Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/FencQv3evZ3kg8vhB3lLo5WDlpA.roa
File: FencQv3evZ3kg8vhB3lLo5WDlpA.roa (raw, json)
Hash identifier: FNT8hxqT7fpWb3f73Sn5aZT9wL40GsiPTRx5t32zgnw=
Subject key identifier: 15:E9:DC:42:FD:DE:BD:9D:E4:83:CB:E1:07:79:4B:A3:95:83:96:90
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 0184AF4CB6AF62D174BA7E6DC5BF72E9954C
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/FencQv3evZ3kg8vhB3lLo5WDlpA.roa
Signing time: Fri 25 Nov 2022 14:59:11 +0000
ROA not before: Fri 25 Nov 2022 14:59:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56887
IP address blocks: 31.131.44.0/23 maxlen: 24
194.40.205.0/24 maxlen: 24
194.40.204.0/24 maxlen: 24
194.40.206.0/24 maxlen: 24
194.40.207.0/24 maxlen: 24
176.124.72.0/22 maxlen: 22
176.124.76.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:af:4c:b6:af:62:d1:74:ba:7e:6d:c5:bf:72:e9:95:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Nov 25 14:59:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=15e9dc42fddebd9de483cbe107794ba395839690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1f:e0:5f:06:40:2a:d0:8a:b7:e3:c9:fd:1e:
30:fc:23:74:ec:62:08:79:5b:a9:64:1a:22:8d:84:
a3:87:34:87:37:67:f1:64:8c:d9:7d:19:68:ac:e6:
d8:47:02:40:46:45:f8:62:2b:d2:6f:d2:e1:72:2b:
5b:b9:60:b9:e7:81:69:65:88:6f:ed:ab:64:c6:4b:
20:fc:81:fc:89:19:43:b7:20:00:b5:45:86:69:a5:
bc:32:aa:99:a7:e7:85:80:14:e6:59:25:c7:c0:ee:
c4:9f:bf:c5:82:b7:a5:82:26:2a:6b:c1:b8:67:f2:
dd:fe:35:21:94:aa:a5:a5:7a:39:6f:1f:2d:1f:4b:
6c:27:d9:a6:fa:5c:51:ce:c2:ea:62:ed:1a:4d:d5:
16:d3:1e:25:82:c5:cd:77:90:76:f1:05:0d:80:14:
ff:62:0f:41:29:1d:27:eb:e1:fd:c2:e0:8d:4a:1e:
fc:92:56:0e:00:f8:ae:ae:11:2b:03:91:41:ef:89:
63:11:f5:7f:9b:6d:75:15:44:ed:8b:29:5a:5d:f4:
a0:5a:2b:0b:a4:60:cb:f8:4d:c8:7e:71:06:ed:f8:
53:d6:7d:54:97:24:81:78:fe:51:d2:be:f1:b6:ef:
7e:9b:53:bf:72:1b:81:41:8a:50:c0:75:15:bd:c3:
86:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:E9:DC:42:FD:DE:BD:9D:E4:83:CB:E1:07:79:4B:A3:95:83:96:90
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/FencQv3evZ3kg8vhB3lLo5WDlpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.44.0/23
176.124.72.0/21
194.40.204.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:e8:17:fd:9b:81:d0:c8:30:a4:09:40:ef:fe:27:48:ed:1c:
fe:d1:aa:9b:13:8c:df:11:3d:89:ea:e2:c1:01:4b:4e:b5:84:
e6:5e:33:da:47:97:df:37:d1:3c:77:23:d5:a3:7a:de:38:fe:
f8:c2:90:db:14:f0:7e:ac:ab:3a:61:37:b0:60:92:6c:2b:30:
63:1e:bf:e5:1a:22:09:cd:3a:bb:c4:fb:62:2d:b3:25:76:02:
3e:37:3d:e6:ec:93:e2:a6:e7:34:30:97:ef:b7:7b:78:0a:0e:
03:95:a2:66:79:07:f5:ef:bb:e6:f0:ab:fc:3a:6a:0e:ef:05:
b8:c9:5f:f7:c2:ea:2f:4a:e6:3c:3e:58:e9:08:3d:82:28:90:
34:47:c7:6a:9d:0e:1f:d2:75:0f:bf:7d:ed:af:bd:db:10:f4:
9f:b8:33:4a:3c:b5:75:bf:27:4c:55:a9:a8:92:07:13:0b:24:
9e:47:43:66:6e:cf:e0:63:dc:ef:09:86:ba:cb:7f:b6:1c:6d:
d8:6b:cb:57:77:34:11:cc:7a:7d:e9:cd:45:1f:40:e6:56:23:
12:ca:63:a3:64:5f:42:16:bf:08:52:83:44:ab:1a:bc:cd:69:
13:51:8a:ea:62:d9:fa:a4:dd:7d:5b:e2:5d:90:49:a0:d4:65:
dc:3a:64:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSvTLavYtF0un5txb9y6ZVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjIxMTI1MTQ1OTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWU5ZGM0MmZkZGViZDlkZTQ4M2NiZTEwNzc5NGJhMzk1ODM5NjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR/gXwZAKtCKt+PJ/R4w/CN07GII
eVupZBoijYSjhzSHN2fxZIzZfRlorObYRwJARkX4YivSb9LhcitbuWC554FpZYhv
7atkxksg/IH8iRlDtyAAtUWGaaW8MqqZp+eFgBTmWSXHwO7En7/FgrelgiYqa8G4
Z/Ld/jUhlKqlpXo5bx8tH0tsJ9mm+lxRzsLqYu0aTdUW0x4lgsXNd5B28QUNgBT/
Yg9BKR0n6+H9wuCNSh78klYOAPiurhErA5FB74ljEfV/m211FUTtiylaXfSgWisL
pGDL+E3IfnEG7fhT1n1UlySBeP5R0r7xtu9+m1O/chuBQYpQwHUVvcOG6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBXp3EL93r2d5IPL4Qd5S6OVg5aQMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvRmVuY1F2M2V2WjNrZzh2aEIzbExvNVdEbHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH4MsAwQD
sHxIAwQCwijMMA0GCSqGSIb3DQEBCwUAA4IBAQBs6Bf9m4HQyDCkCUDv/idI7Rz+
0aqbE4zfET2J6uLBAUtOtYTmXjPaR5ffN9E8dyPVo3reOP74wpDbFPB+rKs6YTew
YJJsKzBjHr/lGiIJzTq7xPtiLbMldgI+Nz3m7JPipuc0MJfvt3t4Cg4DlaJmeQf1
77vm8Kv8OmoO7wW4yV/3wuovSuY8PljpCD2CKJA0R8dqnQ4f0nUPv33tr73bEPSf
uDNKPLV1vydMVamokgcTCySeR0Nmbs/gY9zvCYa6y3+2HG3Ya8tXdzQRzHp96c1F
H0DmViMSymOjZF9CFr8IUoNEqxq8zWkTUYrqYtn6pN19W+JdkEmg1GXcOmTh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org