Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/fCme7qeq990qlN8mYQQbOEWn2OU.roa
File: fCme7qeq990qlN8mYQQbOEWn2OU.roa (raw, json)
Hash identifier: IrHJnkJSHpQA7Z38eafpGmoqlfITC3HB95ZTXcQJpn0=
Subject key identifier: 7C:29:9E:EE:A7:AA:F7:DD:2A:94:DF:26:61:04:1B:38:45:A7:D8:E5
Certificate issuer: /CN=9e30294b7e4645aaedb54672d48065b1b1cebc62
Certificate serial: 042E03F1
Authority key identifier: 9E:30:29:4B:7E:46:45:AA:ED:B5:46:72:D4:80:65:B1:B1:CE:BC:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/fCme7qeq990qlN8mYQQbOEWn2OU.roa
Signing time: Wed 11 May 2022 06:01:01 +0000
ROA not before: Wed 11 May 2022 06:01:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206123
IP address blocks: 45.131.168.0/22 maxlen: 24
109.106.16.0/23 maxlen: 24
185.195.196.0/22 maxlen: 24
109.106.18.0/23 maxlen: 24
185.211.92.0/22 maxlen: 24
93.115.211.0/24 maxlen: 24
185.254.118.0/23 maxlen: 24
93.115.253.0/24 maxlen: 24
2a0a:5ec0::/29 maxlen: 29
2a0d:c340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70124529 (0x42e03f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e30294b7e4645aaedb54672d48065b1b1cebc62
Validity
Not Before: May 11 06:01:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c299eeea7aaf7dd2a94df2661041b3845a7d8e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f5:ff:a7:0c:25:97:42:9b:fb:d2:06:6d:c2:
be:a6:16:22:79:f9:a1:3b:b8:8d:e7:ed:7d:2e:39:
62:e5:26:13:35:89:75:4d:15:fc:fd:6a:b4:40:54:
66:91:d6:ec:5c:f9:21:87:d6:0d:30:f2:2e:ab:92:
22:8b:21:16:6f:48:29:9f:14:fa:6a:c0:0f:54:e0:
e1:50:32:2f:aa:3a:d7:18:db:e4:10:07:01:d8:8d:
ae:37:84:46:65:70:73:a4:02:f6:fb:5d:f9:28:09:
02:27:5b:c1:29:ad:d9:ee:e2:43:a1:3e:33:3f:30:
4f:49:0b:ab:43:f1:39:6f:c6:d3:d4:5f:95:c7:61:
50:c4:37:87:87:37:b2:d0:fe:14:18:bf:ad:af:2a:
40:f1:62:75:63:f9:7d:24:79:29:28:7e:a7:1d:b1:
bb:80:fe:96:63:0c:d7:d1:fb:ee:00:f9:e0:df:46:
98:a7:81:46:60:d4:c5:d9:0b:e0:fe:3b:58:8e:02:
29:cf:fc:a4:4b:b4:d6:a2:bf:7d:91:16:c9:3d:b9:
c2:bf:ce:49:45:a7:85:60:71:73:ae:90:75:c5:75:
c3:4f:4c:e2:5d:95:4d:df:54:8d:22:ae:f5:7e:cf:
79:08:d7:fe:f2:12:f0:d9:e5:26:44:f3:29:ad:1e:
c8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:29:9E:EE:A7:AA:F7:DD:2A:94:DF:26:61:04:1B:38:45:A7:D8:E5
X509v3 Authority Key Identifier:
keyid:9E:30:29:4B:7E:46:45:AA:ED:B5:46:72:D4:80:65:B1:B1:CE:BC:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/fCme7qeq990qlN8mYQQbOEWn2OU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/njApS35GRarttUZy1IBlsbHOvGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.168.0/22
93.115.211.0/24
93.115.253.0/24
109.106.16.0/22
185.195.196.0/22
185.211.92.0/22
185.254.118.0/23
IPv6:
2a0a:5ec0::/29
2a0d:c340::/29
