ed:4c:f5:b2:9f:
e6:b7:15:8f:7e:16:d4:c5:12:9c:24:94:00:99:7f:
fa:f8:90:71:52:cf:97:99:13:a9:08:26:1f:08:5a:
78:b0:32:7b:64:b0:bd:b1:6b:9f:a0:77:d0:88:2c:
5c:c8:5b:01:35:30:82:00:ad:d5:10:ca:c7:8a:fd:
88:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B0:B1:EE:56:87:8E:9E:B2:37:7B:20:E6:47:91:F9:60:BD:8D:78
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/FbCx7laHjp6yN3sg5keR-WC9jXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/24
89.42.44.0/22
89.46.217.0/24
Signature Algorithm: sha256WithRSAEncryption
27:5b:cd:15:e0:99:75:35:29:de:33:0d:3a:25:66:46:4d:0d:
c4:d4:7c:9f:b1:ba:40:2d:e3:eb:5e:23:b5:1b:a4:64:a6:c9:
36:f1:91:39:eb:72:50:4f:08:a1:48:d5:56:61:16:d1:89:80:
91:09:15:89:55:00:53:bb:c9:5d:de:13:17:61:d8:b0:33:aa:
4b:eb:2d:3b:87:1a:4d:02:ea:d2:77:51:42:5d:c3:1d:a6:77:
b3:78:34:a2:1d:53:1f:cb:3d:48:e1:1f:da:7a:65:d3:2c:0d:
a9:b4:79:cf:cf:4d:29:d9:59:7f:9a:68:41:2e:3c:91:70:99:
e8:4a:66:8f:db:28:eb:31:21:7b:9c:83:aa:1a:86:63:0e:df:
fc:92:17:5a:0d:e3:bd:e9:e5:bc:1c:3a:54:b7:a9:c7:e0:fb:
54:91:97:37:7e:50:72:2e:ca:d0:b7:8e:29:b7:aa:8b:ae:79:
a0:81:af:4c:18:11:c3:f7:5e:29:e3:15:1d:a6:d7:25:04:4f:
ab:2c:14:37:fc:1c:16:31:51:b8:1c:c0:41:fb:60:f1:cf:32:
7e:56:8b:bc:a1:1c:7e:ce:f8:37:a3:e0:89:40:80:18:96:d2:
55:47:95:ed:05:0d:d4:42:c2:84:2d:61:cc:f8:d8:21:90:5c:
fb:55:1f:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYS87OCM4TVsy/Akk1pdBVK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjIxMTI4MDYyOTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWIwYjFlZTU2ODc4ZTllYjIzNzdiMjBlNjQ3OTFmOTYwYmQ4ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0X55QseceIxyDZSePus3oiQ0KpCn
EyA0vpoSAJtwpxyIho8SLyb+/MuFHeyppGx5uFD6kAmYfup0F4tBAZoCMIXJguhw
bqsaWr3Ur1bcNLWIo9ledznxbQbSMHjClpK0CtFHuQTr2KxJidBQjQabfOlbGZsR
P6z+fawte1oebR0DqCZ14Ts+bU5RD48szayfAz5GK4toOHcwqmTkKCd15gkLSMlO
6iUpKjfXtrzEeFdx8nA+7lBJvTppD0E/7Uz1sp/mtxWPfhbUxRKcJJQAmX/6+JBx
Us+XmROpCCYfCFp4sDJ7ZLC9sWufoHfQiCxcyFsBNTCCAK3VEMrHiv2IcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBWwse5Wh46esjd7IOZHkflgvY14MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvRmJDeDdsYUhqcDZ5TjNzZzVrZVItV0M5alhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV7WAwQC
WSosAwQAWS7ZMA0GCSqGSIb3DQEBCwUAA4IBAQAnW80V4Jl1NSneMw06JWZGTQ3E
1HyfsbpALePrXiO1G6Rkpsk28ZE563JQTwihSNVWYRbRiYCRCRWJVQBTu8ld3hMX
YdiwM6pL6y07hxpNAurSd1FCXcMdpnezeDSiHVMfyz1I4R/aemXTLA2ptHnPz00p
2Vl/mmhBLjyRcJnoSmaP2yjrMSF7nIOqGoZjDt/8khdaDeO96eW8HDpUt6nH4PtU
kZc3flByLsrQt44pt6qLrnmgga9MGBHD914p4xUdptclBE+rLBQ3/BwWMVG4HMBB
+2DxzzJ+Vou8oRx+zvg3o+CJQIAYltJVR5XtBQ3UQsKELWHM+NghkFz7VR+0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-fra.rpki-client.org