Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/FNZTS9EMbvBygnauHNW5Jk5SE9U.roa
File: FNZTS9EMbvBygnauHNW5Jk5SE9U.roa (raw, json)
Hash identifier: mrC71bwfoEveXl9Tm8i/LT84XBIgUTBQkkPAd3Vce/c=
Subject key identifier: 14:D6:53:4B:D1:0C:6E:F0:72:82:76:AE:1C:D5:B9:26:4E:52:13:D5
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 01852AB730CC19D751D30FE45434289E06B5
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/FNZTS9EMbvBygnauHNW5Jk5SE9U.roa
Signing time: Mon 19 Dec 2022 14:08:46 +0000
ROA not before: Mon 19 Dec 2022 14:08:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 91.149.231.0/24 maxlen: 24
91.149.230.0/24 maxlen: 24
91.149.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:b7:30:cc:19:d7:51:d3:0f:e4:54:34:28:9e:06:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Dec 19 14:08:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14d6534bd10c6ef0728276ae1cd5b9264e5213d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5b:14:17:98:d5:5c:88:00:36:7f:6e:ed:7a:
82:e7:3b:53:bd:2c:e7:12:6f:53:7d:1b:18:6e:2b:
52:9e:74:0e:d6:b4:83:13:25:a8:16:4f:6d:de:63:
d3:26:91:03:37:77:50:60:6b:8d:b2:8c:e6:d0:eb:
03:8e:c7:f7:15:89:90:e8:6d:2d:a6:eb:ce:f0:5f:
b4:7c:f6:f3:a0:3b:c6:a7:9c:10:7f:81:22:df:8c:
6b:86:59:6b:51:4a:5b:73:c7:8f:bc:ab:e8:ed:cb:
48:ac:7a:b6:64:64:0c:8a:03:d7:63:95:c6:ad:f3:
02:20:07:f4:91:ea:87:65:e0:65:59:cd:66:57:d7:
15:d7:6d:27:23:12:9d:de:c5:80:f6:93:2c:4b:3d:
22:9d:16:c0:3b:19:9a:44:73:2b:62:ba:b6:08:c7:
12:c2:3e:30:33:6f:b3:7e:14:f6:a3:30:a5:2a:da:
3f:cd:5d:f7:4e:13:46:5f:8f:63:e0:a1:df:11:bc:
83:5e:07:36:9f:44:79:31:db:9f:4f:4c:b0:fb:c7:
09:2e:c6:a4:d1:68:80:7f:a6:fb:5c:a4:71:f5:d1:
cc:22:21:25:7c:7c:dc:ce:9a:55:55:1f:f2:9e:b0:
fd:2b:09:ce:3d:1d:72:b8:09:56:5e:d4:da:48:66:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D6:53:4B:D1:0C:6E:F0:72:82:76:AE:1C:D5:B9:26:4E:52:13:D5
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/FNZTS9EMbvBygnauHNW5Jk5SE9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.229.0-91.149.231.255
Signature Algorithm: sha256WithRSAEncryption
4d:da:f0:4e:0c:5d:20:9f:7f:2e:cd:ed:b7:47:c5:3a:bc:27:
87:f3:c6:95:8a:a1:0f:c8:44:62:1b:07:91:16:41:5a:40:b6:
cf:6d:ce:58:8c:d2:eb:3f:01:dc:e7:5d:7d:e5:af:82:ee:0b:
8c:a4:2b:71:4b:d0:12:21:90:f2:df:f9:84:73:62:2b:a2:b4:
e5:43:91:57:31:ad:71:d1:0c:3d:09:76:cb:02:50:09:f5:42:
a6:92:e0:de:9f:02:51:ad:18:64:ae:17:df:39:ef:20:54:1e:
ee:c7:85:b4:49:48:19:96:91:96:5f:4a:a9:a5:6f:5d:d5:25:
1b:7f:cd:e6:05:6f:30:43:cb:06:81:a7:93:1d:da:e5:24:de:
f5:86:8b:3b:50:4e:1d:43:ce:70:24:d0:52:bb:0f:ce:6b:33:
5c:c9:d9:f9:02:ae:61:b1:6e:1c:19:a1:4f:4b:de:85:c9:32:
2c:7d:b1:16:fc:09:5c:2a:8c:87:32:e5:4d:d2:79:24:de:28:
ce:3f:c0:29:00:d5:0c:d2:33:fa:97:05:67:53:fd:56:ea:9d:
4e:e1:85:87:8c:f5:d3:f5:d3:3a:d3:b5:8b:31:8b:77:29:37:
5c:25:3e:78:98:94:35:49:34:93:5c:74:24:a6:1f:7b:46:58:
47:6b:31:1c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYUqtzDMGddR0w/kVDQonga1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjIxMjE5MTQwODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQ2NTM0YmQxMGM2ZWYwNzI4Mjc2YWUxY2Q1YjkyNjRlNTIxM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFsUF5jVXIgANn9u7XqC5ztTvSzn
Em9TfRsYbitSnnQO1rSDEyWoFk9t3mPTJpEDN3dQYGuNsozm0OsDjsf3FYmQ6G0t
puvO8F+0fPbzoDvGp5wQf4Ei34xrhllrUUpbc8ePvKvo7ctIrHq2ZGQMigPXY5XG
rfMCIAf0keqHZeBlWc1mV9cV120nIxKd3sWA9pMsSz0inRbAOxmaRHMrYrq2CMcS
wj4wM2+zfhT2ozClKto/zV33ThNGX49j4KHfEbyDXgc2n0R5MdufT0yw+8cJLsak
0WiAf6b7XKRx9dHMIiElfHzczppVVR/ynrD9KwnOPR1yuAlWXtTaSGY85wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBTWU0vRDG7wcoJ2rhzVuSZOUhPVMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvRk5aVFM5RU1idkJ5Z25hdUhOVzVKazVTRTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABbleUD
BANbleAwDQYJKoZIhvcNAQELBQADggEBAE3a8E4MXSCffy7N7bdHxTq8J4fzxpWK
oQ/IRGIbB5EWQVpAts9tzliM0us/AdznXX3lr4LuC4ykK3FL0BIhkPLf+YRzYiui
tOVDkVcxrXHRDD0JdssCUAn1QqaS4N6fAlGtGGSuF9857yBUHu7HhbRJSBmWkZZf
Sqmlb13VJRt/zeYFbzBDywaBp5Md2uUk3vWGiztQTh1DznAk0FK7D85rM1zJ2fkC
rmGxbhwZoU9L3oXJMix9sRb8CVwqjIcy5U3SeSTeKM4/wCkA1QzSM/qXBWdT/Vbq
nU7hhYeM9dP10zrTtYsxi3cpN1wlPniYlDVJNJNcdCSmH3tGWEdrMRw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:50 2023 by rpki-client on console-fra.rpki-client.org