Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/FZEHo9CJzlPHWpDGPH0JBycpkQ0.roa
File: FZEHo9CJzlPHWpDGPH0JBycpkQ0.roa (raw, json)
Hash identifier: I1fX2cJeUukfz35MFGruPvMy8mKmPM9IML2pqv7sFfs=
Subject key identifier: 15:91:07:A3:D0:89:CE:53:C7:5A:90:C6:3C:7D:09:07:27:29:91:0D
Certificate issuer: /CN=1201cc343074102efa7f0c30f29499e1ad56e29f
Certificate serial: 412ADC27
Authority key identifier: 12:01:CC:34:30:74:10:2E:FA:7F:0C:30:F2:94:99:E1:AD:56:E2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EgHMNDB0EC76fwww8pSZ4a1W4p8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/FZEHo9CJzlPHWpDGPH0JBycpkQ0.roa
Signing time: Sat 01 Jan 2022 12:59:36 +0000
ROA not before: Sat 01 Jan 2022 12:59:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42442
IP address blocks: 130.0.77.0/24 maxlen: 24
130.0.72.0/21 maxlen: 32
130.0.73.0/24 maxlen: 24
195.137.170.0/24 maxlen: 24
185.165.16.0/22 maxlen: 22
46.167.160.0/19 maxlen: 24
194.50.164.0/24 maxlen: 24
91.208.160.0/24 maxlen: 24
195.137.170.121/32 maxlen: 32
46.167.169.20/32 maxlen: 32
195.137.170.122/32 maxlen: 32
2a03:9480:302::/48 maxlen: 48
2a03:9480::/32 maxlen: 32
2a03:9480:200::/40 maxlen: 40
2a03:9480:300::/40 maxlen: 40
2a03:9480:301::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1093327911 (0x412adc27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1201cc343074102efa7f0c30f29499e1ad56e29f
Validity
Not Before: Jan 1 12:59:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=159107a3d089ce53c75a90c63c7d09072729910d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:3e:f0:c3:c6:19:bc:63:1e:44:b3:e8:ba:b8:
6e:1a:95:c2:24:71:97:f8:d3:78:1e:c7:5e:2b:41:
4b:db:0c:13:98:0b:e5:c8:bc:3f:29:ef:dc:04:f4:
86:32:dc:57:22:f1:71:24:f3:dc:49:a7:1b:c6:c7:
60:c4:22:31:8b:ca:b6:ee:3b:97:68:96:25:b9:e8:
40:4d:7e:54:2a:e7:2c:dc:54:f1:b1:23:4d:a0:04:
e3:a5:0d:44:9e:53:7a:f2:74:a9:db:e1:13:6c:76:
64:51:cf:ad:76:60:23:48:64:fb:49:82:99:e3:77:
72:b1:ef:db:58:57:4a:63:22:9e:37:a1:1b:20:ad:
26:67:ef:fa:c7:09:c8:98:1e:91:3c:4b:a9:38:bb:
f4:00:4b:e2:21:59:74:49:fe:52:01:12:79:22:03:
a5:be:fd:49:d6:21:b6:3b:44:9f:86:67:7b:30:37:
9a:1c:e9:57:a9:f5:98:ba:ee:c3:ba:fd:06:6b:3c:
09:63:ec:38:95:90:f7:f0:d8:1a:58:cb:06:aa:3a:
04:ba:c1:3e:0b:dd:c5:25:38:1e:60:85:b7:12:fd:
df:22:99:8a:28:a8:3c:59:20:dc:e7:0e:7a:0c:97:
81:3f:86:3a:ec:0f:34:e1:81:48:ae:2e:d5:76:2a:
72:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:91:07:A3:D0:89:CE:53:C7:5A:90:C6:3C:7D:09:07:27:29:91:0D
X509v3 Authority Key Identifier:
keyid:12:01:CC:34:30:74:10:2E:FA:7F:0C:30:F2:94:99:E1:AD:56:E2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EgHMNDB0EC76fwww8pSZ4a1W4p8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/FZEHo9CJzlPHWpDGPH0JBycpkQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/EgHMNDB0EC76fwww8pSZ4a1W4p8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.160.0/19
