Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/fc3rRwTR-vh5XmgQ6CQTGKM2h6E.roa
File: fc3rRwTR-vh5XmgQ6CQTGKM2h6E.roa (raw, json)
Hash identifier: HrM2y4tLcqWpJcSWTY/ZFu2mA2tDlRgkh2F1LSH9K44=
Subject key identifier: 7D:CD:EB:47:04:D1:FA:F8:79:5E:68:10:E8:24:13:18:A3:36:87:A1
Certificate issuer: /CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Certificate serial: 0D3DDC1F
Authority key identifier: 5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/fc3rRwTR-vh5XmgQ6CQTGKM2h6E.roa
Signing time: Sat 01 Jan 2022 09:00:39 +0000
ROA not before: Sat 01 Jan 2022 09:00:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6893
IP address blocks: 185.125.198.0/24 maxlen: 24
62.220.128.0/19 maxlen: 19
185.125.197.0/24 maxlen: 24
185.125.196.0/22 maxlen: 22
185.125.196.0/23 maxlen: 23
185.125.196.0/24 maxlen: 24
62.220.150.0/24 maxlen: 24
62.220.158.0/24 maxlen: 24
2001:789::/32 maxlen: 32
2001:788::/29 maxlen: 29
2001:78c::/32 maxlen: 32
2001:788::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222157855 (0xd3ddc1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Validity
Not Before: Jan 1 09:00:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7dcdeb4704d1faf8795e6810e8241318a33687a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a8:47:68:6d:f9:c1:1b:93:b9:24:07:2d:e8:
da:fc:41:64:90:2c:45:54:7c:c6:f4:91:b7:ce:56:
84:55:c2:ea:cc:06:7b:ca:3f:ba:e1:04:7d:68:d3:
aa:b1:68:3a:40:63:56:19:5c:86:e9:5e:f0:44:bb:
42:16:ea:f7:09:69:3a:14:87:b8:d8:80:e5:d0:37:
25:03:00:6e:a3:ba:9d:9b:b5:01:2f:a0:2c:39:4b:
71:2d:9c:24:7a:01:00:e4:bd:2c:b0:df:8e:4e:b6:
64:2e:df:48:98:f5:29:dc:ee:23:eb:b6:3d:3a:91:
4b:ff:bf:a9:03:10:31:05:ee:9f:b2:c3:19:94:24:
91:ad:30:45:04:35:30:d2:a4:56:3e:d7:56:11:54:
d9:6d:0e:3b:4d:4d:92:eb:01:5f:aa:c0:83:28:f0:
b1:08:ee:1b:b7:9e:45:4f:ea:3f:32:84:c3:a7:4d:
71:93:72:ee:ca:d2:1e:dc:41:c1:7c:ff:1a:7c:ad:
be:54:4f:4a:28:18:55:f1:f0:d9:f7:e8:a3:1d:ca:
a9:82:9f:56:eb:a5:2a:89:d8:68:b6:fa:41:72:21:
22:0b:0e:d7:e3:dc:d9:37:2f:e7:22:68:59:be:bf:
c9:da:a0:67:aa:4e:34:cb:d3:55:4c:88:1f:7f:15:
a8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:CD:EB:47:04:D1:FA:F8:79:5E:68:10:E8:24:13:18:A3:36:87:A1
X509v3 Authority Key Identifier:
keyid:5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/fc3rRwTR-vh5XmgQ6CQTGKM2h6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/WujHjxYTl64dvQrDIlhPYvt0AJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.128.0/19
185.125.196.0/22
IPv6:
2001:788::/29
Signature Algorithm: sha256WithRSAEncryption
