Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FA2SZOKifR6irTm3dRyV60TTLBA.roa
File: FA2SZOKifR6irTm3dRyV60TTLBA.roa (raw, json)
Hash identifier: E1PB3uG7/TqLaXis0DO36PleVRlf4JCPiskC/nn6RaU=
Subject key identifier: 14:0D:92:64:E2:A2:7D:1E:A2:AD:39:B7:75:1C:95:EB:44:D3:2C:10
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0184BED463DB1D36E3DCC44C2B2E18858711
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FA2SZOKifR6irTm3dRyV60TTLBA.roa
Signing time: Mon 28 Nov 2022 15:21:41 +0000
ROA not before: Mon 28 Nov 2022 15:21:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 185.194.178.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:d4:63:db:1d:36:e3:dc:c4:4c:2b:2e:18:85:87:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 28 15:21:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=140d9264e2a27d1ea2ad39b7751c95eb44d32c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b3:1b:77:9c:d5:0e:0c:3b:26:9b:ad:7e:23:
df:1a:5a:8d:4e:bf:25:e9:6d:e1:0f:ad:7f:ad:44:
81:a5:13:b5:70:46:72:cd:a3:b1:fe:d0:dc:2b:b8:
f7:e3:01:3e:0f:e4:c8:15:e9:7c:28:bc:1d:7c:21:
52:69:e2:5c:e2:62:c9:e0:17:d3:c9:a6:1d:9b:d5:
e7:68:ae:8c:8b:69:86:3d:35:98:32:37:91:da:7d:
e5:bd:c3:5f:df:7a:4a:76:61:8c:88:ca:1b:cd:3e:
62:5b:71:92:d9:7d:8a:9c:70:d7:9e:6c:bf:74:bb:
1f:8d:80:9d:1e:47:8b:56:b4:5b:48:3b:b3:a3:fc:
32:ba:d9:e9:66:00:3f:dc:8d:8d:dc:55:24:6d:0f:
ce:01:42:2f:ee:c5:09:c1:8e:e5:b6:f5:3b:cc:f5:
60:2e:83:f1:29:3b:8c:3b:6b:9c:42:45:6b:d2:fe:
ee:88:0d:bb:60:e1:96:db:6d:26:5c:16:0c:e0:c0:
62:0c:8a:d3:6f:ee:01:ca:d6:06:66:94:d2:41:62:
a8:a2:be:ce:f9:d6:cf:5b:5a:1a:ac:d0:27:08:2e:
f2:13:5c:ea:6e:59:bf:50:71:48:51:85:05:1c:51:
25:27:4b:46:4d:6e:b0:7e:5a:f3:bd:ae:ba:d5:4f:
4a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:0D:92:64:E2:A2:7D:1E:A2:AD:39:B7:75:1C:95:EB:44:D3:2C:10
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FA2SZOKifR6irTm3dRyV60TTLBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.178.0/24
185.225.2.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:9b:c0:7e:0c:09:8b:38:9b:11:d8:d7:53:6c:59:65:0d:ad:
5d:cf:0c:82:40:b3:35:f8:55:c3:51:25:e1:13:79:0b:c1:24:
be:92:92:55:65:f6:a3:81:a6:2d:fb:24:2f:45:9f:ea:04:8c:
f1:d9:3d:0f:aa:33:ac:eb:19:dc:d0:ff:54:0c:de:35:fa:85:
5b:4f:1d:e3:f1:be:f8:d7:90:3c:5a:c8:11:25:e3:8b:09:dd:
21:eb:c1:20:a3:2e:b9:40:94:e8:d6:77:e4:c3:62:7e:c5:05:
bb:ad:7e:43:9d:01:f8:e4:3e:2a:d8:68:d6:39:87:2f:df:cb:
7f:1a:6f:ea:66:95:26:fd:dc:0f:df:43:99:0e:75:60:ca:21:
b3:eb:ab:f6:c4:87:ec:a9:21:1f:4d:89:43:09:41:1a:91:f9:
e2:13:82:d4:71:83:26:53:df:a8:10:1b:43:36:ed:2e:ab:ff:
22:e7:cb:2d:5c:50:93:7d:a5:d5:8e:8d:75:dc:52:8c:96:d0:
81:46:58:0f:9c:c7:c5:7e:36:b7:84:8c:aa:c1:79:4f:ff:36:
3c:a9:84:81:bb:9c:09:d2:81:8f:cc:82:b2:25:24:24:ca:7a:
5e:df:a6:ff:69:40:43:d8:c0:d2:91:13:bf:8d:de:44:f3:44:
6a:4a:33:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYS+1GPbHTbj3MRMKy4YhYcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMTI4MTUyMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDBkOTI2NGUyYTI3ZDFlYTJhZDM5Yjc3NTFjOTVlYjQ0ZDMyYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbMbd5zVDgw7JputfiPfGlqNTr8l
6W3hD61/rUSBpRO1cEZyzaOx/tDcK7j34wE+D+TIFel8KLwdfCFSaeJc4mLJ4BfT
yaYdm9XnaK6Mi2mGPTWYMjeR2n3lvcNf33pKdmGMiMobzT5iW3GS2X2KnHDXnmy/
dLsfjYCdHkeLVrRbSDuzo/wyutnpZgA/3I2N3FUkbQ/OAUIv7sUJwY7ltvU7zPVg
LoPxKTuMO2ucQkVr0v7uiA27YOGW220mXBYM4MBiDIrTb+4BytYGZpTSQWKoor7O
+dbPW1oarNAnCC7yE1zqblm/UHFIUYUFHFElJ0tGTW6wflrzva661U9KAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBQNkmTion0eoq05t3UcletE0ywQMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRkEyU1pPS2lmUjZpclRtM2RSeVY2MFRUTEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucKyAwQA
ueECMA0GCSqGSIb3DQEBCwUAA4IBAQCem8B+DAmLOJsR2NdTbFllDa1dzwyCQLM1
+FXDUSXhE3kLwSS+kpJVZfajgaYt+yQvRZ/qBIzx2T0PqjOs6xnc0P9UDN41+oVb
Tx3j8b7415A8WsgRJeOLCd0h68Egoy65QJTo1nfkw2J+xQW7rX5DnQH45D4q2GjW
OYcv38t/Gm/qZpUm/dwP30OZDnVgyiGz66v2xIfsqSEfTYlDCUEakfniE4LUcYMm
U9+oEBtDNu0uq/8i58stXFCTfaXVjo113FKMltCBRlgPnMfFfja3hIyqwXlP/zY8
qYSBu5wJ0oGPzIKyJSQkynpe36b/aUBD2MDSkRO/jd5E80RqSjNn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org