Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/1-mx9uzpRITExdoUlqP9U6KFNfYs.roa
File: 1-mx9uzpRITExdoUlqP9U6KFNfYs.roa (raw, json)
Hash identifier: R2MAl89QSN/G3p5fAgLIXlFlkBQb3EGPx0q20LWfDUg=
Subject key identifier: FA:6C:7D:BB:3A:51:21:31:31:76:85:25:A8:FF:54:E8:A1:4D:7D:8B
Certificate issuer: /CN=757f9fdea350a766bb98c604d3b9c27916732209
Certificate serial: 377EBD4D
Authority key identifier: 75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/1-mx9uzpRITExdoUlqP9U6KFNfYs.roa
Signing time: Sat 01 Jan 2022 15:02:01 +0000
ROA not before: Sat 01 Jan 2022 15:02:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 85.158.96.0/24 maxlen: 24
85.158.97.0/24 maxlen: 24
85.158.98.0/24 maxlen: 24
85.158.102.0/24 maxlen: 24
85.158.103.0/24 maxlen: 24
85.158.99.0/24 maxlen: 24
85.158.100.0/24 maxlen: 24
85.158.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 931052877 (0x377ebd4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757f9fdea350a766bb98c604d3b9c27916732209
Validity
Not Before: Jan 1 15:02:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa6c7dbb3a51213131768525a8ff54e8a14d7d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:55:a9:e8:42:9d:4f:91:77:5f:62:8d:89:cb:
5c:48:01:29:25:c3:bd:c3:f3:8d:eb:a9:a5:9e:6d:
67:c3:d4:25:61:d5:2b:c4:75:9e:61:2a:7a:31:1f:
c5:2e:a8:51:4d:89:27:6b:ed:7e:40:03:8c:17:9e:
5e:fa:79:69:8c:61:9c:81:4e:a6:89:8d:a5:72:dc:
08:c0:30:7a:40:11:02:53:58:e8:7e:db:af:a6:2e:
e7:57:c6:2d:42:61:8d:1d:fa:ba:ff:59:01:54:d2:
bc:73:9a:6f:91:f4:14:cf:18:c4:7c:65:70:3f:d8:
b1:44:d9:60:a0:cf:10:f8:7c:13:ad:3e:b0:33:80:
9c:15:0f:e0:f3:d1:af:e6:f6:be:27:68:c9:05:0e:
af:72:0a:0e:7f:b2:1f:0f:1a:cf:16:3d:80:d3:5e:
ba:c5:3c:e5:8a:de:d1:75:eb:54:39:01:d5:a9:eb:
e3:ee:00:e3:10:1f:8b:a9:9c:2f:09:d7:94:23:32:
e1:1a:6e:54:ba:0c:05:70:25:98:57:b5:83:89:55:
7c:a8:03:a7:31:87:74:ef:f0:4a:3e:38:ef:49:27:
64:99:e5:eb:2f:35:6a:1f:fc:65:75:14:35:b1:98:
1d:9a:16:d7:d6:3a:77:64:bb:bc:c0:50:52:0b:66:
1b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6C:7D:BB:3A:51:21:31:31:76:85:25:A8:FF:54:E8:A1:4D:7D:8B
X509v3 Authority Key Identifier:
keyid:75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/1-mx9uzpRITExdoUlqP9U6KFNfYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.96.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:e7:4a:38:0b:f5:73:d2:c0:69:fe:bc:23:39:79:31:93:9b:
e0:96:ec:7b:89:8c:eb:1f:ba:a3:76:82:9a:d2:42:00:a8:e5:
