Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/FrLdvxnz9uP4k727hF70AvvvnPw.roa
File: FrLdvxnz9uP4k727hF70AvvvnPw.roa (raw, json)
Hash identifier: HrdfTIddUlOBmgGUNUzYsK/az/n0JO9jx/S009g66zY=
Subject key identifier: 16:B2:DD:BF:19:F3:F6:E3:F8:93:BD:BB:84:5E:F4:02:FB:EF:9C:FC
Certificate issuer: /CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Certificate serial: 0184EBEF5279F89A4D283FEFBD93FC3B16E7
Authority key identifier: 9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/FrLdvxnz9uP4k727hF70AvvvnPw.roa
Signing time: Wed 07 Dec 2022 09:34:00 +0000
ROA not before: Wed 07 Dec 2022 09:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43915
IP address blocks: 193.35.146.0/23 maxlen: 23
87.117.68.0/23 maxlen: 23
194.105.134.0/23 maxlen: 24
194.145.242.0/23 maxlen: 24
195.206.172.0/22 maxlen: 24
185.147.184.0/22 maxlen: 22
217.14.184.0/21 maxlen: 21
109.224.226.0/23 maxlen: 24
178.248.128.0/21 maxlen: 21
109.224.240.0/23 maxlen: 24
109.224.234.0/23 maxlen: 24
194.146.160.0/22 maxlen: 24
147.189.156.0/22 maxlen: 24
185.161.4.0/22 maxlen: 22
87.117.64.0/22 maxlen: 22
213.225.224.0/22 maxlen: 24
144.178.104.0/23 maxlen: 23
217.20.244.0/22 maxlen: 24
79.135.122.0/23 maxlen: 24
144.178.118.0/23 maxlen: 23
185.23.254.0/23 maxlen: 24
45.66.36.0/22 maxlen: 22
144.178.252.0/23 maxlen: 23
2a07:5940::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:ef:52:79:f8:9a:4d:28:3f:ef:bd:93:fc:3b:16:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Validity
Not Before: Dec 7 09:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16b2ddbf19f3f6e3f893bdbb845ef402fbef9cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c3:1f:a3:b4:c2:a4:5a:36:5b:6c:e8:66:b8:
45:e9:ac:c2:c9:2c:f6:dd:37:de:96:46:03:3e:e8:
7c:bd:26:39:e6:e4:20:9b:bc:39:06:ad:10:db:9c:
1c:24:16:fa:a4:6a:2a:43:5a:35:56:9a:a0:13:e1:
05:dd:b7:70:1c:df:94:b5:3b:ba:68:50:9b:63:c0:
20:6d:6e:6e:63:3f:41:47:94:3a:e1:fb:60:78:c7:
98:b9:62:72:3f:b3:74:41:7a:30:4b:82:b2:d1:b3:
1c:db:2c:69:0b:9e:4c:78:a8:0f:87:8a:b2:e8:b9:
43:83:39:70:04:f2:fa:dd:01:a5:3f:3e:fd:7b:a1:
65:e2:d6:10:21:c4:84:e9:f9:7f:6d:df:00:94:4d:
1d:9f:dc:e4:e2:6c:7b:3a:7c:e5:d4:80:63:40:72:
f4:c7:c6:2f:47:89:87:1c:46:4b:32:4d:58:5e:fb:
31:51:52:da:13:21:4f:be:b6:2f:59:44:25:d5:77:
41:3f:81:fd:f7:56:e6:d1:2b:c6:65:ee:5d:0e:e6:
e4:da:9b:9c:8c:dd:da:aa:54:74:6c:2d:a3:17:5e:
4a:94:47:dd:89:3b:ec:42:4f:a1:64:0a:5a:4e:cf:
39:b0:10:6c:f5:84:38:1a:10:7a:1c:c5:27:6b:17:
d9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B2:DD:BF:19:F3:F6:E3:F8:93:BD:BB:84:5E:F4:02:FB:EF:9C:FC
X509v3 Authority Key Identifier:
keyid:9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/FrLdvxnz9uP4k727hF70AvvvnPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.36.0/22
79.135.122.0/23
87.117.64.0-87.117.69.255
109.224.226.0/23
109.224.234.0/23
109.224.240.0/23
144.178.104.0/23
