Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/4FX2HeebcIjrCLdlBTztMGBPXjE.roa
File: 4FX2HeebcIjrCLdlBTztMGBPXjE.roa (raw, json)
Hash identifier: uzmJV6VJmT1mooWQUCWb1LrQeFcu99+58pSBJmMm3wM=
Subject key identifier: E0:55:F6:1D:E7:9B:70:88:EB:08:B7:65:05:3C:ED:30:60:4F:5E:31
Certificate issuer: /CN=0b2ce7fd2f5b1b79757c8973ae3f7b0be686385b
Certificate serial: 045A17B2
Authority key identifier: 0B:2C:E7:FD:2F:5B:1B:79:75:7C:89:73:AE:3F:7B:0B:E6:86:38:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/4FX2HeebcIjrCLdlBTztMGBPXjE.roa
Signing time: Sat 01 Jan 2022 11:57:28 +0000
ROA not before: Sat 01 Jan 2022 11:57:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202921
IP address blocks: 185.148.214.0/24 maxlen: 24
185.148.215.0/24 maxlen: 24
147.161.24.0/22 maxlen: 22
212.69.128.0/24 maxlen: 24
212.69.129.0/24 maxlen: 24
212.69.130.0/24 maxlen: 24
212.69.131.0/24 maxlen: 24
185.148.212.0/24 maxlen: 24
185.148.213.0/24 maxlen: 24
2a0d:f780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73013170 (0x45a17b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b2ce7fd2f5b1b79757c8973ae3f7b0be686385b
Validity
Not Before: Jan 1 11:57:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e055f61de79b7088eb08b765053ced30604f5e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:13:d6:af:2b:82:ee:b1:67:69:68:a8:c6:b2:
64:bb:41:1c:cd:e9:18:30:81:f0:55:c1:d5:8c:f3:
5a:97:66:bd:d5:3b:7b:9a:85:f3:dd:bb:b5:a7:e1:
fe:7c:ae:1c:ad:68:e5:51:e8:89:13:5b:a0:20:7c:
92:b7:83:c9:57:d2:ea:c5:cf:e4:9d:dc:e2:9e:24:
22:d9:1d:ba:40:52:d8:c2:42:c8:9b:81:40:61:98:
15:17:87:33:4f:f7:94:48:4a:12:7b:1e:92:10:70:
c7:f7:1e:ea:dc:00:13:0e:27:42:6f:55:4b:76:d3:
58:9e:d1:d2:21:bc:2c:34:eb:ef:37:25:c3:2a:88:
55:b9:0d:01:d7:d4:b5:17:6a:c2:07:9d:7a:bc:ef:
c7:6f:67:56:00:40:1a:cf:e4:8b:9d:d0:74:50:92:
91:c3:5d:3c:c5:31:5d:7a:67:16:db:72:f1:fd:d3:
d3:d2:6e:50:5e:50:f5:d2:f1:8e:1e:60:90:bb:92:
7d:95:c3:b8:8a:06:ea:dc:1d:46:c6:78:02:c9:84:
30:f5:03:3b:67:30:8d:f1:3b:ba:c8:87:e2:69:e8:
7c:df:a8:ab:3e:c0:32:12:d3:1b:ed:a8:78:3b:bc:
54:aa:5a:c3:f0:83:67:0b:38:0f:ee:8f:5c:51:ac:
a2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:55:F6:1D:E7:9B:70:88:EB:08:B7:65:05:3C:ED:30:60:4F:5E:31
X509v3 Authority Key Identifier:
keyid:0B:2C:E7:FD:2F:5B:1B:79:75:7C:89:73:AE:3F:7B:0B:E6:86:38:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/4FX2HeebcIjrCLdlBTztMGBPXjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/Cyzn_S9bG3l1fIlzrj97C-aGOFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.24.0/22
185.148.212.0/22
212.69.128.0/22
IPv6:
2a0d:f780::/29
