Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/1-zfP2Y7BKTdzoT-jb1YFUC52vAM.roa
File: 1-zfP2Y7BKTdzoT-jb1YFUC52vAM.roa (raw, json)
Hash identifier: SjLWCQxwgN2dUzd8KgfDN03TigN2RNb/iqE0HjU09M0=
Subject key identifier: FB:37:CF:D9:8E:C1:29:37:73:A1:3F:A3:6F:56:05:50:2E:76:BC:03
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 0B71CF03
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/1-zfP2Y7BKTdzoT-jb1YFUC52vAM.roa
Signing time: Tue 15 Mar 2022 05:23:07 +0000
ROA not before: Tue 15 Mar 2022 05:23:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42295
IP address blocks: 91.229.132.0/24 maxlen: 24
91.229.133.0/24 maxlen: 24
91.229.135.0/24 maxlen: 24
91.229.134.0/24 maxlen: 24
185.240.132.0/24 maxlen: 24
185.240.133.0/24 maxlen: 24
185.240.135.0/24 maxlen: 24
185.240.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192007939 (0xb71cf03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Mar 15 05:23:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb37cfd98ec1293773a13fa36f5605502e76bc03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a7:3b:39:1d:f3:1f:32:a9:19:65:50:02:36:
64:62:f9:25:0c:77:d8:e0:cf:a0:ac:e4:6f:ea:c9:
88:17:08:f3:43:7b:16:84:66:07:d0:d2:c3:2b:60:
72:38:57:ef:15:7f:64:36:ff:02:b4:4a:f7:ce:59:
8a:dd:37:16:aa:65:7e:36:9a:f5:94:2d:c9:2b:e1:
09:61:d0:56:70:55:35:f4:1f:7e:f5:85:ec:7d:41:
34:b1:ab:a9:93:84:11:94:8b:74:e2:61:7c:83:b0:
d6:ae:3d:7b:87:7f:48:38:f5:4f:62:cd:08:01:ac:
e6:53:c5:6d:49:fb:e0:69:37:9f:ab:9f:18:0e:e5:
2a:ed:71:f7:c1:99:23:f1:18:78:52:9b:4a:30:19:
a4:99:43:4a:95:52:9b:3a:47:5d:48:0e:27:f5:4f:
ff:b2:60:f9:2b:70:a2:15:d0:b9:52:25:e1:0f:d0:
f5:dc:f1:20:ea:ae:9e:f9:bc:ca:f5:72:8d:ce:c9:
36:7b:5f:ea:81:ce:38:cb:84:76:44:d6:75:fd:c2:
c7:58:3a:c5:6a:30:85:7d:1b:10:c7:bb:66:a8:4d:
72:ee:c8:0a:a5:a5:80:77:f1:0c:32:28:73:fe:d3:
ff:ba:18:4a:a3:76:8f:97:25:fb:31:04:91:1f:12:
dd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:37:CF:D9:8E:C1:29:37:73:A1:3F:A3:6F:56:05:50:2E:76:BC:03
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/1-zfP2Y7BKTdzoT-jb1YFUC52vAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.132.0/22
185.240.132.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:4e:22:03:f7:da:c6:12:fa:0b:a5:d6:ee:9a:84:b5:9b:d2:
b5:ea:f7:ea:3c:9c:d2:40:70:13:f3:b2:3e:16:89:ea:4f:54:
13:fc:04:66:98:32:85:33:2a:dc:d8:76:35:ce:9c:97:de:93:
02:86:33:d2:4a:96:96:9e:3e:1b:93:d1:f2:c1:ce:3b:1e:40:
e6:fe:78:12:29:9b:52:13:6a:42:25:31:68:1e:ca:c0:58:6f:
b8:d5:c0:97:8c:39:21:0b:49:be:98:19:bd:68:0b:28:4b:4a:
66:62:94:b8:ac:47:a3:39:06:0c:85:4b:25:02:66:4d:02:c2:
b5:cf:6a:16:d5:28:a8:f4:11:5c:c3:6a:ea:61:8a:82:93:e4:
fc:8a:91:c6:7e:8b:8a:2c:44:24:2a:a7:ca:e6:ce:9d:4d:21:
43:81:ad:ce:96:fd:49:8a:79:db:91:25:0b:7f:b5:a2:04:9d:
1f:e2:1d:4b:80:88:3a:18:db:56:88:4a:ce:b0:fe:42:0b:7d:
6b:cd:e3:2c:93:be:bc:b5:bd:b8:7b:1c:db:ec:25:0f:dd:d9:
d0:cf:45:81:ae:4c:07:79:07:6b:5a:73:7d:ec:26:d7:23:2a:
1f:e8:77:64:98:4c:b6:fa:da:53:9d:d1:00:95:a5:bc:b7:ca:
b3:fa:ef:d6
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEC3HPAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZWJmMzAyMDFmMTJhMDQwZDM4NmQyYjRlZWQ0NDg0NjIzZTRkMTFiMB4XDTIyMDMx
NTA1MjMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIzN2NmZDk4ZWMx
MjkzNzczYTEzZmEzNmY1NjA1NTAyZTc2YmMwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmnOzkd8x8yqRllUAI2ZGL5JQx32ODPoKzkb+rJiBcI80N7
FoRmB9DSwytgcjhX7xV/ZDb/ArRK985Zit03Fqplfjaa9ZQtySvhCWHQVnBVNfQf
fvWF7H1BNLGrqZOEEZSLdOJhfIOw1q49e4d/SDj1T2LNCAGs5lPFbUn74Gk3n6uf
GA7lKu1x98GZI/EYeFKbSjAZpJlDSpVSmzpHXUgOJ/VP/7Jg+StwohXQuVIl4Q/Q
9dzxIOqunvm8yvVyjc7JNntf6oHOOMuEdkTWdf3Cx1g6xWowhX0bEMe7ZqhNcu7I
CqWlgHfxDDIoc/7T/7oYSqN2j5cl+zEEkR8S3R8CAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT7N8/ZjsEpN3OhP6NvVgVQLna8AzAfBgNVHSMEGDAWgBT+vzAgHxKgQNOG
0rTu1EhGI+TRGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19yOHdJQjhTb0VEVGh0SzA3dFJJUmlQazBScy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvZjhjNGEyLTk2YWMtNGI0ZS1hMTk1LWE5N2MwZGMwYTc0OS8x
LzEtemZQMlk3QktUZHpvVC1qYjFZRlVDNTJ2QU0ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Nj
L2Y4YzRhMi05NmFjLTRiNGUtYTE5NS1hOTdjMGRjMGE3NDkvMS9fcjh3SUI4U29F
RFRodEswN3RSSVJpUGswUnMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAJb5YQDBAK58IQwDQYJKoZIhvcN
AQELBQADggEBAFxOIgP32sYS+gul1u6ahLWb0rXq9+o8nNJAcBPzsj4WiepPVBP8
BGaYMoUzKtzYdjXOnJfekwKGM9JKlpaePhuT0fLBzjseQOb+eBIpm1ITakIlMWge
ysBYb7jVwJeMOSELSb6YGb1oCyhLSmZilLisR6M5BgyFSyUCZk0CwrXPahbVKKj0
EVzDauphioKT5PyKkcZ+i4osRCQqp8rmzp1NIUOBrc6W/UmKeduRJQt/taIEnR/i
HUuAiDoY21aISs6w/kILfWvN4yyTvry1vbh7HNvsJQ/d2dDPRYGuTAd5B2tac33s
JtcjKh/od2SYTLb62lOd0QCVpby3yrP679Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:11 2024 by rpki-client on console-fra.rpki-client.org