Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/FHlxTlrlR4q95AmT4K5AtxbB0IE.roa
File: FHlxTlrlR4q95AmT4K5AtxbB0IE.roa (raw, json)
Hash identifier: Dg5yHTECO9x8nUepgPFs1acWJQZblPxrMNgRpx40aRE=
Subject key identifier: 14:79:71:4E:5A:E5:47:8A:BD:E4:09:93:E0:AE:40:B7:16:C1:D0:81
Certificate issuer: /CN=2e5d85dc24e97d5811a30ff4fd7cf7aec12ccc6e
Certificate serial: 081F8104
Authority key identifier: 2E:5D:85:DC:24:E9:7D:58:11:A3:0F:F4:FD:7C:F7:AE:C1:2C:CC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ll2F3CTpfVgRow_0_Xz3rsEszG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/FHlxTlrlR4q95AmT4K5AtxbB0IE.roa
Signing time: Sat 01 Jan 2022 10:58:04 +0000
ROA not before: Sat 01 Jan 2022 10:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24806
IP address blocks: 81.2.192.0/18 maxlen: 32
185.129.136.0/22 maxlen: 32
195.181.208.0/20 maxlen: 32
185.28.100.0/22 maxlen: 32
2001:15e8::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136282372 (0x81f8104)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e5d85dc24e97d5811a30ff4fd7cf7aec12ccc6e
Validity
Not Before: Jan 1 10:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1479714e5ae5478abde40993e0ae40b716c1d081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7f:be:1d:c3:b2:95:de:b6:2e:74:67:19:43:
14:af:04:c0:a5:e4:9c:2b:48:ce:72:07:a0:76:34:
d0:d7:9e:75:5d:93:fa:e5:3d:30:b8:e0:58:1d:c4:
66:d1:ee:37:a6:47:c7:e4:34:11:2c:b2:39:b9:8d:
00:54:b1:a1:ce:28:ab:e6:85:eb:06:05:b5:0c:c0:
74:e0:3c:1f:bd:67:9a:75:73:16:2e:c9:a7:5e:b4:
98:1a:09:5e:7d:84:bd:39:0f:86:fb:02:02:67:ea:
a3:38:ee:4f:85:a3:26:82:e0:a4:5f:c0:29:4b:5c:
98:5f:57:1e:7b:b6:b5:a8:61:fb:77:2e:3c:f0:b5:
35:a0:e8:c9:38:73:5e:62:b2:3f:3a:7e:d9:43:06:
6c:6a:af:bb:ad:bf:24:fd:35:24:b9:95:1f:dc:f9:
05:70:12:9d:79:28:a0:de:a5:82:35:a4:ec:3b:38:
b8:37:3f:bc:79:63:d0:35:3a:2f:d5:b2:25:d7:97:
1a:43:d5:68:df:0f:34:e2:3d:35:9b:47:a2:8d:5a:
70:81:63:55:67:35:77:a2:a8:1f:75:9e:9e:e9:ca:
f3:03:10:1b:2c:68:9b:ce:d5:88:c7:c7:21:de:68:
6f:24:58:53:19:4b:87:68:bc:8b:0d:d1:3e:7d:98:
6c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:79:71:4E:5A:E5:47:8A:BD:E4:09:93:E0:AE:40:B7:16:C1:D0:81
X509v3 Authority Key Identifier:
keyid:2E:5D:85:DC:24:E9:7D:58:11:A3:0F:F4:FD:7C:F7:AE:C1:2C:CC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ll2F3CTpfVgRow_0_Xz3rsEszG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/FHlxTlrlR4q95AmT4K5AtxbB0IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/Ll2F3CTpfVgRow_0_Xz3rsEszG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.2.192.0/18
185.28.100.0/22
185.129.136.0/22
195.181.208.0/20
