Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b55c04-6d4a-4949-aaa8-6ee1a700b219/1/_izH9hOv8ggyBFf21gjOM05L4Ug.roa
File: _izH9hOv8ggyBFf21gjOM05L4Ug.roa (raw, json)
Hash identifier: DKz3OW7V/tXOKxf3RRxVqGDYy/iFdIaaMYcq7ShbkEM=
Subject key identifier: FE:2C:C7:F6:13:AF:F2:08:32:04:57:F6:D6:08:CE:33:4E:4B:E1:48
Certificate issuer: /CN=faa5ac5d22ad9078a72e136996287247e9f1e131
Certificate serial: 0251451C
Authority key identifier: FA:A5:AC:5D:22:AD:90:78:A7:2E:13:69:96:28:72:47:E9:F1:E1:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qWsXSKtkHinLhNplihyR-nx4TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/b55c04-6d4a-4949-aaa8-6ee1a700b219/1/_izH9hOv8ggyBFf21gjOM05L4Ug.roa
Signing time: Sat 01 Jan 2022 04:56:44 +0000
ROA not before: Sat 01 Jan 2022 04:56:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207729
IP address blocks: 185.15.139.0/24 maxlen: 24
2a0f:cfc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38880540 (0x251451c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa5ac5d22ad9078a72e136996287247e9f1e131
Validity
Not Before: Jan 1 04:56:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe2cc7f613aff208320457f6d608ce334e4be148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:85:64:05:20:47:96:0c:73:d4:93:5b:dc:9d:
d5:75:8b:1a:75:3c:35:a9:b0:1f:4c:c3:96:57:01:
49:06:51:6c:3b:f0:ba:6c:37:6e:2b:fa:75:fb:82:
a4:40:27:c5:97:90:5a:63:ba:15:9e:09:f7:70:4e:
3c:02:75:c2:7d:9e:8e:ed:d9:18:8b:b3:67:59:18:
d1:f8:75:9e:c9:7c:c2:e9:99:01:bd:3c:d4:d0:23:
f4:bd:d1:e8:14:b1:d2:d8:87:d2:94:8a:4d:0d:41:
39:04:3e:c6:62:09:49:bf:f5:f9:a8:67:60:41:e2:
a6:10:e9:bf:ac:34:64:a6:5e:01:af:b2:2a:0a:2e:
66:c0:54:f8:20:45:54:cb:cd:49:34:9d:c7:a4:81:
3e:a6:cc:fb:a9:da:ff:53:bc:50:fb:23:83:15:c1:
bf:fd:c1:7b:7e:5c:89:e0:c9:d1:84:6d:5d:60:3d:
c7:d3:aa:d5:88:8c:56:58:74:fd:9b:64:c3:32:cd:
c5:67:18:23:79:71:4d:61:1b:90:4e:9d:ee:c7:1a:
c4:0c:26:41:23:0a:e3:12:1b:8f:53:a7:ed:9f:ab:
69:17:08:7e:97:57:d9:7b:c4:1d:70:25:31:68:e1:
c0:08:34:82:4f:28:4c:47:fd:46:65:5a:f3:9a:5c:
58:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2C:C7:F6:13:AF:F2:08:32:04:57:F6:D6:08:CE:33:4E:4B:E1:48
X509v3 Authority Key Identifier:
keyid:FA:A5:AC:5D:22:AD:90:78:A7:2E:13:69:96:28:72:47:E9:F1:E1:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qWsXSKtkHinLhNplihyR-nx4TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b55c04-6d4a-4949-aaa8-6ee1a700b219/1/_izH9hOv8ggyBFf21gjOM05L4Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b55c04-6d4a-4949-aaa8-6ee1a700b219/1/1-qWsXSKtkHinLhNplihyR-nx4TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.139.0/24
