Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/354430-54bc-455e-b0d1-7cd508f73364/1/fcSuM9Tk-mYVOzaXDBD823hRS7g.roa
File: fcSuM9Tk-mYVOzaXDBD823hRS7g.roa (raw, json)
Hash identifier: SGkCSbAtylpfNSOnbm4WZolxXGsI4ZgOhyNCYl4GjZ8=
Subject key identifier: 7D:C4:AE:33:D4:E4:FA:66:15:3B:36:97:0C:10:FC:DB:78:51:4B:B8
Certificate issuer: /CN=8f9a4670146ad880f14bada4b2762b613ddf1d18
Certificate serial: 018236ACB1059BA71C65F55A9F4EB186A528
Authority key identifier: 8F:9A:46:70:14:6A:D8:80:F1:4B:AD:A4:B2:76:2B:61:3D:DF:1D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j5pGcBRq2IDxS62ksnYrYT3fHRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/354430-54bc-455e-b0d1-7cd508f73364/1/fcSuM9Tk-mYVOzaXDBD823hRS7g.roa
Signing time: Mon 25 Jul 2022 18:44:23 +0000
ROA not before: Mon 25 Jul 2022 18:44:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60901
IP address blocks: 185.241.87.0/24 maxlen: 24
185.241.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:36:ac:b1:05:9b:a7:1c:65:f5:5a:9f:4e:b1:86:a5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f9a4670146ad880f14bada4b2762b613ddf1d18
Validity
Not Before: Jul 25 18:44:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7dc4ae33d4e4fa66153b36970c10fcdb78514bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c4:a1:29:4e:d6:d5:1e:02:3a:5c:e6:7a:9c:
09:db:86:58:7e:e4:69:50:50:7e:fa:54:29:80:49:
48:7d:5a:34:51:98:b7:ca:7c:d8:da:50:ff:54:0e:
30:9e:00:36:da:99:95:20:5b:b0:cc:0a:96:cc:99:
28:39:38:38:ce:b3:af:20:e3:0b:3e:97:91:a9:6b:
18:22:91:d2:00:88:5d:a0:6d:79:57:3f:f8:98:51:
5a:4e:5f:6d:94:ab:1d:55:28:08:9a:84:7e:97:9a:
1b:58:f7:5a:be:1a:17:46:9d:b1:de:71:76:45:9d:
86:4d:ed:c5:99:6c:87:ed:60:74:d3:b1:e0:d6:79:
81:46:1d:9b:ca:47:51:0d:65:4d:68:03:0a:1d:12:
dc:88:f5:de:f3:83:1b:8a:ba:62:e3:53:9b:c2:19:
42:c0:38:c0:6c:a5:49:39:6b:cf:fc:4c:84:31:fb:
52:08:d0:e0:69:a7:4a:8e:97:40:23:2f:8f:f8:07:
cc:73:6c:a1:ed:c4:ac:3a:83:2b:be:52:ea:a3:14:
f8:74:81:e2:86:cb:15:2d:99:2c:1e:2c:39:02:49:
bd:40:af:7b:30:2e:a9:74:3f:8b:3d:25:28:ce:11:
15:a0:38:42:37:a9:64:6c:65:5b:f6:f6:7b:1a:a5:
2f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C4:AE:33:D4:E4:FA:66:15:3B:36:97:0C:10:FC:DB:78:51:4B:B8
X509v3 Authority Key Identifier:
keyid:8F:9A:46:70:14:6A:D8:80:F1:4B:AD:A4:B2:76:2B:61:3D:DF:1D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j5pGcBRq2IDxS62ksnYrYT3fHRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/354430-54bc-455e-b0d1-7cd508f73364/1/fcSuM9Tk-mYVOzaXDBD823hRS7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/354430-54bc-455e-b0d1-7cd508f73364/1/j5pGcBRq2IDxS62ksnYrYT3fHRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.86.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:db:0f:84:84:9b:f1:9e:9b:4f:c1:65:e0:48:e8:cf:7e:b3:
