Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/b3019c-66cf-4f98-a856-134c47b94913/1/foD7eHE-rUfTxXJEwKvN_prKDXI.roa
File: foD7eHE-rUfTxXJEwKvN_prKDXI.roa (raw, json)
Hash identifier: 8TWcCbUsdE+8msJ+FIGwt3WdGS8zM2H5OWX+bDTHhCU=
Subject key identifier: 7E:80:FB:78:71:3E:AD:47:D3:C5:72:44:C0:AB:CD:FE:9A:CA:0D:72
Certificate issuer: /CN=dd29c370460bec753010fc7e68365c5770bf45e4
Certificate serial: 04C90B41
Authority key identifier: DD:29:C3:70:46:0B:EC:75:30:10:FC:7E:68:36:5C:57:70:BF:45:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SnDcEYL7HUwEPx-aDZcV3C_ReQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/b3019c-66cf-4f98-a856-134c47b94913/1/foD7eHE-rUfTxXJEwKvN_prKDXI.roa
Signing time: Sat 01 Jan 2022 13:05:56 +0000
ROA not before: Sat 01 Jan 2022 13:05:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15576
IP address blocks: 185.243.161.0/24 maxlen: 24
185.243.160.0/24 maxlen: 24
2a09:900:2::/47 maxlen: 47
2a09:900:200::/40 maxlen: 40
2a09:900:100::/40 maxlen: 40
2a09:900::/47 maxlen: 47
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80284481 (0x4c90b41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd29c370460bec753010fc7e68365c5770bf45e4
Validity
Not Before: Jan 1 13:05:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e80fb78713ead47d3c57244c0abcdfe9aca0d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d9:f9:58:70:ff:8c:94:42:fb:98:c9:6d:d0:
ff:a2:5d:a0:35:45:f8:91:b3:0b:10:c8:b9:22:2e:
5d:2e:90:40:db:b9:e0:20:8e:25:56:a9:f7:41:36:
2b:e7:58:4a:22:1f:c4:0f:4b:64:25:14:54:33:f5:
35:63:1e:a6:70:30:50:7b:48:ce:4d:23:0c:74:d5:
a2:18:d6:84:21:32:2b:ef:a4:22:cf:d6:32:9e:6e:
73:d3:c7:af:5c:4f:ac:eb:9f:9c:8a:91:cd:5e:04:
46:81:c6:d8:f4:16:59:62:5c:ab:03:ee:10:4e:71:
75:60:9c:d5:34:e9:97:90:19:f7:7c:6a:cc:05:08:
c3:87:09:7d:f0:40:6c:67:c0:0f:46:7e:86:d1:ca:
32:28:cf:59:d6:ed:e1:6a:08:70:ac:74:25:8d:7b:
86:f5:12:24:b9:3f:af:16:12:c0:7f:b5:61:84:bf:
9b:81:46:df:85:04:95:fa:d8:48:52:54:0a:e6:09:
f1:f3:57:2a:bc:05:95:d3:a6:02:55:6f:bf:76:9a:
b8:4b:0a:31:27:01:49:45:24:2f:55:70:cd:1a:7a:
39:b3:05:d1:4f:0c:29:8a:ae:a3:25:6b:18:90:53:
f6:3b:34:a7:51:6f:9d:f5:c8:e7:84:f8:6d:58:8f:
06:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:80:FB:78:71:3E:AD:47:D3:C5:72:44:C0:AB:CD:FE:9A:CA:0D:72
X509v3 Authority Key Identifier:
keyid:DD:29:C3:70:46:0B:EC:75:30:10:FC:7E:68:36:5C:57:70:BF:45:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SnDcEYL7HUwEPx-aDZcV3C_ReQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/b3019c-66cf-4f98-a856-134c47b94913/1/foD7eHE-rUfTxXJEwKvN_prKDXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/b3019c-66cf-4f98-a856-134c47b94913/1/3SnDcEYL7HUwEPx-aDZcV3C_ReQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.160.0/23
