Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/kFbqI8jLsL_2O2KM0hMG20xPM2o.roa
File: kFbqI8jLsL_2O2KM0hMG20xPM2o.roa (raw, json)
Hash identifier: zsvDYjWFnqSAB3m7Or+zYCMTheMy1nlt+Tgf4dnOOF0=
Subject key identifier: 90:56:EA:23:C8:CB:B0:BF:F6:3B:62:8C:D2:13:06:DB:4C:4F:33:6A
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 18C7BF3B
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/kFbqI8jLsL_2O2KM0hMG20xPM2o.roa
Signing time: Sat 01 Jan 2022 02:59:07 +0000
ROA not before: Sat 01 Jan 2022 02:59:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3598
IP address blocks: 194.69.100.0/22 maxlen: 24
2a01:110:8020::/48 maxlen: 48
2a01:110:8068::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415743803 (0x18c7bf3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jan 1 02:59:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9056ea23c8cbb0bff63b628cd21306db4c4f336a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ef:06:9a:c3:95:f9:44:f3:e5:ed:33:0d:6f:
1c:ff:d1:90:7b:a1:62:0f:cd:3c:65:c9:8a:f5:6c:
21:72:6b:72:a9:7f:98:0f:fc:11:f9:f6:a8:90:ca:
1f:56:11:45:72:55:2c:56:0f:e1:12:c2:b9:97:ba:
76:0e:19:ca:d5:72:97:91:f6:82:b9:27:f4:21:86:
67:43:1c:7f:58:01:20:88:ee:5e:cb:89:f7:a2:b3:
13:9b:f7:df:be:ab:4d:47:e6:4e:5e:19:65:e2:1f:
04:9d:26:7d:6b:fc:83:cf:35:b8:87:60:b9:b0:53:
f8:fa:fd:67:3c:e2:a4:03:c8:4b:8a:1d:06:62:26:
01:6b:ff:15:69:90:11:48:3b:12:a7:c0:c5:fc:02:
3d:c1:fe:df:97:20:03:06:46:6d:98:4d:05:d1:be:
1c:e1:cd:8a:f2:48:ab:1f:d0:61:38:f1:30:6e:16:
6a:59:c9:c9:57:0f:f1:26:24:b3:9d:f4:cb:b1:fb:
54:ae:b6:4b:4d:88:d5:64:b6:ac:72:d8:a1:38:43:
72:b5:42:85:ce:c2:28:2f:6c:c3:b6:f6:66:af:4e:
d7:d9:41:14:d9:02:94:41:e3:df:09:c2:11:a7:ae:
bf:4a:ee:91:c6:af:36:a0:7f:6d:72:d9:a9:4d:00:
a0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:56:EA:23:C8:CB:B0:BF:F6:3B:62:8C:D2:13:06:DB:4C:4F:33:6A
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/kFbqI8jLsL_2O2KM0hMG20xPM2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.69.100.0/22
IPv6:
2a01:110:8020::/48
2a01:110:8068::/48
Signature Algorithm: sha256WithRSAEncryption
0f:92:39:d7:f7:ed:0d:41:bc:2b:33:9c:13:50:ca:dd:f1:38:
d4:3f:5b:8d:bc:fe:a0:b1:25:6f:d3:f0:4c:57:52:4f:82:32:
dc:be:10:3d:4c:51:f7:78:11:fa:4c:c1:e4:9b:a8:89:b8:79:
35:5e:33:5a:85:e8:94:40:49:8d:e0:8b:9a:de:09:c9:1f:90:
01:0f:d2:17:10:f5:c2:e1:23:da:fb:b1:d1:bc:04:c1:4c:07:
d0:ef:64:e9:b1:1a:1a:f3:a7:23:d0:42:9f:94:28:3b:a5:f7:
54:e8:91:6b:10:42:23:10:51:72:70:28:84:06:0b:fb:7d:ab:
e6:f9:7f:c0:85:d7:07:52:95:79:0e:ae:50:38:3f:e1:d9:5c:
69:5e:5a:40:ab:e7:f8:a8:b5:97:43:53:3d:ef:69:65:ea:dc:
62:de:a9:5b:fb:83:76:2b:12:68:84:b1:4c:5a:28:b8:a8:9b:
aa:13:f0:de:17:6e:06:db:7e:02:59:1f:49:37:27:e5:be:76:
f0:4a:bd:06:6b:f4:20:c3:d7:f3:f6:19:16:45:b3:74:8f:fc:
98:46:6e:ee:9a:bf:ed:1d:95:b8:33:e3:b3:6f:90:9d:b0:4c:
fe:7c:7c:91:8c:fe:ea:08:07:f0:1d:09:19:39:6a:f0:ac:8b:
92:80:4b:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEGMe/OzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2U2OGRhZjVmMDg5NDU2YzBlMWQwMjI0NTM5MzUzMWFjNWI4ZmNiMB4XDTIyMDEw
MTAyNTkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA1NmVhMjNjOGNi
YjBiZmY2M2I2MjhjZDIxMzA2ZGI0YzRmMzM2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLvBprDlflE8+XtMw1vHP/RkHuhYg/NPGXJivVsIXJrcql/
mA/8Efn2qJDKH1YRRXJVLFYP4RLCuZe6dg4ZytVyl5H2grkn9CGGZ0Mcf1gBIIju
XsuJ96KzE5v3376rTUfmTl4ZZeIfBJ0mfWv8g881uIdgubBT+Pr9ZzzipAPIS4od
BmImAWv/FWmQEUg7EqfAxfwCPcH+35cgAwZGbZhNBdG+HOHNivJIqx/QYTjxMG4W
alnJyVcP8SYks530y7H7VK62S02I1WS2rHLYoThDcrVChc7CKC9sw7b2Zq9O19lB
FNkClEHj3wnCEaeuv0rukcavNqB/bXLZqU0AoAMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSQVuojyMuwv/Y7YozSEwbbTE8zajAfBgNVHSMEGDAWgBR85o2vXwiUVsDh
0CJFOTUxrFuPyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZPYU5yMThJbEZiQTRkQWlSVGsxTWF4Ymo4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8x
L2tGYnFJOGpMc0xfMk8yS00waE1HMjB4UE0yby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8xL2ZPYU5yMThJbEZi
QTRkQWlSVGsxTWF4Ymo4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAsJFZDAYBAIAAjASAwcAKgEBEIAg
AwcAKgEBEIBoMA0GCSqGSIb3DQEBCwUAA4IBAQAPkjnX9+0NQbwrM5wTUMrd8TjU
P1uNvP6gsSVv0/BMV1JPgjLcvhA9TFH3eBH6TMHkm6iJuHk1XjNaheiUQEmN4Iua
3gnJH5ABD9IXEPXC4SPa+7HRvATBTAfQ72TpsRoa86cj0EKflCg7pfdU6JFrEEIj
EFFycCiEBgv7favm+X/AhdcHUpV5Dq5QOD/h2VxpXlpAq+f4qLWXQ1M972ll6txi
3qlb+4N2KxJohLFMWii4qJuqE/DeF24G234CWR9JNyflvnbwSr0Ga/Qgw9fz9hkW
RbN0j/yYRm7umr/tHZW4M+Ozb5CdsEz+fHyRjP7qCAfwHQkZOWrwrIuSgEt6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org