Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/fRf6I6WpTUE6vruOLpSIrNrRXaY.roa
File: fRf6I6WpTUE6vruOLpSIrNrRXaY.roa (raw, json)
Hash identifier: g0y+K5O46sSWcF1wJl6y7FrV36dpLO1N5QYjAA1fX08=
Subject key identifier: 7D:17:FA:23:A5:A9:4D:41:3A:BE:BB:8E:2E:94:88:AC:DA:D1:5D:A6
Certificate issuer: /CN=7c8c1371dd6afd5fd79ea984da3fbda1b94afe23
Certificate serial: 0182A6A2684A9D8012DEAB2FCF6A618A6996
Authority key identifier: 7C:8C:13:71:DD:6A:FD:5F:D7:9E:A9:84:DA:3F:BD:A1:B9:4A:FE:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fIwTcd1q_V_XnqmE2j-9oblK_iM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/fRf6I6WpTUE6vruOLpSIrNrRXaY.roa
Signing time: Tue 16 Aug 2022 12:30:37 +0000
ROA not before: Tue 16 Aug 2022 12:30:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210252
IP address blocks: 193.23.20.0/22 maxlen: 24
2a0d:5bc0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a6:a2:68:4a:9d:80:12:de:ab:2f:cf:6a:61:8a:69:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c8c1371dd6afd5fd79ea984da3fbda1b94afe23
Validity
Not Before: Aug 16 12:30:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d17fa23a5a94d413abebb8e2e9488acdad15da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:34:a3:46:40:61:cf:f6:1d:10:ff:de:7c:
89:91:6f:d0:62:ab:b0:c7:1f:86:6b:93:af:67:ca:
1e:5a:70:56:b6:9c:69:24:be:6f:cd:76:23:93:43:
2f:bc:71:72:de:33:c6:35:b7:d9:03:73:88:bc:63:
95:2f:42:04:d6:35:87:5a:b1:d8:5e:9b:82:22:5d:
6b:f9:2c:1b:c3:b5:12:1c:05:34:1a:c6:a0:d3:a9:
71:44:da:83:ab:70:67:ec:49:b0:72:d5:36:44:1c:
be:d1:7c:09:33:2a:68:67:a4:2c:b5:da:41:7b:fe:
94:1a:a8:4a:de:5b:3d:02:66:0b:67:83:d2:10:05:
33:f3:89:38:e0:b0:7b:62:4d:cc:60:ae:b8:e2:cb:
67:3b:52:1b:aa:58:aa:b8:73:f7:47:0d:00:d9:94:
09:15:25:36:4d:8c:64:40:4f:e8:88:21:68:44:c7:
ab:63:4f:89:54:3b:27:53:ab:c8:79:87:bc:27:d8:
3b:66:2d:b2:1d:ad:09:74:f9:80:23:90:24:36:1a:
d8:a9:2d:66:64:6a:93:7d:a4:3d:20:2c:aa:41:a1:
43:29:d8:a0:24:66:75:2e:68:b6:25:c6:12:2f:d0:
e5:75:61:b0:cf:3e:c1:8c:14:07:de:04:4f:9e:1b:
7a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:17:FA:23:A5:A9:4D:41:3A:BE:BB:8E:2E:94:88:AC:DA:D1:5D:A6
X509v3 Authority Key Identifier:
keyid:7C:8C:13:71:DD:6A:FD:5F:D7:9E:A9:84:DA:3F:BD:A1:B9:4A:FE:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fIwTcd1q_V_XnqmE2j-9oblK_iM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/fRf6I6WpTUE6vruOLpSIrNrRXaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e94652-1564-4d1b-8198-1ac5d8863082/1/fIwTcd1q_V_XnqmE2j-9oblK_iM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.20.0/22
IPv6:
2a0d:5bc0::/29
