Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/fR11R7uD17NfuVyxbnohgmqItlM.roa
File: fR11R7uD17NfuVyxbnohgmqItlM.roa (raw, json)
Hash identifier: mNdIiTy6y1u7x57Xuic0cGCkxd88Inm1hJluf4H+zJc=
Subject key identifier: 7D:1D:75:47:BB:83:D7:B3:5F:B9:5C:B1:6E:7A:21:82:6A:88:B6:53
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 19287BA0
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/fR11R7uD17NfuVyxbnohgmqItlM.roa
Signing time: Mon 31 Jan 2022 07:32:07 +0000
ROA not before: Mon 31 Jan 2022 07:32:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200449
IP address blocks: 185.65.148.0/22 maxlen: 32
178.248.232.0/21 maxlen: 32
185.94.108.0/22 maxlen: 32
2a03:70c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 422083488 (0x19287ba0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Jan 31 07:32:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d1d7547bb83d7b35fb95cb16e7a21826a88b653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7b:b8:25:4c:f7:ff:39:58:ba:a2:da:43:01:
f4:be:a4:0d:95:3d:27:4d:5c:16:26:43:d8:9c:8f:
0f:bd:c8:fe:4d:a8:3d:d8:d1:12:a1:bc:db:80:fb:
3a:e4:2e:bc:6f:65:09:74:a8:97:81:85:89:6c:5c:
38:7b:34:6c:1f:4d:cf:4a:68:5d:62:66:01:8f:3b:
7d:75:6d:e4:46:e3:22:16:4f:4b:a8:b0:67:e8:7c:
3f:34:63:cb:26:fa:ef:b0:cb:ed:43:ad:57:c2:8c:
7b:5a:ca:86:0a:62:cb:93:3f:36:81:9f:39:28:52:
ec:46:5d:0e:80:ad:c6:2b:29:30:aa:9a:8b:31:f9:
c5:cf:af:7c:56:d9:61:33:9e:dd:fe:bb:9a:7a:06:
51:fe:07:6f:66:69:78:10:f0:d8:18:5f:21:a6:03:
c5:53:07:8d:ad:e3:8f:90:df:90:2f:7f:c0:3d:6b:
27:be:4c:4e:79:dc:e4:e4:f1:45:db:23:b8:d7:35:
2e:55:6f:e2:6e:ea:09:30:03:94:8f:de:6e:21:6b:
f4:db:2a:80:45:7a:7e:07:75:83:fb:90:e7:1d:d9:
26:ef:dd:c3:4d:d6:db:19:38:c1:69:43:0e:26:05:
bd:d8:06:13:52:de:b9:ae:44:b9:f1:eb:db:a6:95:
66:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1D:75:47:BB:83:D7:B3:5F:B9:5C:B1:6E:7A:21:82:6A:88:B6:53
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/fR11R7uD17NfuVyxbnohgmqItlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
34:08:f9:ee:1f:50:c4:4d:f0:d3:5c:ea:ba:b7:ce:b3:4b:7f:
fa:db:7b:56:19:82:c0:8f:27:b1:df:2e:fd:06:31:85:37:be:
55:75:7f:ca:19:be:40:55:64:aa:33:4b:2c:1b:ef:ec:c9:d7:
85:87:86:c0:2c:43:c4:1c:f8:25:47:27:e4:83:8f:e1:2c:30:
19:73:92:76:18:c0:fd:fc:99:5d:5a:47:49:49:f5:29:7a:c9:
34:d5:34:2f:d0:9e:29:e7:85:2a:73:e2:79:45:ac:fc:03:56:
dd:b6:4d:36:4f:71:78:6d:fd:05:c2:65:7f:5c:91:99:b0:05:
dd:69:9f:19:58:df:2d:c1:35:a6:31:5f:6e:e3:4b:43:ab:72:
b2:5a:c5:1a:78:e0:76:5e:25:ae:47:cb:37:d4:15:f5:35:03:
53:cd:f2:6f:f4:e2:b6:19:fd:fe:91:8a:31:40:5e:78:da:69:
2a:f1:ef:d3:0e:7a:d0:1e:1c:89:86:4e:de:43:13:71:bd:96:
e3:36:54:c6:4c:81:8d:87:43:23:96:e6:f1:fe:dd:a5:18:41:
15:e4:27:c5:d8:6b:4c:fd:3f:d7:5c:f8:c2:22:74:78:45:43:
38:a8:85:53:8f:82:fe:d9:e4:95:ac:f5:c9:75:f0:12:69:6c:
a3:0f:bc:35
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEGSh7oDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MmI2MTBjZDQzYmFmY2VkOTE0ODBmYWJmZGNhYWU4MjA0OWZiZjcxMB4XDTIyMDEz
MTA3MzIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2QxZDc1NDdiYjgz
ZDdiMzVmYjk1Y2IxNmU3YTIxODI2YTg4YjY1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANd7uCVM9/85WLqi2kMB9L6kDZU9J01cFiZD2JyPD73I/k2o
PdjREqG824D7OuQuvG9lCXSol4GFiWxcOHs0bB9Nz0poXWJmAY87fXVt5EbjIhZP
S6iwZ+h8PzRjyyb677DL7UOtV8KMe1rKhgpiy5M/NoGfOShS7EZdDoCtxispMKqa
izH5xc+vfFbZYTOe3f67mnoGUf4Hb2ZpeBDw2BhfIaYDxVMHja3jj5DfkC9/wD1r
J75MTnnc5OTxRdsjuNc1LlVv4m7qCTADlI/ebiFr9NsqgEV6fgd1g/uQ5x3ZJu/d
w03W2xk4wWlDDiYFvdgGE1Leua5EufHr26aVZm0CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBR9HXVHu4PXs1+5XLFueiGCaoi2UzAfBgNVHSMEGDAWgBQCthDNQ7r87ZFI
D6v9yq6CBJ+/cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FyWVF6VU82X08yUlNBLXJfY3F1Z2dTZnYzRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvZTNkZWNjLTNlZjctNGNiMi04MWQxLTkwMTNjYTk5NmIxNi8x
L2ZSMTFSN3VEMTdOZnVWeXhibm9oZ21xSXRsTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
ZTNkZWNjLTNlZjctNGNiMi04MWQxLTkwMTNjYTk5NmIxNi8xL0FyWVF6VU82X08y
UlNBLXJfY3F1Z2dTZnYzRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA7L46AMEArlBlAMEArlebDANBAIA
AjAHAwUAKgNwwDANBgkqhkiG9w0BAQsFAAOCAQEANAj57h9QxE3w01zqurfOs0t/
+tt7VhmCwI8nsd8u/QYxhTe+VXV/yhm+QFVkqjNLLBvv7MnXhYeGwCxDxBz4JUcn
5IOP4SwwGXOSdhjA/fyZXVpHSUn1KXrJNNU0L9CeKeeFKnPieUWs/ANW3bZNNk9x
eG39BcJlf1yRmbAF3WmfGVjfLcE1pjFfbuNLQ6tyslrFGnjgdl4lrkfLN9QV9TUD
U83yb/Tithn9/pGKMUBeeNppKvHv0w560B4ciYZO3kMTcb2W4zZUxkyBjYdDI5bm
8f7dpRhBFeQnxdhrTP0/11z4wiJ0eEVDOKiFU4+C/tnklaz1yXXwEmlsow+8NQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:48 2023 by rpki-client on console-fra.rpki-client.org