Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/bdfe17-91ad-4f31-aecd-81ed12ddf175/1/1-lJGNIuO6bKFtbAg9DOAPDTQ_zY.roa
File: 1-lJGNIuO6bKFtbAg9DOAPDTQ_zY.roa (raw, json)
Hash identifier: 1VrKY+Lwfjby7UWZHyzDH22mTRiZ+yzlwXMzX9OsQd0=
Subject key identifier: FA:52:46:34:8B:8E:E9:B2:85:B5:B0:20:F4:33:80:3C:34:D0:FF:36
Certificate issuer: /CN=1b9e417bb9ecb1ace9491ebc2823bb78934b2cdf
Certificate serial: 04D082BD
Authority key identifier: 1B:9E:41:7B:B9:EC:B1:AC:E9:49:1E:BC:28:23:BB:78:93:4B:2C:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G55Be7nssazpSR68KCO7eJNLLN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/bdfe17-91ad-4f31-aecd-81ed12ddf175/1/1-lJGNIuO6bKFtbAg9DOAPDTQ_zY.roa
Signing time: Sat 01 Jan 2022 10:56:34 +0000
ROA not before: Sat 01 Jan 2022 10:56:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30931
IP address blocks: 185.109.140.0/22 maxlen: 24
185.233.4.0/22 maxlen: 24
2a0c:c900::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80773821 (0x4d082bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9e417bb9ecb1ace9491ebc2823bb78934b2cdf
Validity
Not Before: Jan 1 10:56:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa5246348b8ee9b285b5b020f433803c34d0ff36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:38:80:98:01:87:ba:8f:9c:3f:b0:c5:2e:d0:
59:e9:9f:24:f8:dd:28:53:b5:7f:bc:14:a3:56:c1:
19:63:e6:22:36:68:89:ab:b1:6b:0f:cd:62:29:50:
5a:80:55:ab:6c:a4:bc:ff:2a:d3:59:d5:7a:17:30:
e7:fb:e2:8a:41:2b:1b:c8:52:0f:b3:47:b6:22:f6:
09:69:18:1d:6a:1a:b6:4f:d7:17:fe:a2:52:20:f3:
88:00:2b:06:d5:3a:2c:c1:c4:54:45:f3:13:c2:1e:
0d:0b:fc:40:3d:a9:28:31:36:12:21:ea:8b:22:08:
88:5a:00:da:c4:00:dd:8c:65:8d:51:4e:37:bd:cd:
9d:a1:8f:ff:1b:1d:c5:dc:49:06:88:91:2f:0b:e6:
bc:ee:4f:20:3e:c3:46:7e:a5:1e:4d:bb:83:f6:33:
4f:3a:53:d5:d8:0f:5e:18:93:fe:46:95:ea:8d:0f:
55:9d:3a:23:bf:c5:f9:c6:84:01:7a:71:bb:a8:68:
98:bf:e8:59:72:e7:fd:a5:58:36:1f:84:10:0c:10:
f0:07:7d:87:bb:47:ae:23:b9:25:4c:c0:6c:fd:bc:
30:8c:95:5d:83:d0:f1:c3:9f:78:6f:9c:ec:59:43:
f3:c6:e9:11:86:4e:7c:9a:08:f5:ff:08:0c:19:ad:
7a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:52:46:34:8B:8E:E9:B2:85:B5:B0:20:F4:33:80:3C:34:D0:FF:36
X509v3 Authority Key Identifier:
keyid:1B:9E:41:7B:B9:EC:B1:AC:E9:49:1E:BC:28:23:BB:78:93:4B:2C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G55Be7nssazpSR68KCO7eJNLLN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/bdfe17-91ad-4f31-aecd-81ed12ddf175/1/1-lJGNIuO6bKFtbAg9DOAPDTQ_zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/bdfe17-91ad-4f31-aecd-81ed12ddf175/1/G55Be7nssazpSR68KCO7eJNLLN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.140.0/22
