Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/_UQ2eUoBJ3rSK5zqO_zi-dG-dXI.roa
File: _UQ2eUoBJ3rSK5zqO_zi-dG-dXI.roa (raw, json)
Hash identifier: VOdiZzot1FbPyBpiNmeVBusRFw87d4c7sbsFTpKQpQo=
Subject key identifier: FD:44:36:79:4A:01:27:7A:D2:2B:9C:EA:3B:FC:E2:F9:D1:BE:75:72
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 018562D30EEA32FCB6E7C3950BD137E99773
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/_UQ2eUoBJ3rSK5zqO_zi-dG-dXI.roa
Signing time: Fri 30 Dec 2022 11:37:57 +0000
ROA not before: Fri 30 Dec 2022 11:37:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48716
IP address blocks: 90.156.230.0/24 maxlen: 24
188.225.31.0/24 maxlen: 24
217.151.230.0/24 maxlen: 24
2a03:6f06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:d3:0e:ea:32:fc:b6:e7:c3:95:0b:d1:37:e9:97:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Dec 30 11:37:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd4436794a01277ad22b9cea3bfce2f9d1be7572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d6:ff:18:43:49:17:0f:58:ec:0a:31:18:46:
9c:fc:d7:ee:0f:38:1a:3a:89:2d:24:86:be:73:08:
84:51:45:5c:ed:04:d6:8b:d1:c6:b7:99:9a:46:b1:
b7:cb:6d:ec:30:cf:93:c4:97:e4:c5:db:39:49:ed:
66:b9:48:0a:f5:5a:50:de:34:c0:53:78:87:a0:79:
7a:0e:78:5a:07:83:0c:0b:e8:91:93:8c:15:b6:14:
fb:70:66:f2:3c:53:d6:40:a9:85:c3:ea:1f:cc:37:
a2:72:2b:5e:e8:c5:0d:03:9e:fb:81:79:d6:27:d4:
38:b9:a7:93:ae:03:46:a3:2b:37:24:3c:00:b1:01:
c2:f2:b1:91:f8:97:93:85:ca:3a:67:58:89:26:7b:
4b:58:1d:c0:94:ca:be:8c:85:1b:d5:4b:40:14:b5:
29:15:0f:d5:58:32:a1:04:b7:21:2a:a2:b4:ae:d2:
b2:10:a5:19:59:7e:1b:65:31:1c:15:30:80:1c:df:
d2:d3:93:cf:c9:b6:76:f0:da:ac:0d:12:08:d1:3a:
ae:85:d0:7c:41:01:3f:dd:cf:73:3b:21:e1:52:ae:
11:49:13:f0:9a:71:a3:55:a7:86:26:b6:23:fa:8a:
96:f9:b4:d1:2a:67:e1:7c:9f:df:d5:57:91:a1:b3:
12:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:44:36:79:4A:01:27:7A:D2:2B:9C:EA:3B:FC:E2:F9:D1:BE:75:72
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/_UQ2eUoBJ3rSK5zqO_zi-dG-dXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.156.230.0/24
188.225.31.0/24
217.151.230.0/24
IPv6:
2a03:6f06::/32
Signature Algorithm: sha256WithRSAEncryption
21:e1:7b:aa:86:b2:0c:e2:3f:e2:80:07:6b:72:12:bb:cc:89:
02:11:b5:5b:04:e0:23:43:22:6f:24:e0:7b:32:b7:42:1e:8c:
72:c8:8e:96:c6:8f:49:e6:f7:b6:d8:ec:74:a1:f8:4d:f2:ae:
16:65:b7:00:98:f8:6d:fd:80:c1:ea:d7:4b:79:9a:b9:ea:b0:
12:81:2b:60:1c:35:5f:10:79:99:db:b5:36:f8:3e:eb:ba:d2:
db:0a:b2:62:31:28:67:70:00:68:f4:6a:9e:cc:cd:56:2c:df:
99:b2:8b:11:cc:b1:c4:21:38:dd:db:0c:45:d2:51:a9:f6:13:
aa:a2:0c:74:76:4e:38:f6:0e:d3:4f:6e:8d:44:9a:ff:8a:e1:
83:91:d1:25:3c:aa:e9:f3:0d:94:22:ca:d9:9f:28:f7:73:60:
ef:3d:84:1e:d7:81:2b:39:6b:d2:81:56:d4:96:0a:b0:ac:21:
b5:da:78:d2:43:75:8f:bb:0a:22:8b:e5:24:33:cf:d1:03:15:
59:01:5a:c6:55:d1:c6:e2:27:1e:db:dc:37:b2:3a:19:bc:10:
05:1f:c9:8c:10:6c:2a:0d:b9:cb:e8:42:db:8c:7d:11:17:74:
2d:34:78:bd:96:0c:13:db:d8:09:57:53:ea:78:43:66:75:7b:
31:0c:bd:fa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVi0w7qMvy258OVC9E36ZdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIxMjMwMTEzNzU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQ0MzY3OTRhMDEyNzdhZDIyYjljZWEzYmZjZTJmOWQxYmU3NTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtb/GENJFw9Y7AoxGEac/NfuDzga
OoktJIa+cwiEUUVc7QTWi9HGt5maRrG3y23sMM+TxJfkxds5Se1muUgK9VpQ3jTA
U3iHoHl6DnhaB4MMC+iRk4wVthT7cGbyPFPWQKmFw+ofzDeicite6MUNA577gXnW
J9Q4uaeTrgNGoys3JDwAsQHC8rGR+JeThco6Z1iJJntLWB3AlMq+jIUb1UtAFLUp
FQ/VWDKhBLchKqK0rtKyEKUZWX4bZTEcFTCAHN/S05PPybZ28NqsDRII0TquhdB8
QQE/3c9zOyHhUq4RSRPwmnGjVaeGJrYj+oqW+bTRKmfhfJ/f1VeRobMShQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP1ENnlKASd60iuc6jv84vnRvnVyMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvX1VRMmVVb0JKM3JTSzV6cU9femktZEctZFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWpzmAwQA
vOEfAwQA2ZfmMA0EAgACMAcDBQAqA28GMA0GCSqGSIb3DQEBCwUAA4IBAQAh4Xuq
hrIM4j/igAdrchK7zIkCEbVbBOAjQyJvJOB7MrdCHoxyyI6Wxo9J5ve22Ox0ofhN
8q4WZbcAmPht/YDB6tdLeZq56rASgStgHDVfEHmZ27U2+D7rutLbCrJiMShncABo
9GqezM1WLN+ZsosRzLHEITjd2wxF0lGp9hOqogx0dk449g7TT26NRJr/iuGDkdEl
PKrp8w2UIsrZnyj3c2DvPYQe14ErOWvSgVbUlgqwrCG12njSQ3WPuwoii+UkM8/R
AxVZAVrGVdHG4ice29w3sjoZvBAFH8mMEGwqDbnL6ELbjH0RF3QtNHi9lgwT29gJ
V1PqeENmdXsxDL36
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:41 2023 by rpki-client on console-ams.rpki-client.org