Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/_EL1wvb51ywo-h5EteFvNfnqT1A.roa
File: _EL1wvb51ywo-h5EteFvNfnqT1A.roa (raw, json)
Hash identifier: pfHgvrJgTLeeGaoZvXbKvS0gN38c12SIXrDwJogStx4=
Subject key identifier: FC:42:F5:C2:F6:F9:D7:2C:28:FA:1E:44:B5:E1:6F:35:F9:EA:4F:50
Certificate issuer: /CN=5bc9a6c85ca7a5657b9e8ae80865d12ef8166a03
Certificate serial: 0184E3B9B3A8FF60F5BED1897AA2CA71ECF3
Authority key identifier: 5B:C9:A6:C8:5C:A7:A5:65:7B:9E:8A:E8:08:65:D1:2E:F8:16:6A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W8mmyFynpWV7noroCGXRLvgWagM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/_EL1wvb51ywo-h5EteFvNfnqT1A.roa
Signing time: Mon 05 Dec 2022 19:18:28 +0000
ROA not before: Mon 05 Dec 2022 19:18:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 195.225.127.0/24 maxlen: 24
91.211.232.0/24 maxlen: 24
185.108.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:b9:b3:a8:ff:60:f5:be:d1:89:7a:a2:ca:71:ec:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bc9a6c85ca7a5657b9e8ae80865d12ef8166a03
Validity
Not Before: Dec 5 19:18:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc42f5c2f6f9d72c28fa1e44b5e16f35f9ea4f50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e7:5d:47:48:95:ed:3a:fe:96:f9:de:35:31:
a5:2b:49:50:6a:95:4d:5a:f5:3a:26:e9:18:46:17:
1f:cc:c7:a6:9e:53:16:08:56:dd:b9:c2:c3:d9:8a:
c9:c0:af:8a:73:9d:30:fe:ae:3c:3b:3f:57:f5:82:
89:18:99:86:72:8b:b3:af:81:60:3a:84:e3:75:99:
d7:4c:49:b4:3e:8c:f6:8e:60:e1:68:51:08:b5:61:
8e:a4:0f:6e:a9:43:47:eb:4b:b3:6b:85:d6:82:b2:
51:4c:78:01:a2:f7:09:70:80:6f:09:ce:49:64:d5:
e2:32:50:56:b8:80:56:24:92:97:88:3f:43:31:b1:
ad:73:7b:84:4a:62:14:a6:94:3b:a9:c8:77:94:f7:
cf:8a:69:c8:63:c1:c2:20:e8:c7:6c:aa:fa:f0:77:
5c:27:0f:1e:1a:45:33:72:1c:a7:1b:f9:ff:c3:c2:
ac:fb:b6:d1:62:85:69:ca:08:f4:ca:af:c2:55:ed:
2c:7c:cc:64:0e:5e:d3:ba:ed:bd:08:44:44:16:60:
12:1b:e6:1f:18:6c:fe:d1:14:2e:9d:46:42:df:41:
81:c6:4a:2b:96:76:e9:7c:af:fa:4e:76:d0:5a:a0:
19:ff:fb:08:37:b5:fa:6e:0e:8b:5e:e9:8a:62:03:
b6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:42:F5:C2:F6:F9:D7:2C:28:FA:1E:44:B5:E1:6F:35:F9:EA:4F:50
X509v3 Authority Key Identifier:
keyid:5B:C9:A6:C8:5C:A7:A5:65:7B:9E:8A:E8:08:65:D1:2E:F8:16:6A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W8mmyFynpWV7noroCGXRLvgWagM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/_EL1wvb51ywo-h5EteFvNfnqT1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/W8mmyFynpWV7noroCGXRLvgWagM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.232.0/24
185.108.188.0/24
