Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/FKAXP2SFv5c-CANy-KRB0YhZ6Z8.roa
File: FKAXP2SFv5c-CANy-KRB0YhZ6Z8.roa (raw, json)
Hash identifier: UJPZM3hUkUmuEkFaxz22s78XJkX8I+FRmNIrg0+P43E=
Subject key identifier: 14:A0:17:3F:64:85:BF:97:3E:08:03:72:F8:A4:41:D1:88:59:E9:9F
Certificate issuer: /CN=80615315dc750c03e60fc36a750c5e3ff66eac94
Certificate serial: 0886E24C
Authority key identifier: 80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/FKAXP2SFv5c-CANy-KRB0YhZ6Z8.roa
Signing time: Tue 22 Feb 2022 05:47:32 +0000
ROA not before: Tue 22 Feb 2022 05:47:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199669
IP address blocks: 185.195.170.0/23 maxlen: 24
91.109.200.0/21 maxlen: 24
46.29.118.0/23 maxlen: 24
185.10.44.0/24 maxlen: 24
185.10.44.0/22 maxlen: 24
185.71.196.0/22 maxlen: 24
2a03:ec0::/48 maxlen: 64
2a03:ec0:1::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143057484 (0x886e24c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80615315dc750c03e60fc36a750c5e3ff66eac94
Validity
Not Before: Feb 22 05:47:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14a0173f6485bf973e080372f8a441d18859e99f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:1a:30:d6:65:b8:92:69:a4:ee:87:e0:aa:71:
18:69:59:5e:9f:d3:da:33:ed:9e:f8:2f:c8:13:17:
43:bd:d3:2f:a8:a0:9d:a7:ae:b0:7f:8d:7a:11:44:
13:25:93:05:a5:88:20:61:1a:bd:26:03:c3:31:13:
bb:fe:9e:b8:03:b1:60:e2:91:b7:5e:c3:d3:b1:13:
19:ca:40:a7:84:80:77:f5:a3:cb:b5:24:4f:5d:99:
2c:87:9d:d5:7b:d1:13:ff:49:40:d3:67:80:66:37:
99:0c:1d:10:5f:c8:61:87:b2:6a:13:64:b3:9e:e6:
3b:3d:29:50:f7:90:fa:6b:fa:8c:67:07:d6:f5:a1:
77:df:31:38:c0:04:45:12:7c:66:68:93:d1:17:47:
dc:46:0a:d4:0f:a2:f4:7f:2e:92:2a:5e:a7:15:27:
3b:42:3e:98:ae:fe:de:05:ab:70:9b:43:0f:47:57:
ae:c0:a7:a1:ce:93:55:58:2a:e3:ec:79:1a:58:05:
67:b6:43:70:3d:27:c0:2a:97:9f:7f:95:24:3a:70:
4c:33:ef:cd:fc:d5:44:55:d8:e6:a0:9d:d1:4d:d8:
5a:78:bc:e0:d4:11:a0:af:4d:d7:f1:ae:bd:9d:9b:
b5:d7:3f:1d:74:09:bb:9f:04:53:74:17:5c:af:2a:
7e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A0:17:3F:64:85:BF:97:3E:08:03:72:F8:A4:41:D1:88:59:E9:9F
X509v3 Authority Key Identifier:
keyid:80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/FKAXP2SFv5c-CANy-KRB0YhZ6Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.118.0/23
91.109.200.0/21
185.10.44.0/22
185.71.196.0/22
185.195.170.0/23
IPv6:
2a03:ec0::/47
Signature Algorithm: sha256WithRSAEncryption
0b:43:88:4f:51:d4:b6:5c:c7:98:43:10:f1:83:d9:2e:dc:d8:
39:7c:36:51:1e:8f:39:31:38:4d:66:d6:8b:40:f2:52:c4:8d:
3b:80:a2:10:3c:fa:f2:3c:e9:67:31:11:3d:86:ec:dc:8d:fc:
86:b8:cf:bf:43:0e:f0:b5:c5:12:c7:50:11:f9:a7:41:51:e6:
ac:90:24:c7:7b:a4:d1:4d:8f:89:27:4f:f4:c8:22:6b:1a:66:
18:20:0d:41:83:2a:db:e8:ec:58:2e:a9:60:84:77:6d:4b:08:
2c:4a:9e:42:d2:27:a0:9d:eb:b6:c9:85:63:a2:09:b6:14:2e:
4f:80:6e:7a:8b:c0:15:28:22:0e:3b:e7:f2:64:74:7f:89:61:
b7:9d:ae:c3:c7:10:6c:56:5e:83:ec:f6:71:79:f4:66:89:64:
27:02:5f:36:8b:ba:b4:30:fc:48:87:b7:f6:38:f7:3f:66:a5:
bb:ff:80:96:2a:5a:d3:b9:a2:37:db:15:91:ef:61:d6:a5:97:
40:17:6e:18:74:3d:3f:12:fe:71:00:98:ea:d4:c6:4b:e2:03:
f0:ff:95:51:9f:49:c3:f0:1a:00:8d:8e:82:c0:5e:1d:77:72:
26:d8:ee:b4:92:f6:be:61:27:f6:53:54:5d:87:c9:60:f4:a4:
36:98:bf:63
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIECIbiTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MDYxNTMxNWRjNzUwYzAzZTYwZmMzNmE3NTBjNWUzZmY2NmVhYzk0MB4XDTIyMDIy
MjA1NDczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRhMDE3M2Y2NDg1
YmY5NzNlMDgwMzcyZjhhNDQxZDE4ODU5ZTk5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPIaMNZluJJppO6H4KpxGGlZXp/T2jPtnvgvyBMXQ73TL6ig
naeusH+NehFEEyWTBaWIIGEavSYDwzETu/6euAOxYOKRt17D07ETGcpAp4SAd/Wj
y7UkT12ZLIed1XvRE/9JQNNngGY3mQwdEF/IYYeyahNks57mOz0pUPeQ+mv6jGcH
1vWhd98xOMAERRJ8ZmiT0RdH3EYK1A+i9H8ukipepxUnO0I+mK7+3gWrcJtDD0dX
rsCnoc6TVVgq4+x5GlgFZ7ZDcD0nwCqXn3+VJDpwTDPvzfzVRFXY5qCd0U3YWni8
4NQRoK9N1/GuvZ2btdc/HXQJu58EU3QXXK8qfqECAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBQUoBc/ZIW/lz4IA3L4pEHRiFnpnzAfBgNVHSMEGDAWgBSAYVMV3HUMA+YP
w2p1DF4/9m6slDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dHRlRGZHgxREFQbUQ4TnFkUXhlUF9adXJKUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZGU4NGNlLWQ3MDQtNDc2Ni1hMzg4LWY4ZTViMmQ4NjgwYy8x
L0ZLQVhQMlNGdjVjLUNBTnktS1JCMFloWjZaOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZGU4NGNlLWQ3MDQtNDc2Ni1hMzg4LWY4ZTViMmQ4NjgwYy8xL2dHRlRGZHgxREFQ
bUQ4TnFkUXhlUF9adXJKUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEAS4ddgMEA1ttyAMEArkKLAMEArlH
xAMEAbnDqjAPBAIAAjAJAwcBKgMOwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQALQ4hP
UdS2XMeYQxDxg9ku3Ng5fDZRHo85MThNZtaLQPJSxI07gKIQPPryPOlnMRE9huzc
jfyGuM+/Qw7wtcUSx1AR+adBUeaskCTHe6TRTY+JJ0/0yCJrGmYYIA1Bgyrb6OxY
LqlghHdtSwgsSp5C0iegneu2yYVjogm2FC5PgG56i8AVKCIOO+fyZHR/iWG3na7D
xxBsVl6D7PZxefRmiWQnAl82i7q0MPxIh7f2OPc/ZqW7/4CWKlrTuaI32xWR72HW
pZdAF24YdD0/Ev5xAJjq1MZL4gPw/5VRn0nD8BoAjY6CwF4dd3Im2O60kva+YSf2
U1Rdh8lg9KQ2mL9j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:59 2024 by rpki-client on console-ams.rpki-client.org