IPv6:
2a09:900::/46
2a09:900:100::-2a09:900:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:7d:26:3e:6b:3d:01:43:cb:b2:63:63:14:13:5f:55:4f:4d:
b5:18:e0:4a:c2:37:fe:93:20:79:1c:a8:fe:8a:a1:ad:f7:e0:
59:63:48:ea:86:51:c8:10:f4:20:54:d4:5d:2e:32:02:92:50:
8c:a9:02:4f:b9:ae:0d:7f:01:e8:af:e7:3b:48:01:74:ef:30:
24:ba:58:38:9a:32:a6:31:e8:13:54:88:cb:3c:99:d5:db:1c:
3f:f3:a4:cd:77:b9:4e:4e:7b:3b:1e:d7:7f:2e:da:c9:5b:19:
07:31:74:d6:e1:d0:f8:da:5c:b0:b5:54:e1:ab:3d:5b:4d:c2:
28:6c:45:56:9d:e6:24:f0:e4:c8:4c:91:c8:b8:28:57:39:f7:
83:8e:fe:83:ec:57:ba:a7:53:7b:60:b4:d4:a3:18:43:96:b3:
35:91:9e:c3:d5:2e:ec:f8:b2:ee:0b:6b:75:30:32:b8:9a:90:
04:d4:df:cc:d8:4c:83:bd:1b:63:f1:43:01:3d:70:14:01:71:
1e:f6:51:72:c2:e7:f5:59:67:27:a7:9c:46:79:c0:0a:6d:79:
e9:2a:16:2a:a3:03:c2:f3:5d:7c:e8:cf:77:ad:66:a4:a2:e6:
bd:9e:39:76:58:35:0e:27:c5:59:d8:13:a9:69:a3:12:84:d4:
b7:33:20:3c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBMkLQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDI5YzM3MDQ2MGJlYzc1MzAxMGZjN2U2ODM2NWM1NzcwYmY0NWU0MB4XDTIyMDEw
MTEzMDU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U4MGZiNzg3MTNl
YWQ0N2QzYzU3MjQ0YzBhYmNkZmU5YWNhMGQ3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnZ+Vhw/4yUQvuYyW3Q/6JdoDVF+JGzCxDIuSIuXS6QQNu5
4CCOJVap90E2K+dYSiIfxA9LZCUUVDP1NWMepnAwUHtIzk0jDHTVohjWhCEyK++k
Is/WMp5uc9PHr1xPrOufnIqRzV4ERoHG2PQWWWJcqwPuEE5xdWCc1TTpl5AZ93xq
zAUIw4cJffBAbGfAD0Z+htHKMijPWdbt4WoIcKx0JY17hvUSJLk/rxYSwH+1YYS/
m4FG34UElfrYSFJUCuYJ8fNXKrwFldOmAlVvv3aauEsKMScBSUUkL1VwzRp6ObMF
0U8MKYquoyVrGJBT9js0p1FvnfXI54T4bViPBtsCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBR+gPt4cT6tR9PFckTAq83+msoNcjAfBgNVHSMEGDAWgBTdKcNwRgvsdTAQ
/H5oNlxXcL9F5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNTbkRjRVlMN0hVd0VQeC1hRFpjVjNDX1JlUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvYjMwMTljLTY2Y2YtNGY5OC1hODU2LTEzNGM0N2I5NDkxMy8x
L2ZvRDdlSEUtclVmVHhYSkV3S3ZOX3ByS0RYSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
YjMwMTljLTY2Y2YtNGY5OC1hODU2LTEzNGM0N2I5NDkxMy8xLzNTbkRjRVlMN0hV
d0VQeC1hRFpjVjNDX1JlUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwDAQCAAEwBgMEAbnzoDAhBAIAAjAbAwcCKgkJAAAA
MBADBgAqCQkAAQMGACoJCQACMA0GCSqGSIb3DQEBCwUAA4IBAQALfSY+az0BQ8uy
Y2MUE19VT021GOBKwjf+kyB5HKj+iqGt9+BZY0jqhlHIEPQgVNRdLjICklCMqQJP
ua4NfwHor+c7SAF07zAkulg4mjKmMegTVIjLPJnV2xw/86TNd7lOTns7Htd/LtrJ
WxkHMXTW4dD42lywtVThqz1bTcIobEVWneYk8OTITJHIuChXOfeDjv6D7Fe6p1N7
YLTUoxhDlrM1kZ7D1S7s+LLuC2t1MDK4mpAE1N/M2EyDvRtj8UMBPXAUAXEe9lFy
wuf1WWcnp5xGecAKbXnpKhYqowPC81186M93rWakoua9njl2WDUOJ8VZ2BOpaaMS
hNS3MyA8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:42 2023 by rpki-client on console-fra.rpki-client.org