Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/fXrlIU0L9YoYWq-lQgEKMKFawzc.roa
File: fXrlIU0L9YoYWq-lQgEKMKFawzc.roa (raw, json)
Hash identifier: C5syVKSxEhOTgseAym7YkpyCb5CAe5ne78t1KAZpO6s=
Subject key identifier: 7D:7A:E5:21:4D:0B:F5:8A:18:5A:AF:A5:42:01:0A:30:A1:5A:C3:37
Certificate issuer: /CN=c17cc37f1ed81ac37b20faf0f42c41ab808f13c1
Certificate serial: 303924C6
Authority key identifier: C1:7C:C3:7F:1E:D8:1A:C3:7B:20:FA:F0:F4:2C:41:AB:80:8F:13:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wXzDfx7YGsN7IPrw9CxBq4CPE8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/fXrlIU0L9YoYWq-lQgEKMKFawzc.roa
Signing time: Sat 01 Jan 2022 09:04:14 +0000
ROA not before: Sat 01 Jan 2022 09:04:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24634
IP address blocks: 194.126.136.0/21 maxlen: 24
193.188.135.0/24 maxlen: 24
193.188.136.0/24 maxlen: 24
185.7.128.0/22 maxlen: 24
194.126.0.0/19 maxlen: 24
212.36.192.0/19 maxlen: 24
2a00:1590::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 809051334 (0x303924c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c17cc37f1ed81ac37b20faf0f42c41ab808f13c1
Validity
Not Before: Jan 1 09:04:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d7ae5214d0bf58a185aafa542010a30a15ac337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b0:25:66:6c:af:35:e8:70:13:ee:b3:6a:67:
1f:cf:6c:14:8f:be:ec:64:47:39:6f:ff:4d:51:9e:
c2:34:bb:92:00:de:76:60:b4:a8:19:18:26:91:5c:
76:db:b7:03:fe:d2:30:b5:d6:5a:47:2b:78:33:12:
a4:74:91:3d:8e:46:e4:f5:88:92:ff:71:ea:7a:b5:
7b:c6:6a:e8:4b:43:3c:20:9e:78:54:4c:2b:e5:b4:
4e:13:0e:e3:3d:06:6b:df:98:e6:d7:cd:53:25:57:
50:14:92:b8:b2:fc:eb:4d:45:98:37:d3:fb:7f:47:
a5:d6:6a:ef:fc:3e:fb:55:dd:93:37:34:5c:ca:67:
12:55:8d:55:4e:a5:5a:de:47:89:28:be:f5:2d:04:
2f:36:e2:11:19:1b:ba:3a:96:f1:ec:13:1b:1c:85:
22:fd:af:85:e8:bf:e0:9a:1c:78:78:ed:0f:d5:c4:
93:1c:4a:91:6c:b2:7f:f1:3e:12:ae:06:f4:98:8a:
a4:22:2e:c4:a2:87:02:83:97:f8:24:59:9e:f5:bf:
a8:f9:d1:08:03:cd:98:e6:03:17:d7:9d:ad:3d:58:
35:08:3d:ae:14:5b:bc:c1:7a:8c:94:2d:cf:f7:1f:
0a:94:de:f5:78:8f:63:48:9c:7d:f5:3f:4c:bb:6b:
d3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7A:E5:21:4D:0B:F5:8A:18:5A:AF:A5:42:01:0A:30:A1:5A:C3:37
X509v3 Authority Key Identifier:
keyid:C1:7C:C3:7F:1E:D8:1A:C3:7B:20:FA:F0:F4:2C:41:AB:80:8F:13:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wXzDfx7YGsN7IPrw9CxBq4CPE8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/fXrlIU0L9YoYWq-lQgEKMKFawzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/wXzDfx7YGsN7IPrw9CxBq4CPE8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.128.0/22
193.188.135.0-193.188.136.255
194.126.0.0/19
194.126.136.0/21
