Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/fc8e22-9a3b-4646-babe-1ca2120ee436/1/_fz30ODJ6yc0sjNW0q8XRMBTIAE.roa
File: _fz30ODJ6yc0sjNW0q8XRMBTIAE.roa (raw, json)
Hash identifier: 0/BYhkSmc4+k+ALrkhgqsP0fzwNiOkRVoyEbxudjZXo=
Subject key identifier: FD:FC:F7:D0:E0:C9:EB:27:34:B2:33:56:D2:AF:17:44:C0:53:20:01
Certificate issuer: /CN=4bdd42ccd13d7f8a7c3eda5b5502d8d6dcbbbe11
Certificate serial: 01828C5B367B08DB71E3A6B0A505DB5C6087
Authority key identifier: 4B:DD:42:CC:D1:3D:7F:8A:7C:3E:DA:5B:55:02:D8:D6:DC:BB:BE:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S91CzNE9f4p8PtpbVQLY1ty7vhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/fc8e22-9a3b-4646-babe-1ca2120ee436/1/_fz30ODJ6yc0sjNW0q8XRMBTIAE.roa
Signing time: Thu 11 Aug 2022 10:02:44 +0000
ROA not before: Thu 11 Aug 2022 10:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16019
IP address blocks: 185.168.149.0/24 maxlen: 24
2a12:b7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8c:5b:36:7b:08:db:71:e3:a6:b0:a5:05:db:5c:60:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bdd42ccd13d7f8a7c3eda5b5502d8d6dcbbbe11
Validity
Not Before: Aug 11 10:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fdfcf7d0e0c9eb2734b23356d2af1744c0532001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:63:9d:c0:cd:ad:3c:aa:0c:71:46:c6:8f:7f:
0f:a8:03:26:e7:eb:7a:d4:6a:09:4a:db:f3:08:1c:
13:f5:a9:96:66:25:c6:b5:0d:09:f0:57:3d:b0:3b:
1e:f3:8c:f0:1c:5a:a6:58:af:bf:4d:12:fd:95:88:
bc:8f:7b:76:d3:a4:64:f1:95:2a:83:47:68:cc:6d:
0d:00:c1:fa:79:47:ab:a5:84:49:0d:56:81:cc:da:
64:d4:1e:f5:72:ff:4b:2c:8a:2b:15:30:53:60:9e:
7a:d3:c8:ec:41:4c:bd:f8:f2:a0:7b:d6:70:68:9b:
1d:f5:fc:92:fa:54:cf:72:c6:47:76:2f:77:4b:19:
5d:68:e5:38:fa:6b:95:f8:27:70:31:44:39:20:6a:
6f:8a:15:3f:01:81:b9:92:4e:a4:20:5d:e3:73:3d:
ec:4b:92:ad:64:05:eb:00:04:a9:12:24:28:92:20:
0b:6f:2a:b5:b7:4f:0e:4e:4c:dc:57:3a:d3:6b:dd:
8c:6f:a5:72:a4:d6:ce:6c:76:6b:4f:89:e8:e3:6f:
f0:24:63:fb:c1:51:54:00:8d:f2:30:73:45:22:fc:
c0:48:af:b5:31:68:e7:1e:49:42:62:f2:2d:30:80:
c3:19:f0:07:04:a2:38:a5:26:53:03:48:a1:d4:ea:
32:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FC:F7:D0:E0:C9:EB:27:34:B2:33:56:D2:AF:17:44:C0:53:20:01
X509v3 Authority Key Identifier:
keyid:4B:DD:42:CC:D1:3D:7F:8A:7C:3E:DA:5B:55:02:D8:D6:DC:BB:BE:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S91CzNE9f4p8PtpbVQLY1ty7vhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/fc8e22-9a3b-4646-babe-1ca2120ee436/1/_fz30ODJ6yc0sjNW0q8XRMBTIAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/fc8e22-9a3b-4646-babe-1ca2120ee436/1/S91CzNE9f4p8PtpbVQLY1ty7vhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.149.0/24
