Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/xfReD74T14lWeM9r28753vv8Vw4.roa
File: xfReD74T14lWeM9r28753vv8Vw4.roa (raw, json)
Hash identifier: PZ+LG2G3AJuYd3o71iCdHClkx12zirpO2hs5+Uux+ak=
Subject key identifier: C5:F4:5E:0F:BE:13:D7:89:56:78:CF:6B:DB:CE:F9:DE:FB:FC:57:0E
Certificate issuer: /CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Certificate serial: 07CBE45E
Authority key identifier: 6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/xfReD74T14lWeM9r28753vv8Vw4.roa
Signing time: Sat 01 Jan 2022 15:07:04 +0000
ROA not before: Sat 01 Jan 2022 15:07:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2799
IP address blocks: 147.186.0.0/17 maxlen: 17
147.186.128.0/17 maxlen: 17
147.186.171.0/24 maxlen: 24
2001:67c:49c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130802782 (0x7cbe45e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Validity
Not Before: Jan 1 15:07:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5f45e0fbe13d7895678cf6bdbcef9defbfc570e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:5d:37:4e:d9:e3:4c:9f:3d:49:87:fc:56:
ae:94:68:5a:6c:ad:ce:94:b7:84:33:06:2a:13:54:
f7:5b:c3:1d:10:8c:60:cd:2f:e1:ba:97:e8:d7:82:
87:ac:7c:f5:68:9b:a9:ad:4e:98:26:2d:bd:a3:43:
51:3a:8b:fc:99:b4:be:74:cb:f0:5f:f7:ed:e2:b7:
2b:c5:b4:89:da:cb:42:1d:05:55:8d:08:86:81:9f:
47:02:3d:bc:4b:21:b9:b3:d5:8a:15:3c:61:b9:8d:
0c:d9:74:8d:af:d4:7c:5e:1c:06:88:8b:9c:46:99:
8b:db:53:c6:fe:a8:fe:7f:4f:01:4c:9e:11:ce:83:
78:ff:36:11:e6:94:1e:1c:9c:e4:4d:4c:5f:a5:a0:
fd:8c:93:3e:63:2e:a0:94:b2:71:b1:d8:1a:fd:e8:
7a:1f:9b:dd:60:30:09:d5:dd:d8:23:8f:37:9d:6c:
d9:be:0f:33:59:95:e5:57:b7:0e:03:70:ae:59:d8:
86:47:1e:41:bd:60:9a:61:25:ed:64:c2:ba:e1:b2:
11:88:37:98:e0:4e:a9:67:01:e6:90:e5:d0:aa:30:
e0:ad:8e:93:8b:9f:9e:e1:86:28:2a:c4:c9:0d:f0:
d6:98:39:0a:48:09:2c:5e:d3:0f:56:c9:11:15:51:
36:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F4:5E:0F:BE:13:D7:89:56:78:CF:6B:DB:CE:F9:DE:FB:FC:57:0E
X509v3 Authority Key Identifier:
keyid:6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/xfReD74T14lWeM9r28753vv8Vw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/b_sPm9w6L65HtH5wIYmTyRnxD7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.186.0.0/16
IPv6:
2001:67c:49c::/48
Signature Algorithm: sha256WithRSAEncryption
65:82:55:af:85:96:5e:37:7d:e7:ed:3f:2d:87:98:e7:ef:87:
d1:d6:3e:4f:42:8f:6e:b8:88:9d:34:e9:6c:b7:97:9e:9c:9f:
46:93:f9:99:b8:00:e7:b9:eb:ea:34:2e:e9:5e:21:c9:7c:23:
9c:37:04:cc:ec:df:c4:b0:f7:4f:96:fe:75:bb:63:fd:34:72:
a3:43:06:4b:ae:d8:c9:a0:f4:a8:c9:53:c8:93:93:76:50:c2:
e3:4b:38:db:21:97:a0:63:49:0c:e9:7b:db:10:05:cb:42:23:
61:0c:ff:77:d4:fb:73:38:ea:0c:6f:88:b8:dc:51:f5:e7:0d:
bb:a5:ce:71:44:b6:c0:00:cb:6d:ac:84:d3:ce:1b:25:ad:a6:
a0:d9:72:f6:4e:33:46:0b:b5:37:95:82:b8:96:9b:85:af:99:
df:49:a6:49:22:b2:98:98:ac:62:5a:ff:45:22:79:1e:b8:23:
70:38:69:33:10:63:4f:03:36:14:64:d1:5a:92:fa:08:01:27:
b9:82:1e:47:d7:97:f2:a5:2a:85:fd:f2:41:ee:91:9c:5e:a5:
5f:14:3a:98:7e:2a:04:fd:12:97:d7:4c:a7:b4:f5:19:7d:af:
f3:66:37:46:ba:d7:89:b3:cc:2f:d4:4a:d8:83:3e:83:a6:64:
b1:b0:8e:52
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEB8vkXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZmZiMGY5YmRjM2EyZmFlNDdiNDdlNzAyMTg5OTNjOTE5ZjEwZmIwMB4XDTIyMDEw
MTE1MDcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVmNDVlMGZiZTEz
ZDc4OTU2NzhjZjZiZGJjZWY5ZGVmYmZjNTcwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2GXTdO2eNMnz1Jh/xWrpRoWmytzpS3hDMGKhNU91vDHRCM
YM0v4bqX6NeCh6x89Wibqa1OmCYtvaNDUTqL/Jm0vnTL8F/37eK3K8W0idrLQh0F
VY0IhoGfRwI9vEshubPVihU8YbmNDNl0ja/UfF4cBoiLnEaZi9tTxv6o/n9PAUye
Ec6DeP82EeaUHhyc5E1MX6Wg/YyTPmMuoJSycbHYGv3oeh+b3WAwCdXd2COPN51s
2b4PM1mV5Ve3DgNwrlnYhkceQb1gmmEl7WTCuuGyEYg3mOBOqWcB5pDl0Kow4K2O
k4ufnuGGKCrEyQ3w1pg5CkgJLF7TD1bJERVRNu8CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBTF9F4PvhPXiVZ4z2vbzvne+/xXDjAfBgNVHSMEGDAWgBRv+w+b3Dovrke0
fnAhiZPJGfEPsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Jfc1BtOXc2TDY1SHRINXdJWW1UeVJueEQ3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvODRhY2RmLWJhODUtNGE4MS1hMzA2LWY5YWIzYjA1MjM0OS8x
L3hmUmVENzRUMTRsV2VNOXIyODc1M3Z2OFZ3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
ODRhY2RmLWJhODUtNGE4MS1hMzA2LWY5YWIzYjA1MjM0OS8xL2Jfc1BtOXc2TDY1
SHRINXdJWW1UeVJueEQ3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wCwQCAAEwBQMDAJO6MA8EAgACMAkDBwAgAQZ8BJww
DQYJKoZIhvcNAQELBQADggEBAGWCVa+Fll43feftPy2HmOfvh9HWPk9Cj264iJ00
6Wy3l56cn0aT+Zm4AOe56+o0LuleIcl8I5w3BMzs38Sw90+W/nW7Y/00cqNDBkuu
2Mmg9KjJU8iTk3ZQwuNLONshl6BjSQzpe9sQBctCI2EM/3fU+3M46gxviLjcUfXn
DbulznFEtsAAy22shNPOGyWtpqDZcvZOM0YLtTeVgriWm4Wvmd9JpkkispiYrGJa
/0UieR64I3A4aTMQY08DNhRk0VqS+ggBJ7mCHkfXl/KlKoX98kHukZxepV8UOph+
KgT9EpfXTKe09Rl9r/NmN0a614mzzC/UStiDPoOmZLGwjlI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:28 2024 by rpki-client on console-fra.rpki-client.org