Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/fQDghvG-KTgxdy5ikBkRtv1djPg.roa
File: fQDghvG-KTgxdy5ikBkRtv1djPg.roa (raw, json)
Hash identifier: MUMTZVREGjWEtX9HDwujGj3E+ntDOerRiQ164ueMtkY=
Subject key identifier: 7D:00:E0:86:F1:BE:29:38:31:77:2E:62:90:19:11:B6:FD:5D:8C:F8
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0B0B24DB
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/fQDghvG-KTgxdy5ikBkRtv1djPg.roa
Signing time: Thu 07 Apr 2022 16:44:02 +0000
ROA not before: Thu 07 Apr 2022 16:44:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49453
IP address blocks: 185.152.92.0/22 maxlen: 24
85.239.36.0/22 maxlen: 24
85.239.35.0/24 maxlen: 24
85.239.56.0/22 maxlen: 22
85.239.52.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 185279707 (0xb0b24db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Apr 7 16:44:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d00e086f1be293831772e62901911b6fd5d8cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:26:e0:9d:23:0a:a9:d0:86:58:bb:6a:cc:ac:
bb:f5:76:e5:a1:a6:1e:ed:10:2c:b6:6c:a3:41:79:
a0:4e:00:c3:91:fb:4f:74:1d:4d:91:b8:95:6e:5f:
9f:2f:9e:cb:62:07:12:8c:7b:4d:6a:41:16:f1:24:
03:c0:e3:b4:59:4e:d2:9f:ee:f8:52:41:7f:1f:71:
2a:a9:e2:3c:8b:7f:61:c9:38:26:ac:c6:d5:70:f1:
e8:03:b5:5a:4b:fe:32:e8:e5:d1:41:fe:cb:8d:09:
25:a3:06:40:f1:c3:85:dd:ad:57:d4:a3:a5:51:94:
c6:d6:da:e0:c4:7c:e6:e3:06:54:d5:55:51:9b:eb:
46:42:ac:09:ea:0c:3a:a8:be:70:91:32:58:ec:29:
a9:f5:07:5c:3a:83:3f:a1:1e:39:82:73:c1:b8:45:
24:68:10:08:be:ed:a6:46:eb:b6:41:10:d6:53:86:
bb:02:b7:4f:0a:0b:01:fd:88:00:64:4a:33:a6:db:
bf:33:4f:17:e8:a5:9e:1d:ff:6f:32:1d:26:db:77:
62:9f:99:22:de:fe:95:d8:59:87:ff:56:8d:e9:41:
ab:b5:6c:b2:c7:72:c7:aa:4b:3e:62:17:bf:08:1f:
07:5c:55:fc:84:81:df:58:7f:0b:78:2f:cf:0a:18:
b3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:00:E0:86:F1:BE:29:38:31:77:2E:62:90:19:11:B6:FD:5D:8C:F8
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/fQDghvG-KTgxdy5ikBkRtv1djPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.35.0-85.239.39.255
85.239.52.0-85.239.59.255
185.152.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:a5:96:51:04:d4:9f:ea:39:0e:e1:a0:5c:59:52:65:70:7e:
6c:e2:c3:dd:51:bd:4c:e3:76:f5:c3:4d:94:ac:16:33:c1:e4:
92:dc:9c:53:d8:a3:4f:5a:be:48:1e:f4:dc:a8:c6:f8:3c:0b:
db:2e:07:bf:c5:8c:1c:14:6b:5c:f0:ef:3b:b3:ee:6f:f9:5c:
ec:2f:bb:2a:19:4c:25:38:8a:70:b7:39:84:4e:57:84:e7:40:
87:53:83:75:8f:84:55:55:9c:1d:82:7f:a9:40:d0:28:a5:12:
ea:a0:58:fe:63:69:0c:26:b4:80:1e:ad:af:a1:a9:60:99:68:
99:83:94:47:cd:fc:9f:3e:f9:36:eb:d1:64:21:4a:aa:92:77:
d1:dc:c4:ac:2b:69:13:4e:ca:fa:dd:ad:2e:04:a2:04:90:3b:
ea:75:a2:c0:0a:91:4b:3e:95:13:6f:de:59:e2:37:13:f6:25:
42:f4:06:4f:0b:f2:4a:ef:23:b9:ec:2f:2c:e3:06:3b:05:84:
97:94:d8:08:e9:d8:6e:e4:36:29:48:90:46:8b:a5:3f:89:24:
4d:ea:b3:d5:a8:7c:a1:98:c2:4d:e6:8b:36:a8:a5:19:e0:00:
0b:64:63:d9:4c:0a:7f:35:b1:94:e4:c5:4e:ef:99:09:ee:fd:
ee:9e:80:21
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECwsk2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjdlYzk0MjNiZjkwYzgxZDIyZDk0ODQxYzEwMzU3YTU0MjYwMzc5MB4XDTIyMDQw
NzE2NDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2QwMGUwODZmMWJl
MjkzODMxNzcyZTYyOTAxOTExYjZmZDVkOGNmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMm4J0jCqnQhli7asysu/V25aGmHu0QLLZso0F5oE4Aw5H7
T3QdTZG4lW5fny+ey2IHEox7TWpBFvEkA8DjtFlO0p/u+FJBfx9xKqniPIt/Yck4
JqzG1XDx6AO1Wkv+Mujl0UH+y40JJaMGQPHDhd2tV9SjpVGUxtba4MR85uMGVNVV
UZvrRkKsCeoMOqi+cJEyWOwpqfUHXDqDP6EeOYJzwbhFJGgQCL7tpkbrtkEQ1lOG
uwK3TwoLAf2IAGRKM6bbvzNPF+ilnh3/bzIdJtt3Yp+ZIt7+ldhZh/9WjelBq7Vs
ssdyx6pLPmIXvwgfB1xV/ISB31h/C3gvzwoYs4kCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBR9AOCG8b4pODF3LmKQGRG2/V2M+DAfBgNVHSMEGDAWgBQ7fslCO/kMgdIt
lIQcEDV6VCYDeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08zN0pRanY1RElIU0xaU0VIQkExZWxRbUEzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8x
L2ZRRGdodkctS1RneGR5NWlrQmtSdHYxZGpQZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8xL08zN0pRanY1RElI
U0xaU0VIQkExZWxRbUEzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIjAMAwQAVe8jAwQDVe8gMAwDBAJV7zQD
BAJV7zgDBAK5mFwwDQYJKoZIhvcNAQELBQADggEBAIulllEE1J/qOQ7hoFxZUmVw
fmziw91RvUzjdvXDTZSsFjPB5JLcnFPYo09avkge9Nyoxvg8C9suB7/FjBwUa1zw
7zuz7m/5XOwvuyoZTCU4inC3OYROV4TnQIdTg3WPhFVVnB2Cf6lA0CilEuqgWP5j
aQwmtIAera+hqWCZaJmDlEfN/J8++Tbr0WQhSqqSd9HcxKwraRNOyvrdrS4EogSQ
O+p1osAKkUs+lRNv3lniNxP2JUL0Bk8L8krvI7nsLyzjBjsFhJeU2Ajp2G7kNilI
kEaLpT+JJE3qs9WofKGYwk3mizaopRngAAtkY9lMCn81sZTkxU7vmQnu/e6egCE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org