IPv6:
2001:15e8::/29
Signature Algorithm: sha256WithRSAEncryption
49:30:25:e6:44:4d:5b:24:cc:ee:c6:b2:7f:1a:52:e2:82:f5:
c0:76:3b:b4:31:ac:4c:97:d0:97:c3:ff:08:2c:d6:d7:8e:75:
7b:f3:de:24:ea:ce:c1:6f:4d:be:62:94:d1:be:09:20:d1:95:
73:d3:e3:b1:a9:8d:30:16:0f:01:63:5a:12:cb:71:e6:9b:a6:
90:08:79:0f:07:90:ee:13:50:ff:73:74:5d:cc:b0:4f:f3:17:
1f:82:50:94:86:52:b6:95:61:f4:20:40:74:26:f8:b7:0b:05:
bf:67:97:1b:58:5a:59:dc:82:3e:de:83:8d:20:8b:4b:0f:3e:
0e:e4:68:26:20:86:c2:1c:ce:b3:bd:d7:c7:3c:12:56:2b:04:
4a:cc:c3:63:1f:c8:ed:09:56:ad:ef:11:5e:0e:28:f2:d4:70:
a9:aa:b0:4b:6e:e7:fd:ee:c6:ee:37:4c:03:0e:5b:70:43:e5:
1c:e5:d7:e1:2d:53:22:7e:6b:e0:8c:1b:26:59:dc:7a:80:38:
e2:8f:aa:87:bc:cf:0c:fa:09:fb:d0:2b:09:8e:aa:a9:3e:17:
ec:eb:0d:3f:36:8a:f0:8c:14:03:81:65:ed:b7:3e:aa:42:3e:
06:7f:90:4a:e7:ba:da:8a:7c:60:b1:49:21:d8:72:23:6a:23:
69:f7:db:99
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECB+BBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTVkODVkYzI0ZTk3ZDU4MTFhMzBmZjRmZDdjZjdhZWMxMmNjYzZlMB4XDTIyMDEw
MTEwNTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQ3OTcxNGU1YWU1
NDc4YWJkZTQwOTkzZTBhZTQwYjcxNmMxZDA4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKd/vh3DspXeti50ZxlDFK8EwKXknCtIznIHoHY00NeedV2T
+uU9MLjgWB3EZtHuN6ZHx+Q0ESyyObmNAFSxoc4oq+aF6wYFtQzAdOA8H71nmnVz
Fi7Jp160mBoJXn2EvTkPhvsCAmfqozjuT4WjJoLgpF/AKUtcmF9XHnu2tahh+3cu
PPC1NaDoyThzXmKyPzp+2UMGbGqvu62/JP01JLmVH9z5BXASnXkooN6lgjWk7Ds4
uDc/vHlj0DU6L9WyJdeXGkPVaN8PNOI9NZtHoo1acIFjVWc1d6KoH3WenunK8wMQ
Gyxom87ViMfHId5obyRYUxlLh2i8iw3RPn2YbIMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQUeXFOWuVHir3kCZPgrkC3FsHQgTAfBgNVHSMEGDAWgBQuXYXcJOl9WBGj
D/T9fPeuwSzMbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xsMkYzQ1RwZlZnUm93XzBfWHozcnNFc3pHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMGE4MzgzLWFhYjAtNDM2Ny04OWMzLTkyYjQ3YWRiMmI5MC8x
L0ZIbHhUbHJsUjRxOTVBbVQ0SzVBdHhiQjBJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MGE4MzgzLWFhYjAtNDM2Ny04OWMzLTkyYjQ3YWRiMmI5MC8xL0xsMkYzQ1RwZlZn
Um93XzBfWHozcnNFc3pHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBlECwAMEArkcZAMEArmBiAMEBMO1
0DANBAIAAjAHAwUDIAEV6DANBgkqhkiG9w0BAQsFAAOCAQEASTAl5kRNWyTM7say
fxpS4oL1wHY7tDGsTJfQl8P/CCzW1451e/PeJOrOwW9NvmKU0b4JINGVc9PjsamN
MBYPAWNaEstx5pumkAh5DweQ7hNQ/3N0XcywT/MXH4JQlIZStpVh9CBAdCb4twsF
v2eXG1haWdyCPt6DjSCLSw8+DuRoJiCGwhzOs73XxzwSVisESszDYx/I7QlWre8R
Xg4o8tRwqaqwS27n/e7G7jdMAw5bcEPlHOXX4S1TIn5r4IwbJlnceoA44o+qh7zP
DPoJ+9ArCY6qqT4X7OsNPzaK8IwUA4Fl7bc+qkI+Bn+QSue62op8YLFJIdhyI2oj
affbmQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-fra.rpki-client.org