Signature Algorithm: sha256WithRSAEncryption
56:ca:9b:e7:7a:9e:5c:e6:85:56:bf:a3:48:5d:7a:96:20:c6:
46:1b:d3:1e:54:bf:83:56:16:a2:c1:40:74:67:57:04:88:91:
8f:e4:6b:43:f8:4b:a2:97:17:a7:df:49:f5:52:a0:bb:f8:63:
58:ec:24:b2:33:55:a3:8d:39:30:7c:71:b5:19:02:5b:2d:0e:
9d:86:48:64:b2:af:36:d2:95:8b:fb:10:c7:b3:ed:1f:7e:cd:
d6:95:16:dc:90:35:66:96:f1:ec:11:9b:6d:d2:c5:03:fd:89:
fe:13:1b:79:e3:7f:74:bb:70:08:b8:b7:0a:0d:c7:8e:46:0f:
6a:90:e2:e2:a3:48:05:66:82:01:f0:78:c0:19:ac:f7:6a:31:
63:c6:d1:77:f1:35:7b:1e:1a:1e:ed:65:87:f8:25:47:de:76:
00:5d:73:d4:3d:4e:86:88:d3:ea:93:41:ec:b6:0c:4e:73:2a:
a4:86:9e:f7:2f:50:51:97:5e:81:ad:79:1c:25:f3:d2:dc:01:
84:8e:3f:98:3a:07:48:60:d4:8e:1c:5b:e4:1f:4e:ae:62:3c:
f6:01:d6:6a:96:36:1f:12:c3:13:1d:85:4d:a3:15:7e:0b:17:
28:77:97:09:d0:d0:00:5b:0c:f3:bf:0d:c5:aa:91:8e:c2:1d:
3d:e3:ac:fe
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBFoXsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjJjZTdmZDJmNWIxYjc5NzU3Yzg5NzNhZTNmN2IwYmU2ODYzODViMB4XDTIyMDEw
MTExNTcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA1NWY2MWRlNzli
NzA4OGViMDhiNzY1MDUzY2VkMzA2MDRmNWUzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALET1q8rgu6xZ2loqMayZLtBHM3pGDCB8FXB1YzzWpdmvdU7
e5qF8927tafh/nyuHK1o5VHoiRNboCB8kreDyVfS6sXP5J3c4p4kItkdukBS2MJC
yJuBQGGYFReHM0/3lEhKEnsekhBwx/ce6twAEw4nQm9VS3bTWJ7R0iG8LDTr7zcl
wyqIVbkNAdfUtRdqwgederzvx29nVgBAGs/ki53QdFCSkcNdPMUxXXpnFtty8f3T
09JuUF5Q9dLxjh5gkLuSfZXDuIoG6twdRsZ4AsmEMPUDO2cwjfE7usiH4mnofN+o
qz7AMhLTG+2oeDu8VKpaw/CDZws4D+6PXFGsogsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTgVfYd55twiOsIt2UFPO0wYE9eMTAfBgNVHSMEGDAWgBQLLOf9L1sbeXV8
iXOuP3sL5oY4WzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N5em5fUzliRzNsMWZJbHpyajk3Qy1hR09Gcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvOWFhZjI0LTUzNDYtNDQ4MC1iYmYzLWE2NDEwOTE5ZTg5OC8x
LzRGWDJIZWViY0lqckNMZGxCVHp0TUdCUFhqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
OWFhZjI0LTUzNDYtNDQ4MC1iYmYzLWE2NDEwOTE5ZTg5OC8xL0N5em5fUzliRzNs
MWZJbHpyajk3Qy1hR09Gcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEApOhGAMEArmU1AMEAtRFgDANBAIA
AjAHAwUDKg33gDANBgkqhkiG9w0BAQsFAAOCAQEAVsqb53qeXOaFVr+jSF16liDG
RhvTHlS/g1YWosFAdGdXBIiRj+RrQ/hLopcXp99J9VKgu/hjWOwksjNVo405MHxx
tRkCWy0OnYZIZLKvNtKVi/sQx7PtH37N1pUW3JA1Zpbx7BGbbdLFA/2J/hMbeeN/
dLtwCLi3Cg3HjkYPapDi4qNIBWaCAfB4wBms92oxY8bRd/E1ex4aHu1lh/glR952
AF1z1D1OhojT6pNB7LYMTnMqpIae9y9QUZdega15HCXz0twBhI4/mDoHSGDUjhxb
5B9OrmI89gHWapY2HxLDEx2FTaMVfgsXKHeXCdDQAFsM878NxaqRjsIdPeOs/g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:43 2023 by rpki-client on console-fra.rpki-client.org