Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/Pr5sgn6lBFTMokww5S2q4JCkCWE.roa
File: Pr5sgn6lBFTMokww5S2q4JCkCWE.roa (raw, json)
Hash identifier: aVzC5VcWtyFZwnObjS7QFQ2nRj/sxVESbzyyrpsLwF4=
Subject key identifier: 3E:BE:6C:82:7E:A5:04:54:CC:A2:4C:30:E5:2D:AA:E0:90:A4:09:61
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 0171E14D
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/Pr5sgn6lBFTMokww5S2q4JCkCWE.roa
Signing time: Wed 23 Feb 2022 07:54:59 +0000
ROA not before: Wed 23 Feb 2022 07:54:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203098
IP address blocks: 93.118.38.0/24 maxlen: 24
43.230.56.0/23 maxlen: 23
43.230.58.0/23 maxlen: 23
89.42.8.0/24 maxlen: 24
94.176.106.0/24 maxlen: 24
103.49.84.0/22 maxlen: 22
89.43.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24240461 (0x171e14d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Feb 23 07:54:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ebe6c827ea50454cca24c30e52daae090a40961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fc:fd:22:94:9b:e4:e6:68:0e:e8:33:76:8c:
8c:d5:c3:74:58:35:8a:02:7a:ec:93:0e:64:26:36:
d6:ed:e7:7b:2a:f2:ec:14:17:cf:06:72:74:3a:af:
79:f5:72:f1:00:fc:94:bf:83:92:a8:77:45:5e:0f:
60:e1:fd:eb:29:1a:c9:ec:4f:80:4f:0a:50:27:94:
b2:78:8a:76:c1:0b:7e:40:99:61:a5:ca:ae:c0:95:
f7:65:15:7a:dc:7c:24:26:c9:f4:75:d3:e9:68:94:
81:bb:b4:9b:0d:10:6d:f3:3e:7a:e8:a9:76:e0:33:
af:c3:9c:5d:e1:de:e8:3b:00:3e:07:50:78:f9:71:
65:cc:fd:c2:ed:d2:47:6e:ba:3c:0f:c1:c9:13:13:
bf:ce:f4:2a:49:e1:fc:09:bb:ec:b4:64:d8:72:17:
76:3f:0e:d8:9a:61:aa:1b:ec:2f:6d:b1:5a:18:72:
14:e8:11:0e:ce:d5:e7:64:4e:af:5a:78:25:8f:da:
60:2c:6b:26:5d:3f:f5:82:c4:1c:2e:59:38:81:3a:
bd:19:53:51:e9:ac:3a:48:f9:a2:b0:73:aa:b1:84:
7f:8a:38:d1:59:f9:d3:07:e9:d1:b8:6f:ca:d8:7c:
29:c5:43:3e:c5:03:b8:9c:12:41:ee:a2:70:45:bb:
2d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BE:6C:82:7E:A5:04:54:CC:A2:4C:30:E5:2D:AA:E0:90:A4:09:61
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/Pr5sgn6lBFTMokww5S2q4JCkCWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.56.0/22
89.42.8.0/24
89.43.32.0/24
93.118.38.0/24
94.176.106.0/24
103.49.84.0/22
Signature Algorithm: sha256WithRSAEncryption
94:22:96:b3:d1:96:a8:ea:a3:6a:0a:4c:41:a8:5f:b0:53:75:
61:f9:0f:70:2e:fe:f0:b3:82:a3:17:68:23:c9:20:12:fc:7d:
ba:13:68:ae:b3:58:34:04:10:fb:72:a8:47:4e:7c:4b:a0:3e:
