Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/yf7Fc7f8PiAddEul-2fxrZ5NSNo.roa
File: yf7Fc7f8PiAddEul-2fxrZ5NSNo.roa (raw, json)
Hash identifier: 3Ba4im3r/nXNug+s9DKZPXZf738AuxjWEHikv7vEZ1Y=
Subject key identifier: C9:FE:C5:73:B7:FC:3E:20:1D:74:4B:A5:FB:67:F1:AD:9E:4D:48:DA
Certificate issuer: /CN=bdb143996dfeff5f49cd2b09b941d0d5e578b3ff
Certificate serial: 0448963E
Authority key identifier: BD:B1:43:99:6D:FE:FF:5F:49:CD:2B:09:B9:41:D0:D5:E5:78:B3:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbFDmW3-_19JzSsJuUHQ1eV4s_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/yf7Fc7f8PiAddEul-2fxrZ5NSNo.roa
Signing time: Sat 01 Jan 2022 05:01:00 +0000
ROA not before: Sat 01 Jan 2022 05:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.135.128.0/24 maxlen: 24
195.191.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71865918 (0x448963e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb143996dfeff5f49cd2b09b941d0d5e578b3ff
Validity
Not Before: Jan 1 05:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9fec573b7fc3e201d744ba5fb67f1ad9e4d48da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ed:97:ac:a4:1e:e8:bf:54:8e:90:6c:32:7a:
d3:c6:88:79:24:f1:8c:f8:0c:8c:29:59:d0:a0:30:
e7:85:1b:7c:0b:1b:8a:05:98:0c:49:af:b0:50:a2:
69:db:0b:c7:4a:41:b4:f7:4d:a7:c6:1c:60:2e:c3:
b3:0b:5a:8b:76:be:85:f8:46:90:d2:43:5e:a4:22:
30:e0:a3:5d:5e:e8:6f:e7:a3:1d:ef:37:48:89:20:
4b:1b:ec:27:c5:15:a7:4a:1f:3c:c2:ed:54:d6:e5:
64:eb:36:93:ae:d6:8f:34:85:09:ae:66:25:0c:c4:
86:f9:34:3c:89:4e:18:fa:41:df:d2:56:7f:45:9c:
d2:ab:c1:75:06:ef:23:2a:5c:13:71:b9:93:fc:3c:
dc:ed:a7:a8:7c:f6:f7:97:8a:ca:7b:db:d8:0c:0b:
f5:41:1c:11:25:a3:fb:60:03:dd:72:83:0a:27:e2:
c6:1e:1b:9c:c0:04:2d:61:43:17:2e:44:24:2a:e6:
11:98:36:92:ff:e3:86:31:35:fb:d8:3b:d3:59:81:
2a:0d:68:87:83:dd:a9:50:5f:c9:43:b0:0b:a5:ca:
4a:8f:ce:4f:92:6f:d0:01:0d:ed:02:a8:91:46:c0:
8f:4e:e4:f3:a3:bd:6d:e4:6e:5f:ae:60:7a:aa:33:
00:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:FE:C5:73:B7:FC:3E:20:1D:74:4B:A5:FB:67:F1:AD:9E:4D:48:DA
X509v3 Authority Key Identifier:
keyid:BD:B1:43:99:6D:FE:FF:5F:49:CD:2B:09:B9:41:D0:D5:E5:78:B3:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbFDmW3-_19JzSsJuUHQ1eV4s_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/yf7Fc7f8PiAddEul-2fxrZ5NSNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/vbFDmW3-_19JzSsJuUHQ1eV4s_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.128.0/24
195.191.165.0/24
Signature Algorithm: sha256WithRSAEncryption
