Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/f2aJrwRtx8LMTv8tSncA9U91pLE.roa
File: f2aJrwRtx8LMTv8tSncA9U91pLE.roa (raw, json)
Hash identifier: Gs6CBOoynfNWGkIIu0WQ+hGjUUC8u6FO1XSjjtj01vQ=
Subject key identifier: 7F:66:89:AF:04:6D:C7:C2:CC:4E:FF:2D:4A:77:00:F5:4F:75:A4:B1
Certificate issuer: /CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Certificate serial: 01833CE925F105F2F93448A065B9158F43D9
Authority key identifier: 93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/f2aJrwRtx8LMTv8tSncA9U91pLE.roa
Signing time: Wed 14 Sep 2022 16:50:56 +0000
ROA not before: Wed 14 Sep 2022 16:50:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15533
IP address blocks: 79.140.128.0/20 maxlen: 24
212.84.40.0/21 maxlen: 24
84.51.224.0/19 maxlen: 24
45.139.240.0/22 maxlen: 24
82.195.128.0/19 maxlen: 24
212.78.224.0/19 maxlen: 24
212.84.40.10/32 maxlen: 32
2001:1bd8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3c:e9:25:f1:05:f2:f9:34:48:a0:65:b9:15:8f:43:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Validity
Not Before: Sep 14 16:50:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f6689af046dc7c2cc4eff2d4a7700f54f75a4b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ed:00:f0:3f:b8:5c:26:e5:49:e0:be:98:e0:
b2:4e:e4:6c:36:21:47:60:a8:a5:b6:57:53:f8:cc:
a1:aa:e9:8b:5d:04:94:27:c7:33:03:0c:2d:13:e3:
91:8e:ff:d1:a4:51:d9:0f:1d:cf:4f:59:dd:13:cf:
15:fd:2c:04:7c:f5:f5:98:9b:75:7c:e0:3f:40:1b:
67:01:4a:40:96:f2:99:e8:92:84:92:6a:ae:c2:d2:
ee:62:f2:44:bb:da:54:db:92:db:67:fd:0f:60:f4:
90:72:22:82:b1:be:52:d8:12:1e:3e:cd:f9:5a:62:
18:d2:c2:71:f9:6f:34:56:c5:54:9c:c3:0a:f6:c1:
ac:cc:d9:ed:c9:66:3d:2b:65:e6:35:6f:7d:a0:a7:
7a:4e:3c:c0:2c:a3:22:11:c2:77:9e:e1:93:d4:76:
5b:af:ef:58:e2:49:d7:58:9f:97:2a:d9:f7:c8:26:
73:fe:bb:0e:d6:f5:dd:37:80:7a:bd:a9:7f:67:fb:
98:38:c1:b2:f8:00:2c:f0:d9:a2:54:5e:04:74:ea:
9d:bd:85:a5:ed:41:74:a9:77:7d:cd:a7:0f:77:12:
93:b3:ad:9b:bb:1e:1f:70:c9:50:af:f7:37:34:c4:
f7:a9:a9:55:2c:69:8d:61:5d:d7:61:80:a1:d8:44:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:66:89:AF:04:6D:C7:C2:CC:4E:FF:2D:4A:77:00:F5:4F:75:A4:B1
X509v3 Authority Key Identifier:
keyid:93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/f2aJrwRtx8LMTv8tSncA9U91pLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.240.0/22
79.140.128.0/20
82.195.128.0/19
84.51.224.0/19
212.78.224.0/19
212.84.40.0/21
IPv6:
2001:1bd8::/32
Signature Algorithm: sha256WithRSAEncryption
