Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/foaORjpai5qPXitvLzCm5MPunKE.roa
File: foaORjpai5qPXitvLzCm5MPunKE.roa (raw, json)
Hash identifier: SVVejyS/wDu+B44Wev690FUgkPBCbWs9vecvpcL0QCg=
Subject key identifier: 7E:86:8E:46:3A:5A:8B:9A:8F:5E:2B:6F:2F:30:A6:E4:C3:EE:9C:A1
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 2FBFA670
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/foaORjpai5qPXitvLzCm5MPunKE.roa
Signing time: Sat 01 Jan 2022 10:04:54 +0000
ROA not before: Sat 01 Jan 2022 10:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59542
IP address blocks: 193.173.196.0/24 maxlen: 24
145.7.49.0/24 maxlen: 24
145.7.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 801089136 (0x2fbfa670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 1 10:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e868e463a5a8b9a8f5e2b6f2f30a6e4c3ee9ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:19:4a:1b:1e:72:ee:37:49:02:5a:bd:74:ce:
a5:a9:22:74:98:76:48:ef:74:62:8f:f5:53:70:b7:
2f:3a:5b:0c:21:09:82:5e:d4:6c:e2:57:af:d2:cd:
ee:df:aa:08:d1:eb:4b:53:b6:f5:81:89:00:5b:9e:
1e:e0:81:98:05:6d:f4:b4:90:f8:e3:f0:50:b5:fe:
89:6c:16:02:f8:b1:43:11:32:90:69:b4:92:f1:31:
02:81:bf:d1:60:6c:19:39:69:e2:bc:98:79:aa:13:
52:a5:92:30:8d:d4:53:b5:29:ce:8b:44:86:e4:a3:
17:13:d3:1b:67:43:f6:d4:9a:7b:a4:19:90:89:45:
f1:63:da:c8:6c:84:71:5b:de:4b:01:dc:90:8d:47:
cd:02:3d:1c:fb:08:c5:81:b4:c1:09:a1:e2:ba:1c:
ff:36:2b:88:8a:3a:63:e4:7d:26:f7:1a:7e:6e:71:
30:22:0d:4c:af:21:55:eb:f7:ef:02:32:79:c7:e6:
ce:8f:55:fb:15:3a:f8:d1:b3:66:30:ff:1f:40:2b:
75:4a:34:3f:ec:e0:c3:33:b2:6d:20:65:34:13:f3:
d0:b1:2e:f8:ea:7d:38:31:53:d2:0c:51:58:ba:45:
43:86:a0:fa:c4:7e:b7:8b:00:61:c6:a5:20:cd:ba:
87:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:86:8E:46:3A:5A:8B:9A:8F:5E:2B:6F:2F:30:A6:E4:C3:EE:9C:A1
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/foaORjpai5qPXitvLzCm5MPunKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.7.49.0/24
145.7.56.0/21
193.173.196.0/24
Signature Algorithm: sha256WithRSAEncryption
86:9f:16:5b:70:98:33:cc:10:25:65:e9:92:f1:c0:db:24:16:
7c:9c:a0:7f:d5:fc:89:14:93:34:7f:97:1f:af:1e:f3:bb:ec:
d5:57:c3:04:f5:ca:a8:02:f3:f3:cd:64:7b:06:d9:88:e1:2a:
75:c8:05:d0:01:d5:bb:1e:d4:25:97:0f:6a:96:f7:b4:13:ea:
42:3d:e9:00:4e:c0:0c:43:0c:e4:f2:f9:24:26:73:b7:f1:d8:
db:54:c0:37:77:54:5f:e9:4d:fc:b7:15:2d:19:6a:0a:bf:d1:
45:5f:00:03:72:48:7d:22:d2:57:b9:20:be:dd:29:c0:00:fd:
2a:4a:87:7f:49:ce:f1:31:f9:95:53:0d:cd:cb:6d:ce:70:a7:
6d:9b:55:ac:a7:37:c4:eb:a9:71:06:e3:68:95:8f:27:21:5d:
62:1e:43:98:b1:aa:97:c7:b1:ef:87:28:d8:5c:46:3c:8d:ea:
ea:d8:14:bd:f8:9f:af:9b:4d:06:62:da:28:a9:18:b2:4d:47:
b9:53:91:c8:48:ba:9e:d4:48:c0:17:20:f0:69:f1:e6:ce:6c:
6b:d5:ec:92:c9:e5:b2:93:6e:a2:27:5c:36:2d:f5:44:9e:4b:
cb:d7:93:2f:4f:28:a3:24:eb:dd:56:85:95:ba:75:59:8e:cf:
5d:f0:54:82
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEL7+mcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mzk4MDYwZjFiZjIyZjA5OTljYjA3MWIxYjQyNjk2ZGJjNDNlMTBjMB4XDTIyMDEw
MTEwMDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U4NjhlNDYzYTVh
OGI5YThmNWUyYjZmMmYzMGE2ZTRjM2VlOWNhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJcZShsecu43SQJavXTOpakidJh2SO90Yo/1U3C3LzpbDCEJ
gl7UbOJXr9LN7t+qCNHrS1O29YGJAFueHuCBmAVt9LSQ+OPwULX+iWwWAvixQxEy
kGm0kvExAoG/0WBsGTlp4ryYeaoTUqWSMI3UU7UpzotEhuSjFxPTG2dD9tSae6QZ
kIlF8WPayGyEcVveSwHckI1HzQI9HPsIxYG0wQmh4roc/zYriIo6Y+R9Jvcafm5x
MCINTK8hVev37wIyecfmzo9V+xU6+NGzZjD/H0ArdUo0P+zgwzOybSBlNBPz0LEu
+Op9ODFT0gxRWLpFQ4ag+sR+t4sAYcalIM26h1sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBR+ho5GOlqLmo9eK28vMKbkw+6coTAfBgNVHSMEGDAWgBTDmAYPG/IvCZnL
BxsbQmltvEPhDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c1Z0dEeHZ5THdtWnl3Y2JHMEpwYmJ4RDRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvM2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8x
L2ZvYU9SanBhaTVxUFhpdHZMekNtNU1QdW5LRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
M2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8xL3c1Z0dEeHZ5THdt
Wnl3Y2JHMEpwYmJ4RDRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAJEHMQMEA5EHOAMEAMGtxDANBgkq
hkiG9w0BAQsFAAOCAQEAhp8WW3CYM8wQJWXpkvHA2yQWfJygf9X8iRSTNH+XH68e
87vs1VfDBPXKqALz881kewbZiOEqdcgF0AHVux7UJZcPapb3tBPqQj3pAE7ADEMM
5PL5JCZzt/HY21TAN3dUX+lN/LcVLRlqCr/RRV8AA3JIfSLSV7kgvt0pwAD9KkqH
f0nO8TH5lVMNzcttznCnbZtVrKc3xOupcQbjaJWPJyFdYh5DmLGql8ex74co2FxG
PI3q6tgUvfifr5tNBmLaKKkYsk1HuVORyEi6ntRIwBcg8Gnx5s5sa9XsksnlspNu
oidcNi31RJ5Ly9eTL08ooyTr3VaFlbp1WY7PXfBUgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org