Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/FLlG-zXqvV2aMW-rYE04Bgz3DPk.roa
File: FLlG-zXqvV2aMW-rYE04Bgz3DPk.roa (raw, json)
Hash identifier: mRKD25Zmtn+gUbH6nhVl3iIW9rlJ9u+uXdbjxiq3NK4=
Subject key identifier: 14:B9:46:FB:35:EA:BD:5D:9A:31:6F:AB:60:4D:38:06:0C:F7:0C:F9
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01849B137DB61AD30E8F6B6DE4244879A460
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/FLlG-zXqvV2aMW-rYE04Bgz3DPk.roa
Signing time: Mon 21 Nov 2022 16:44:16 +0000
ROA not before: Mon 21 Nov 2022 16:44:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201909
IP address blocks: 37.35.53.0/24 maxlen: 24
188.119.159.0/24 maxlen: 24
188.119.158.0/24 maxlen: 24
188.119.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:13:7d:b6:1a:d3:0e:8f:6b:6d:e4:24:48:79:a4:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Nov 21 16:44:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14b946fb35eabd5d9a316fab604d38060cf70cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6b:a7:37:d3:6c:76:af:b5:26:0d:87:8e:66:
cc:c8:f3:a7:be:a0:6c:9d:f5:58:89:bf:71:99:84:
62:ae:63:b0:5d:36:54:34:ea:73:48:44:00:36:ae:
28:16:d8:f8:c7:48:ac:47:f0:09:39:5c:c2:c3:56:
fc:f1:30:09:5b:28:1b:b9:97:ba:47:81:01:89:cd:
c0:47:15:b6:4b:39:3e:b1:65:2b:7f:e2:18:19:ca:
b9:cc:bb:56:91:6b:56:6b:2e:b5:71:8d:35:03:de:
da:45:0a:7d:8a:19:9d:51:68:45:a0:20:c0:eb:df:
9a:80:37:44:75:57:08:66:25:8b:70:76:a9:0d:d3:
66:d2:60:83:48:05:cf:58:83:e7:ce:3a:ba:0c:bc:
fd:75:9d:37:68:e5:14:ca:05:38:2e:b0:05:c6:0c:
8b:b8:21:04:dd:db:ec:76:c1:31:b1:2a:e5:07:39:
ed:53:f8:95:b8:bf:2b:70:66:c2:7b:50:7c:52:c2:
30:45:2d:9e:af:2c:de:0d:b8:f7:63:07:e6:fe:48:
8f:4e:fd:01:1a:44:e1:20:c8:07:d0:d1:42:5b:72:
38:d9:31:75:e9:08:e1:3e:61:46:ac:ee:a3:04:4e:
65:51:cf:1d:02:09:5a:e3:fa:66:82:bc:c8:30:0b:
0a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B9:46:FB:35:EA:BD:5D:9A:31:6F:AB:60:4D:38:06:0C:F7:0C:F9
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/FLlG-zXqvV2aMW-rYE04Bgz3DPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.53.0/24
188.119.158.0/23
188.119.163.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:a4:95:1c:d2:21:fa:2e:35:59:09:57:99:11:11:d6:c4:f5:
66:fa:75:0a:84:86:61:51:80:f2:a8:03:65:25:3f:03:a5:f2:
1e:e6:2c:8a:5b:97:f4:6f:1d:ae:92:b5:6e:e5:c9:f1:7a:49:
06:4e:fe:24:b2:f7:4d:cb:3c:18:8a:04:7b:50:4a:cd:e7:30:
71:83:16:6c:c1:c7:32:4c:02:37:60:f6:61:ac:a7:04:96:5c:
6c:65:b3:8f:3c:71:2d:c9:38:ce:70:f4:4f:16:3d:9f:25:45:
58:79:2a:50:1f:e7:ec:f9:53:8b:0f:00:39:8c:1f:ca:60:0f:
4f:f6:69:ac:1d:5e:d4:94:9a:f9:ef:3e:ef:5d:be:ea:73:55:
8f:cc:5f:80:6b:bd:ff:73:2c:8a:86:a5:a9:33:ec:69:3c:43:
a6:6e:7d:0c:bd:96:2c:c6:6e:44:38:a4:92:57:02:d0:0c:ee:
91:8c:e6:57:c6:ff:71:a5:b2:b6:e8:6e:c1:25:89:73:fb:68:
60:5d:3e:90:8b:d2:ef:73:7d:b8:b9:54:3f:27:c2:9f:71:2e:
5b:45:51:30:f2:b2:d5:77:3a:51:9b:a9:dd:52:27:d9:b1:6c:
74:f6:ff:45:f0:8f:bd:1a:f5:2a:95:cf:76:55:c1:cd:6f:d1:
e8:36:03:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSbE322GtMOj2tt5CRIeaRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjIxMTIxMTY0NDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGI5NDZmYjM1ZWFiZDVkOWEzMTZmYWI2MDRkMzgwNjBjZjcwY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2unN9Nsdq+1Jg2HjmbMyPOnvqBs
nfVYib9xmYRirmOwXTZUNOpzSEQANq4oFtj4x0isR/AJOVzCw1b88TAJWygbuZe6
R4EBic3ARxW2Szk+sWUrf+IYGcq5zLtWkWtWay61cY01A97aRQp9ihmdUWhFoCDA
69+agDdEdVcIZiWLcHapDdNm0mCDSAXPWIPnzjq6DLz9dZ03aOUUygU4LrAFxgyL
uCEE3dvsdsExsSrlBzntU/iVuL8rcGbCe1B8UsIwRS2eryzeDbj3Ywfm/kiPTv0B
GkThIMgH0NFCW3I42TF16QjhPmFGrO6jBE5lUc8dAgla4/pmgrzIMAsK/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBS5Rvs16r1dmjFvq2BNOAYM9wz5MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvRkxsRy16WHF2VjJhTVctcllFMDRCZ3ozRFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJSM1AwQB
vHeeAwQAvHejMA0GCSqGSIb3DQEBCwUAA4IBAQCMpJUc0iH6LjVZCVeZERHWxPVm
+nUKhIZhUYDyqANlJT8DpfIe5iyKW5f0bx2ukrVu5cnxekkGTv4ksvdNyzwYigR7
UErN5zBxgxZswccyTAI3YPZhrKcEllxsZbOPPHEtyTjOcPRPFj2fJUVYeSpQH+fs
+VOLDwA5jB/KYA9P9mmsHV7UlJr57z7vXb7qc1WPzF+Aa73/cyyKhqWpM+xpPEOm
bn0MvZYsxm5EOKSSVwLQDO6RjOZXxv9xpbK26G7BJYlz+2hgXT6Qi9Lvc324uVQ/
J8KfcS5bRVEw8rLVdzpRm6ndUifZsWx09v9F8I+9GvUqlc92VcHNb9HoNgOX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org