Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/fbYUEvTawr9U9xBEll3AqxH_6D4.roa
File: fbYUEvTawr9U9xBEll3AqxH_6D4.roa (raw, json)
Hash identifier: Q26HFOr5upQwLoGUbgomTaE8PiMZxgWpYfhYPptzf9s=
Subject key identifier: 7D:B6:14:12:F4:DA:C2:BF:54:F7:10:44:96:5D:C0:AB:11:FF:E8:3E
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 0551CA
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/fbYUEvTawr9U9xBEll3AqxH_6D4.roa
Signing time: Tue 22 Mar 2022 18:39:43 +0000
ROA not before: Tue 22 Mar 2022 18:39:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213038
IP address blocks: 194.88.111.0/24 maxlen: 24
194.88.110.0/24 maxlen: 24
194.88.109.0/24 maxlen: 24
194.88.108.0/24 maxlen: 24
185.131.145.0/24 maxlen: 24
185.131.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348618 (0x551ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Mar 22 18:39:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7db61412f4dac2bf54f71044965dc0ab11ffe83e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:20:eb:c2:e7:50:2f:ea:5b:ef:a4:12:ae:cb:
4a:6c:b6:24:b4:45:57:5b:83:37:fb:f7:81:35:f2:
1f:04:4d:1f:3f:8d:61:9f:74:d2:5a:69:fa:a6:db:
de:a2:eb:be:ec:01:dc:c8:e6:1f:fe:c9:b0:77:05:
fb:78:18:0e:40:68:50:b8:bf:01:c2:c8:9a:b3:cb:
b1:4f:94:34:df:09:d8:13:08:25:8d:24:14:ad:7b:
52:d2:41:63:2a:ee:09:22:db:b9:88:0f:3c:d6:35:
2f:bf:6f:3b:a5:37:0d:51:06:30:f1:f8:ab:e6:7b:
73:74:9a:34:bd:47:6d:48:43:68:90:7e:3e:c8:6a:
c5:04:5f:ef:9f:77:eb:73:39:ad:c5:78:72:f5:b3:
13:06:d0:81:ef:90:4d:aa:32:c0:e8:41:dd:60:c0:
fb:23:4c:95:12:0f:90:42:59:9d:b3:c0:1a:70:4f:
37:3d:b8:97:aa:b8:8c:f5:e1:13:c3:e6:c8:6e:66:
a4:7d:b6:1a:15:aa:80:b8:4f:e2:62:cf:4b:d3:83:
33:49:d1:74:f0:ad:72:93:ce:bf:a1:ef:5b:d2:76:
12:5a:2b:9d:32:08:63:12:a3:d2:5c:50:0c:22:cb:
57:d2:1e:75:cf:51:29:1b:78:1f:3f:15:18:ec:12:
6a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B6:14:12:F4:DA:C2:BF:54:F7:10:44:96:5D:C0:AB:11:FF:E8:3E
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/fbYUEvTawr9U9xBEll3AqxH_6D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.144.0/23
194.88.108.0/22
Signature Algorithm: sha256WithRSAEncryption
03:ef:55:49:3a:15:67:9e:fe:7e:3f:74:f7:12:a4:6b:21:db:
e4:5d:fa:d5:64:72:af:1a:03:99:70:73:0c:02:1a:cd:7e:d9:
a3:50:9e:5c:69:58:bd:ca:17:9d:9f:61:4b:74:8e:6d:6e:89:
38:a1:d4:c0:a1:ca:44:28:5a:4e:5c:19:76:3a:4e:23:fe:f7:
91:68:aa:3b:47:d1:30:44:fb:78:e5:11:d6:77:4c:b1:77:a4:
69:24:2f:16:f4:e6:7e:01:6f:8e:dc:1b:f5:4b:01:58:60:c0:
14:17:e6:59:89:db:63:99:5b:af:e4:c4:bc:95:08:88:d6:aa:
cc:74:a7:c3:31:a2:d3:25:2f:e4:ca:80:6e:d8:4b:07:f7:aa:
84:03:94:e3:a8:cc:b0:13:fc:1b:97:2f:db:90:26:67:44:ea:
f7:8c:f8:f0:16:ee:d3:18:8c:a4:19:27:17:28:2e:bd:29:f3:
d7:58:3a:1d:90:1a:5c:23:b1:de:00:0b:6c:48:60:1c:d1:cd:
32:73:b7:cb:69:0a:1e:57:bd:55:c9:61:dc:23:f1:72:37:e4:
92:64:72:e5:36:87:87:33:79:09:fc:c6:3a:35:66:aa:c5:c9:
aa:58:0a:a7:cc:1f:20:cb:8e:b1:2b:c0:e3:38:25:4d:b4:bd:
d2:58:71:05
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDBVHKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkwYWI3NzAwHhcNMjIwMzIy
MTgzOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ZGI2MTQxMmY0ZGFj
MmJmNTRmNzEwNDQ5NjVkYzBhYjExZmZlODNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4CDrwudQL+pb76QSrstKbLYktEVXW4M3+/eBNfIfBE0fP41h
n3TSWmn6ptveouu+7AHcyOYf/smwdwX7eBgOQGhQuL8Bwsias8uxT5Q03wnYEwgl
jSQUrXtS0kFjKu4JItu5iA881jUvv287pTcNUQYw8fir5ntzdJo0vUdtSENokH4+
yGrFBF/vn3frczmtxXhy9bMTBtCB75BNqjLA6EHdYMD7I0yVEg+QQlmds8AacE83
PbiXqriM9eETw+bIbmakfbYaFaqAuE/iYs9L04MzSdF08K1yk86/oe9b0nYSWiud
MghjEqPSXFAMIstX0h51z1EpG3gfPxUY7BJqiwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFH22FBL02sK/VPcQRJZdwKsR/+g+MB8GA1UdIwQYMBaAFNnv6dNvX4j98EdC
xBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEv
ZmJZVUV2VGF3cjlVOXhCRWxsM0FxeEhfNkQ0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81
NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEvMmVfcDAyOWZpUDN3
UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYOQAwQCwlhsMA0GCSqGSIb3DQEB
CwUAA4IBAQAD71VJOhVnnv5+P3T3EqRrIdvkXfrVZHKvGgOZcHMMAhrNftmjUJ5c
aVi9yhedn2FLdI5tbok4odTAocpEKFpOXBl2Ok4j/veRaKo7R9EwRPt45RHWd0yx
d6RpJC8W9OZ+AW+O3Bv1SwFYYMAUF+ZZidtjmVuv5MS8lQiI1qrMdKfDMaLTJS/k
yoBu2EsH96qEA5TjqMywE/wbly/bkCZnROr3jPjwFu7TGIykGScXKC69KfPXWDod
kBpcI7HeAAtsSGAc0c0yc7fLaQoeV71VyWHcI/FyN+SSZHLlNoeHM3kJ/MY6NWaq
xcmqWAqnzB8gy46xK8DjOCVNtL3SWHEF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:00 2023 by rpki-client on console-ams.rpki-client.org