Signature Algorithm: sha256WithRSAEncryption
59:e1:89:9a:a1:03:b3:22:a3:8d:ba:f1:0f:fb:d3:2f:f0:64:
b7:a6:d6:aa:17:73:40:7b:d8:d7:52:28:5b:f0:b4:e5:5b:3c:
3e:ba:1b:73:04:a6:71:33:78:fd:77:95:5b:01:e4:3f:18:93:
2d:f8:86:5c:a6:ee:90:c1:6a:c2:22:3a:99:e4:e6:24:f1:52:
97:93:d7:74:8b:19:93:cc:a3:81:d7:b4:29:a2:f6:33:1e:1d:
29:19:5a:15:0d:68:12:cc:20:0a:2a:59:2d:93:43:20:7d:9b:
7f:6e:b0:58:c9:2b:1d:a6:ff:d1:12:15:f8:54:68:e7:eb:95:
cd:a4:a3:56:59:65:ce:60:11:e2:12:08:f3:e6:da:e9:cf:fa:
8d:51:6e:6e:70:92:49:e7:1e:c1:bd:15:74:08:9e:81:f8:dc:
16:71:ad:a9:c4:d2:86:8d:90:b8:14:70:fb:4e:c7:f0:bd:4d:
c9:4e:30:c6:1d:79:4f:a2:f9:ae:e5:0e:e7:79:cd:9d:29:b2:
1d:80:da:6b:c2:5c:3c:39:c2:b3:7c:c7:cf:67:27:9a:81:cb:
7d:56:f8:3b:8a:23:56:ac:a3:43:5c:27:1a:ca:68:98:4f:a8:
92:74:2c:de:19:9a:a1:9f:5a:ca:7c:7d:e5:65:ec:5b:ce:23:
cb:0f:ef:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYKmomhKnYAS3qsvz2phimmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjOGMxMzcxZGQ2YWZkNWZkNzllYTk4NGRhM2ZiZGExYjk0
YWZlMjMwHhcNMjIwODE2MTIzMDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE3ZmEyM2E1YTk0ZDQxM2FiZWJiOGUyZTk0ODhhY2RhZDE1ZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVs0o0ZAYc/2HRD/3nyJkW/QYquw
xx+Ga5OvZ8oeWnBWtpxpJL5vzXYjk0MvvHFy3jPGNbfZA3OIvGOVL0IE1jWHWrHY
XpuCIl1r+Swbw7USHAU0Gsag06lxRNqDq3Bn7EmwctU2RBy+0XwJMypoZ6QstdpB
e/6UGqhK3ls9AmYLZ4PSEAUz84k44LB7Yk3MYK644stnO1IbqliquHP3Rw0A2ZQJ
FSU2TYxkQE/oiCFoRMerY0+JVDsnU6vIeYe8J9g7Zi2yHa0JdPmAI5AkNhrYqS1m
ZGqTfaQ9ICyqQaFDKdigJGZ1Lmi2JcYSL9DldWGwzz7BjBQH3gRPnht6DwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH0X+iOlqU1BOr67ji6UiKza0V2mMB8GA1UdIwQY
MBaAFHyME3Hdav1f156phNo/vaG5Sv4jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkl3VGNkMXFfVl9YbnFtRTJqLTlvYmxLX2lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lOTQ2NTItMTU2NC00ZDFiLTgxOTgt
MWFjNWQ4ODYzMDgyLzEvZlJmNkk2V3BUVUU2dnJ1T0xwU0lyTnJSWGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lOTQ2NTItMTU2NC00ZDFiLTgxOTgtMWFjNWQ4ODYzMDgy
LzEvZkl3VGNkMXFfVl9YbnFtRTJqLTlvYmxLX2lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwRcUMA0E
AgACMAcDBQMqDVvAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ4YmaoQOzIqONuvEP+9Mv
8GS3ptaqF3NAe9jXUihb8LTlWzw+uhtzBKZxM3j9d5VbAeQ/GJMt+IZcpu6QwWrC
IjqZ5OYk8VKXk9d0ixmTzKOB17QpovYzHh0pGVoVDWgSzCAKKlktk0MgfZt/brBY
ySsdpv/REhX4VGjn65XNpKNWWWXOYBHiEgjz5trpz/qNUW5ucJJJ5x7BvRV0CJ6B
+NwWca2pxNKGjZC4FHD7TsfwvU3JTjDGHXlPovmu5Q7nec2dKbIdgNprwlw8OcKz
fMfPZyeagct9Vvg7iiNWrKNDXCcaymiYT6iSdCzeGZqhn1rKfH3lZexbziPLD++M
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:35 2023 by rpki-client on console-fra.rpki-client.org