Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/Fs_R5eukga9yA_6nAvGGACR1kZ0.roa
File: Fs_R5eukga9yA_6nAvGGACR1kZ0.roa (raw, json)
Hash identifier: NsIsdYzkjql6sqpY6tVxg2nA5jCn6/lypm6XQDB8p2g=
Subject key identifier: 16:CF:D1:E5:EB:A4:81:AF:72:03:FE:A7:02:F1:86:00:24:75:91:9D
Certificate issuer: /CN=a5d08b3150ad34de2b88592174192408396f11fb
Certificate serial: 36CF99C0
Authority key identifier: A5:D0:8B:31:50:AD:34:DE:2B:88:59:21:74:19:24:08:39:6F:11:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pdCLMVCtNN4riFkhdBkkCDlvEfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/Fs_R5eukga9yA_6nAvGGACR1kZ0.roa
Signing time: Sat 01 Jan 2022 10:01:32 +0000
ROA not before: Sat 01 Jan 2022 10:01:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12414
IP address blocks: 83.247.0.0/17 maxlen: 24
212.84.128.0/19 maxlen: 24
81.24.96.0/20 maxlen: 24
87.195.0.0/16 maxlen: 24
212.45.32.0/19 maxlen: 24
213.233.192.0/18 maxlen: 24
213.134.224.0/19 maxlen: 24
185.83.32.0/22 maxlen: 24
2001:9e0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 919574976 (0x36cf99c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5d08b3150ad34de2b88592174192408396f11fb
Validity
Not Before: Jan 1 10:01:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16cfd1e5eba481af7203fea702f186002475919d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:10:aa:f0:2e:07:7e:05:57:2b:15:b8:e1:a4:
1c:21:d2:55:a2:af:be:ef:2c:5f:7d:ad:bf:31:91:
94:60:24:a6:8b:b9:46:11:d6:a4:59:05:34:c6:c3:
45:b9:ca:c7:36:76:ae:76:c9:84:3f:f3:ca:0a:02:
b3:a1:f2:df:4a:7c:8c:7f:89:24:a5:3b:91:7a:57:
43:19:48:df:2d:c7:3f:d1:05:21:00:19:0f:80:de:
10:9e:44:9e:a8:53:af:d1:6f:96:8c:d2:92:99:b0:
f5:d9:c3:16:94:13:10:29:9f:31:00:db:3a:1a:6f:
11:0f:70:ed:18:e0:c2:57:bd:4d:99:4f:b0:d7:dc:
d0:42:f9:e6:ed:41:f1:66:e9:1a:37:db:ca:70:2c:
76:82:52:3f:c1:b3:cb:fa:30:df:36:04:b7:00:25:
89:e6:c1:d7:6f:7c:4e:20:77:cf:76:47:c8:ec:ac:
7e:1e:82:3d:78:c3:ac:56:7c:96:6f:fe:75:26:ed:
45:75:e3:7b:90:8e:3e:ef:c2:7d:23:a8:4b:4b:61:
27:76:7b:e2:df:9e:50:b5:7d:57:c7:32:d3:d8:14:
9c:b6:aa:3a:b3:27:e5:46:1d:e7:45:6f:2f:8a:03:
19:0d:43:11:d1:c5:31:e0:9c:b5:2e:c4:39:38:fa:
f1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:CF:D1:E5:EB:A4:81:AF:72:03:FE:A7:02:F1:86:00:24:75:91:9D
X509v3 Authority Key Identifier:
keyid:A5:D0:8B:31:50:AD:34:DE:2B:88:59:21:74:19:24:08:39:6F:11:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pdCLMVCtNN4riFkhdBkkCDlvEfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/Fs_R5eukga9yA_6nAvGGACR1kZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/pdCLMVCtNN4riFkhdBkkCDlvEfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.96.0/20
83.247.0.0/17
87.195.0.0/16
185.83.32.0/22