IPv6:
2a12:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
94:e7:3b:69:3e:3d:3d:31:87:c2:b4:e7:76:91:7f:6d:d4:9d:
03:9f:18:97:0b:6a:9a:89:c3:aa:7a:5c:ef:8c:99:62:42:f7:
6a:50:61:f0:ae:52:8b:dc:9e:c2:bf:d1:b3:d4:43:35:d0:74:
dc:13:e4:be:98:32:d7:8c:92:38:f4:4f:48:c9:3c:5c:23:a0:
61:98:8a:5e:d1:56:63:0c:34:f3:11:28:6d:70:cc:ad:e1:db:
7e:b9:14:aa:07:6f:e7:29:71:12:e5:a8:e8:51:04:4c:93:3a:
37:d2:6b:e9:0e:0e:d2:6d:2e:51:cd:e2:e1:37:2d:b5:55:85:
0c:1a:94:2d:50:6f:ac:b9:a5:82:75:b0:d7:e4:8b:e4:cc:83:
d5:a2:2d:99:fb:a7:3a:4f:37:0a:75:6a:69:3a:8b:2f:c3:ce:
10:24:bd:e3:78:71:64:5a:57:74:87:02:a4:b4:6a:58:65:4b:
61:fd:18:81:80:59:04:29:36:bc:e5:ba:fb:12:aa:e4:98:29:
54:66:90:cf:66:08:d4:d0:50:33:37:b1:e9:df:f3:b4:4b:88:
d2:fc:32:22:52:1f:4b:1c:7e:fb:92:ee:96:be:2c:d8:34:df:
c7:f3:fd:68:12:27:2d:1f:91:e6:a8:10:b7:de:74:c5:68:9e:
a7:4b:ae:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYKMWzZ7CNtx46awpQXbXGCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZGQ0MmNjZDEzZDdmOGE3YzNlZGE1YjU1MDJkOGQ2ZGNi
YmJlMTEwHhcNMjIwODExMTAwMjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGZjZjdkMGUwYzllYjI3MzRiMjMzNTZkMmFmMTc0NGMwNTMyMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGOdwM2tPKoMcUbGj38PqAMm5+t6
1GoJStvzCBwT9amWZiXGtQ0J8Fc9sDse84zwHFqmWK+/TRL9lYi8j3t206Rk8ZUq
g0dozG0NAMH6eUerpYRJDVaBzNpk1B71cv9LLIorFTBTYJ5608jsQUy9+PKge9Zw
aJsd9fyS+lTPcsZHdi93SxldaOU4+muV+CdwMUQ5IGpvihU/AYG5kk6kIF3jcz3s
S5KtZAXrAASpEiQokiALbyq1t08OTkzcVzrTa92Mb6VypNbObHZrT4no42/wJGP7
wVFUAI3yMHNFIvzASK+1MWjnHklCYvItMIDDGfAHBKI4pSZTA0ih1OoyrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP3899DgyesnNLIzVtKvF0TAUyABMB8GA1UdIwQY
MBaAFEvdQszRPX+KfD7aW1UC2Nbcu74RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzkxQ3pORTlmNHA4UHRwYlZRTFkxdHk3dmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mYzhlMjItOWEzYi00NjQ2LWJhYmUt
MWNhMjEyMGVlNDM2LzEvX2Z6MzBPREo2eWMwc2pOVzBxOFhSTUJUSUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mYzhlMjItOWEzYi00NjQ2LWJhYmUtMWNhMjEyMGVlNDM2
LzEvUzkxQ3pORTlmNHA4UHRwYlZRTFkxdHk3dmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuaiVMA0E
AgACMAcDBQMqErfAMA0GCSqGSIb3DQEBCwUAA4IBAQCU5ztpPj09MYfCtOd2kX9t
1J0DnxiXC2qaicOqelzvjJliQvdqUGHwrlKL3J7Cv9Gz1EM10HTcE+S+mDLXjJI4
9E9IyTxcI6BhmIpe0VZjDDTzEShtcMyt4dt+uRSqB2/nKXES5ajoUQRMkzo30mvp
Dg7SbS5RzeLhNy21VYUMGpQtUG+suaWCdbDX5IvkzIPVoi2Z+6c6TzcKdWppOosv
w84QJL3jeHFkWld0hwKktGpYZUth/RiBgFkEKTa85br7EqrkmClUZpDPZgjU0FAz
N7Hp3/O0S4jS/DIiUh9LHH77ku6WvizYNN/H8/1oEictH5HmqBC33nTFaJ6nS67s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:45 2024 by rpki-client on console-fra.rpki-client.org