Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/FkCuvK0KRJb_esn8azpTXvfpT3s.roa
File: FkCuvK0KRJb_esn8azpTXvfpT3s.roa (raw, json)
Hash identifier: 9if5ImzBNtwt7p8/CFZxJmVbxtfI1U5UVJGfrUPoTDY=
Subject key identifier: 16:40:AE:BC:AD:0A:44:96:FF:7A:C9:FC:6B:3A:53:5E:F7:E9:4F:7B
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 046154CA
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/FkCuvK0KRJb_esn8azpTXvfpT3s.roa
Signing time: Tue 22 Feb 2022 21:07:35 +0000
ROA not before: Tue 22 Feb 2022 21:07:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211768
IP address blocks: 185.86.188.0/22 maxlen: 24
193.148.188.0/24 maxlen: 24
185.124.192.0/22 maxlen: 24
193.19.128.0/22 maxlen: 24
2a06:b500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73487562 (0x46154ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Feb 22 21:07:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1640aebcad0a4496ff7ac9fc6b3a535ef7e94f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:39:e1:5c:49:15:50:9b:97:ad:e2:bd:67:2c:
e9:42:e1:e2:16:32:57:12:a5:9a:9f:e9:71:87:0c:
8b:af:44:f9:85:09:a2:b2:53:0c:b6:0e:27:19:d3:
40:da:6f:21:1d:99:94:1c:b5:e8:0e:6d:42:ef:d8:
e9:1d:db:10:f5:74:ef:9d:bb:d8:b0:45:73:a3:07:
61:ea:85:9e:d2:61:ba:40:c3:70:35:51:bd:0a:00:
ce:d6:df:e0:b1:29:a0:90:74:db:4b:b1:73:91:9e:
d4:7f:f5:87:00:c8:0a:78:0f:75:2a:22:13:7e:4b:
15:dd:c4:5a:8b:ef:65:b2:03:62:a8:db:94:38:cb:
3f:9d:79:00:0f:8b:b4:42:3a:ff:a2:f2:81:c2:37:
47:0d:ea:8e:c1:ee:4a:e7:b2:b7:38:de:8f:88:0b:
eb:4a:78:9a:d9:45:16:c3:5a:81:0a:7e:41:22:2e:
9a:8e:b6:02:02:cf:b4:31:67:d6:22:49:41:e1:ca:
5c:34:12:e2:49:c0:f8:4d:f5:2a:af:5a:56:34:b1:
cd:91:45:cd:58:29:9c:15:8e:02:0b:26:cf:64:c1:
8c:74:9f:0a:75:00:ad:e0:93:54:8b:6c:23:74:cb:
ad:78:79:96:4b:07:38:33:de:b2:78:c0:4e:38:3b:
56:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:40:AE:BC:AD:0A:44:96:FF:7A:C9:FC:6B:3A:53:5E:F7:E9:4F:7B
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/FkCuvK0KRJb_esn8azpTXvfpT3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.188.0/22
185.124.192.0/22
193.19.128.0/22
193.148.188.0/24
IPv6:
2a06:b500::/29
Signature Algorithm: sha256WithRSAEncryption
90:b6:cb:39:e3:e7:6e:c8:c5:5c:e2:e0:5c:ae:83:c1:0c:d6:
58:28:df:95:d8:de:6a:78:b0:a3:c6:cc:8c:7f:ca:92:b8:c1:
f4:f9:7b:e0:6a:ba:a0:3d:a8:62:60:1e:45:9d:23:39:25:63:
35:de:a6:76:3b:8f:a7:c8:b8:6c:15:89:5e:43:48:57:e6:80:
4b:5e:4c:f3:42:39:47:c2:cd:a6:e9:91:c7:2b:e6:76:71:7c:
ca:07:36:37:2f:63:8f:a7:d8:62:bc:5a:2c:d9:68:2e:dc:11:
6a:8c:bf:d5:5a:35:44:26:13:39:95:0b:5a:a6:8f:46:bc:e4:
cb:61:1e:a2:44:15:c3:29:7f:af:f8:6c:77:fa:0a:3a:bf:dd:
37:3b:04:30:8b:34:3a:85:a1:35:74:c3:26:f7:57:51:db:49:
4c:aa:4a:4f:1a:87:de:56:26:ff:b2:3c:60:27:8a:03:b6:86:
fa:f9:a8:45:29:60:26:92:bb:b4:11:92:c7:64:1a:8e:74:2b:
a5:22:6c:c3:62:02:dc:ce:10:47:43:d2:d9:df:06:5d:e6:87:
3e:35:4b:9c:1f:4e:5f:52:8b:cd:7f:75:d7:a9:a2:b1:a3:cc:
bc:e4:57:1c:3c:d8:5c:36:cd:74:c0:8c:ca:96:74:0d:6c:29:
d6:96:27:81
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBGFUyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjY2MGIyM2ZlM2I4NjQyZDZiZjQ3NWY4ZWI3ZmNhZDlkMTNjNDEzMB4XDTIyMDIy
MjIxMDczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY0MGFlYmNhZDBh
NDQ5NmZmN2FjOWZjNmIzYTUzNWVmN2U5NGY3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANI54VxJFVCbl63ivWcs6ULh4hYyVxKlmp/pcYcMi69E+YUJ
orJTDLYOJxnTQNpvIR2ZlBy16A5tQu/Y6R3bEPV075272LBFc6MHYeqFntJhukDD
cDVRvQoAztbf4LEpoJB020uxc5Ge1H/1hwDICngPdSoiE35LFd3EWovvZbIDYqjb
lDjLP515AA+LtEI6/6LygcI3Rw3qjsHuSueytzjej4gL60p4mtlFFsNagQp+QSIu
mo62AgLPtDFn1iJJQeHKXDQS4knA+E31Kq9aVjSxzZFFzVgpnBWOAgsmz2TBjHSf
CnUAreCTVItsI3TLrXh5lksHODPesnjATjg7VhcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQWQK68rQpElv96yfxrOlNe9+lPezAfBgNVHSMEGDAWgBSSZgsj/juGQta/
R1+Ot/ytnRPEEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ttWUxJXzQ3aGtMV3YwZGZqcmY4clowVHhCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYWUzYmFjLTNkYTItNGU0OS1iZGFiLTEzZWYxYzQ1NWNjNC8x
L0ZrQ3V2SzBLUkpiX2VzbjhhenBUWHZmcFQzcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YWUzYmFjLTNkYTItNGU0OS1iZGFiLTEzZWYxYzQ1NWNjNC8xL2ttWUxJXzQ3aGtM
V3YwZGZqcmY4clowVHhCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEArlWvAMEArl8wAMEAsETgAMEAMGU
vDANBAIAAjAHAwUDKga1ADANBgkqhkiG9w0BAQsFAAOCAQEAkLbLOePnbsjFXOLg
XK6DwQzWWCjfldjeaniwo8bMjH/KkrjB9Pl74Gq6oD2oYmAeRZ0jOSVjNd6mdjuP
p8i4bBWJXkNIV+aAS15M80I5R8LNpumRxyvmdnF8ygc2Ny9jj6fYYrxaLNloLtwR
aoy/1Vo1RCYTOZULWqaPRrzky2EeokQVwyl/r/hsd/oKOr/dNzsEMIs0OoWhNXTD
JvdXUdtJTKpKTxqH3lYm/7I8YCeKA7aG+vmoRSlgJpK7tBGSx2QajnQrpSJsw2IC
3M4QR0PS2d8GXeaHPjVLnB9OX1KLzX9116misaPMvORXHDzYXDbNdMCMypZ0DWwp
1pYngQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:15 2025 by rpki-client