Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/Rqooe1D7JIgFfK47RLHFal2TGGU.roa
File: Rqooe1D7JIgFfK47RLHFal2TGGU.roa (raw, json)
Hash identifier: JrQ749Ixs+XYkxu8a9PlB2hwUiwEFVR3fktF/yFeYq4=
Subject key identifier: 46:AA:28:7B:50:FB:24:88:05:7C:AE:3B:44:B1:C5:6A:5D:93:18:65
Certificate issuer: /CN=b0fa0c7abc10796915e335ba19780e473e027969
Certificate serial: 0183D0FE17AEF33A3FAF93BE06F4605BBA2B
Authority key identifier: B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/Rqooe1D7JIgFfK47RLHFal2TGGU.roa
Signing time: Thu 13 Oct 2022 10:57:36 +0000
ROA not before: Thu 13 Oct 2022 10:57:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9211
IP address blocks: 213.238.32.0/20 maxlen: 21
213.238.48.0/21 maxlen: 21
212.12.32.0/20 maxlen: 20
212.12.56.0/21 maxlen: 21
194.49.7.0/24 maxlen: 24
2a00:ea8::/32 maxlen: 32
2a00:eab::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:fe:17:ae:f3:3a:3f:af:93:be:06:f4:60:5b:ba:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0fa0c7abc10796915e335ba19780e473e027969
Validity
Not Before: Oct 13 10:57:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46aa287b50fb2488057cae3b44b1c56a5d931865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d1:81:e6:42:df:42:39:9d:c5:ee:41:32:f6:
4c:43:e5:ab:38:c0:d9:73:96:c5:46:bb:78:8f:2e:
fa:4f:d6:36:56:5b:99:89:ad:6a:e7:1e:43:a8:d6:
83:12:7c:a8:e9:19:c4:fe:2a:a4:0b:6e:fc:1a:5e:
23:04:fb:48:25:ed:4a:d5:56:8b:1c:1c:ac:2b:35:
78:15:3f:9c:63:02:9e:1f:48:c1:58:37:1e:8c:ec:
b5:cc:3b:78:46:da:fe:ce:60:65:88:b9:32:f5:07:
13:e8:b6:a7:b3:43:42:01:51:bb:84:f8:e7:fa:5d:
57:cc:4d:a1:eb:e1:dd:8c:cb:9c:26:d9:15:84:dd:
80:2f:d6:16:be:80:96:cf:33:08:7f:31:17:56:7c:
6a:f9:32:80:0c:bc:02:06:47:02:c6:c1:b5:73:06:
e1:f0:f0:9e:6b:58:7a:95:10:cb:2e:d2:13:ec:5b:
db:83:b1:7f:20:7a:9a:38:3f:5b:9f:5f:fc:44:9b:
1c:3c:de:4b:59:66:84:39:c1:d1:7c:f4:ef:35:76:
85:d4:cf:36:27:37:92:5e:f8:b0:cd:ab:1f:86:61:
88:3f:ea:44:95:ae:8f:90:ee:5a:04:28:22:8e:0b:
ce:6b:ff:92:4f:f1:2a:8c:53:0d:e3:1c:e5:4d:b0:
fb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AA:28:7B:50:FB:24:88:05:7C:AE:3B:44:B1:C5:6A:5D:93:18:65
X509v3 Authority Key Identifier:
keyid:B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/Rqooe1D7JIgFfK47RLHFal2TGGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.7.0/24
212.12.32.0/20
212.12.56.0/21
213.238.32.0-213.238.55.255
IPv6:
2a00:ea8::/32
2a00:eab::/32
Signature Algorithm: sha256WithRSAEncryption