c0:be:bc:54:1e:27:f2:a2:2e:4f:79:1f:c4:d4:c8:73:b6:0b:
ea:02:7c:b6:c1:e3:c8:fd:7f:c3:94:c5:ec:ec:a4:f3:aa:e0:
50:13:28:62:bc:e0:12:79:b8:ab:71:7c:24:99:42:1d:19:4a:
f1:9d:cb:07:ea:fd:b9:9b:41:68:e9:2f:4f:c4:33:e7:b5:c5:
fc:20:3a:e1:e9:c0:86:a8:f6:bb:44:ed:9c:a6:90:fe:88:ae:
bb:cb:ab:31:40:f6:44:2d:12:4f:cb:7b:f9:eb:db:cc:ce:75:
95:b9:85:e7:95:3c:9a:9e:aa:27:44:83:9c:bc:ad:25:9f:df:
b1:e9:07:41:f0:80:5e:bc:1b:4e:3c:65:a9:29:07:cb:a8:40:
3c:53:fe:fd:41:1a:c8:47:75:d2:61:9b:ef:2a:73:1c:64:37:
81:58:3f:0f:a1:09:d8:92:6b:d6:2c:f4:da:f5:1b:26:0a:8b:
f4:b1:85:a0:4c:ba:97:e4:e9:73:51:de:2c:86:6b:6f:14:ae:
eb:1a:e2:66
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEAXHhTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NWZiMzJkMjI2NmIxZjliY2U1N2NhYzk4YmMwMjQ3ZjJjOTE5N2YyMB4XDTIyMDIy
MzA3NTQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ViZTZjODI3ZWE1
MDQ1NGNjYTI0YzMwZTUyZGFhZTA5MGE0MDk2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ38/SKUm+TmaA7oM3aMjNXDdFg1igJ67JMOZCY21u3neyry
7BQXzwZydDqvefVy8QD8lL+Dkqh3RV4PYOH96ykayexPgE8KUCeUsniKdsELfkCZ
YaXKrsCV92UVetx8JCbJ9HXT6WiUgbu0mw0QbfM+euipduAzr8OcXeHe6DsAPgdQ
ePlxZcz9wu3SR266PA/ByRMTv870Kknh/Am77LRk2HIXdj8O2JphqhvsL22xWhhy
FOgRDs7V52ROr1p4JY/aYCxrJl0/9YLEHC5ZOIE6vRlTUemsOkj5orBzqrGEf4o4
0Vn50wfp0bhvyth8KcVDPsUDuJwSQe6icEW7LScCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ+vmyCfqUEVMyiTDDlLargkKQJYTAfBgNVHSMEGDAWgBT1+zLSJmsfm85X
ysmLwCR/LJGX8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzlmc3kwaVpySDV2T1Y4ckppOEFrZnl5UmxfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvZmI0MmVjLTEwYjQtNGRjZi1iZWYwLTJkMTQzZDdiODUzYy8x
L1ByNXNnbjZsQkZUTW9rd3c1UzJxNEpDa0NXRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
ZmI0MmVjLTEwYjQtNGRjZi1iZWYwLTJkMTQzZDdiODUzYy8xLzlmc3kwaVpySDV2
T1Y4ckppOEFrZnl5UmxfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAivmOAMEAFkqCAMEAFkrIAMEAF12
JgMEAF6wagMEAmcxVDANBgkqhkiG9w0BAQsFAAOCAQEAlCKWs9GWqOqjagpMQahf
sFN1YfkPcC7+8LOCoxdoI8kgEvx9uhNorrNYNAQQ+3KoR058S6A+wL68VB4n8qIu
T3kfxNTIc7YL6gJ8tsHjyP1/w5TF7Oyk86rgUBMoYrzgEnm4q3F8JJlCHRlK8Z3L
B+r9uZtBaOkvT8Qz57XF/CA64enAhqj2u0TtnKaQ/oiuu8urMUD2RC0ST8t7+evb
zM51lbmF55U8mp6qJ0SDnLytJZ/fsekHQfCAXrwbTjxlqSkHy6hAPFP+/UEayEd1
0mGb7ypzHGQ3gVg/D6EJ2JJr1iz02vUbJgqL9LGFoEy6l+Tpc1HeLIZrbxSu6xri
Zg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:15 2023 by rpki-client on console-ams.rpki-client.org