Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/fPVOAqACr4qUaLfkn9ypwIuh35o.roa
File: fPVOAqACr4qUaLfkn9ypwIuh35o.roa (raw, json)
Hash identifier: b0A3QrIwSdrIQnbrWjGw6abgzTRplka9h7LQOepvGVE=
Subject key identifier: 7C:F5:4E:02:A0:02:AF:8A:94:68:B7:E4:9F:DC:A9:C0:8B:A1:DF:9A
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018533F13F8BAD8BDCA5172095B459282E8C
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/fPVOAqACr4qUaLfkn9ypwIuh35o.roa
Signing time: Wed 21 Dec 2022 09:08:46 +0000
ROA not before: Wed 21 Dec 2022 09:08:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48146
IP address blocks: 194.36.104.0/22 maxlen: 24
185.209.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:f1:3f:8b:ad:8b:dc:a5:17:20:95:b4:59:28:2e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 21 09:08:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7cf54e02a002af8a9468b7e49fdca9c08ba1df9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:56:22:3d:ad:ac:0b:69:0f:60:ac:13:06:05:
d8:db:82:59:a8:8e:5b:48:c0:42:98:83:98:5b:c6:
fb:39:e0:cc:03:e4:c0:8a:ed:78:e8:4e:db:26:c3:
e9:cc:3a:bb:6c:be:c2:52:a0:2f:a8:04:52:5a:95:
e9:c6:ea:aa:ea:81:ce:10:14:30:26:af:e1:1f:0f:
f5:ce:88:b3:01:8b:8d:dd:66:2a:bf:72:f9:0a:f3:
e5:94:3f:7e:79:dd:56:1f:a7:20:23:b8:fb:38:88:
36:f5:9c:2a:de:34:3e:51:e4:e3:d8:20:fd:b4:e6:
df:4e:a3:aa:3c:ff:91:3a:22:ad:0c:a9:54:75:fc:
ea:72:13:7d:1a:2d:95:51:bf:8c:a4:8f:31:a4:0b:
c1:0f:de:a0:7d:c2:d4:90:70:5c:06:f1:6e:9b:d1:
75:92:75:e4:4d:0e:8c:12:db:23:e6:8e:a0:b7:ff:
50:6c:6f:15:40:56:47:86:c5:73:f3:35:ce:c3:c6:
b1:79:d0:81:62:f4:8d:57:33:c1:f7:9f:22:f1:b8:
7b:76:07:53:f7:cf:64:4d:0f:b0:66:ef:30:29:b3:
fd:7a:f0:57:b2:9e:5a:96:c5:df:82:9e:d5:0d:f3:
c7:d7:71:05:3d:6c:2c:4f:a0:74:ba:a2:25:29:e3:
2b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F5:4E:02:A0:02:AF:8A:94:68:B7:E4:9F:DC:A9:C0:8B:A1:DF:9A
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/fPVOAqACr4qUaLfkn9ypwIuh35o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.8.0/22
194.36.104.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:c2:fc:21:3f:25:1f:5f:c4:50:1d:50:f5:19:2c:16:3a:2e:
5c:f1:37:25:79:b2:aa:da:30:f9:93:74:9f:02:8f:8e:57:44:
09:04:b8:8b:6e:2f:54:0d:ae:1b:9c:e4:94:74:36:04:f5:4d:
fc:62:6d:40:41:0c:80:e2:02:ec:c0:8e:1f:94:41:ae:d5:ed:
37:13:2b:79:3f:a7:ed:17:2a:2c:c1:46:24:07:59:02:b9:94:
94:ec:e2:a5:1d:6d:e3:bc:33:10:8b:68:ca:60:0d:16:5c:a1:
9f:92:ed:1b:fa:ae:62:1c:cf:ce:99:be:23:b1:0a:aa:4c:8e:
f9:2d:be:a4:83:95:a3:05:3a:ab:98:d8:c9:db:ec:78:79:8a:
dd:1b:fe:33:99:24:b6:61:16:c0:6d:f1:d5:e9:19:2a:79:be:
d7:dd:08:50:6b:25:5d:2f:7b:d1:33:25:77:d5:c9:e2:bd:3d:
e1:31:f2:ad:c0:c5:d7:93:b4:8b:26:1c:94:cb:a4:72:7c:a9:
f0:cf:82:8a:56:0a:68:a5:0c:b9:b2:07:90:8f:67:82:c8:36:
d1:01:3e:c4:8e:74:cb:49:89:62:c8:2c:89:76:ca:49:99:0c:
ca:af:d9:17:64:23:b9:e0:3e:34:1a:3c:15:d4:a9:43:99:42:
43:08:f2:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUz8T+LrYvcpRcglbRZKC6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIxMDkwODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Y1NGUwMmEwMDJhZjhhOTQ2OGI3ZTQ5ZmRjYTljMDhiYTFkZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFYiPa2sC2kPYKwTBgXY24JZqI5b
SMBCmIOYW8b7OeDMA+TAiu146E7bJsPpzDq7bL7CUqAvqARSWpXpxuqq6oHOEBQw
Jq/hHw/1zoizAYuN3WYqv3L5CvPllD9+ed1WH6cgI7j7OIg29Zwq3jQ+UeTj2CD9
tObfTqOqPP+ROiKtDKlUdfzqchN9Gi2VUb+MpI8xpAvBD96gfcLUkHBcBvFum9F1
knXkTQ6MEtsj5o6gt/9QbG8VQFZHhsVz8zXOw8axedCBYvSNVzPB958i8bh7dgdT
989kTQ+wZu8wKbP9evBXsp5alsXfgp7VDfPH13EFPWwsT6B0uqIlKeMrcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHz1TgKgAq+KlGi35J/cqcCLod+aMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvZlBWT0FxQUNyNHFVYUxma245eXB3SXVoMzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCudEIAwQC
wiRoMA0GCSqGSIb3DQEBCwUAA4IBAQC3wvwhPyUfX8RQHVD1GSwWOi5c8TclebKq
2jD5k3SfAo+OV0QJBLiLbi9UDa4bnOSUdDYE9U38Ym1AQQyA4gLswI4flEGu1e03
Eyt5P6ftFyoswUYkB1kCuZSU7OKlHW3jvDMQi2jKYA0WXKGfku0b+q5iHM/Omb4j
sQqqTI75Lb6kg5WjBTqrmNjJ2+x4eYrdG/4zmSS2YRbAbfHV6Rkqeb7X3QhQayVd
L3vRMyV31cnivT3hMfKtwMXXk7SLJhyUy6RyfKnwz4KKVgpopQy5sgeQj2eCyDbR
AT7EjnTLSYliyCyJdspJmQzKr9kXZCO54D40GjwV1KlDmUJDCPLx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org