d5:79:e2:67:45:24:65:db:21:61:3a:4a:e8:00:aa:ae:ab:87:
97:be:85:4f:b3:fc:3f:5c:ea:1d:04:30:aa:1f:32:28:bf:e6:
f2:57:be:8b:cb:e5:a0:51:27:61:f2:cd:6e:d4:1f:ad:6a:ea:
5f:d4:fe:6d:39:90:e6:8f:2f:fd:5b:a2:86:17:db:f3:b8:ee:
5a:e2:4f:87:86:f6:db:9e:d4:77:dd:7d:78:22:40:68:c5:b2:
21:ea:38:05:d6:22:a1:d7:25:26:dc:19:15:0c:bf:c1:9e:77:
58:b6:85:65:18:57:d7:fd:39:18:29:cf:a6:ad:08:54:a4:9c:
1e:53:26:a1:8e:c8:4c:f4:96:a0:de:40:27:e6:b4:72:79:10:
28:29:1a:06:2f:ad:d4:2b:c5:eb:72:f3:0d:a2:6e:31:d8:d5:
50:be:fc:dd:32:9e:20:a2:86:12:dd:9c:41:03:1a:ef:7c:f8:
61:6c:3e:44:e4:77:d1:3d:d6:fe:e6:b3:d3:97:51:be:cf:b6:
de:a4:33:47:b4:9a:6e:7c:30:38:53:ee:5e:bf:2d:f8:e7:88:
90:bd:3c:1d:4d:93:39:61:3a:c4:d3:f6:8b:47:01:c2:7f:fa:
9a:1c:73:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYI2rLEFm6ccZfVan06xhqUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOWE0NjcwMTQ2YWQ4ODBmMTRiYWRhNGIyNzYyYjYxM2Rk
ZjFkMTgwHhcNMjIwNzI1MTg0NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM0YWUzM2Q0ZTRmYTY2MTUzYjM2OTcwYzEwZmNkYjc4NTE0YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8ShKU7W1R4COlzmepwJ24ZYfuRp
UFB++lQpgElIfVo0UZi3ynzY2lD/VA4wngA22pmVIFuwzAqWzJkoOTg4zrOvIOML
PpeRqWsYIpHSAIhdoG15Vz/4mFFaTl9tlKsdVSgImoR+l5obWPdavhoXRp2x3nF2
RZ2GTe3FmWyH7WB007Hg1nmBRh2bykdRDWVNaAMKHRLciPXe84Mbirpi41ObwhlC
wDjAbKVJOWvP/EyEMftSCNDgaadKjpdAIy+P+AfMc2yh7cSsOoMrvlLqoxT4dIHi
hssVLZksHiw5Akm9QK97MC6pdD+LPSUozhEVoDhCN6lkbGVb9vZ7GqUvhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH3ErjPU5PpmFTs2lwwQ/Nt4UUu4MB8GA1UdIwQY
MBaAFI+aRnAUatiA8UutpLJ2K2E93x0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajVwR2NCUnEySUR4UzYya3NuWXJZVDNmSFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zNTQ0MzAtNTRiYy00NTVlLWIwZDEt
N2NkNTA4ZjczMzY0LzEvZmNTdU05VGstbVlWT3phWERCRDgyM2hSUzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zNTQ0MzAtNTRiYy00NTVlLWIwZDEtN2NkNTA4ZjczMzY0
LzEvajVwR2NCUnEySUR4UzYya3NuWXJZVDNmSFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufFWMA0G
CSqGSIb3DQEBCwUAA4IBAQAu2w+EhJvxnptPwWXgSOjPfrPVeeJnRSRl2yFhOkro
AKquq4eXvoVPs/w/XOodBDCqHzIov+byV76Ly+WgUSdh8s1u1B+taupf1P5tOZDm
jy/9W6KGF9vzuO5a4k+HhvbbntR33X14IkBoxbIh6jgF1iKh1yUm3BkVDL/BnndY
toVlGFfX/TkYKc+mrQhUpJweUyahjshM9Jag3kAn5rRyeRAoKRoGL63UK8XrcvMN
om4x2NVQvvzdMp4gooYS3ZxBAxrvfPhhbD5E5HfRPdb+5rPTl1G+z7bepDNHtJpu
fDA4U+5evy3454iQvTwdTZM5YTrE0/aLRwHCf/qaHHMB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:23 2023 by rpki-client on console-ams.rpki-client.org