68:45:2d:c8:da:b3:94:4b:5a:db:61:c8:d3:e4:34:10:1a:a0:
32:3f:09:5f:74:4c:e5:d6:57:7d:4c:70:31:8a:e2:82:49:4a:
4e:71:0a:5a:6f:92:b9:e0:25:95:35:45:42:c8:b3:da:b0:f0:
73:4d:2a:ad:f5:05:f6:a0:b1:1e:97:47:5c:fb:59:d3:c0:4c:
2a:68:f9:55:5c:2c:38:56:70:d7:de:d3:06:08:cb:0c:bb:64:
f2:4d:c6:34:2a:2f:7e:3b:89:05:f3:a2:86:fc:ff:9e:7f:59:
cf:cf:d8:ba:7a:17:de:99:98:d5:25:2f:8a:a2:ca:e3:38:a6:
6a:20:d9:c5:44:1b:8e:70:0a:c1:2e:e7:fb:82:fa:45:fc:d6:
4a:9d:c1:b3:53:43:46:49:c6:b9:a8:8f:1a:8b:57:fd:a1:1d:
73:60:99:ec:ff:dc:7e:8e:ef:8b:6d:35:e3:1d:2d:eb:fb:82:
a2:0b:15:fd:cb:4b:40:85:f5:5b:68:9c:4e:50:cf:a2:24:bc:
3a:cd:0e:b8:fa:21:8b:42:dd:ed:7c:c8:5a:bb:53:6b:7c:d0:
99:aa:3f:61:60:79:d9:1b:e5:3f:7d:a2:37:9c:20:86:50:dc:
47:f2:5b:e8:0b:2d:ee:5c:13:c4:b8:5f:93:e0:43:49:96:e1:
3b:b0:f9:36
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDT3cHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWU4Yzc4ZjE2MTM5N2FlMWRiZDBhYzMyMjU4NGY2MmZiNzQwMDk3MB4XDTIyMDEw
MTA5MDAzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RjZGViNDcwNGQx
ZmFmODc5NWU2ODEwZTgyNDEzMThhMzM2ODdhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOoR2ht+cEbk7kkBy3o2vxBZJAsRVR8xvSRt85WhFXC6swG
e8o/uuEEfWjTqrFoOkBjVhlchule8ES7Qhbq9wlpOhSHuNiA5dA3JQMAbqO6nZu1
AS+gLDlLcS2cJHoBAOS9LLDfjk62ZC7fSJj1KdzuI+u2PTqRS/+/qQMQMQXun7LD
GZQkka0wRQQ1MNKkVj7XVhFU2W0OO01NkusBX6rAgyjwsQjuG7eeRU/qPzKEw6dN
cZNy7srSHtxBwXz/GnytvlRPSigYVfHw2ffoox3KqYKfVuulKonYaLb6QXIhIgsO
1+Pc2Tcv5yJoWb6/ydqgZ6pONMvTVUyIH38VqJMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR9zetHBNH6+HleaBDoJBMYozaHoTAfBgNVHSMEGDAWgBRa6MePFhOXrh29
CsMiWE9i+3QAlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d1akhqeFlUbDY0ZHZRckRJbGhQWXZ0MEFKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvNGQyN2JiLWY4NWMtNGJmZC1iMWMzLTQ3YmNkMzljM2Q4Ni8x
L2ZjM3JSd1RSLXZoNVhtZ1E2Q1FUR0tNMmg2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
NGQyN2JiLWY4NWMtNGJmZC1iMWMzLTQ3YmNkMzljM2Q4Ni8xL1d1akhqeFlUbDY0
ZHZRckRJbGhQWXZ0MEFKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBT7cgAMEArl9xDANBAIAAjAHAwUD
IAEHiDANBgkqhkiG9w0BAQsFAAOCAQEAaEUtyNqzlEta22HI0+Q0EBqgMj8JX3RM
5dZXfUxwMYrigklKTnEKWm+SueAllTVFQsiz2rDwc00qrfUF9qCxHpdHXPtZ08BM
Kmj5VVwsOFZw197TBgjLDLtk8k3GNCovfjuJBfOihvz/nn9Zz8/YunoX3pmY1SUv
iqLK4zimaiDZxUQbjnAKwS7n+4L6RfzWSp3Bs1NDRknGuaiPGotX/aEdc2CZ7P/c
fo7vi2014x0t6/uCogsV/ctLQIX1W2icTlDPoiS8Os0OuPohi0Ld7XzIWrtTa3zQ
mao/YWB52RvlP32iN5wghlDcR/Jb6Ast7lwTxLhfk+BDSZbhO7D5Ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:28 2024 by rpki-client on console-ams.rpki-client.org