Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/f_lg42UCAJ_2LfmZmoOZKZFyWN0.roa
File: f_lg42UCAJ_2LfmZmoOZKZFyWN0.roa (raw, json)
Hash identifier: UqBsaOMsAuAqOuh534HW9YpNPvodkLDiEc8Wgx0D0hw=
Subject key identifier: 7F:F9:60:E3:65:02:00:9F:F6:2D:F9:99:9A:83:99:29:91:72:58:DD
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0184A3A9AB268D1F5CCA2C4F2A1871FAA6D2
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/f_lg42UCAJ_2LfmZmoOZKZFyWN0.roa
Signing time: Wed 23 Nov 2022 08:45:16 +0000
ROA not before: Wed 23 Nov 2022 08:45:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 109.205.211.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
88.151.192.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:a9:ab:26:8d:1f:5c:ca:2c:4f:2a:18:71:fa:a6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 23 08:45:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ff960e36502009ff62df9999a839929917258dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a2:a4:91:a0:ef:ce:6a:34:af:79:1c:15:31:
45:b6:80:9a:df:89:e8:c5:26:35:59:fc:e2:15:48:
79:b8:23:69:f4:f7:c0:f2:6f:7b:f3:81:10:5d:8f:
df:e5:8a:3e:a2:c8:aa:d1:a5:c6:b6:54:d4:68:8e:
85:9f:32:00:0b:7d:b4:2f:bc:be:5d:44:d3:cf:53:
f7:98:79:37:dc:f1:22:f8:b4:33:41:82:ba:3d:4d:
6d:58:b5:92:67:41:55:19:4e:fa:86:ad:b1:33:a9:
30:b2:d8:d0:98:92:60:a5:01:77:b7:87:8c:b6:f4:
ce:d3:9b:b0:b5:9a:80:71:2b:ba:45:77:c0:2e:9b:
b0:71:79:20:3a:78:9e:b9:89:4b:25:2d:72:8e:fd:
03:9b:b0:96:da:25:ef:65:c5:cd:f9:32:63:fd:be:
27:f2:16:34:e5:b5:3b:e2:fb:52:f7:c9:98:ca:17:
25:00:78:cc:d4:71:c8:4e:d9:8b:ed:bd:98:7a:e9:
54:f6:46:a7:5c:d6:82:88:5a:b5:04:d8:fc:be:a7:
bd:0a:80:2c:e1:30:a4:19:c7:c0:56:5a:e8:02:60:
d8:4d:3d:e5:10:d4:2d:eb:54:08:8d:20:b8:ac:1d:
51:0f:b3:ea:2d:f7:94:3e:01:93:df:e7:43:17:ff:
63:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F9:60:E3:65:02:00:9F:F6:2D:F9:99:9A:83:99:29:91:72:58:DD
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/f_lg42UCAJ_2LfmZmoOZKZFyWN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
88.151.192.0/24
109.205.211.0/24
185.81.216.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:10:84:d5:04:4f:6a:f5:6e:d5:97:23:a6:c1:8e:e1:23:91:
64:26:98:a2:f7:4c:1f:8f:b1:df:99:9f:0f:15:c5:a8:af:17:
82:64:27:9c:d0:99:4a:21:d0:a0:ab:fd:64:b0:9c:d9:3f:32:
23:da:16:5f:c3:74:bf:29:c6:6d:5b:bb:fa:94:ee:ab:2e:bb:
44:ef:b4:1f:c1:9e:5e:5e:a1:ae:87:8b:58:0d:16:d6:5f:ed:
fc:d5:26:54:44:ea:f1:19:82:25:d3:95:c5:e6:19:a5:17:85:
c7:81:a2:16:cc:e0:6e:6d:1b:2e:87:70:10:39:f8:a4:85:6c:
e3:73:81:11:8b:80:f3:2f:c1:9e:58:81:1f:94:2f:1c:78:6b:
05:e4:6a:c4:2e:a3:f3:c7:19:8b:c7:d6:00:d6:75:9f:2b:d5:
f9:dc:7f:f5:c8:d2:97:7b:59:e6:23:8d:04:d6:4c:c8:39:55:
f7:c9:d7:1d:a7:44:d0:8e:2b:6d:1a:39:29:56:7e:fb:4e:c0:
90:c1:f0:6b:3e:db:66:7a:cc:a4:65:29:a7:c1:03:03:30:ec:
f8:e5:8e:ec:41:d4:d6:7c:85:a7:44:31:a3:79:8f:ea:03:28:
86:93:de:ed:d6:46:21:35:f3:39:3e:5e:86:f2:4e:9c:88:e5:
9e:53:a1:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYSjqasmjR9cyixPKhhx+qbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTIzMDg0NTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmY5NjBlMzY1MDIwMDlmZjYyZGY5OTk5YTgzOTkyOTkxNzI1OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aKkkaDvzmo0r3kcFTFFtoCa34no
xSY1WfziFUh5uCNp9PfA8m9784EQXY/f5Yo+osiq0aXGtlTUaI6FnzIAC320L7y+
XUTTz1P3mHk33PEi+LQzQYK6PU1tWLWSZ0FVGU76hq2xM6kwstjQmJJgpQF3t4eM
tvTO05uwtZqAcSu6RXfALpuwcXkgOnieuYlLJS1yjv0Dm7CW2iXvZcXN+TJj/b4n
8hY05bU74vtS98mYyhclAHjM1HHITtmL7b2YeulU9kanXNaCiFq1BNj8vqe9CoAs
4TCkGcfAVlroAmDYTT3lENQt61QIjSC4rB1RD7PqLfeUPgGT3+dDF/9jSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH/5YONlAgCf9i35mZqDmSmRcljdMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvZl9sZzQyVUNBSl8yTGZtWm1vT1pLWkZ5V04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJYDIAwQA
WJfAAwQAbc3TAwQBuVHYMA0GCSqGSIb3DQEBCwUAA4IBAQC6EITVBE9q9W7VlyOm
wY7hI5FkJpii90wfj7HfmZ8PFcWorxeCZCec0JlKIdCgq/1ksJzZPzIj2hZfw3S/
KcZtW7v6lO6rLrtE77QfwZ5eXqGuh4tYDRbWX+381SZUROrxGYIl05XF5hmlF4XH
gaIWzOBubRsuh3AQOfikhWzjc4ERi4DzL8GeWIEflC8ceGsF5GrELqPzxxmLx9YA
1nWfK9X53H/1yNKXe1nmI40E1kzIOVX3ydcdp0TQjittGjkpVn77TsCQwfBrPttm
esykZSmnwQMDMOz45Y7sQdTWfIWnRDGjeY/qAyiGk97t1kYhNfM5Pl6G8k6ciOWe
U6ED
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org