Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/fL1T2y5XA7BZdtH3PP89RrOEtn4.roa
File: fL1T2y5XA7BZdtH3PP89RrOEtn4.roa (raw, json)
Hash identifier: zFLdO1VHUKj/JyelxiWn7Wugpx/KfKCS8xBMs00YCTE=
Subject key identifier: 7C:BD:53:DB:2E:57:03:B0:59:76:D1:F7:3C:FF:3D:46:B3:84:B6:7E
Certificate issuer: /CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Certificate serial: 0183CC686197DA8DFC55B2937AA446A279FA
Authority key identifier: DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/fL1T2y5XA7BZdtH3PP89RrOEtn4.roa
Signing time: Wed 12 Oct 2022 13:35:36 +0000
ROA not before: Wed 12 Oct 2022 13:35:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47172
IP address blocks: 185.200.106.0/24 maxlen: 24
185.200.107.0/24 maxlen: 24
37.218.242.0/24 maxlen: 24
37.218.243.0/24 maxlen: 24
37.218.245.0/24 maxlen: 24
37.218.246.0/24 maxlen: 24
37.218.247.0/24 maxlen: 24
185.88.140.0/22 maxlen: 24
195.190.28.0/24 maxlen: 24
37.218.240.0/24 maxlen: 24
185.200.104.0/24 maxlen: 24
213.108.104.0/21 maxlen: 24
2a00:c6c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cc:68:61:97:da:8d:fc:55:b2:93:7a:a4:46:a2:79:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Validity
Not Before: Oct 12 13:35:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7cbd53db2e5703b05976d1f73cff3d46b384b67e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:06:83:af:bc:e4:ab:65:1f:05:81:1c:51:23:
82:ca:81:e8:07:cd:20:e3:d1:25:3e:de:7f:2d:80:
51:10:87:ef:bf:19:6b:d0:58:ac:df:84:59:49:a6:
12:1b:41:09:aa:dc:a4:97:00:d4:b6:49:ff:ca:8b:
f5:66:34:0c:b9:34:18:14:ea:de:2e:6d:77:2d:7c:
1b:a8:0c:22:d4:d8:52:29:01:26:60:8e:40:25:85:
c7:b1:47:ed:f8:49:31:1d:ef:ac:5f:45:79:b2:e4:
e4:8e:c9:2a:c1:8d:49:86:e3:ca:73:37:f4:32:ad:
b9:4f:b4:f6:46:d8:f5:45:d3:6e:8d:53:b9:59:05:
5a:65:0a:04:db:05:ee:b7:cb:e4:7e:76:e9:fb:b0:
b6:3a:21:35:27:15:10:26:8d:cc:09:34:25:6a:5c:
05:3c:1d:26:5a:f1:a0:87:ef:60:c5:4a:1f:4b:fc:
f0:44:52:12:44:cf:66:a7:2e:35:2a:b1:66:17:90:
c0:58:c7:e6:74:6c:bf:e8:ac:5a:3a:56:db:1d:97:
24:29:c4:70:16:e5:39:98:39:99:1a:84:8d:64:93:
2c:63:2f:9e:99:9d:8c:a7:55:03:56:53:1d:57:a6:
0e:09:98:02:4c:86:d0:84:7e:b1:db:0a:22:0c:c9:
f6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:BD:53:DB:2E:57:03:B0:59:76:D1:F7:3C:FF:3D:46:B3:84:B6:7E
X509v3 Authority Key Identifier:
keyid:DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/fL1T2y5XA7BZdtH3PP89RrOEtn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.240.0/24
37.218.242.0/23
37.218.245.0-37.218.247.255
185.88.140.0/22
185.200.104.0/24
185.200.106.0/23
195.190.28.0/24