14:c5:46:61:3f:e8:5d:24:73:c6:21:9f:98:12:43:8a:22:66:
aa:33:c7:19:6c:c4:8d:4e:35:98:1a:8b:23:dd:12:8e:74:1f:
04:b3:80:e4:28:73:9d:a1:06:0b:33:e2:94:2b:f1:55:b0:4f:
53:62:ac:51:5d:59:ac:f3:77:53:51:3a:2d:37:1c:8f:93:aa:
88:97:df:34:08:d0:e2:81:95:2d:a3:3b:40:70:ed:c7:b3:66:
e2:ba:58:8f:67:ad:c6:e9:b4:bf:92:9d:dc:16:ff:51:6c:f1:
7e:e6:8a:21:7f:cb:f0:b7:92:74:c0:55:e4:8d:ce:ce:36:71:
f4:56:f1:20:fe:ad:d1:9e:5a:1c:4f:6c:d5:eb:51:66:21:cf:
c4:e1:b5:d0:6c:3a:14:b6:35:3d:ac:69:35:25:58:ee:27:43:
8e:8c:cf:5d:06:23:7b:c9:27:ec:f4:79:9d:40:86:80:49:47:
69:1e:c6:13:d9:d7:20:6b:0a:f7:12:73:6a:d8:ac:f2:13:63:
c3:35:c8:97:e2:bd:b5:b2:79:ea:c0:67:d2:28:9e:26:ff:a0:
e9:12:f0:d6
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEN369TTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTdmOWZkZWEzNTBhNzY2YmI5OGM2MDRkM2I5YzI3OTE2NzMyMjA5MB4XDTIyMDEw
MTE1MDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE2YzdkYmIzYTUx
MjEzMTMxNzY4NTI1YThmZjU0ZThhMTRkN2Q4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVVqehCnU+Rd19ijYnLXEgBKSXDvcPzjeuppZ5tZ8PUJWHV
K8R1nmEqejEfxS6oUU2JJ2vtfkADjBeeXvp5aYxhnIFOpomNpXLcCMAwekARAlNY
6H7br6Yu51fGLUJhjR36uv9ZAVTSvHOab5H0FM8YxHxlcD/YsUTZYKDPEPh8E60+
sDOAnBUP4PPRr+b2vidoyQUOr3IKDn+yHw8azxY9gNNeusU85Yre0XXrVDkB1anr
4+4A4xAfi6mcLwnXlCMy4RpuVLoMBXAlmFe1g4lVfKgDpzGHdO/wSj4470knZJnl
6y81ah/8ZXUUNbGYHZoW19Y6d2S7vMBQUgtmG0ECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6bH27OlEhMTF2hSWo/1TooU19izAfBgNVHSMEGDAWgBR1f5/eo1CnZruY
xgTTucJ5FnMiCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RYLWYzcU5RcDJhN21NWUUwN25DZVJaeklnay5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNWEzYjZiLTlhNjEtNDU1Ny1hM2Q2LWMyNWFiYTZiNTVhZi8x
LzEtbXg5dXpwUklURXhkb1VscVA5VTZLRk5mWXMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVm
LzVhM2I2Yi05YTYxLTQ1NTctYTNkNi1jMjVhYmE2YjU1YWYvMS9kWC1mM3FOUXAy
YTdtTVlFMDduQ2VSWnpJZ2suY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANVnmAwDQYJKoZIhvcNAQELBQAD
ggEBAG3nSjgL9XPSwGn+vCM5eTGTm+CW7HuJjOsfuqN2gprSQgCo5RTFRmE/6F0k
c8Yhn5gSQ4oiZqozxxlsxI1ONZgaiyPdEo50HwSzgOQoc52hBgsz4pQr8VWwT1Ni
rFFdWazzd1NROi03HI+TqoiX3zQI0OKBlS2jO0Bw7cezZuK6WI9nrcbptL+SndwW
/1Fs8X7miiF/y/C3knTAVeSNzs42cfRW8SD+rdGeWhxPbNXrUWYhz8ThtdBsOhS2
NT2saTUlWO4nQ46Mz10GI3vJJ+z0eZ1AhoBJR2kexhPZ1yBrCvcSc2rYrPITY8M1
yJfivbWyeerAZ9Ionib/oOkS8NY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:01 2024 by rpki-client on console-fra.rpki-client.org