Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/fte0wJ8pvBN6bCiroUGpPXeINKA.roa
File: fte0wJ8pvBN6bCiroUGpPXeINKA.roa (raw, json)
Hash identifier: rC/R4puJX/fZ54PzMzj9IUBjQ1LWy7cYcrUuKXQl8Yw=
Subject key identifier: 7E:D7:B4:C0:9F:29:BC:13:7A:6C:28:AB:A1:41:A9:3D:77:88:34:A0
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 16C47E3B
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/fte0wJ8pvBN6bCiroUGpPXeINKA.roa
Signing time: Sat 01 Jan 2022 02:51:17 +0000
ROA not before: Sat 01 Jan 2022 02:51:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3267
IP address blocks: 194.226.192.0/19 maxlen: 19
82.137.137.0/24 maxlen: 24
85.142.64.0/24 maxlen: 24
85.142.78.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
193.27.214.0/24 maxlen: 24
193.27.214.0/23 maxlen: 23
194.85.32.0/20 maxlen: 20
2a07:a6c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 381976123 (0x16c47e3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 02:51:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ed7b4c09f29bc137a6c28aba141a93d778834a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:26:2f:42:af:d1:cc:b9:1c:76:9b:eb:a8:60:
df:cf:b7:07:eb:7c:3b:81:84:9b:53:c7:a8:08:0a:
1e:99:50:7b:b2:05:28:29:e2:16:38:b4:c7:87:f7:
de:99:8f:34:ea:ed:a9:3a:f6:d3:10:df:92:1b:62:
2d:f1:e1:f5:8b:b0:e5:e5:b6:08:9c:8c:cf:ef:8a:
e4:59:d4:13:c2:e9:4a:ec:d9:02:e9:d3:fb:24:21:
d5:28:e2:0f:c1:20:75:36:34:1a:8a:a0:6b:35:91:
da:08:81:57:46:95:00:d5:56:72:42:3d:94:b9:5e:
aa:9f:85:6a:42:6c:44:56:0c:34:21:66:17:15:8f:
59:cb:d7:77:04:fd:f8:f2:1b:02:78:b6:a0:ce:cb:
bc:ab:1e:93:ac:8f:57:61:f8:ec:c6:dc:68:1c:d0:
c6:94:a7:1b:dc:ac:48:b6:ae:c7:c8:7f:37:55:33:
93:f9:69:97:c2:fc:1d:ea:93:c4:8e:ac:61:32:a1:
68:c0:7a:e7:8f:34:70:df:e1:b3:6b:05:79:7a:aa:
54:12:12:d2:27:7b:e8:a1:2a:31:ff:d9:e3:93:36:
a3:95:05:c2:c1:4d:39:50:18:96:08:5c:ce:ca:89:
eb:db:32:da:a3:f6:49:e9:b1:0b:eb:ec:94:53:e9:
da:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D7:B4:C0:9F:29:BC:13:7A:6C:28:AB:A1:41:A9:3D:77:88:34:A0
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/fte0wJ8pvBN6bCiroUGpPXeINKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.137.137.0/24
85.142.64.0/24
85.142.78.0/24
86.110.96.0/19
193.27.214.0/23
194.85.32.0/20
194.226.192.0/19
IPv6:
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
10:e2:d3:1a:cc:99:24:b5:85:d8:b1:4f:ac:85:c3:ff:ae:9c:
39:c0:2d:d1:ef:34:57:aa:cc:15:06:e6:a8:5b:34:e3:3f:cc:
0d:ed:82:5f:c4:e4:62:45:cb:08:3b:90:25:99:54:fd:f9:de:
8a:87:e0:95:db:19:b4:cd:29:24:3d:2d:3d:04:75:a0:de:05:
19:0f:31:f9:2d:bc:b2:4b:e5:80:bf:ff:13:91:92:ab:89:32:
e2:43:07:e5:a7:9f:81:c0:41:cd:64:32:cd:08:58:39:65:c8:
db:0b:4d:bd:7c:5a:ed:2a:05:4e:a3:32:45:16:63:6f:1d:8f:
06:63:83:41:f2:ec:b2:97:59:71:33:c0:fe:22:30:d3:b4:4e:
d5:2a:2d:6b:fe:75:18:6e:fa:4e:67:a9:ea:d0:d4:20:6f:e3:
b3:0b:03:76:54:4c:bf:3a:51:73:c9:76:4c:44:85:dc:8b:b2:
97:3e:b6:49:23:26:a6:5a:28:d7:2b:cd:64:96:14:e9:1a:53:
2b:94:af:df:e7:19:f8:5f:45:0b:25:96:f8:de:f1:04:0d:d1:
e2:db:36:e5:05:14:6b:df:a7:e5:19:07:20:26:d4:a2:53:08:
5b:93:74:cd:b8:c0:c1:e5:45:cc:5d:bb:fe:ca:da:af:4b:58:
cf:3f:2e:6e
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEFsR+OzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGIyMjAyM2I2ZWFkNGMyOTY4M2E5ZmVkNDQ5M2QwM2RlZTJjNjg1MB4XDTIyMDEw
MTAyNTExN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2VkN2I0YzA5ZjI5
YmMxMzdhNmMyOGFiYTE0MWE5M2Q3Nzg4MzRhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0mL0Kv0cy5HHab66hg38+3B+t8O4GEm1PHqAgKHplQe7IF
KCniFji0x4f33pmPNOrtqTr20xDfkhtiLfHh9Yuw5eW2CJyMz++K5FnUE8LpSuzZ
AunT+yQh1SjiD8EgdTY0GoqgazWR2giBV0aVANVWckI9lLleqp+FakJsRFYMNCFm
FxWPWcvXdwT9+PIbAni2oM7LvKsek6yPV2H47MbcaBzQxpSnG9ysSLaux8h/N1Uz
k/lpl8L8HeqTxI6sYTKhaMB65480cN/hs2sFeXqqVBIS0id76KEqMf/Z45M2o5UF
wsFNOVAYlghczsqJ69sy2qP2SemxC+vslFPp2jsCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBR+17TAnym8E3psKKuhQak9d4g0oDAfBgNVHSMEGDAWgBQ4siAjturUwpaD
qf7UST0D3uLGhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09MSWdJN2JxMU1LV2c2bi0xRWs5QTk3aXhvVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvODgxM2Y1LTRlN2ItNGQ1MS1iNWYzLTQwZDk1YmQzM2ZjYi8x
L2Z0ZTB3SjhwdkJONmJDaXJvVUdwUFhlSU5LQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
ODgxM2Y1LTRlN2ItNGQ1MS1iNWYzLTQwZDk1YmQzM2ZjYi8xL09MSWdJN2JxMU1L
V2c2bi0xRWs5QTk3aXhvVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAFKJiQMEAFWOQAMEAFWOTgMEBVZu
YAMEAcEb1gMEBMJVIAMEBcLiwDANBAIAAjAHAwUDKgemwDANBgkqhkiG9w0BAQsF
AAOCAQEAEOLTGsyZJLWF2LFPrIXD/66cOcAt0e80V6rMFQbmqFs04z/MDe2CX8Tk
YkXLCDuQJZlU/fneiofgldsZtM0pJD0tPQR1oN4FGQ8x+S28skvlgL//E5GSq4ky
4kMH5aefgcBBzWQyzQhYOWXI2wtNvXxa7SoFTqMyRRZjbx2PBmODQfLsspdZcTPA
/iIw07RO1Sota/51GG76Tmep6tDUIG/jswsDdlRMvzpRc8l2TESF3Iuylz62SSMm
ploo1yvNZJYU6RpTK5Sv3+cZ+F9FCyWW+N7xBA3R4ts25QUUa9+n5RkHICbUolMI
W5N0zbjAweVFzF27/srar0tYzz8ubg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org