212.45.32.0/19
212.84.128.0/19
213.134.224.0/19
213.233.192.0/18
IPv6:
2001:9e0::/29
Signature Algorithm: sha256WithRSAEncryption
7b:b2:39:11:ac:c7:e1:af:5c:b4:2f:9a:79:b5:68:18:df:6e:
6b:70:41:68:a3:6b:f5:0c:11:c7:d6:0f:32:1c:55:6d:e0:07:
34:0a:0b:e6:c9:3d:f3:b7:14:42:3c:9c:7b:ba:82:17:4f:0f:
c4:d1:b8:0d:2a:b4:72:e1:b9:88:60:53:00:08:58:b6:f6:c9:
1a:0c:92:21:24:5d:59:b0:40:05:24:50:cb:83:9a:95:33:48:
ce:53:53:6a:c1:a0:a7:90:88:89:11:e5:26:6b:4e:ca:fc:88:
92:f4:9f:e4:83:b2:1d:07:c1:a1:0d:ab:7a:55:c2:cc:08:f5:
d9:38:6e:5b:c9:4d:15:bc:79:7d:1b:f0:a6:16:9b:2d:11:e7:
62:33:60:f5:ea:33:c1:bb:10:c2:d0:6b:4a:59:17:52:d1:bb:
a6:93:51:0d:bf:5c:4b:c5:0f:2e:22:a5:16:21:69:b5:7d:3e:
f8:ea:91:4b:26:91:71:0d:58:aa:eb:ae:73:6f:6f:d2:c7:0f:
f0:4a:7d:47:76:d3:7a:cf:77:23:04:f0:15:52:83:3f:d9:f7:
06:5f:7f:22:ad:1b:a3:6f:15:ee:19:e6:01:3b:10:aa:e0:08:
aa:4e:6e:ca:a5:89:d8:04:51:44:0d:df:eb:1b:57:88:03:79:
ce:33:de:8c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIENs+ZwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NWQwOGIzMTUwYWQzNGRlMmI4ODU5MjE3NDE5MjQwODM5NmYxMWZiMB4XDTIyMDEw
MTEwMDEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZjZmQxZTVlYmE0
ODFhZjcyMDNmZWE3MDJmMTg2MDAyNDc1OTE5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwQqvAuB34FVysVuOGkHCHSVaKvvu8sX32tvzGRlGAkpou5
RhHWpFkFNMbDRbnKxzZ2rnbJhD/zygoCs6Hy30p8jH+JJKU7kXpXQxlI3y3HP9EF
IQAZD4DeEJ5EnqhTr9FvlozSkpmw9dnDFpQTECmfMQDbOhpvEQ9w7Rjgwle9TZlP
sNfc0EL55u1B8WbpGjfbynAsdoJSP8Gzy/ow3zYEtwAliebB1298TiB3z3ZHyOys
fh6CPXjDrFZ8lm/+dSbtRXXje5COPu/CfSOoS0thJ3Z74t+eULV9V8cy09gUnLaq
OrMn5UYd50VvL4oDGQ1DEdHFMeCctS7EOTj68e0CAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBQWz9Hl66SBr3ID/qcC8YYAJHWRnTAfBgNVHSMEGDAWgBSl0IsxUK003iuI
WSF0GSQIOW8R+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BkQ0xNVkN0Tk40cmlGa2hkQmtrQ0RsdkVmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvOTAxODM5LTBlZjItNDBlYy05OWIzLTQzY2M1YjQ2ZDViMi8x
L0ZzX1I1ZXVrZ2E5eUFfNm5BdkdHQUNSMWtaMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
OTAxODM5LTBlZjItNDBlYy05OWIzLTQzY2M1YjQ2ZDViMi8xL3BkQ0xNVkN0Tk40
cmlGa2hkQmtrQ0RsdkVmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwNQQCAAEwLwMEBFEYYAMEB1P3AAMDAFfDAwQCuVMg
AwQF1C0gAwQF1FSAAwQF1YbgAwQG1enAMA0EAgACMAcDBQMgAQngMA0GCSqGSIb3
DQEBCwUAA4IBAQB7sjkRrMfhr1y0L5p5tWgY325rcEFoo2v1DBHH1g8yHFVt4Ac0
CgvmyT3ztxRCPJx7uoIXTw/E0bgNKrRy4bmIYFMACFi29skaDJIhJF1ZsEAFJFDL
g5qVM0jOU1NqwaCnkIiJEeUma07K/IiS9J/kg7IdB8GhDat6VcLMCPXZOG5byU0V
vHl9G/CmFpstEediM2D16jPBuxDC0GtKWRdS0bumk1ENv1xLxQ8uIqUWIWm1fT74
6pFLJpFxDViq665zb2/Sxw/wSn1HdtN6z3cjBPAVUoM/2fcGX38irRujbxXuGeYB
OxCq4AiqTm7KpYnYBFFEDd/rG1eIA3nOM96M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org