Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/afzOWeMFPKTSv2OpytYKVGPQgKw.roa
File: afzOWeMFPKTSv2OpytYKVGPQgKw.roa (raw, json)
Hash identifier: flRV4eyskCoOYezQtBOlGS3aUh/wxstHQDd3BDe2HNc=
Subject key identifier: 69:FC:CE:59:E3:05:3C:A4:D2:BF:63:A9:CA:D6:0A:54:63:D0:80:AC
Certificate issuer: /CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Certificate serial: 1B09E540
Authority key identifier: FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/afzOWeMFPKTSv2OpytYKVGPQgKw.roa
Signing time: Sat 01 Jan 2022 09:53:22 +0000
ROA not before: Sat 01 Jan 2022 09:53:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12876
IP address blocks: 62.4.0.0/19 maxlen: 19
212.83.160.0/19 maxlen: 19
212.47.224.0/19 maxlen: 19
62.210.0.0/16 maxlen: 16
195.154.0.0/16 maxlen: 16
212.83.128.0/19 maxlen: 19
212.129.0.0/18 maxlen: 18
2001:bc8:1400::/38 maxlen: 38
2001:bc8:1800::/38 maxlen: 38
2001:bc8:1c00::/38 maxlen: 38
2001:bc8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 453633344 (0x1b09e540)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Validity
Not Before: Jan 1 09:53:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69fcce59e3053ca4d2bf63a9cad60a5463d080ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b1:28:f9:6a:0c:63:17:ed:31:93:2d:90:8d:
7e:e1:61:19:20:82:82:e7:4a:0f:53:bb:4a:a4:cb:
37:41:e5:1d:f5:ac:d1:41:27:a7:b9:99:fb:4b:b0:
73:5e:48:84:85:9f:46:9a:87:90:26:57:67:b9:5b:
c1:bc:34:ff:c7:28:86:04:6d:36:68:b7:35:10:88:
df:8c:46:0f:cd:23:99:ab:cf:8b:40:c3:04:e4:cf:
95:82:87:26:fc:45:c2:00:0b:19:1c:3c:df:a8:8f:
50:fe:0d:f4:2c:10:75:cc:1e:08:ad:e8:02:74:56:
49:64:98:e3:ad:15:d8:99:b0:83:0d:c0:88:ff:85:
08:62:2a:39:65:7e:96:93:ed:6a:f2:1b:b6:cf:d8:
6f:a2:60:7e:73:c7:cb:6a:ce:95:52:78:b8:ea:ea:
60:93:50:6a:33:f6:03:50:20:a5:76:83:ab:47:80:
82:91:54:69:ef:f3:59:93:d0:76:c9:11:df:ff:28:
04:a4:af:10:ff:72:54:ba:e3:70:8c:cc:19:3f:15:
7a:25:47:db:6c:ee:cc:74:48:3e:df:46:c6:6c:e2:
ad:e7:e1:96:9a:d1:b6:1e:6e:c5:43:8f:89:7b:18:
d7:ad:77:95:43:16:be:26:45:18:6c:79:ef:23:13:
a5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FC:CE:59:E3:05:3C:A4:D2:BF:63:A9:CA:D6:0A:54:63:D0:80:AC
X509v3 Authority Key Identifier:
keyid:FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/afzOWeMFPKTSv2OpytYKVGPQgKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.0.0/19
62.210.0.0/16
195.154.0.0/16
212.47.224.0/19
212.83.128.0/18
212.129.0.0/18
IPv6:
2001:bc8::/32
Signature Algorithm: sha256WithRSAEncryption
0f:a3:39:3c:c5:f0:0d:f7:5a:3f:89:fb:8d:0c:e4:ba:ec:17:
c9:ac:a5:1f:65:ee:5b:c3:a2:3a:3f:d2:68:e4:1d:e8:71:d9:
0d:25:12:e5:70:f8:00:7f:b6:46:bf:b4:e0:8f:91:43:d9:65:
6e:6a:22:d7:7a:fb:26:14:d8:e8:88:74:2d:86:22:46:55:c5:
eb:23:06:86:6d:e1:5b:c0:a6:5c:f9:e1:10:8b:b0:b8:8a:b3:
76:94:0e:8a:e6:12:cc:9f:92:b2:46:34:a7:db:8a:a1:1e:58:
af:0a:29:e8:14:2b:8e:ef:5a:3c:c4:c3:f5:54:6b:1b:74:19:
25:1f:8a:25:b3:d0:b7:bf:f5:f0:cb:7b:73:f6:c0:a0:2c:4b:
db:50:97:e4:80:86:88:42:4b:c6:f2:6f:36:1e:2d:4f:bf:eb:
6e:be:63:53:67:af:0a:70:b9:03:c9:d2:7f:7d:88:50:28:9a:
f3:b5:c8:96:78:6e:c2:8d:60:25:eb:a8:76:4f:41:7a:cd:f3:
21:d3:d3:34:ee:62:b1:0c:6e:e6:e5:c4:30:4f:9a:1b:6c:6d:
cf:7f:8f:e3:68:0c:c8:7b:01:d5:9e:70:d3:c5:dd:65:27:ea:
98:92:13:70:6e:b1:97:1f:2d:38:99:23:b1:34:b8:87:a6:74:
fb:59:7b:47
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEGwnlQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWUxNmI0OTNkMmExMjg5N2NhZjQ3NTdiYjE4YTAyZWVjMmNkZTE3MB4XDTIyMDEw
MTA5NTMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlmY2NlNTllMzA1
M2NhNGQyYmY2M2E5Y2FkNjBhNTQ2M2QwODBhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+xKPlqDGMX7TGTLZCNfuFhGSCCgudKD1O7SqTLN0HlHfWs
0UEnp7mZ+0uwc15IhIWfRpqHkCZXZ7lbwbw0/8cohgRtNmi3NRCI34xGD80jmavP
i0DDBOTPlYKHJvxFwgALGRw836iPUP4N9CwQdcweCK3oAnRWSWSY460V2Jmwgw3A
iP+FCGIqOWV+lpPtavIbts/Yb6JgfnPHy2rOlVJ4uOrqYJNQajP2A1AgpXaDq0eA
gpFUae/zWZPQdskR3/8oBKSvEP9yVLrjcIzMGT8VeiVH22zuzHRIPt9Gxmzirefh
lprRth5uxUOPiXsY1613lUMWviZFGGx57yMTpf8CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRp/M5Z4wU8pNK/Y6nK1gpUY9CArDAfBgNVHSMEGDAWgBT64WtJPSoSiXyv
R1e7GKAu7CzeFzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtdUZyU1QwcUVvbDhyMGRYdXhpZ0x1d3MzaGMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UzLzI5M2QzNi05ZGEyLTQ0MDUtOGRlMy00YWZkODI1NGFlNDMv
MS9hZnpPV2VNRlBLVFN2Mk9weXRZS1ZHUFFnS3cucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uz
LzI5M2QzNi05ZGEyLTQ0MDUtOGRlMy00YWZkODI1NGFlNDMvMS8xLXVGclNUMHFF
b2w4cjBkWHV4aWdMdXdzM2hjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiAwQFPgQAAwMAPtIDAwDDmgMEBdQv
4AMEBtRTgAMEBtSBADANBAIAAjAHAwUAIAELyDANBgkqhkiG9w0BAQsFAAOCAQEA
D6M5PMXwDfdaP4n7jQzkuuwXyaylH2XuW8OiOj/SaOQd6HHZDSUS5XD4AH+2Rr+0
4I+RQ9llbmoi13r7JhTY6Ih0LYYiRlXF6yMGhm3hW8CmXPnhEIuwuIqzdpQOiuYS
zJ+SskY0p9uKoR5Yrwop6BQrju9aPMTD9VRrG3QZJR+KJbPQt7/18Mt7c/bAoCxL
21CX5ICGiEJLxvJvNh4tT7/rbr5jU2evCnC5A8nSf32IUCia87XIlnhuwo1gJeuo
dk9Bes3zIdPTNO5isQxu5uXEME+aG2xtz3+P42gMyHsB1Z5w08XdZSfqmJITcG6x
lx8tOJkjsTS4h6Z0+1l7Rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:16 2024 by rpki-client on console-fra.rpki-client.org