185.233.4.0/22
IPv6:
2a0c:c900::/29
Signature Algorithm: sha256WithRSAEncryption
0b:44:b4:27:66:0b:bb:3f:24:74:e5:56:94:62:3b:87:07:92:
32:b0:5d:81:a5:70:32:e4:79:fd:bd:b8:7f:23:ca:af:d2:76:
f4:25:b8:a9:38:08:6a:16:23:0c:74:82:da:a2:99:dc:68:68:
e3:21:e6:04:b6:20:bc:6c:d8:b0:29:29:75:78:18:cf:81:74:
7a:80:60:2f:81:10:5c:82:e7:67:36:17:23:42:02:30:92:5b:
8f:ba:4c:5c:2d:d0:67:cf:db:91:a6:38:6d:fc:83:7e:34:83:
2d:a7:ba:05:9f:a6:82:e7:c5:3d:1a:57:dd:2a:c5:0d:ba:25:
69:98:47:8a:24:9c:6a:ac:7b:32:1a:16:0a:b3:b5:2b:68:f9:
51:2b:9b:10:c3:84:b2:5c:b6:42:be:42:f7:c0:ed:ec:11:5a:
21:cf:40:75:d9:a2:08:a2:15:ac:99:c5:58:e7:e3:52:82:fd:
0a:7f:a3:7d:8c:96:73:2b:37:59:14:3f:ce:80:26:64:9e:d7:
5e:2f:a1:f8:11:1e:81:52:c3:29:1c:b4:5e:d6:d8:51:f9:60:
cb:bc:63:b0:bb:c1:30:86:97:ab:92:06:6d:9b:53:48:35:d7:
03:8b:34:46:32:5f:64:f7:a3:cf:6f:6a:9e:68:1a:7b:9b:44:
bc:6e:16:37
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEBNCCvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjllNDE3YmI5ZWNiMWFjZTk0OTFlYmMyODIzYmI3ODkzNGIyY2RmMB4XDTIyMDEw
MTEwNTYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE1MjQ2MzQ4Yjhl
ZTliMjg1YjViMDIwZjQzMzgwM2MzNGQwZmYzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKA4gJgBh7qPnD+wxS7QWemfJPjdKFO1f7wUo1bBGWPmIjZo
iauxaw/NYilQWoBVq2ykvP8q01nVehcw5/viikErG8hSD7NHtiL2CWkYHWoatk/X
F/6iUiDziAArBtU6LMHEVEXzE8IeDQv8QD2pKDE2EiHqiyIIiFoA2sQA3YxljVFO
N73NnaGP/xsdxdxJBoiRLwvmvO5PID7DRn6lHk27g/YzTzpT1dgPXhiT/kaV6o0P
VZ06I7/F+caEAXpxu6homL/oWXLn/aVYNh+EEAwQ8Ad9h7tHriO5JUzAbP28MIyV
XYPQ8cOfeG+c7FlD88bpEYZOfJoI9f8IDBmteg8CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBT6UkY0i47psoW1sCD0M4A8NND/NjAfBgNVHSMEGDAWgBQbnkF7ueyxrOlJ
HrwoI7t4k0ss3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c1NUJlN25zc2F6cFNSNjhLQ083ZUpOTExOOC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvYmRmZTE3LTkxYWQtNGYzMS1hZWNkLTgxZWQxMmRkZjE3NS8x
LzEtbEpHTkl1TzZiS0Z0YkFnOURPQVBEVFFfelkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Zi
L2JkZmUxNy05MWFkLTRmMzEtYWVjZC04MWVkMTJkZGYxNzUvMS9HNTVCZTduc3Nh
enBTUjY4S0NPN2VKTkxMTjguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5bYwDBAK56QQwDQQCAAIwBwMF
AyoMyQAwDQYJKoZIhvcNAQELBQADggEBAAtEtCdmC7s/JHTlVpRiO4cHkjKwXYGl
cDLkef29uH8jyq/SdvQluKk4CGoWIwx0gtqimdxoaOMh5gS2ILxs2LApKXV4GM+B
dHqAYC+BEFyC52c2FyNCAjCSW4+6TFwt0GfP25GmOG38g340gy2nugWfpoLnxT0a
V90qxQ26JWmYR4oknGqsezIaFgqztSto+VErmxDDhLJctkK+QvfA7ewRWiHPQHXZ
ogiiFayZxVjn41KC/Qp/o32MlnMrN1kUP86AJmSe114vofgRHoFSwykctF7W2FH5
YMu8Y7C7wTCGl6uSBm2bU0g11wOLNEYyX2T3o89vap5oGnubRLxuFjc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:49 2023 by rpki-client on console-fra.rpki-client.org