16:47:b3:e1:4a:35:85:0a:c0:74:db:2f:a8:74:45:ef:8c:6d:
22:cf:43:85:13:53:37:57:32:2b:b4:43:35:42:e1:84:b8:a8:
3d:43:41:db:d3:6e:4b:c9:cb:b3:8b:52:48:3b:c9:0f:bf:a7:
54:04:8b:b3:59:b2:69:31:4b:10:34:79:a2:f2:a8:75:03:98:
87:d5:22:39:f8:ab:3f:f4:53:9d:98:91:d3:28:12:7d:e9:d0:
cc:77:44:8e:c3:8c:a8:26:d6:8a:f5:2f:e2:f5:f7:b6:ed:39:
c1:25:9e:10:87:e7:af:6f:ad:c6:6a:46:c9:63:f1:ec:d7:bc:
25:eb:d8:fa:30:56:eb:7d:d1:58:58:f8:65:37:7b:d0:2b:eb:
76:80:96:2e:a1:2d:06:a8:5f:85:4c:c4:0b:8f:59:bd:ed:f3:
b0:54:02:3a:1a:1a:28:56:80:83:c8:f6:57:0e:7c:84:e4:67:
3a:3b:bd:76:7c:ae:aa:39:ac:39:f8:d3:e2:fc:2b:56:d4:40:
be:09:4e:d0:f8:f8:73:38:cf:6d:72:48:28:8f:7b:92:85:87:
34:cb:17:7c:e1:68:a0:cd:d9:0b:08:dc:c2:e9:4b:4c:a3:54:
c5:72:e2:f2:bc:f1:62:96:10:fc:b5:bd:d7:35:46:c0:79:14:
3d:cc:a2:eb
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYM86SXxBfL5NEigZbkVj0PZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzN2YxMmFiYWY2MTM5NzNmZWIzMDczZDhjZTYzN2YxYjAw
Y2JmYTkwHhcNMjIwOTE0MTY1MDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjY2ODlhZjA0NmRjN2MyY2M0ZWZmMmQ0YTc3MDBmNTRmNzVhNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO0A8D+4XCblSeC+mOCyTuRsNiFH
YKiltldT+MyhqumLXQSUJ8czAwwtE+ORjv/RpFHZDx3PT1ndE88V/SwEfPX1mJt1
fOA/QBtnAUpAlvKZ6JKEkmquwtLuYvJEu9pU25LbZ/0PYPSQciKCsb5S2BIePs35
WmIY0sJx+W80VsVUnMMK9sGszNntyWY9K2XmNW99oKd6TjzALKMiEcJ3nuGT1HZb
r+9Y4knXWJ+XKtn3yCZz/rsO1vXdN4B6val/Z/uYOMGy+AAs8NmiVF4EdOqdvYWl
7UF0qXd9zacPdxKTs62bux4fcMlQr/c3NMT3qalVLGmNYV3XYYCh2EQ2eQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFH9mia8EbcfCzE7/LUp3APVPdaSxMB8GA1UdIwQY
MBaAFJN/EquvYTlz/rMHPYzmN/GwDL+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgt
YTFhZTU4OTJkNDIxLzEvZjJhSnJ3UnR4OExNVHY4dFNuY0E5VTkxcExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgtYTFhZTU4OTJkNDIx
LzEvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLYvwAwQE
T4yAAwQFUsOAAwQFVDPgAwQF1E7gAwQD1FQoMA0EAgACMAcDBQAgARvYMA0GCSqG
SIb3DQEBCwUAA4IBAQAWR7PhSjWFCsB02y+odEXvjG0iz0OFE1M3VzIrtEM1QuGE
uKg9Q0Hb025Lycuzi1JIO8kPv6dUBIuzWbJpMUsQNHmi8qh1A5iH1SI5+Ks/9FOd
mJHTKBJ96dDMd0SOw4yoJtaK9S/i9fe27TnBJZ4Qh+evb63GakbJY/Hs17wl69j6
MFbrfdFYWPhlN3vQK+t2gJYuoS0GqF+FTMQLj1m97fOwVAI6GhooVoCDyPZXDnyE
5Gc6O712fK6qOaw5+NPi/CtW1EC+CU7Q+PhzOM9tckgoj3uShYc0yxd84WigzdkL
CNzC6UtMo1TFcuLyvPFilhD8tb3XNUbAeRQ9zKLr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:39 2024 by rpki-client on console-ams.rpki-client.org