91.208.160.0/24
130.0.72.0/21
185.165.16.0/22
194.50.164.0/24
195.137.170.0/24
IPv6:
2a03:9480::/32
Signature Algorithm: sha256WithRSAEncryption
6f:df:f7:1b:f0:2b:3a:e1:06:35:3a:88:47:d8:e6:91:c0:d1:
ea:e6:7f:6f:f6:bf:f0:36:66:54:e7:54:fc:4e:a7:3b:06:f4:
1a:f4:ce:b9:28:d3:ae:8d:61:19:28:f7:fc:2c:42:1c:0e:fd:
bf:52:78:d3:d7:0a:6c:a7:c5:e3:31:68:ad:87:39:06:fc:f3:
af:12:c3:0c:b2:73:15:70:28:96:16:e1:bd:34:d1:00:63:72:
84:49:e3:da:d0:57:58:60:5f:16:91:b9:14:a4:c4:4d:71:38:
b6:5d:0e:32:3e:84:77:8c:56:d5:40:37:b8:ee:22:37:e0:61:
24:79:9b:20:28:48:aa:90:97:2a:2d:97:5e:c2:2b:fa:4f:d6:
8e:c0:c4:6e:40:eb:94:cb:25:b3:ae:34:48:c4:dc:91:7e:fb:
64:2b:61:4d:47:3e:56:02:99:be:50:3e:33:6d:5c:52:d3:6d:
2d:db:b5:5b:80:7c:9c:2b:50:de:b5:da:2f:98:5d:b8:46:b2:
93:75:7a:0c:5e:72:9c:a7:e6:4c:3d:aa:f2:9b:b6:83:2f:73:
e1:7b:8a:fa:e1:dc:1d:74:b7:46:b6:49:dd:51:69:eb:80:28:
6f:95:71:01:23:01:63:08:63:e5:0b:8b:5d:80:dd:5e:fe:12:
64:db:e4:ae
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEQSrcJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MjAxY2MzNDMwNzQxMDJlZmE3ZjBjMzBmMjk0OTllMWFkNTZlMjlmMB4XDTIyMDEw
MTEyNTkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTU5MTA3YTNkMDg5
Y2U1M2M3NWE5MGM2M2M3ZDA5MDcyNzI5OTEwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPI+8MPGGbxjHkSz6Lq4bhqVwiRxl/jTeB7HXitBS9sME5gL
5ci8Pynv3AT0hjLcVyLxcSTz3EmnG8bHYMQiMYvKtu47l2iWJbnoQE1+VCrnLNxU
8bEjTaAE46UNRJ5TevJ0qdvhE2x2ZFHPrXZgI0hk+0mCmeN3crHv21hXSmMinjeh
GyCtJmfv+scJyJgekTxLqTi79ABL4iFZdEn+UgESeSIDpb79SdYhtjtEn4ZnezA3
mhzpV6n1mLruw7r9Bms8CWPsOJWQ9/DYGljLBqo6BLrBPgvdxSU4HmCFtxL93yKZ
iiioPFkg3OcOegyXgT+GOuwPNOGBSK4u1XYqcmUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQVkQej0InOU8dakMY8fQkHJymRDTAfBgNVHSMEGDAWgBQSAcw0MHQQLvp/
DDDylJnhrVbinzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VnSE1OREIwRUM3NmZ3d3c4cFNaNGExVzRwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvZDE2MjhhLTMzYzgtNGU0Ny1iZmVkLTk5ZWQ2NzMwZjg0YS8x
L0ZaRUhvOUNKemxQSFdwREdQSDBKQnljcGtRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
ZDE2MjhhLTMzYzgtNGU0Ny1iZmVkLTk5ZWQ2NzMwZjg0YS8xL0VnSE1OREIwRUM3
NmZ3d3c4cFNaNGExVzRwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBS6noAMEAFvQoAMEA4IASAMEArml
EAMEAMIypAMEAMOJqjANBAIAAjAHAwUAKgOUgDANBgkqhkiG9w0BAQsFAAOCAQEA
b9/3G/ArOuEGNTqIR9jmkcDR6uZ/b/a/8DZmVOdU/E6nOwb0GvTOuSjTro1hGSj3
/CxCHA79v1J409cKbKfF4zForYc5BvzzrxLDDLJzFXAolhbhvTTRAGNyhEnj2tBX
WGBfFpG5FKTETXE4tl0OMj6Ed4xW1UA3uO4iN+BhJHmbIChIqpCXKi2XXsIr+k/W
jsDEbkDrlMsls640SMTckX77ZCthTUc+VgKZvlA+M21cUtNtLdu1W4B8nCtQ3rXa
L5hduEayk3V6DF5ynKfmTD2q8pu2gy9z4XuK+uHcHXS3RrZJ3VFp64Aob5VxASMB
Ywhj5QuLXYDdXv4SZNvkrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:25 2024 by rpki-client on console-fra.rpki-client.org