195.225.127.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:37:f8:8e:3c:87:bf:e8:46:31:4c:8f:2c:4b:b8:d9:3d:61:
48:d4:d7:3e:40:2a:29:27:6d:d1:00:5f:fb:00:a8:0e:d7:1e:
e4:24:f1:a6:17:5b:1b:bd:e7:5a:68:bc:5c:30:7c:25:74:3d:
fa:86:d3:e8:85:79:4a:be:8d:99:1b:5a:78:c3:b8:7d:a9:53:
05:15:fb:e9:69:d6:05:99:09:1e:c6:0a:67:6d:0e:d4:3a:47:
c1:09:5b:ac:46:69:b1:85:83:84:e1:30:74:a2:c3:d7:a0:15:
40:1d:a9:aa:7a:67:51:83:fc:5d:1e:24:31:9a:75:06:6d:1d:
3f:21:06:d4:26:c0:52:b5:16:75:fc:14:00:fd:65:85:75:e1:
58:7d:c2:5b:6b:a6:06:ab:99:7b:95:78:70:07:7a:cf:b0:c9:
39:c1:0e:81:30:49:13:aa:85:f7:8f:5d:65:77:25:8f:4f:1d:
1d:f9:b9:62:66:0e:46:00:80:dd:2e:32:36:6b:19:f0:46:4b:
86:f9:99:01:ae:bd:89:90:f5:fe:cf:67:e4:97:74:6a:2b:c9:
a5:74:13:f5:4d:94:77:23:43:9c:99:63:30:b0:12:54:0f:51:
61:a8:ff:8d:65:9c:a3:7b:7c:09:e4:2c:f1:bc:1d:19:15:b1:
6a:29:b3:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTjubOo/2D1vtGJeqLKcezzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYzlhNmM4NWNhN2E1NjU3YjllOGFlODA4NjVkMTJlZjgx
NjZhMDMwHhcNMjIxMjA1MTkxODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzQyZjVjMmY2ZjlkNzJjMjhmYTFlNDRiNWUxNmYzNWY5ZWE0ZjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+ddR0iV7Tr+lvneNTGlK0lQapVN
WvU6JukYRhcfzMemnlMWCFbducLD2YrJwK+Kc50w/q48Oz9X9YKJGJmGcouzr4Fg
OoTjdZnXTEm0Poz2jmDhaFEItWGOpA9uqUNH60uza4XWgrJRTHgBovcJcIBvCc5J
ZNXiMlBWuIBWJJKXiD9DMbGtc3uESmIUppQ7qch3lPfPimnIY8HCIOjHbKr68Hdc
Jw8eGkUzchynG/n/w8Ks+7bRYoVpygj0yq/CVe0sfMxkDl7Tuu29CEREFmASG+Yf
GGz+0RQunUZC30GBxkorlnbpfK/6TnbQWqAZ//sIN7X6bg6LXumKYgO2NQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPxC9cL2+dcsKPoeRLXhbzX56k9QMB8GA1UdIwQY
MBaAFFvJpshcp6Vle56K6Ahl0S74FmoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzhtbXlGeW5wV1Y3bm9yb0NHWFJMdmdXYWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82NTU1ZTMtODJmNi00NmNhLWExNzAt
NDhmNzdlZTg1YWI5LzEvX0VMMXd2YjUxeXdvLWg1RXRlRnZOZm5xVDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82NTU1ZTMtODJmNi00NmNhLWExNzAtNDhmNzdlZTg1YWI5
LzEvVzhtbXlGeW5wV1Y3bm9yb0NHWFJMdmdXYWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9PoAwQA
uWy8AwQAw+F/MA0GCSqGSIb3DQEBCwUAA4IBAQCgN/iOPIe/6EYxTI8sS7jZPWFI
1Nc+QCopJ23RAF/7AKgO1x7kJPGmF1sbvedaaLxcMHwldD36htPohXlKvo2ZG1p4
w7h9qVMFFfvpadYFmQkexgpnbQ7UOkfBCVusRmmxhYOE4TB0osPXoBVAHamqemdR
g/xdHiQxmnUGbR0/IQbUJsBStRZ1/BQA/WWFdeFYfcJba6YGq5l7lXhwB3rPsMk5
wQ6BMEkTqoX3j11ldyWPTx0d+bliZg5GAIDdLjI2axnwRkuG+ZkBrr2JkPX+z2fk
l3RqK8mldBP1TZR3I0OcmWMwsBJUD1FhqP+NZZyje3wJ5CzxvB0ZFbFqKbP3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:20 2024 by rpki-client on console-ams.rpki-client.org