Signature Algorithm: sha256WithRSAEncryption
b1:bb:29:65:50:06:33:53:e6:0a:b4:11:09:7a:df:e1:d1:6e:
41:51:a9:13:2a:16:50:cb:07:55:02:8c:6a:e2:e2:24:34:ab:
5f:a7:57:40:48:c2:92:73:e5:7b:e9:dd:19:6a:52:f7:75:00:
15:60:bc:50:35:fd:c3:f6:d2:b1:90:20:59:75:79:99:51:bb:
d1:aa:b3:b4:7e:e1:88:17:95:b8:01:9e:a2:cc:79:73:aa:14:
ac:75:5e:05:a4:1b:65:be:d1:9f:4a:2e:79:67:45:8c:f5:91:
7c:31:9b:ca:4f:d4:94:96:12:b0:db:36:dc:06:07:74:60:00:
f9:52:c9:85:72:5d:1c:c8:e9:96:5d:33:9e:ea:3e:13:5b:6e:
10:66:d4:89:91:2e:81:5e:88:03:5f:d5:f9:54:38:75:cd:dc:
23:a2:48:fd:6b:c2:7a:93:3a:7e:eb:a5:1b:53:69:8e:a8:4c:
56:ba:5f:35:f2:f4:d6:e7:00:6d:76:83:68:dd:84:a3:6e:0d:
a8:3c:95:a6:62:a2:f3:cf:32:7d:df:af:f9:0c:3a:83:72:b5:
04:27:f1:9c:42:ed:72:0f:ca:0f:a9:f9:b5:48:8b:a7:c3:bc:
1c:d7:6a:cf:52:ba:b0:d2:30:5b:12:15:ef:0d:be:d6:18:d9:
fb:f0:4b:56
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEBC4D8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTMwMjk0YjdlNDY0NWFhZWRiNTQ2NzJkNDgwNjViMWIxY2ViYzYyMB4XDTIyMDUx
MTA2MDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MyOTllZWVhN2Fh
ZjdkZDJhOTRkZjI2NjEwNDFiMzg0NWE3ZDhlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANT1/6cMJZdCm/vSBm3CvqYWInn5oTu4jeftfS45YuUmEzWJ
dU0V/P1qtEBUZpHW7Fz5IYfWDTDyLquSIoshFm9IKZ8U+mrAD1Tg4VAyL6o61xjb
5BAHAdiNrjeERmVwc6QC9vtd+SgJAidbwSmt2e7iQ6E+Mz8wT0kLq0PxOW/G09Rf
lcdhUMQ3h4c3stD+FBi/ra8qQPFidWP5fSR5KSh+px2xu4D+lmMM19H77gD54N9G
mKeBRmDUxdkL4P47WI4CKc/8pEu01qK/fZEWyT25wr/OSUWnhWBxc66QdcV1w09M
4l2VTd9UjSKu9X7PeQjX/vIS8NnlJkTzKa0eyDsCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBR8KZ7up6r33SqU3yZhBBs4RafY5TAfBgNVHSMEGDAWgBSeMClLfkZFqu21
RnLUgGWxsc68YjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25qQXBTMzVHUmFydHRVWnkxSUJsc2JIT3ZHSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvNDRlODkzLTkyNDctNDUyZS05ZjY3LTY5MTMzODdiODA4My8x
L2ZDbWU3cWVxOTkwcWxOOG1ZUVFiT0VXbjJPVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
NDRlODkzLTkyNDctNDUyZS05ZjY3LTY5MTMzODdiODA4My8xL25qQXBTMzVHUmFy
dHRVWnkxSUJsc2JIT3ZHSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEAi2DqAMEAF1z0wMEAF1z/QMEAm1q
EAMEArnDxAMEArnTXAMEAbn+djAUBAIAAjAOAwUDKgpewAMFAyoNw0AwDQYJKoZI
hvcNAQELBQADggEBALG7KWVQBjNT5gq0EQl63+HRbkFRqRMqFlDLB1UCjGri4iQ0
q1+nV0BIwpJz5Xvp3RlqUvd1ABVgvFA1/cP20rGQIFl1eZlRu9Gqs7R+4YgXlbgB
nqLMeXOqFKx1XgWkG2W+0Z9KLnlnRYz1kXwxm8pP1JSWErDbNtwGB3RgAPlSyYVy
XRzI6ZZdM57qPhNbbhBm1ImRLoFeiANf1flUOHXN3COiSP1rwnqTOn7rpRtTaY6o
TFa6XzXy9NbnAG12g2jdhKNuDag8laZiovPPMn3fr/kMOoNytQQn8ZxC7XIPyg+p
+bVIi6fDvBzXas9SurDSMFsSFe8NvtYY2fvwS1Y=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:43 2023 by rpki-client on console-ams.rpki-client.org