213.108.104.0/21
IPv6:
2a00:c6c0::/48
Signature Algorithm: sha256WithRSAEncryption
8d:26:52:09:54:8e:a0:08:92:5d:eb:ac:e6:ee:b4:b4:a7:7b:
1a:0c:95:64:82:79:c4:f9:50:75:89:50:fa:cd:38:bf:78:5f:
a3:71:7f:50:39:34:bf:10:6f:96:1d:6f:6a:5d:50:05:2b:02:
9c:74:d0:ba:21:f2:45:3c:bc:46:97:97:8f:44:29:b6:28:d2:
d7:e5:04:8c:eb:3c:24:4c:25:7b:04:68:89:03:2f:11:2b:ba:
0f:ee:28:49:30:0b:e5:d2:11:fe:4f:88:e7:f3:71:6d:12:6b:
6c:20:f8:52:26:32:3c:d7:a8:4c:b5:99:ea:cb:c3:31:48:ae:
34:c1:9c:91:33:de:33:18:8c:82:0c:77:f6:10:27:a5:3e:4e:
c7:da:78:a2:08:85:cc:b1:29:89:f6:a2:45:73:92:2d:10:22:
5d:ec:0a:e7:3e:f2:cc:7d:ae:92:13:f6:36:97:31:61:32:ae:
a2:e9:e9:d1:d4:7c:5b:f1:39:3d:c3:8d:dd:50:5a:2c:80:7b:
20:95:62:f5:ab:40:64:20:3c:87:94:a0:95:ba:9f:48:32:17:
04:8e:2d:ff:6a:67:a6:0d:53:e7:99:ae:04:9f:74:22:23:fc:
f7:56:cc:95:ee:51:d4:57:6c:b0:c8:7b:a7:80:e6:c4:37:e8:
09:9d:80:8a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYPMaGGX2o38VbKTeqRGonn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTBkNDMyOTNjZmViZjg3ZTdlYWIyYjBkNTUzZmQyMWE2
ZTk2NDEwHhcNMjIxMDEyMTMzNTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2JkNTNkYjJlNTcwM2IwNTk3NmQxZjczY2ZmM2Q0NmIzODRiNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAaDr7zkq2UfBYEcUSOCyoHoB80g
49ElPt5/LYBREIfvvxlr0Fis34RZSaYSG0EJqtyklwDUtkn/yov1ZjQMuTQYFOre
Lm13LXwbqAwi1NhSKQEmYI5AJYXHsUft+EkxHe+sX0V5suTkjskqwY1JhuPKczf0
Mq25T7T2Rtj1RdNujVO5WQVaZQoE2wXut8vkfnbp+7C2OiE1JxUQJo3MCTQlalwF
PB0mWvGgh+9gxUofS/zwRFISRM9mpy41KrFmF5DAWMfmdGy/6KxaOlbbHZckKcRw
FuU5mDmZGoSNZJMsYy+emZ2Mp1UDVlMdV6YOCZgCTIbQhH6x2woiDMn2SQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFHy9U9suVwOwWXbR9zz/PUazhLZ+MB8GA1UdIwQY
MBaAFN6Q1DKTz+v4fn6rKw1VP9IabpZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODkt
NTNlZGM2MjZiMjg3LzEvZkwxVDJ5NVhBN0JaZHRIM1BQODlSck9FdG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODktNTNlZGM2MjZiMjg3
LzEvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA+BAIAATA4AwQAJdrwAwQB
JdryMAwDBAAl2vUDBAMl2vADBAK5WIwDBAC5yGgDBAG5yGoDBADDvhwDBAPVbGgw
DwQCAAIwCQMHACoAxsAAADANBgkqhkiG9w0BAQsFAAOCAQEAjSZSCVSOoAiSXeus
5u60tKd7GgyVZIJ5xPlQdYlQ+s04v3hfo3F/UDk0vxBvlh1val1QBSsCnHTQuiHy
RTy8RpeXj0QptijS1+UEjOs8JEwlewRoiQMvESu6D+4oSTAL5dIR/k+I5/NxbRJr
bCD4UiYyPNeoTLWZ6svDMUiuNMGckTPeMxiMggx39hAnpT5Ox9p4ogiFzLEpifai
RXOSLRAiXewK5z7yzH2ukhP2NpcxYTKuounp0dR8W/E5PcON3VBaLIB7IJVi9atA
ZCA8h5SglbqfSDIXBI4t/2pnpg1T55muBJ90IiP891bMle5R1FdssMh7p4DmxDfo
CZ2Aig==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:01 2023 by rpki-client on console-fra.rpki-client.org