Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/_FQeX7Ve965GoAQj_MlaU7wHu6U.roa
File: _FQeX7Ve965GoAQj_MlaU7wHu6U.roa (raw, json)
Hash identifier: QVsWAcO4GOi3y71fjQyywQhq1m29zeOgLHFEGdinymA=
Subject key identifier: FC:54:1E:5F:B5:5E:F7:AE:46:A0:04:23:FC:C9:5A:53:BC:07:BB:A5
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 0C7C9E3B
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/_FQeX7Ve965GoAQj_MlaU7wHu6U.roa
Signing time: Sat 01 Jan 2022 14:02:37 +0000
ROA not before: Sat 01 Jan 2022 14:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34878
IP address blocks: 141.52.0.0/16 maxlen: 16
129.13.0.0/16 maxlen: 16
141.3.0.0/16 maxlen: 16
2a00:1398::/29 maxlen: 29
2a00:1398::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209493563 (0xc7c9e3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 14:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc541e5fb55ef7ae46a00423fcc95a53bc07bba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e4:9a:4b:64:dd:2d:fa:88:fa:db:49:98:cc:
7e:50:b6:02:06:d8:62:41:bb:fe:c3:ee:f2:97:5a:
71:42:a3:4c:2a:bf:87:7f:28:ca:a5:b8:1f:26:11:
12:5e:91:47:c7:d6:0d:6b:c1:3a:7a:5f:65:2f:0d:
24:85:e0:34:e4:2f:45:d0:e8:53:65:ef:ba:1d:0e:
cd:28:cc:c0:a7:cf:c9:43:47:d0:f8:05:dc:5d:5d:
29:b1:22:9c:69:79:fb:bb:33:a5:4a:c0:f0:67:30:
e6:8a:e0:0d:24:13:26:76:11:b1:aa:77:dc:66:93:
a9:17:e7:10:3c:39:a2:9d:a8:52:1b:cb:f1:c5:c8:
78:66:1c:55:46:f0:6e:ed:58:34:ea:db:2c:d7:06:
16:5f:44:30:d9:c4:56:5d:f1:29:01:16:3c:6d:14:
8b:6a:32:c5:eb:f3:22:97:09:6e:23:0d:58:90:14:
d1:37:e0:60:50:23:8d:b1:31:b5:00:f2:ca:67:f7:
36:d0:71:74:dc:53:1b:2c:8f:8d:12:0b:fb:10:36:
26:cd:15:74:d8:2c:50:aa:ca:64:45:1d:0e:51:56:
48:a4:c5:49:8c:e9:57:d9:19:30:de:80:c3:c2:9d:
25:d0:48:24:3d:7d:0c:a9:f2:1f:10:41:46:cf:61:
9a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:54:1E:5F:B5:5E:F7:AE:46:A0:04:23:FC:C9:5A:53:BC:07:BB:A5
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/_FQeX7Ve965GoAQj_MlaU7wHu6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.13.0.0/16
141.3.0.0/16
141.52.0.0/16
IPv6:
2a00:1398::/29
Signature Algorithm: sha256WithRSAEncryption
12:5d:9a:06:69:e1:ca:14:38:38:50:d4:f8:e3:a5:27:1c:ec:
15:21:07:84:60:78:7b:e0:f4:18:8d:1d:2f:fd:4c:07:fd:22:
ed:f5:1f:ae:6f:21:56:62:e2:13:3b:3f:4d:dd:e2:bc:e4:cb:
d8:03:f3:e8:4a:ed:05:e5:e2:ae:31:9a:aa:0a:1e:a1:9c:6b:
22:58:9c:4e:bc:8d:84:a4:33:d1:26:bb:3d:7d:33:24:f1:27:
64:a5:c8:f8:37:ae:ae:da:2f:81:bd:20:e0:fc:ad:46:d4:99:
7e:b0:6d:ce:41:3e:a2:41:49:5f:a0:4b:c9:69:eb:6f:5d:5e:
de:2d:15:8a:ad:a4:18:8c:ed:98:36:84:5b:2a:10:b9:0e:85:
60:3a:4b:ab:75:d2:65:c8:b0:e5:13:1d:e3:53:12:a2:02:d1:
30:8d:07:63:44:f4:66:ae:a1:7f:82:27:9d:c2:3f:1e:0b:05:
25:55:a2:9d:60:46:f0:ee:bd:f1:48:01:e1:00:58:65:ae:66:
ed:f3:57:eb:d4:8d:37:d3:ce:77:fe:f4:da:9f:7a:c1:ac:99:
26:73:d8:f2:fe:6c:11:9e:19:e1:58:bc:f3:e7:d3:85:e7:f0:
70:b5:7d:3f:3e:9e:b9:6a:ea:2a:f2:ca:13:9d:80:54:35:1d:
fe:d6:56:c6
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEDHyeOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWIxNzg4ZmUyMjBlNDY0MzQ2OTJkMWNjNDM3MDcyZDc5MmQ3ODg4MB4XDTIyMDEw
MTE0MDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM1NDFlNWZiNTVl
ZjdhZTQ2YTAwNDIzZmNjOTVhNTNiYzA3YmJhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPkmktk3S36iPrbSZjMflC2AgbYYkG7/sPu8pdacUKjTCq/
h38oyqW4HyYREl6RR8fWDWvBOnpfZS8NJIXgNOQvRdDoU2Xvuh0OzSjMwKfPyUNH
0PgF3F1dKbEinGl5+7szpUrA8Gcw5orgDSQTJnYRsap33GaTqRfnEDw5op2oUhvL
8cXIeGYcVUbwbu1YNOrbLNcGFl9EMNnEVl3xKQEWPG0Ui2oyxevzIpcJbiMNWJAU
0TfgYFAjjbExtQDyymf3NtBxdNxTGyyPjRIL+xA2Js0VdNgsUKrKZEUdDlFWSKTF
SYzpV9kZMN6Aw8KdJdBIJD19DKnyHxBBRs9hmmkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBT8VB5ftV73rkagBCP8yVpTvAe7pTAfBgNVHSMEGDAWgBQ+sXiP4iDkZDRp
LRzENwcteS14iDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ByRjRqLUlnNUdRMGFTMGN4RGNITFhrdGVJZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMjJmNTcwLTBiMjYtNDAwNC04ZWQwLWQ5NTA5NDczMDcyYy8x
L19GUWVYN1ZlOTY1R29BUWpfTWxhVTd3SHU2VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MjJmNTcwLTBiMjYtNDAwNC04ZWQwLWQ5NTA5NDczMDcyYy8xL1ByRjRqLUlnNUdR
MGFTMGN4RGNITFhrdGVJZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwFQQCAAEwDwMDAIENAwMAjQMDAwCNNDANBAIAAjAH
AwUDKgATmDANBgkqhkiG9w0BAQsFAAOCAQEAEl2aBmnhyhQ4OFDU+OOlJxzsFSEH
hGB4e+D0GI0dL/1MB/0i7fUfrm8hVmLiEzs/Td3ivOTL2APz6ErtBeXirjGaqgoe
oZxrIlicTryNhKQz0Sa7PX0zJPEnZKXI+Deurtovgb0g4PytRtSZfrBtzkE+okFJ
X6BLyWnrb11e3i0Viq2kGIztmDaEWyoQuQ6FYDpLq3XSZciw5RMd41MSogLRMI0H
Y0T0Zq6hf4InncI/HgsFJVWinWBG8O698UgB4QBYZa5m7fNX69SNN9POd/702p96
wayZJnPY8v5sEZ4Z4Vi88+fThefwcLV9Pz6euWrqKvLKE52AVDUd/tZWxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:17 2024 by rpki-client on console-ams.rpki-client.org