Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/fgVPlfBNG80FzGkEc_rrsqFXRHM.roa
File: fgVPlfBNG80FzGkEc_rrsqFXRHM.roa (raw, json)
Hash identifier: jPpgz0c2mF2yUIadlhK0yMQ7oPHbb7sEOp2a3YnHJrw=
Subject key identifier: 7E:05:4F:95:F0:4D:1B:CD:05:CC:69:04:73:FA:EB:B2:A1:57:44:73
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0183141B02D80312C2041834DFC7C088F975
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/fgVPlfBNG80FzGkEc_rrsqFXRHM.roa
Signing time: Tue 06 Sep 2022 18:40:58 +0000
ROA not before: Tue 06 Sep 2022 18:40:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 185.123.101.0/24 maxlen: 24
2a11:840:24::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:14:1b:02:d8:03:12:c2:04:18:34:df:c7:c0:88:f9:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 6 18:40:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e054f95f04d1bcd05cc690473faebb2a1574473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:68:95:33:7b:2c:eb:cd:1f:67:2a:ca:26:00:
88:6f:d5:94:28:a5:38:53:c0:58:8b:b9:f4:6b:6d:
b1:0f:33:44:06:1d:ac:dc:52:0c:1f:1e:84:d4:ac:
db:51:af:81:3d:20:07:1f:0a:69:7b:a3:d0:e6:bb:
c6:73:c3:00:92:43:07:20:af:e0:45:0b:7c:ac:42:
34:93:78:e5:d2:c2:65:eb:18:73:a2:1c:37:61:be:
64:bc:da:7f:59:5a:24:9d:2f:ba:0a:dc:98:82:1f:
87:e8:c5:f0:e2:45:fd:0f:e2:7d:5a:1f:57:e8:87:
26:ea:30:c2:4e:f2:8a:a0:1e:15:ca:9a:30:08:7c:
26:d4:e9:d0:63:2c:77:90:d6:f2:79:93:9d:a4:6a:
6b:74:7e:69:44:53:7d:95:a6:af:ca:ad:da:2c:0e:
11:14:98:19:1f:77:9e:a3:72:69:bb:c0:51:ea:1d:
9b:a8:31:2c:ae:85:7b:ae:9e:48:f6:21:87:f4:36:
b0:df:cd:25:94:c9:44:5a:c7:72:ac:2b:0a:72:ce:
7b:75:65:6a:d6:e3:12:bc:b4:1b:fb:5a:06:9b:5c:
46:3e:99:f6:6b:08:e0:54:18:ef:30:da:9d:cd:de:
aa:99:12:c5:be:4b:5d:bb:57:f2:63:94:b8:82:0d:
f8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:05:4F:95:F0:4D:1B:CD:05:CC:69:04:73:FA:EB:B2:A1:57:44:73
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/fgVPlfBNG80FzGkEc_rrsqFXRHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.101.0/24
IPv6:
2a11:840:24::/48
Signature Algorithm: sha256WithRSAEncryption
36:22:9d:eb:26:01:dc:0d:80:ac:2c:7a:4d:10:1a:84:9c:ee:
21:ef:11:d7:72:15:c2:ca:b0:d8:ca:48:56:e7:f2:67:bf:64:
c2:d0:c4:d4:92:e6:f7:8a:9c:d1:73:7f:af:68:ac:90:d9:35:
c8:fa:86:77:2f:3b:62:70:2f:07:59:a1:4e:54:06:6f:2b:4f:
94:a7:12:36:9a:78:a0:92:2e:fe:f6:52:30:24:28:40:44:d6:
f6:4c:52:07:ca:25:48:0f:7d:fe:0e:13:01:35:c0:08:3c:1b:
b9:6d:5b:30:14:48:d8:50:cd:16:59:3a:48:ae:ec:e4:e9:db:
20:ea:16:ee:ee:26:bf:6b:fc:cc:87:52:4e:a9:ab:bd:4f:de:
7d:01:85:cc:b2:28:11:c5:9d:88:9e:b7:fc:62:38:f0:99:36:
b3:6c:07:9a:e6:82:e0:7f:bf:60:b0:65:af:25:85:50:6d:96:
dc:55:e6:b2:64:d7:14:1b:e7:4e:81:59:48:93:12:63:e3:66:
37:4e:6d:fc:5c:65:03:17:85:a0:3f:26:4d:08:60:a6:d9:e5:
1e:2d:11:39:3c:a9:89:da:8e:6f:34:24:df:ee:6b:a8:eb:31:
c4:67:2c:a3:c6:eb:33:0b:45:b4:dc:ee:a7:db:33:d8:77:12:
16:1c:8f:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMUGwLYAxLCBBg038fAiPl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjIwOTA2MTg0MDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTA1NGY5NWYwNGQxYmNkMDVjYzY5MDQ3M2ZhZWJiMmExNTc0NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2iVM3ss680fZyrKJgCIb9WUKKU4
U8BYi7n0a22xDzNEBh2s3FIMHx6E1KzbUa+BPSAHHwppe6PQ5rvGc8MAkkMHIK/g
RQt8rEI0k3jl0sJl6xhzohw3Yb5kvNp/WVoknS+6CtyYgh+H6MXw4kX9D+J9Wh9X
6Icm6jDCTvKKoB4VypowCHwm1OnQYyx3kNbyeZOdpGprdH5pRFN9laavyq3aLA4R
FJgZH3eeo3Jpu8BR6h2bqDEsroV7rp5I9iGH9Daw380llMlEWsdyrCsKcs57dWVq
1uMSvLQb+1oGm1xGPpn2awjgVBjvMNqdzd6qmRLFvktdu1fyY5S4gg34/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH4FT5XwTRvNBcxpBHP667KhV0RzMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvZmdWUGxmQk5HODBGekdrRWNfcnJzcUZYUkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuXtlMA8E
AgACMAkDBwAqEQhAACQwDQYJKoZIhvcNAQELBQADggEBADYinesmAdwNgKwsek0Q
GoSc7iHvEddyFcLKsNjKSFbn8me/ZMLQxNSS5veKnNFzf69orJDZNcj6hncvO2Jw
LwdZoU5UBm8rT5SnEjaaeKCSLv72UjAkKEBE1vZMUgfKJUgPff4OEwE1wAg8G7lt
WzAUSNhQzRZZOkiu7OTp2yDqFu7uJr9r/MyHUk6pq71P3n0BhcyyKBHFnYiet/xi
OPCZNrNsB5rmguB/v2CwZa8lhVBtltxV5rJk1xQb506BWUiTEmPjZjdObfxcZQMX
haA/Jk0IYKbZ5R4tETk8qYnajm80JN/ua6jrMcRnLKPG6zMLRbTc7qfbM9h3EhYc
j0o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org