Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/fIcan7T-VUO4LfzUT6ogSNshXV0.roa
File: fIcan7T-VUO4LfzUT6ogSNshXV0.roa (raw, json)
Hash identifier: IaxFpvGuclQXXuOFC3dvPlAo8Y9zi2lmafoXAKauaio=
Subject key identifier: 7C:87:1A:9F:B4:FE:55:43:B8:2D:FC:D4:4F:AA:20:48:DB:21:5D:5D
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 0182808034540058F8FDF22BEC766C1AB723
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/fIcan7T-VUO4LfzUT6ogSNshXV0.roa
Signing time: Tue 09 Aug 2022 02:47:41 +0000
ROA not before: Tue 09 Aug 2022 02:47:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50532
IP address blocks: 85.234.102.0/23 maxlen: 24
85.234.114.0/23 maxlen: 24
2a0a:6f40:2::/47 maxlen: 48
2a0a:6f40:4::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:80:80:34:54:00:58:f8:fd:f2:2b:ec:76:6c:1a:b7:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Aug 9 02:47:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c871a9fb4fe5543b82dfcd44faa2048db215d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:58:ef:bb:d2:a0:90:d6:01:8c:5d:86:04:73:
a5:89:6a:0d:2f:7c:1f:eb:7c:8e:d3:b1:8b:0e:f2:
f0:6e:6f:84:9a:1e:f6:e0:45:6d:20:3a:47:88:c5:
4b:d1:73:3e:ae:13:f8:9d:34:c3:e7:7f:5e:e7:65:
b1:80:91:fc:4b:72:04:38:b7:2f:7a:9b:12:14:42:
75:ff:1b:3f:74:b6:a7:04:11:7f:3a:6e:de:b2:e6:
cf:60:23:cc:a6:40:db:ba:28:70:14:52:fd:ba:bf:
d9:66:b4:08:2e:4f:e1:38:0a:9a:56:24:6a:26:42:
6b:d8:8e:a3:39:5c:ce:12:d2:f2:a1:60:6a:fe:83:
16:57:96:4f:85:16:33:71:42:a0:00:ec:34:8f:63:
1f:f5:35:9b:f3:d9:01:df:19:9c:63:9f:bb:5b:f1:
f4:88:79:6c:f6:df:1b:8e:37:9e:31:d8:31:01:43:
c0:1e:83:6e:88:02:ca:b8:66:8c:46:ac:3a:e3:ca:
21:2e:88:80:e5:47:58:d8:94:02:0f:a4:f1:e8:ab:
29:a5:00:d2:73:75:a5:8f:a8:30:83:6d:40:4b:a6:
95:13:17:e7:d2:8d:43:31:76:a1:37:59:b7:76:33:
fa:69:09:e4:b7:fa:02:c5:61:52:7b:c5:a4:d6:9a:
88:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:87:1A:9F:B4:FE:55:43:B8:2D:FC:D4:4F:AA:20:48:DB:21:5D:5D
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/fIcan7T-VUO4LfzUT6ogSNshXV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.102.0/23
85.234.114.0/23
IPv6:
2a0a:6f40:2::-2a0a:6f40:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9f:15:8e:7d:9c:d9:a7:eb:20:3f:b8:f2:99:9f:05:ea:fe:e7:
e9:fc:61:7c:06:03:c4:f5:d5:c0:57:d2:07:8f:b8:0b:89:3c:
f0:b9:2e:b8:d2:4d:35:ba:20:86:96:68:88:7a:18:9d:9a:3c:
93:9b:ac:2d:06:22:5d:56:21:e5:1c:76:7f:95:e9:61:65:ef:
1f:97:ab:e1:a3:0f:60:d6:09:c5:95:3d:25:fc:95:cf:d4:24:
ac:b0:d6:a2:7c:64:37:ca:e7:42:6d:ef:a1:3b:99:8b:67:ba:
42:d3:ac:a7:b6:ce:7b:35:20:75:6d:cd:7d:09:5f:2b:e1:f0:
86:ca:d0:fc:ca:4a:a0:47:c7:3b:51:31:fc:e0:5e:a4:30:cc:
fd:e9:f1:6d:5b:7a:55:e5:57:c0:60:4e:a8:5b:de:61:84:43:
7b:c4:a1:2d:f8:48:db:89:5e:05:e1:4e:f9:0e:f6:b4:af:b5:
68:aa:0e:12:55:4b:76:0a:00:1e:4e:b4:c5:2b:05:8f:61:10:
00:c0:6a:4b:a5:bd:6c:59:f9:92:84:d9:8b:05:86:b1:37:3f:
00:fa:a7:78:21:1f:2d:6b:c6:db:1b:59:33:ed:75:13:32:d8:
ee:d5:db:0a:59:a6:fe:6e:e4:b6:01:38:a3:e8:a7:65:90:0f:
d4:fe:30:23
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYKAgDRUAFj4/fIr7HZsGrcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjIwODA5MDI0NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzg3MWE5ZmI0ZmU1NTQzYjgyZGZjZDQ0ZmFhMjA0OGRiMjE1ZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiljvu9KgkNYBjF2GBHOliWoNL3wf
63yO07GLDvLwbm+Emh724EVtIDpHiMVL0XM+rhP4nTTD539e52WxgJH8S3IEOLcv
epsSFEJ1/xs/dLanBBF/Om7esubPYCPMpkDbuihwFFL9ur/ZZrQILk/hOAqaViRq
JkJr2I6jOVzOEtLyoWBq/oMWV5ZPhRYzcUKgAOw0j2Mf9TWb89kB3xmcY5+7W/H0
iHls9t8bjjeeMdgxAUPAHoNuiALKuGaMRqw648ohLoiA5UdY2JQCD6Tx6KsppQDS
c3Wlj6gwg21AS6aVExfn0o1DMXahN1m3djP6aQnkt/oCxWFSe8Wk1pqIhQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHyHGp+0/lVDuC381E+qIEjbIV1dMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvZkljYW43VC1WVU80TGZ6VVQ2b2dTTnNoWFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQBVepmAwQB
VepyMBoEAgACMBQwEgMHASoKb0AAAgMHASoKb0AABDANBgkqhkiG9w0BAQsFAAOC
AQEAnxWOfZzZp+sgP7jymZ8F6v7n6fxhfAYDxPXVwFfSB4+4C4k88LkuuNJNNbog
hpZoiHoYnZo8k5usLQYiXVYh5Rx2f5XpYWXvH5er4aMPYNYJxZU9JfyVz9QkrLDW
onxkN8rnQm3voTuZi2e6QtOsp7bOezUgdW3NfQlfK+HwhsrQ/MpKoEfHO1Ex/OBe
pDDM/enxbVt6VeVXwGBOqFveYYRDe8ShLfhI24leBeFO+Q72tK+1aKoOElVLdgoA
Hk60xSsFj2EQAMBqS6W9bFn5koTZiwWGsTc/APqneCEfLWvG2xtZM+11EzLY7tXb
Clmm/m7ktgE4o+inZZAP1P4wIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org