IPv6:
2a0f:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
be:2e:e3:c4:87:ec:33:63:51:95:61:1a:f8:1f:19:e2:e8:57:
80:6f:10:e5:d1:72:45:15:05:54:7b:26:c8:2b:4f:d7:a8:a1:
c2:04:fa:f1:4d:44:f3:96:83:6f:23:74:b6:f1:f7:eb:47:18:
13:a2:f7:9a:38:ef:7f:55:92:d7:84:69:af:fd:01:91:38:df:
30:63:82:ab:d0:ad:5c:6a:eb:bd:b9:b9:c9:75:a3:90:db:1c:
70:08:14:c8:da:ec:55:ca:01:36:f3:9a:bc:36:d1:72:03:c0:
60:14:9d:2e:18:69:40:e3:de:6b:09:79:69:b2:bd:0e:95:e8:
d3:34:4f:f9:8c:12:8d:12:71:86:74:cf:76:07:f4:ab:8f:97:
74:95:3a:ec:e6:bb:21:25:bf:ec:98:96:12:c4:97:25:87:4f:
9c:95:d7:97:d2:b7:03:3b:df:5d:48:eb:e8:2b:3a:41:7e:67:
44:d2:ed:62:8b:9d:d5:38:a0:05:4f:c7:fa:c8:0c:a9:08:b0:
94:1c:44:3b:67:84:ec:a9:91:4f:8d:c6:81:b5:cb:1e:39:aa:
ea:f1:6a:9d:f6:fa:d2:fc:49:34:bc:c3:e3:97:09:54:75:3c:
7c:5f:c9:7e:b5:2f:86:f1:8a:53:52:9b:f9:0b:d5:06:e9:46:
31:35:4f:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAlFFHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWE1YWM1ZDIyYWQ5MDc4YTcyZTEzNjk5NjI4NzI0N2U5ZjFlMTMxMB4XDTIyMDEw
MTA0NTY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmUyY2M3ZjYxM2Fm
ZjIwODMyMDQ1N2Y2ZDYwOGNlMzM0ZTRiZTE0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyFZAUgR5YMc9STW9yd1XWLGnU8NamwH0zDllcBSQZRbDvw
umw3biv6dfuCpEAnxZeQWmO6FZ4J93BOPAJ1wn2eju3ZGIuzZ1kY0fh1nsl8wumZ
Ab081NAj9L3R6BSx0tiH0pSKTQ1BOQQ+xmIJSb/1+ahnYEHiphDpv6w0ZKZeAa+y
KgouZsBU+CBFVMvNSTSdx6SBPqbM+6na/1O8UPsjgxXBv/3Be35cieDJ0YRtXWA9
x9Oq1YiMVlh0/ZtkwzLNxWcYI3lxTWEbkE6d7scaxAwmQSMK4xIbj1On7Z+raRcI
fpdX2XvEHXAlMWjhwAg0gk8oTEf9RmVa85pcWLMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT+LMf2E6/yCDIEV/bWCM4zTkvhSDAfBgNVHSMEGDAWgBT6paxdIq2QeKcu
E2mWKHJH6fHhMTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtcVdzWFNLdGtIaW5MaE5wbGloeVItbng0VEUuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2Y5L2I1NWMwNC02ZDRhLTQ5NDktYWFhOC02ZWUxYTcwMGIyMTkv
MS9faXpIOWhPdjhnZ3lCRmYyMWdqT00wNUw0VWcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y5
L2I1NWMwNC02ZDRhLTQ5NDktYWFhOC02ZWUxYTcwMGIyMTkvMS8xLXFXc1hTS3Rr
SGluTGhOcGxpaHlSLW54NFRFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuQ+LMA0EAgACMAcDBQAqD8/A
MA0GCSqGSIb3DQEBCwUAA4IBAQC+LuPEh+wzY1GVYRr4Hxni6FeAbxDl0XJFFQVU
eybIK0/XqKHCBPrxTUTzloNvI3S28ffrRxgToveaOO9/VZLXhGmv/QGRON8wY4Kr
0K1cauu9ubnJdaOQ2xxwCBTI2uxVygE285q8NtFyA8BgFJ0uGGlA495rCXlpsr0O
lejTNE/5jBKNEnGGdM92B/Srj5d0lTrs5rshJb/smJYSxJclh0+cldeX0rcDO99d
SOvoKzpBfmdE0u1ii53VOKAFT8f6yAypCLCUHEQ7Z4TsqZFPjcaBtcseOarq8Wqd
9vrS/Ek0vMPjlwlUdTx8X8l+tS+G8YpTUpv5C9UG6UYxNU9f
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:44 2023 by rpki-client on console-fra.rpki-client.org