91:42:e6:3e:91:bb:58:28:3e:fb:e5:83:e6:49:f1:90:51:8d:
cd:44:f9:42:fc:6d:c9:37:3e:39:ec:94:53:95:a5:60:1e:c0:
4f:0d:a7:3b:47:3c:91:c5:25:d1:9f:72:0a:f0:14:46:b0:40:
d3:6a:fc:27:e2:aa:a5:3d:50:08:ed:6c:a3:dd:15:c4:ff:b2:
80:d7:6a:f0:4f:46:5f:1b:38:a1:ca:9e:9f:1c:47:73:27:8a:
65:41:60:54:1f:d6:00:54:4f:eb:28:ee:ee:a9:77:2a:be:05:
62:60:a9:a8:eb:2a:a8:cc:3e:58:ae:35:76:61:83:47:56:e4:
bc:f6:a4:d6:ad:5f:dc:b3:8a:a8:f9:85:61:4f:90:21:69:27:
1b:75:99:da:ea:2d:f8:58:f4:10:ac:d1:70:18:b6:a2:45:91:
02:92:f7:cf:69:a3:6e:de:0e:25:73:ce:a7:30:d4:58:7a:0a:
65:83:26:1c:d4:f6:0a:83:73:e8:a5:12:a3:89:05:8b:8b:5b:
b1:17:57:74:b7:ca:32:df:26:24:93:f4:0b:4c:d9:03:a3:06:
35:d7:90:fe:81:a6:90:dc:b8:89:c1:6f:9f:21:2b:71:05:16:
1a:5b:5b:4b:75:e0:51:1b:0f:9d:f0:c2:2d:41:46:7c:92:d3:
f4:29:1c:49
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBEiWPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGIxNDM5OTZkZmVmZjVmNDljZDJiMDliOTQxZDBkNWU1NzhiM2ZmMB4XDTIyMDEw
MTA1MDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzlmZWM1NzNiN2Zj
M2UyMDFkNzQ0YmE1ZmI2N2YxYWQ5ZTRkNDhkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHtl6ykHui/VI6QbDJ608aIeSTxjPgMjClZ0KAw54UbfAsb
igWYDEmvsFCiadsLx0pBtPdNp8YcYC7Dswtai3a+hfhGkNJDXqQiMOCjXV7ob+ej
He83SIkgSxvsJ8UVp0ofPMLtVNblZOs2k67WjzSFCa5mJQzEhvk0PIlOGPpB39JW
f0Wc0qvBdQbvIypcE3G5k/w83O2nqHz295eKynvb2AwL9UEcESWj+2AD3XKDCifi
xh4bnMAELWFDFy5EJCrmEZg2kv/jhjE1+9g701mBKg1oh4PdqVBfyUOwC6XKSo/O
T5Jv0AEN7QKokUbAj07k86O9beRuX65geqozAB8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTJ/sVzt/w+IB10S6X7Z/Gtnk1I2jAfBgNVHSMEGDAWgBS9sUOZbf7/X0nN
Kwm5QdDV5Xiz/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZiRkRtVzMtXzE5SnpTc0p1VUhRMWVWNHNfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvZmJkOTExLThkMzctNGUzZS05NTk5LWZjMjljYWE1ZGI3YS8x
L3lmN0ZjN2Y4UGlBZGRFdWwtMmZ4clo1TlNOby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
ZmJkOTExLThkMzctNGUzZS05NTk5LWZjMjljYWE1ZGI3YS8xL3ZiRkRtVzMtXzE5
SnpTc0p1VUhRMWVWNHNfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmHgAMEAMO/pTANBgkqhkiG9w0B
AQsFAAOCAQEAkULmPpG7WCg+++WD5knxkFGNzUT5QvxtyTc+OeyUU5WlYB7ATw2n
O0c8kcUl0Z9yCvAURrBA02r8J+KqpT1QCO1so90VxP+ygNdq8E9GXxs4ocqenxxH
cyeKZUFgVB/WAFRP6yju7ql3Kr4FYmCpqOsqqMw+WK41dmGDR1bkvPak1q1f3LOK
qPmFYU+QIWknG3WZ2uot+Fj0EKzRcBi2okWRApL3z2mjbt4OJXPOpzDUWHoKZYMm
HNT2CoNz6KUSo4kFi4tbsRdXdLfKMt8mJJP0C0zZA6MGNdeQ/oGmkNy4icFvnyEr
cQUWGltbS3XgURsPnfDCLUFGfJLT9CkcSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:03 2024 by rpki-client on console-fra.rpki-client.org