Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/SrsTfdb9bai_hErLUfUSWxOiXLE.roa
File: SrsTfdb9bai_hErLUfUSWxOiXLE.roa (raw, json)
Hash identifier: ld5+CHcS6eTJ8qk8/K2XxwvN1ZCJ7B0HnBPnqAvvdK4=
Subject key identifier: 4A:BB:13:7D:D6:FD:6D:A8:BF:84:4A:CB:51:F5:12:5B:13:A2:5C:B1
Certificate issuer: /CN=fd53c3aff31e27d2a1bc4d9b3ee75bb8a9b57838
Certificate serial: 0181F1A998FAEF88ED1CB4E00E15D749DE49
Authority key identifier: FD:53:C3:AF:F3:1E:27:D2:A1:BC:4D:9B:3E:E7:5B:B8:A9:B5:78:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_VPDr_MeJ9KhvE2bPudbuKm1eDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/SrsTfdb9bai_hErLUfUSWxOiXLE.roa
Signing time: Tue 12 Jul 2022 09:07:12 +0000
ROA not before: Tue 12 Jul 2022 09:07:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196810
IP address blocks: 185.15.200.0/22 maxlen: 22
185.213.204.0/22 maxlen: 22
89.207.232.0/21 maxlen: 25
194.104.86.0/23 maxlen: 23
185.170.16.0/22 maxlen: 22
194.104.2.0/23 maxlen: 23
178.23.168.0/21 maxlen: 25
185.224.40.0/22 maxlen: 22
2a02:ab40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f1:a9:98:fa:ef:88:ed:1c:b4:e0:0e:15:d7:49:de:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd53c3aff31e27d2a1bc4d9b3ee75bb8a9b57838
Validity
Not Before: Jul 12 09:07:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4abb137dd6fd6da8bf844acb51f5125b13a25cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5c:6f:aa:08:43:95:51:1a:b6:26:4f:eb:17:
2f:13:65:6c:88:11:b2:8c:bd:74:b9:ea:e2:04:1f:
15:da:8c:04:0d:29:a7:b8:e8:30:fb:0d:4f:83:bb:
ed:a1:08:22:c8:9e:bb:30:27:98:ee:c1:2c:02:6f:
54:ad:33:97:ea:bb:32:2c:13:fc:26:1d:67:e7:4c:
ba:c5:91:80:fc:f5:f5:13:f7:56:6c:32:c0:e3:a6:
f8:41:ff:31:cc:85:d5:de:b7:ab:2f:1d:e3:57:16:
0e:05:48:6b:a4:12:95:71:94:fb:f5:c6:1a:50:65:
88:45:94:75:f4:0d:d1:cb:4e:02:4b:1d:ef:c5:78:
7b:54:8d:f4:41:88:18:4a:66:d7:41:2d:a8:d9:ae:
43:0d:c7:aa:06:fa:2c:c8:c5:09:1b:73:f3:f7:bf:
2f:59:1f:dd:23:5a:28:5c:1f:c1:93:d2:73:2e:63:
f4:e0:66:50:09:52:a1:c4:99:0e:36:a2:ca:95:60:
78:7d:74:3d:e9:8d:18:76:69:20:11:8f:af:1c:83:
7e:4e:c2:6d:01:f7:06:59:eb:cc:da:42:fa:d0:ca:
8a:8c:17:67:b9:5b:16:ed:07:53:2e:eb:52:4d:74:
16:af:99:83:25:87:88:e4:23:82:a3:70:a9:c1:72:
f5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:BB:13:7D:D6:FD:6D:A8:BF:84:4A:CB:51:F5:12:5B:13:A2:5C:B1
X509v3 Authority Key Identifier:
keyid:FD:53:C3:AF:F3:1E:27:D2:A1:BC:4D:9B:3E:E7:5B:B8:A9:B5:78:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_VPDr_MeJ9KhvE2bPudbuKm1eDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/SrsTfdb9bai_hErLUfUSWxOiXLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/d1e68a-1c87-483d-a89d-56dbff14ee05/1/_VPDr_MeJ9KhvE2bPudbuKm1eDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.232.0/21
178.23.168.0/21
