Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/FLgIps7rSuvhPrGIcbnPmjtsbRA.roa
File: FLgIps7rSuvhPrGIcbnPmjtsbRA.roa (raw, json)
Hash identifier: sE2ipGzn8dbYixiBgb5jQBBsUjllaMgkfyydgEXeT5s=
Subject key identifier: 14:B8:08:A6:CE:EB:4A:EB:E1:3E:B1:88:71:B9:CF:9A:3B:6C:6D:10
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0184A35CC33C7514E98642974304C172D495
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/FLgIps7rSuvhPrGIcbnPmjtsbRA.roa
Signing time: Wed 23 Nov 2022 07:21:16 +0000
ROA not before: Wed 23 Nov 2022 07:21:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38136
IP address blocks: 188.214.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:5c:c3:3c:75:14:e9:86:42:97:43:04:c1:72:d4:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 23 07:21:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14b808a6ceeb4aebe13eb18871b9cf9a3b6c6d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:af:5b:0f:fe:67:d4:31:9b:62:40:07:d2:3f:
8b:49:19:ff:7f:dd:4d:7f:2a:7b:b0:5d:f3:08:35:
97:bc:ef:ef:93:76:1c:a2:4e:eb:50:2b:20:b2:b9:
3a:f6:be:fc:87:38:07:fe:0d:28:d3:40:dd:23:b0:
7d:73:f5:f8:b5:58:ff:80:e0:83:df:99:cc:21:1a:
48:95:b0:e8:64:42:9f:4b:de:83:16:5e:1f:43:1e:
5d:a8:b3:ff:ed:16:d5:9a:fe:a1:29:03:16:18:e3:
8e:2e:3c:a0:dd:c5:5f:e2:45:09:22:ab:fd:0a:7a:
ee:8c:0e:7a:3c:b7:53:02:64:86:8e:32:5f:d2:ad:
25:93:30:c2:2d:a6:e2:6b:d6:df:20:b5:8a:ad:73:
f3:9d:b7:13:ab:6a:1e:2e:24:c4:05:28:83:d2:d9:
37:6c:fa:4d:8f:6e:ad:33:6c:ff:22:79:1d:1c:93:
a3:70:01:dc:46:49:0d:91:df:66:8c:db:7b:a7:0d:
fb:ee:48:87:d8:8c:e8:1a:1c:bb:84:35:68:ed:d1:
74:14:9c:1d:85:9b:77:3f:ea:1c:72:cd:87:31:23:
05:2f:c6:85:04:47:e7:ef:21:1c:3b:37:42:b5:8d:
85:94:d5:c0:3a:d9:2c:aa:0a:19:0a:4d:5e:0d:23:
c7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B8:08:A6:CE:EB:4A:EB:E1:3E:B1:88:71:B9:CF:9A:3B:6C:6D:10
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/FLgIps7rSuvhPrGIcbnPmjtsbRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.236.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:2a:e4:75:db:f3:8c:9e:40:d5:00:4b:b0:32:40:93:e5:e6:
de:04:e7:76:56:aa:91:8c:d2:1d:61:b0:8f:19:23:7d:a4:c7:
4c:24:fb:5e:b0:93:06:26:35:c3:9a:79:9c:3a:8b:61:ef:cc:
ab:3f:2a:bd:5b:82:d7:7d:ef:03:8d:3b:dd:83:3b:ee:56:23:
12:82:08:4f:8a:d0:5f:65:ce:1a:1a:84:ae:d6:f1:65:44:19:
d0:12:b2:e9:32:03:4c:53:3d:07:f9:ce:8d:44:c3:3e:dd:2f:
4d:13:48:ea:e6:3a:89:88:24:80:c2:c1:4c:e7:62:f7:84:fe:
4d:4b:71:41:77:6b:8e:f6:53:6e:76:82:e0:17:f7:3e:cd:47:
fb:0b:ab:82:5f:ba:a1:aa:48:e5:e7:71:bd:f1:2b:99:97:2a:
23:57:5b:88:13:b2:07:6f:0e:5a:c2:b7:bd:a3:ad:1e:7c:96:
5b:07:2c:d3:c9:57:80:4c:8c:fc:0e:80:fb:ba:c5:93:a0:57:
37:15:11:22:95:c6:45:78:96:20:fe:24:5d:68:7e:88:4c:1d:
a2:cf:54:ee:d0:d3:74:44:61:f8:5a:f0:d7:c6:9a:13:11:49:
df:9b:61:de:95:3e:3e:e2:04:c7:ed:0d:fe:df:d1:2b:d7:0e:
ba:62:09:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSjXMM8dRTphkKXQwTBctSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIxMTIzMDcyMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGI4MDhhNmNlZWI0YWViZTEzZWIxODg3MWI5Y2Y5YTNiNmM2ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0q9bD/5n1DGbYkAH0j+LSRn/f91N
fyp7sF3zCDWXvO/vk3Ycok7rUCsgsrk69r78hzgH/g0o00DdI7B9c/X4tVj/gOCD
35nMIRpIlbDoZEKfS96DFl4fQx5dqLP/7RbVmv6hKQMWGOOOLjyg3cVf4kUJIqv9
CnrujA56PLdTAmSGjjJf0q0lkzDCLabia9bfILWKrXPznbcTq2oeLiTEBSiD0tk3
bPpNj26tM2z/InkdHJOjcAHcRkkNkd9mjNt7pw377kiH2IzoGhy7hDVo7dF0FJwd
hZt3P+occs2HMSMFL8aFBEfn7yEcOzdCtY2FlNXAOtksqgoZCk1eDSPHqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBS4CKbO60rr4T6xiHG5z5o7bG0QMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvRkxnSXBzN3JTdXZoUHJHSWNiblBtanRzYlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNbsMA0G
CSqGSIb3DQEBCwUAA4IBAQALKuR12/OMnkDVAEuwMkCT5ebeBOd2VqqRjNIdYbCP
GSN9pMdMJPtesJMGJjXDmnmcOoth78yrPyq9W4LXfe8DjTvdgzvuViMSgghPitBf
Zc4aGoSu1vFlRBnQErLpMgNMUz0H+c6NRMM+3S9NE0jq5jqJiCSAwsFM52L3hP5N
S3FBd2uO9lNudoLgF/c+zUf7C6uCX7qhqkjl53G98SuZlyojV1uIE7IHbw5awre9
o60efJZbByzTyVeATIz8DoD7usWToFc3FREilcZFeJYg/iRdaH6ITB2iz1Tu0NN0
RGH4WvDXxpoTEUnfm2HelT4+4gTH7Q3+39Er1w66YgnI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-ams.rpki-client.org