8b:73:34:33:0f:ec:c6:c8:df:ba:cd:1c:d7:6a:8d:b4:3e:ca:
5f:9c:b2:85:3d:66:81:a8:5e:83:9c:55:a6:30:4f:b6:32:51:
75:a7:cb:99:98:12:87:f2:43:da:e7:ea:f0:55:40:2c:37:b2:
2f:0c:8f:3d:b9:02:e4:4e:23:f7:7c:92:b6:7f:a8:85:a6:d0:
28:bd:1c:22:e5:68:ed:a8:4c:09:2c:f4:9e:4d:70:65:1e:85:
b9:0b:c6:27:08:11:75:24:2c:4d:d7:f0:bd:41:01:8f:92:de:
03:ec:9d:49:d4:1c:c1:d5:7a:93:43:c2:ea:41:5d:e6:17:86:
da:ba:ba:ad:84:26:78:ef:0b:26:12:40:1f:32:5d:05:98:62:
ab:dc:20:80:47:21:80:05:4b:cf:bb:29:b0:31:2b:5b:a7:f5:
92:d2:e6:26:da:be:b0:a2:4d:ca:54:54:22:be:74:92:44:58:
7a:eb:0e:e6:76:99:f5:d7:9c:47:55:f4:d3:9b:30:e7:37:dc:
62:df:1b:eb:65:83:1d:93:ca:ae:e9:8d:71:91:6b:ee:47:76:
08:49:13:b3:08:31:1b:57:3f:1c:1c:2c:af:fc:10:84:02:4d:
c1:7d:8e:7b:f2:44:7f:50:f5:ee:a4:d0:46:9e:8d:fe:0b:b1:
62:c5:93:41
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYPQ/heu8zo/r5O+BvRgW7orMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZmEwYzdhYmMxMDc5NjkxNWUzMzViYTE5NzgwZTQ3M2Uw
Mjc5NjkwHhcNMjIxMDEzMTA1NzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFhMjg3YjUwZmIyNDg4MDU3Y2FlM2I0NGIxYzU2YTVkOTMxODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudGB5kLfQjmdxe5BMvZMQ+WrOMDZ
c5bFRrt4jy76T9Y2VluZia1q5x5DqNaDEnyo6RnE/iqkC278Gl4jBPtIJe1K1VaL
HBysKzV4FT+cYwKeH0jBWDcejOy1zDt4Rtr+zmBliLky9QcT6Lans0NCAVG7hPjn
+l1XzE2h6+HdjMucJtkVhN2AL9YWvoCWzzMIfzEXVnxq+TKADLwCBkcCxsG1cwbh
8PCea1h6lRDLLtIT7Fvbg7F/IHqaOD9bn1/8RJscPN5LWWaEOcHRfPTvNXaF1M82
JzeSXviwzasfhmGIP+pEla6PkO5aBCgijgvOa/+ST/EqjFMN4xzlTbD7ywIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEaqKHtQ+ySIBXyuO0SxxWpdkxhlMB8GA1UdIwQY
MBaAFLD6DHq8EHlpFeM1uhl4Dkc+AnlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMt
ZGY4NTRmNDdiYWY0LzEvUnFvb2UxRDdKSWdGZks0N1JMSEZhbDJUR0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMtZGY4NTRmNDdiYWY0
LzEvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgAwQAwjEHAwQE
1AwgAwQD1Aw4MAwDBAXV7iADBAPV7jAwFAQCAAIwDgMFACoADqgDBQAqAA6rMA0G
CSqGSIb3DQEBCwUAA4IBAQCLczQzD+zGyN+6zRzXao20PspfnLKFPWaBqF6DnFWm
ME+2MlF1p8uZmBKH8kPa5+rwVUAsN7IvDI89uQLkTiP3fJK2f6iFptAovRwi5Wjt
qEwJLPSeTXBlHoW5C8YnCBF1JCxN1/C9QQGPkt4D7J1J1BzB1XqTQ8LqQV3mF4ba
urqthCZ47wsmEkAfMl0FmGKr3CCARyGABUvPuymwMStbp/WS0uYm2r6wok3KVFQi
vnSSRFh66w7mdpn115xHVfTTmzDnN9xi3xvrZYMdk8qu6Y1xkWvuR3YISROzCDEb
Vz8cHCyv/BCEAk3BfY578kR/UPXupNBGno3+C7FixZNB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:14 2023 by rpki-client on console-fra.rpki-client.org