Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/Fbf6Fg_OXrHv_vIJV7nJFRlUGA4.roa
File: Fbf6Fg_OXrHv_vIJV7nJFRlUGA4.roa (raw, json)
Hash identifier: NfxbNhA1GQ7H471+B0czu2j8F/IFoUxCBNG0/RvX02o=
Subject key identifier: 15:B7:FA:16:0F:CE:5E:B1:EF:FE:F2:09:57:B9:C9:15:19:54:18:0E
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 3764296A
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/Fbf6Fg_OXrHv_vIJV7nJFRlUGA4.roa
Signing time: Sat 01 Jan 2022 08:59:26 +0000
ROA not before: Sat 01 Jan 2022 08:59:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34700
IP address blocks: 31.202.0.0/17 maxlen: 17
46.160.88.0/21 maxlen: 21
178.165.0.0/17 maxlen: 18
31.202.128.0/18 maxlen: 18
185.147.96.0/22 maxlen: 22
5.255.160.0/20 maxlen: 20
79.171.120.0/21 maxlen: 21
2a00:1210::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 929311082 (0x3764296a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Jan 1 08:59:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=15b7fa160fce5eb1effef20957b9c9151954180e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ea:de:5f:ac:f6:da:be:d3:f4:54:58:08:e9:
5e:d7:1d:ff:0c:0c:f6:1b:dc:b2:2d:61:39:b1:f6:
65:45:46:04:b3:98:aa:ac:6d:b6:d6:68:89:3d:ae:
18:da:6c:3d:33:f8:83:ee:e4:18:7d:27:3b:0f:7a:
79:45:75:49:94:ed:3d:45:92:55:a0:dd:4f:85:fe:
a1:63:d8:22:84:db:e5:38:57:76:ba:7a:66:51:32:
7b:10:07:7f:96:0f:f4:bf:fa:ad:79:0c:34:41:da:
0b:60:f2:42:d0:be:5f:a5:43:4e:03:b1:29:83:8a:
1f:ef:57:6b:72:88:20:4a:91:f2:0c:62:1a:aa:03:
37:03:c8:3f:58:4a:3c:35:ce:59:c7:4c:28:a4:44:
14:7b:c5:1b:19:d6:06:f0:b3:19:0e:91:2b:8e:f5:
eb:e1:19:ab:3f:1c:0a:63:b3:ed:49:e1:54:b1:1a:
5b:58:cd:ca:5e:83:06:ea:53:9d:57:2d:35:0c:a9:
33:13:52:51:96:53:9b:8f:26:c6:a5:c2:ba:b0:aa:
31:5f:8a:db:dd:71:a6:89:01:e6:65:2c:f2:4a:fc:
be:aa:4a:fa:80:9a:60:6b:e4:c9:b7:20:37:7d:4e:
cd:64:61:f4:b3:1c:65:96:77:88:50:27:36:63:2c:
7f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B7:FA:16:0F:CE:5E:B1:EF:FE:F2:09:57:B9:C9:15:19:54:18:0E
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/Fbf6Fg_OXrHv_vIJV7nJFRlUGA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.160.0/20
31.202.0.0-31.202.191.255
46.160.88.0/21
79.171.120.0/21
178.165.0.0/17
185.147.96.0/22
IPv6:
2a00:1210::/32
Signature Algorithm: sha256WithRSAEncryption
c2:82:49:28:40:57:5e:a5:be:14:7c:7b:64:29:7b:35:41:d9:
5a:06:48:bb:b9:13:fe:fd:15:80:22:ce:a5:4b:28:7c:b1:05:
2c:1a:cb:14:f1:b7:1a:df:47:39:f9:4f:82:3e:97:cd:1c:83:
