Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/fxs_sgrb9kI3VJX6o6bByoAkit8.roa
File: fxs_sgrb9kI3VJX6o6bByoAkit8.roa (raw, json)
Hash identifier: vMDeUDaXW2Ex/GMUESTzJi0mh1Z/G0zEGjgbGgCvwx8=
Subject key identifier: 7F:1B:3F:B2:0A:DB:F6:42:37:54:95:FA:A3:A6:C1:CA:80:24:8A:DF
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505E132B6A10F03406685FE5806C96B06
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/fxs_sgrb9kI3VJX6o6bByoAkit8.roa
Signing time: Mon 12 Dec 2022 10:28:42 +0000
ROA not before: Mon 12 Dec 2022 10:28:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50928
IP address blocks: 46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.244.0/24 maxlen: 24
188.170.245.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.252.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
178.23.144.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
178.23.149.0/24 maxlen: 24
178.23.148.0/24 maxlen: 24
178.23.151.0/24 maxlen: 24
178.23.150.0/24 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.80.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.82.0/24 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.248.0/24 maxlen: 24
31.173.252.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:e1:32:b6:a1:0f:03:40:66:85:fe:58:06:c9:6b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 10:28:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f1b3fb20adbf642375495faa3a6c1ca80248adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3e:84:f1:98:f5:b5:ae:bf:b4:5d:f8:39:22:
7f:d7:f0:3d:04:63:52:7d:89:e6:85:e7:be:64:e1:
0d:74:f0:8a:9d:22:09:36:0c:51:8b:f1:ce:57:f4:
ea:88:ae:b9:9e:cd:1f:39:a7:c8:03:1e:3a:53:0a:
8b:5c:f3:ac:eb:73:8c:db:60:7b:08:9c:8d:e3:40:
0b:79:cc:21:cd:aa:7c:01:bd:a3:97:d2:93:72:71:
0e:e6:ac:89:22:ef:8f:c2:ad:95:aa:b1:22:54:d0:
75:9f:1a:aa:49:e6:1e:99:4d:d8:7b:44:72:4e:0c:
de:c5:d3:37:50:08:3c:d1:d0:b7:46:8e:a0:3d:7b:
6f:6a:e7:41:94:30:92:e5:8c:38:23:27:e9:f4:d3:
7e:68:0d:4f:5d:93:cf:5f:00:63:35:99:a9:95:f6:
0e:89:8b:f6:13:24:77:2c:85:5d:79:f7:fc:2e:7a:
88:1b:d8:ae:12:f5:f5:50:c8:60:48:bd:01:67:9e:
3b:62:6e:3a:a6:5b:01:22:a2:c4:bf:e2:70:fc:f6:
d0:89:89:aa:6b:bc:3b:da:22:42:82:88:93:ec:92:
a0:f8:68:17:e1:2b:44:ed:45:94:33:04:78:0b:36:
31:26:d6:e7:e5:e3:e3:13:b6:1f:cf:40:45:97:6a:
47:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:1B:3F:B2:0A:DB:F6:42:37:54:95:FA:A3:A6:C1:CA:80:24:8A:DF
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/fxs_sgrb9kI3VJX6o6bByoAkit8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
178.23.144.0/21
178.176.248.0-178.176.253.255
188.162.0.0/16
188.170.244.0/23
188.170.248.0-188.170.252.255
Signature Algorithm: sha256WithRSAEncryption
88:e0:86:64:40:59:59:bb:ce:38:23:11:09:0a:8a:8a:73:bf:
d6:af:80:cc:7d:da:3d:80:ad:4d:7f:1c:21:ac:15:b0:49:b2:
1f:b9:46:da:18:13:fe:e6:b0:10:a0:38:61:20:0e:a2:06:9e:
e5:dc:e2:81:0a:a1:42:a1:55:bf:15:fc:90:24:4a:88:c6:3f:
b7:bd:b6:b1:50:77:f1:ac:2c:65:ea:ec:61:2e:a9:5e:37:54:
f8:a8:c0:6a:b9:20:b7:d0:3f:95:2d:6e:7a:d3:49:ac:2a:c7:
0d:94:99:00:b7:57:a8:8e:c3:2d:c4:a5:0a:51:8f:19:f0:5a:
41:1e:fd:1d:1f:ba:63:89:bf:47:e0:a1:5f:0d:dd:ec:ed:82:
a8:49:34:a4:48:48:bb:5a:b4:66:c8:51:85:5a:b2:47:7c:dc:
5c:d7:ec:ef:9b:19:c7:a5:28:aa:bb:6b:e8:07:dd:af:0d:04:
2b:36:f1:be:c1:13:5a:ce:2c:e5:14:df:c7:99:4f:ff:6f:ab:
ff:7b:bf:70:46:98:c1:b0:9b:82:e6:08:52:21:08:95:7e:fb:
a3:f3:1f:3e:a8:29:44:9a:d5:da:d7:27:82:20:fd:2a:ec:6b:
ea:f4:40:59:50:74:d8:82:71:fb:e4:cf:c4:64:40:c4:e1:0c:
80:32:dc:57
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYUF4TK2oQ8DQGaF/lgGyWsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTAyODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjFiM2ZiMjBhZGJmNjQyMzc1NDk1ZmFhM2E2YzFjYTgwMjQ4YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz6E8Zj1ta6/tF34OSJ/1/A9BGNS
fYnmhee+ZOENdPCKnSIJNgxRi/HOV/TqiK65ns0fOafIAx46UwqLXPOs63OM22B7
CJyN40ALecwhzap8Ab2jl9KTcnEO5qyJIu+Pwq2VqrEiVNB1nxqqSeYemU3Ye0Ry
TgzexdM3UAg80dC3Ro6gPXtvaudBlDCS5Yw4Iyfp9NN+aA1PXZPPXwBjNZmplfYO
iYv2EyR3LIVdeff8LnqIG9iuEvX1UMhgSL0BZ547Ym46plsBIqLEv+Jw/PbQiYmq
a7w72iJCgoiT7JKg+GgX4StE7UWUMwR4CzYxJtbn5ePjE7Yfz0BFl2pH1QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFH8bP7IK2/ZCN1SV+qOmwcqAJIrfMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvZnhzX3NncmI5a0kzVkpYNm82YkJ5b0FraXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAATA/AwQDH634AwQC
JR1QAwQDLh3AAwQDsheQMAwDBAOysPgDBAGysPwDAwC8ogMEAbyq9DAMAwQDvKr4
AwQAvKr8MA0GCSqGSIb3DQEBCwUAA4IBAQCI4IZkQFlZu844IxEJCoqKc7/Wr4DM
fdo9gK1NfxwhrBWwSbIfuUbaGBP+5rAQoDhhIA6iBp7l3OKBCqFCoVW/FfyQJEqI
xj+3vbaxUHfxrCxl6uxhLqleN1T4qMBquSC30D+VLW5600msKscNlJkAt1eojsMt
xKUKUY8Z8FpBHv0dH7pjib9H4KFfDd3s7YKoSTSkSEi7WrRmyFGFWrJHfNxc1+zv
mxnHpSiqu2voB92vDQQrNvG+wRNazizlFN/HmU//b6v/e79wRpjBsJuC5ghSIQiV
fvuj8x8+qClEmtXa1yeCIP0q7Gvq9EBZUHTYgnH75M/EZEDE4QyAMtxX
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:38:31 2025 by rpki-client