Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/FMxjxxquuQ8XPLZajW_b3MNcKmk.roa
File: FMxjxxquuQ8XPLZajW_b3MNcKmk.roa (raw, json)
Hash identifier: sdJgHZqgetKweSI7kmhonALTOqXrlnLIs62l2Q2iO5s=
Subject key identifier: 14:CC:63:C7:1A:AE:B9:0F:17:3C:B6:5A:8D:6F:DB:DC:C3:5C:2A:69
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 03B518C1
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/FMxjxxquuQ8XPLZajW_b3MNcKmk.roa
Signing time: Sat 01 Jan 2022 08:57:01 +0000
ROA not before: Sat 01 Jan 2022 08:57:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 5.183.94.0/24 maxlen: 24
185.244.8.0/23 maxlen: 23
185.244.11.0/24 maxlen: 24
45.82.223.0/24 maxlen: 24
2.58.12.0/23 maxlen: 23
194.5.226.0/23 maxlen: 24
194.5.224.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62200001 (0x3b518c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 1 08:57:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14cc63c71aaeb90f173cb65a8d6fdbdcc35c2a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:9d:e8:88:0a:84:16:4f:9c:12:bb:d2:3c:66:
d9:1e:a9:3a:72:85:60:2c:56:39:26:cb:33:f6:95:
d7:e9:f4:34:76:22:41:de:9a:36:0e:4a:3f:2d:f5:
4a:8c:51:72:fe:20:dc:ac:43:b2:e5:14:a5:48:55:
2b:31:92:40:3d:ff:91:82:d6:55:70:f8:a4:59:8e:
d2:f5:5c:9a:6e:b0:26:58:96:27:f3:be:ce:32:ba:
49:50:fa:47:4e:34:7b:5f:69:e7:d0:2d:c4:01:eb:
ae:12:96:af:c6:1d:70:20:1b:f2:91:49:f5:a0:83:
b1:f0:82:98:1a:25:05:a1:1c:b6:ee:e8:46:32:61:
73:a9:ad:19:4c:a1:b3:7f:2d:c0:67:44:4f:c3:72:
d0:ca:5a:be:8b:1b:2b:39:51:24:d8:8d:5a:c8:74:
94:e1:ba:f2:17:ee:5c:3d:4f:5a:8a:ec:cd:9d:64:
1d:40:f9:72:ae:27:11:07:0b:95:5d:dc:fa:d4:46:
a7:d1:6d:41:95:f8:9b:2d:89:71:46:68:a0:2e:73:
61:bb:67:5c:98:7d:b8:2f:45:bc:a5:58:28:fe:52:
5b:e1:e7:80:6f:40:0c:aa:57:a6:7b:82:04:37:f9:
27:79:d7:57:8d:1a:ad:ae:d9:6b:7b:e1:8f:a6:b7:
8a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:CC:63:C7:1A:AE:B9:0F:17:3C:B6:5A:8D:6F:DB:DC:C3:5C:2A:69
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/FMxjxxquuQ8XPLZajW_b3MNcKmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.12.0/23
5.183.94.0/24
45.82.223.0/24
185.244.8.0/23
185.244.11.0/24
194.5.224.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:18:35:b1:f2:7a:f5:e9:61:69:1d:c3:e5:95:84:40:3f:8e:
59:21:5f:ba:bd:d1:cb:3a:e5:46:bc:75:2a:40:84:4b:58:ba:
e4:67:1d:b3:ef:4a:fd:5e:d1:db:58:c9:60:1c:1c:ec:82:73:
75:cc:c3:4f:b5:32:80:c6:68:45:ab:29:a3:60:99:81:ac:68:
35:8b:70:17:1b:c6:5f:fa:23:86:39:07:0f:c5:f3:c0:dd:11:
5c:d8:c8:0b:ca:a9:64:91:bb:69:5d:1e:0a:cc:a0:bc:ce:ce:
bd:6f:b4:20:d2:0a:87:29:2f:16:77:6a:27:85:de:79:80:9c:
c3:4c:2a:b2:d7:ce:a3:42:23:74:4c:08:5c:4e:a0:06:f2:b8:
b2:3f:53:bf:e3:2e:cb:29:39:2b:95:4d:5c:65:63:1c:57:be:
10:64:eb:80:95:66:c2:9f:26:ee:8d:5f:de:d5:d1:34:84:e7:
ed:7c:f0:c3:45:ca:18:c3:6f:b0:50:91:a3:2b:6b:b6:30:1b:
9c:3d:51:99:f0:57:26:8c:cc:a0:e3:e3:a6:62:bb:58:c8:d0:
33:ad:31:50:21:9c:58:00:80:c4:4b:0c:b9:b0:bd:b4:fa:ee:
15:4e:f2:8c:6c:04:76:62:1e:0a:80:44:89:91:78:40:6e:64:
47:d1:a2:85
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEA7UYwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmQwYzQ5YTBlOTdlMGQ1ZjNjZWQzYjdiNmI5ZjcyY2EwY2I1M2Q2MB4XDTIyMDEw
MTA4NTcwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRjYzYzYzcxYWFl
YjkwZjE3M2NiNjVhOGQ2ZmRiZGNjMzVjMmE2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPGd6IgKhBZPnBK70jxm2R6pOnKFYCxWOSbLM/aV1+n0NHYi
Qd6aNg5KPy31SoxRcv4g3KxDsuUUpUhVKzGSQD3/kYLWVXD4pFmO0vVcmm6wJliW
J/O+zjK6SVD6R040e19p59AtxAHrrhKWr8YdcCAb8pFJ9aCDsfCCmBolBaEctu7o
RjJhc6mtGUyhs38twGdET8Ny0MpavosbKzlRJNiNWsh0lOG68hfuXD1PWorszZ1k
HUD5cq4nEQcLlV3c+tRGp9FtQZX4my2JcUZooC5zYbtnXJh9uC9FvKVYKP5SW+Hn
gG9ADKpXpnuCBDf5J3nXV40ara7Za3vhj6a3ig0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQUzGPHGq65Dxc8tlqNb9vcw1wqaTAfBgNVHSMEGDAWgBTi0MSaDpfg1fPO
07e2ufcsoMtT1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR0REVtZzZYNE5Yenp0TzN0cm4zTEtETFU5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvOWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8x
L0ZNeGp4eHF1dVE4WFBMWmFqV19iM01OY0ttay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
OWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8xLzR0REVtZzZYNE5Y
enp0TzN0cm4zTEtETFU5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAQI6DAMEAAW3XgMEAC1S3wMEAbn0
CAMEALn0CwMEAsIF4DANBgkqhkiG9w0BAQsFAAOCAQEAvxg1sfJ69elhaR3D5ZWE
QD+OWSFfur3RyzrlRrx1KkCES1i65Gcds+9K/V7R21jJYBwc7IJzdczDT7UygMZo
Raspo2CZgaxoNYtwFxvGX/ojhjkHD8XzwN0RXNjIC8qpZJG7aV0eCsygvM7OvW+0
INIKhykvFndqJ4XeeYCcw0wqstfOo0IjdEwIXE6gBvK4sj9Tv+Muyyk5K5VNXGVj
HFe+EGTrgJVmwp8m7o1f3tXRNITn7Xzww0XKGMNvsFCRoytrtjAbnD1RmfBXJozM
oOPjpmK7WMjQM60xUCGcWACAxEsMubC9tPruFU7yjGwEdmIeCoBEiZF4QG5kR9Gi
hQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:19 2023 by rpki-client on console-fra.rpki-client.org