30:6e:b0:bf:d9:fb:6f:2d:6b:f8:c9:23:29:65:ac:a5:db:8e:
97:c0:03:22:45:48:47:bb:9b:80:ee:f9:f5:df:77:15:44:34:
4b:f6:1e:08:3b:1b:c2:23:23:24:e8:1d:17:23:ee:b7:e9:00:
47:3d:bd:b8:47:19:c6:df:d6:8e:0a:f7:3a:8c:c7:91:f8:c0:
96:97:71:a5:f1:de:23:1a:ab:44:a8:6a:f0:d1:76:97:62:bc:
13:ce:e3:8a:43:8e:1c:5f:9d:4e:3b:bd:70:0b:60:95:d9:ea:
49:40:2f:09:58:47:34:59:ed:80:a6:e3:44:61:77:05:e8:63:
35:9a:73:e9:32:8f:ff:17:e0:6d:c6:09:da:fb:d6:a3:f9:f1:
d2:62:d6:6b:2d:e2:15:2e:ba:a2:c5:1a:d8:b2:6b:39:06:ca:
be:bb:62:d7:e8:f6:fe:90:91:23:27:6d:54:fe:9f:3a:29:0a:
cc:ca:a3:e2:c4:a7:c1:5d:1f:72:75:2b:e6:ab:e9:03:6d:f1:
29:7b:8b:8d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEN2QpajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTdhOWIxNzQ1YTVhNzBjM2JmN2JjYzJjMmVlMTY2NDYwYWZmN2E4MB4XDTIyMDEw
MTA4NTkyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTViN2ZhMTYwZmNl
NWViMWVmZmVmMjA5NTdiOWM5MTUxOTU0MTgwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrq3l+s9tq+0/RUWAjpXtcd/wwM9hvcsi1hObH2ZUVGBLOY
qqxtttZoiT2uGNpsPTP4g+7kGH0nOw96eUV1SZTtPUWSVaDdT4X+oWPYIoTb5ThX
drp6ZlEyexAHf5YP9L/6rXkMNEHaC2DyQtC+X6VDTgOxKYOKH+9Xa3KIIEqR8gxi
GqoDNwPIP1hKPDXOWcdMKKREFHvFGxnWBvCzGQ6RK4716+EZqz8cCmOz7UnhVLEa
W1jNyl6DBupTnVctNQypMxNSUZZTm48mxqXCurCqMV+K291xpokB5mUs8kr8vqpK
+oCaYGvkybcgN31OzWRh9LMcZZZ3iFAnNmMsfxcCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBQVt/oWD85ese/+8glXuckVGVQYDjAfBgNVHSMEGDAWgBSuepsXRaWnDDv3
vMLC7hZkYK/3qDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JucWJGMFdscHd3Nzk3ekN3dTRXWkdDdjk2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvNmU5MDlkLWQzMjUtNDhhMS05NDQzLWNjOWE3NThjOTkxNi8x
L0ZiZjZGZ19PWHJIdl92SUpWN25KRlJsVUdBNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
NmU5MDlkLWQzMjUtNDhhMS05NDQzLWNjOWE3NThjOTkxNi8xL3JucWJGMFdscHd3
Nzk3ekN3dTRXWkdDdjk2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwMQQCAAEwKwMEBAX/oDALAwMBH8oDBAYfyoADBAMu
oFgDBANPq3gDBAeypQADBAK5k2AwDQQCAAIwBwMFACoAEhAwDQYJKoZIhvcNAQEL
BQADggEBAMKCSShAV16lvhR8e2QpezVB2VoGSLu5E/79FYAizqVLKHyxBSwayxTx
txrfRzn5T4I+l80cgzBusL/Z+28ta/jJIyllrKXbjpfAAyJFSEe7m4Du+fXfdxVE
NEv2Hgg7G8IjIyToHRcj7rfpAEc9vbhHGcbf1o4K9zqMx5H4wJaXcaXx3iMaq0So
avDRdpdivBPO44pDjhxfnU47vXALYJXZ6klALwlYRzRZ7YCm40RhdwXoYzWac+ky
j/8X4G3GCdr71qP58dJi1mst4hUuuqLFGtiyazkGyr67Ytfo9v6QkSMnbVT+nzop
CszKo+LEp8FdH3J1K+ar6QNt8Sl7i40=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:49 2024 by rpki-client on console-fra.rpki-client.org