185.15.200.0/22
185.170.16.0/22
185.213.204.0/22
185.224.40.0/22
194.104.2.0/23
194.104.86.0/23
IPv6:
2a02:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
70:36:7c:1d:a9:58:80:ce:d0:92:4a:97:e6:64:7c:76:e3:d3:
1e:5b:4d:de:dd:55:ae:09:36:34:8c:d9:4b:02:df:b9:e7:ce:
95:ff:77:5b:02:1f:61:74:24:c0:40:49:c3:f4:1f:70:04:bb:
a9:ac:f9:84:b4:0d:2f:c8:e5:9d:2a:7d:0a:8d:4a:56:fe:53:
36:4c:7a:3c:38:cd:c2:66:6d:f8:a5:66:b2:91:0c:8e:fe:06:
d5:23:19:13:24:45:e6:6f:93:5f:cd:c5:7e:d4:7f:38:18:bd:
53:40:84:e1:31:8c:47:23:ba:6d:37:61:a1:de:5f:2c:a3:09:
f6:2b:88:fd:dd:6f:9f:e5:9d:5d:95:ae:dc:09:5e:01:ec:ee:
1f:ae:da:82:de:3c:02:9f:ef:ee:67:c6:28:28:d5:da:48:7c:
b8:55:f0:ae:20:7b:01:cd:29:54:71:97:0b:e3:67:17:22:c4:
b4:7f:63:ff:15:9c:46:e9:e5:c1:e1:7f:56:0c:48:c5:04:84:
39:e9:11:2b:e4:42:33:03:95:4e:69:11:e4:d8:43:f4:09:93:
d2:4f:01:a5:d2:e0:9c:15:17:4b:0f:9f:23:16:ef:0b:72:6d:
c3:da:ba:a0:89:73:c8:e1:27:66:40:19:ca:75:62:de:b2:fd:
76:bc:59:b3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYHxqZj674jtHLTgDhXXSd5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNTNjM2FmZjMxZTI3ZDJhMWJjNGQ5YjNlZTc1YmI4YTli
NTc4MzgwHhcNMjIwNzEyMDkwNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWJiMTM3ZGQ2ZmQ2ZGE4YmY4NDRhY2I1MWY1MTI1YjEzYTI1Y2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFxvqghDlVEatiZP6xcvE2VsiBGy
jL10ueriBB8V2owEDSmnuOgw+w1Pg7vtoQgiyJ67MCeY7sEsAm9UrTOX6rsyLBP8
Jh1n50y6xZGA/PX1E/dWbDLA46b4Qf8xzIXV3rerLx3jVxYOBUhrpBKVcZT79cYa
UGWIRZR19A3Ry04CSx3vxXh7VI30QYgYSmbXQS2o2a5DDceqBvosyMUJG3Pz978v
WR/dI1ooXB/Bk9JzLmP04GZQCVKhxJkONqLKlWB4fXQ96Y0YdmkgEY+vHIN+TsJt
AfcGWevM2kL60MqKjBdnuVsW7QdTLutSTXQWr5mDJYeI5COCo3CpwXL1cQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEq7E33W/W2ov4RKy1H1ElsTolyxMB8GA1UdIwQY
MBaAFP1Tw6/zHifSobxNmz7nW7iptXg4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1ZQRHJfTWVKOUtodkUyYlB1ZGJ1S20xZURnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9kMWU2OGEtMWM4Ny00ODNkLWE4OWQt
NTZkYmZmMTRlZTA1LzEvU3JzVGZkYjliYWlfaEVyTFVmVVNXeE9pWExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9kMWU2OGEtMWM4Ny00ODNkLWE4OWQtNTZkYmZmMTRlZTA1
LzEvX1ZQRHJfTWVKOUtodkUyYlB1ZGJ1S20xZURnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDWc/oAwQD
sheoAwQCuQ/IAwQCuaoQAwQCudXMAwQCueAoAwQBwmgCAwQBwmhWMA0EAgACMAcD
BQMqAqtAMA0GCSqGSIb3DQEBCwUAA4IBAQBwNnwdqViAztCSSpfmZHx249MeW03e
3VWuCTY0jNlLAt+5586V/3dbAh9hdCTAQEnD9B9wBLuprPmEtA0vyOWdKn0KjUpW
/lM2THo8OM3CZm34pWaykQyO/gbVIxkTJEXmb5NfzcV+1H84GL1TQIThMYxHI7pt
N2Gh3l8sown2K4j93W+f5Z1dla7cCV4B7O4frtqC3jwCn+/uZ8YoKNXaSHy4VfCu
IHsBzSlUcZcL42cXIsS0f2P/FZxG6eXB4X9WDEjFBIQ56REr5EIzA5VOaRHk2EP0
CZPSTwGl0uCcFRdLD58jFu8Lcm3D2rqgiXPI4SdmQBnKdWLesv12vFmz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:13 2024 by rpki-client on console-ams.rpki-client.org