144.178.118.0/23
144.178.252.0/23
147.189.156.0/22
178.248.128.0/21
185.23.254.0/23
185.147.184.0/22
185.161.4.0/22
193.35.146.0/23
194.105.134.0/23
194.145.242.0/23
194.146.160.0/22
195.206.172.0/22
213.225.224.0/22
217.14.184.0/21
217.20.244.0/22
IPv6:
2a07:5940::/32
Signature Algorithm: sha256WithRSAEncryption
c1:3d:98:33:bc:96:78:74:72:3a:54:02:75:2c:29:cf:93:0b:
04:72:39:ff:1f:fa:a0:e8:c9:4a:6f:c0:37:fc:9e:71:10:e4:
ad:ef:ab:62:8a:f2:a6:e6:1d:ad:30:6d:12:6c:e7:8e:4b:a5:
a2:61:60:fb:e2:0e:35:a1:b1:1f:d2:4c:89:81:fb:f6:54:b5:
e9:77:76:cf:48:0d:6e:d8:8a:0a:dd:a5:fa:0a:07:8b:5b:92:
ce:ae:dc:e4:17:32:90:53:ca:d0:02:90:c1:b4:fd:b1:dd:62:
f1:03:79:f3:3f:f1:76:b4:b6:36:db:5c:f7:cc:c1:16:dc:6e:
5b:15:3e:8f:9d:f7:77:10:19:d8:27:ae:27:10:82:90:13:13:
61:d2:65:cf:cf:ae:b3:40:fd:ca:e4:a9:7b:60:bd:7d:40:8e:
53:b5:ce:dc:72:7c:e9:99:71:b7:df:48:0d:10:2d:d2:1a:63:
ee:60:30:88:2a:40:88:18:4e:5b:72:62:b7:a7:3b:ab:e0:02:
42:ab:3f:ef:58:aa:83:b1:7c:96:7b:92:7f:06:b5:c2:41:fb:
3f:9d:9d:55:4f:a1:43:cb:14:e1:aa:b4:5c:3a:ef:dc:cf:a6:
e5:46:78:f0:8c:7d:67:ad:d5:cd:1b:3f:05:fa:eb:86:54:f8:
cb:01:57:1a
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYTr71J5+JpNKD/vvZP8OxbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjZhYzllZWIzYTJjZmEyZjZjYTNmNDEzZWZiOWNkZmZl
OTcyNGUwHhcNMjIxMjA3MDkzNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmIyZGRiZjE5ZjNmNmUzZjg5M2JkYmI4NDVlZjQwMmZiZWY5Y2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcMfo7TCpFo2W2zoZrhF6azCySz2
3TfelkYDPuh8vSY55uQgm7w5Bq0Q25wcJBb6pGoqQ1o1VpqgE+EF3bdwHN+UtTu6
aFCbY8AgbW5uYz9BR5Q64ftgeMeYuWJyP7N0QXowS4Ky0bMc2yxpC55MeKgPh4qy
6LlDgzlwBPL63QGlPz79e6Fl4tYQIcSE6fl/bd8AlE0dn9zk4mx7Onzl1IBjQHL0
x8YvR4mHHEZLMk1YXvsxUVLaEyFPvrYvWUQl1XdBP4H991bm0SvGZe5dDubk2puc
jN3aqlR0bC2jF15KlEfdiTvsQk+hZApaTs85sBBs9YQ4GhB6HMUnaxfZqwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFBay3b8Z8/bj+JO9u4Re9AL775z8MB8GA1UdIwQY
MBaAFJ8mrJ7rOiz6L2yj9BPvuc3/6XJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWIt
N2Q0MjY2Y2Y4MjJhLzEvRnJMZHZ4bno5dVA0azcyN2hGNzBBdnZ2blB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWItN2Q0MjY2Y2Y4MjJh
LzEvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAIt
QiQDBAFPh3owDAMEBld1QAMEAVd1RAMEAW3g4gMEAW3g6gMEAW3g8AMEAZCyaAME
AZCydgMEAZCy/AMEApO9nAMEA7L4gAMEAbkX/gMEArmTuAMEArmhBAMEAcEjkgME
AcJphgMEAcKR8gMEAsKSoAMEAsPOrAMEAtXh4AMEA9kOuAMEAtkU9DANBAIAAjAH
AwUAKgdZQDANBgkqhkiG9w0BAQsFAAOCAQEAwT2YM7yWeHRyOlQCdSwpz5MLBHI5
/x/6oOjJSm/AN/yecRDkre+rYorypuYdrTBtEmznjkulomFg++IONaGxH9JMiYH7
9lS16Xd2z0gNbtiKCt2l+goHi1uSzq7c5BcykFPK0AKQwbT9sd1i8QN58z/xdrS2
Nttc98zBFtxuWxU+j533dxAZ2CeuJxCCkBMTYdJlz8+us0D9yuSpe2C9fUCOU7XO
3HJ86Zlxt99IDRAt0hpj7mAwiCpAiBhOW3Jit6c7q+ACQqs/71iqg7F8lnuSfwa1
wkH7P52dVU+hQ8sU4aq0XDrv3M+m5UZ48Ix9Z63VzRs/BfrrhlT4ywFXGg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:01 2025 by rpki-client