Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/FpDIcFsR0nNjRsVN3325bfGruww.roa
File: FpDIcFsR0nNjRsVN3325bfGruww.roa (raw, json)
Hash identifier: M/L0cBlTXkRR+tjltGskJZ6mxkdeepZDmzEqfdkNLgs=
Subject key identifier: 16:90:C8:70:5B:11:D2:73:63:46:C5:4D:DF:7D:B9:6D:F1:AB:BB:0C
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0A6D3324
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/FpDIcFsR0nNjRsVN3325bfGruww.roa
Signing time: Wed 23 Feb 2022 18:59:30 +0000
ROA not before: Wed 23 Feb 2022 18:59:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 85.133.136.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174928676 (0xa6d3324)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 23 18:59:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1690c8705b11d2736346c54ddf7db96df1abbb0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:49:bb:eb:10:4f:b2:e2:3d:87:3e:ad:37:9a:
c4:9e:31:70:51:2a:8b:46:87:6d:c9:1d:f0:8a:b4:
2c:51:e4:4a:00:54:eb:1d:d6:b2:74:ec:6b:67:a1:
0b:3b:94:03:45:c5:1e:08:ad:f7:c8:45:b9:b9:13:
89:22:02:60:8b:4c:50:8d:4b:cd:25:55:00:55:1b:
2f:8b:7f:4c:1a:86:5f:a8:7b:78:94:97:c6:06:ad:
24:4d:5d:64:0d:3c:fd:11:05:f8:bd:60:8b:18:e8:
8b:fd:41:3a:1d:79:fd:98:b2:5a:fc:02:49:4e:52:
02:b6:74:41:35:17:5e:fc:e0:29:62:db:19:44:5b:
d8:c6:b1:f0:60:81:2a:7a:8f:a8:45:0e:a1:bb:9f:
31:2f:d0:f3:31:b3:5e:ec:1c:a5:58:b3:89:85:97:
f3:16:fe:c0:6b:fb:26:45:5b:8d:f4:69:c3:2a:72:
f0:21:bd:a1:a3:b1:50:6d:9d:a0:20:cb:5d:1a:be:
53:47:f9:bd:de:b1:fd:9c:0c:0c:13:a3:6e:88:16:
39:35:d7:e8:7f:11:cd:e2:b0:7d:a6:f9:2f:a5:f1:
af:ac:92:cb:ff:cb:b9:cf:55:bd:b7:4a:2d:04:80:
20:fd:c5:c3:f4:74:0e:4e:30:70:ec:6f:87:2d:0f:
82:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:90:C8:70:5B:11:D2:73:63:46:C5:4D:DF:7D:B9:6D:F1:AB:BB:0C
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/FpDIcFsR0nNjRsVN3325bfGruww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.136.0/24
85.133.164.0/24
Signature Algorithm: sha256WithRSAEncryption
59:07:2e:df:71:0a:17:df:5e:aa:0f:b2:5f:04:9b:b9:ce:38:
ef:13:ea:87:67:1c:e7:f5:f8:26:af:85:ab:e9:7b:5d:a2:01:
fa:e3:8c:73:a7:95:e1:95:3e:68:85:5b:f0:80:71:c8:14:04:
e1:35:a6:11:1d:3c:2a:69:13:73:83:11:99:39:25:3d:cd:0e:
79:76:1b:ee:a4:26:2c:a0:05:20:f1:52:ce:e3:b4:9a:d1:b2:
94:49:2e:77:dd:3a:f6:0c:03:15:47:81:47:61:92:87:e5:22:
8f:28:d2:79:7f:ce:34:de:ee:44:64:6b:bd:45:79:82:6b:90:
96:51:b1:b7:de:03:77:26:e9:8c:84:84:cc:c2:21:e9:4a:a1:
03:65:a3:39:2a:11:1f:08:44:96:0c:b7:e1:9c:99:04:6f:f9:
78:0f:c1:29:f8:a4:34:0f:14:b9:e5:a9:23:b5:0b:51:cb:3d:
ad:49:bc:6e:95:86:34:28:7d:06:65:fb:3c:85:6c:d0:ee:42:
8d:a4:89:ff:29:fc:6e:2b:b4:ce:9f:ec:46:2c:42:ee:ca:f3:
60:e7:85:38:f0:f5:66:2a:67:c9:9a:e5:0e:ee:80:a4:0c:56:
41:82:12:9e:23:d1:01:f9:42:a4:0c:69:6a:db:78:e7:83:e6:
5b:79:98:37
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECm0zJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDIy
MzE4NTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY5MGM4NzA1YjEx
ZDI3MzYzNDZjNTRkZGY3ZGI5NmRmMWFiYmIwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAP1Ju+sQT7LiPYc+rTeaxJ4xcFEqi0aHbckd8Iq0LFHkSgBU
6x3WsnTsa2ehCzuUA0XFHgit98hFubkTiSICYItMUI1LzSVVAFUbL4t/TBqGX6h7
eJSXxgatJE1dZA08/REF+L1gixjoi/1BOh15/ZiyWvwCSU5SArZ0QTUXXvzgKWLb
GURb2Max8GCBKnqPqEUOobufMS/Q8zGzXuwcpViziYWX8xb+wGv7JkVbjfRpwypy
8CG9oaOxUG2doCDLXRq+U0f5vd6x/ZwMDBOjbogWOTXX6H8RzeKwfab5L6Xxr6yS
y//Luc9VvbdKLQSAIP3Fw/R0Dk4wcOxvhy0PgsUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQWkMhwWxHSc2NGxU3ffblt8au7DDAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
L0ZwREljRnNSMG5OalJzVk4zMzI1YmZHcnV3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFWFiAMEAFWFpDANBgkqhkiG9w0B
AQsFAAOCAQEAWQcu33EKF99eqg+yXwSbuc447xPqh2cc5/X4Jq+Fq+l7XaIB+uOM
c6eV4ZU+aIVb8IBxyBQE4TWmER08KmkTc4MRmTklPc0OeXYb7qQmLKAFIPFSzuO0
mtGylEkud9069gwDFUeBR2GSh+UijyjSeX/ONN7uRGRrvUV5gmuQllGxt94Ddybp
jISEzMIh6UqhA2WjOSoRHwhElgy34ZyZBG/5eA/BKfikNA8UueWpI7ULUcs9rUm8
bpWGNCh9BmX7PIVs0O5CjaSJ/yn8biu0zp/sRixC7srzYOeFOPD1ZipnyZrlDu6A
pAxWQYISniPRAflCpAxpatt454PmW3mYNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org