212.36.192.0/19
IPv6:
2a00:1590::/32
Signature Algorithm: sha256WithRSAEncryption
46:19:fb:45:e5:19:91:0e:4f:6f:40:fb:b4:17:38:da:a4:20:
ce:c2:29:4a:62:3c:a6:5a:a4:68:43:47:04:0e:10:bf:df:bd:
3c:2a:60:08:10:11:4f:1e:25:71:6e:f9:3e:63:2d:11:d0:f7:
bd:c4:77:bd:13:b5:86:a4:8d:3d:55:a4:64:d9:3c:1c:c2:09:
cb:61:2b:c3:e7:65:78:15:68:e4:dd:72:3c:e8:47:86:4d:17:
5d:f3:fb:c6:56:f1:99:05:d8:c6:39:01:6b:9e:f5:5e:5f:9d:
3a:68:8e:bc:49:24:ec:2e:c5:35:cb:25:3a:e0:a6:ec:48:04:
cf:f5:6a:78:78:e5:27:8c:e4:a2:b5:48:93:1e:d0:77:a5:0e:
d3:07:9e:03:bd:aa:35:a2:d0:47:1f:62:72:7b:3a:2b:7c:55:
6c:f2:24:42:a8:bb:df:2d:ca:22:8e:ce:0a:fb:62:44:fe:b8:
b9:3f:bd:ad:9c:bc:0a:74:26:73:d6:7d:1e:05:a3:49:b0:a4:
af:b8:e4:31:d5:33:c1:a4:36:df:59:89:85:e1:60:e4:74:46:
f6:89:c4:e8:96:13:f2:e1:f3:ce:37:e1:94:24:c5:80:18:75:
3a:ed:ac:17:3d:20:47:fc:d2:d8:10:1c:b6:37:59:92:66:9f:
c2:ca:c4:37
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEMDkkxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MTdjYzM3ZjFlZDgxYWMzN2IyMGZhZjBmNDJjNDFhYjgwOGYxM2MxMB4XDTIyMDEw
MTA5MDQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q3YWU1MjE0ZDBi
ZjU4YTE4NWFhZmE1NDIwMTBhMzBhMTVhYzMzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOwJWZsrzXocBPus2pnH89sFI++7GRHOW//TVGewjS7kgDe
dmC0qBkYJpFcdtu3A/7SMLXWWkcreDMSpHSRPY5G5PWIkv9x6nq1e8Zq6EtDPCCe
eFRMK+W0ThMO4z0Ga9+Y5tfNUyVXUBSSuLL8601FmDfT+39HpdZq7/w++1Xdkzc0
XMpnElWNVU6lWt5HiSi+9S0ELzbiERkbujqW8ewTGxyFIv2vhei/4JoceHjtD9XE
kxxKkWyyf/E+Eq4G9JiKpCIuxKKHAoOX+CRZnvW/qPnRCAPNmOYDF9edrT1YNQg9
rhRbvMF6jJQtz/cfCpTe9XiPY0icffU/TLtr0/kCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBR9euUhTQv1ihhar6VCAQowoVrDNzAfBgNVHSMEGDAWgBTBfMN/Htgaw3sg
+vD0LEGrgI8TwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dYekRmeDdZR3NON0lQcnc5Q3hCcTRDUEU4RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWQvYjEwZTA2LTI1N2MtNDk5NS04NzlkLTZkMDdkN2YxYTcwMS8x
L2ZYcmxJVTBMOVlvWVdxLWxRZ0VLTUtGYXd6Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQv
YjEwZTA2LTI1N2MtNDk5NS04NzlkLTZkMDdkN2YxYTcwMS8xL3dYekRmeDdZR3NO
N0lQcnc5Q3hCcTRDUEU4RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEArkHgDAMAwQAwbyHAwQAwbyIAwQF
wn4AAwQDwn6IAwQF1CTAMA0EAgACMAcDBQAqABWQMA0GCSqGSIb3DQEBCwUAA4IB
AQBGGftF5RmRDk9vQPu0FzjapCDOwilKYjymWqRoQ0cEDhC/3708KmAIEBFPHiVx
bvk+Yy0R0Pe9xHe9E7WGpI09VaRk2TwcwgnLYSvD52V4FWjk3XI86EeGTRdd8/vG
VvGZBdjGOQFrnvVeX506aI68SSTsLsU1yyU64KbsSATP9Wp4eOUnjOSitUiTHtB3
pQ7TB54Dvao1otBHH2JyezorfFVs8iRCqLvfLcoijs4K+2JE/ri5P72tnLwKdCZz
1n0eBaNJsKSvuOQx1TPBpDbfWYmF4WDkdEb2icTolhPy4fPON+GUJMWAGHU67awX
PSBH/NLYEBy2N1mSZp/CysQ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:36 2024 by rpki-client on console-fra.rpki-client.org