Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/i7nWdn6R1ZxQlvaQOx1R6cFO6SA.roa
File: i7nWdn6R1ZxQlvaQOx1R6cFO6SA.roa (raw, json)
Hash identifier: s9AoHXgWFPDTHyV/7WVdgENQ5ym9XQVd7oe7LWwcMFI=
Subject key identifier: 8B:B9:D6:76:7E:91:D5:9C:50:96:F6:90:3B:1D:51:E9:C1:4E:E9:20
Certificate issuer: /CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Certificate serial: 07A12565
Authority key identifier: 4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/i7nWdn6R1ZxQlvaQOx1R6cFO6SA.roa
Signing time: Sat 01 Jan 2022 09:03:07 +0000
ROA not before: Sat 01 Jan 2022 09:03:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36131
IP address blocks: 185.22.40.0/24 maxlen: 24
185.22.41.0/24 maxlen: 24
185.22.42.0/24 maxlen: 24
185.22.43.0/24 maxlen: 24
5.150.158.0/24 maxlen: 24
5.150.159.0/24 maxlen: 24
5.150.156.0/24 maxlen: 24
5.150.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128001381 (0x7a12565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Validity
Not Before: Jan 1 09:03:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bb9d6767e91d59c5096f6903b1d51e9c14ee920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:28:73:b6:00:62:54:46:3f:68:b0:b3:dc:5f:
ae:9c:bf:f4:ce:55:f7:d6:3d:89:18:6a:fb:1c:ae:
3b:29:81:00:a0:09:61:68:55:29:cf:e0:1f:55:36:
15:4e:66:15:f0:41:14:69:d9:90:b3:51:ef:6d:b8:
c5:ee:45:8e:bd:64:12:55:17:cb:a8:e4:bb:d4:1e:
6f:05:98:82:11:9a:80:0a:41:49:d5:a3:bc:ee:a4:
84:b5:4d:f8:63:cb:0b:87:62:78:37:a9:2c:e6:af:
84:f0:1e:df:a4:26:d2:0b:95:fb:9e:b3:06:1b:9e:
fe:b3:85:ab:19:e6:70:36:48:38:45:bb:c9:bf:05:
a8:22:e5:1a:f5:5e:72:b0:4e:af:a5:74:bf:91:86:
9a:e6:f3:73:f8:5c:31:5b:84:b9:13:b8:e6:a7:fb:
ff:00:83:e8:5f:c8:0d:fb:18:29:7b:37:9e:9b:9f:
21:0f:6c:c6:72:99:f5:8d:d4:84:5d:15:62:89:45:
9a:02:d6:17:29:42:20:1d:52:77:b1:42:a7:3d:9b:
99:6c:a4:c8:47:21:92:c3:69:23:c5:4f:7e:a9:f7:
75:79:6f:4c:cf:13:ca:6f:72:ea:98:56:d5:5f:93:
d4:22:2a:19:1d:2c:4a:d4:53:7f:d0:ac:e2:99:0f:
9e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B9:D6:76:7E:91:D5:9C:50:96:F6:90:3B:1D:51:E9:C1:4E:E9:20
X509v3 Authority Key Identifier:
keyid:4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/i7nWdn6R1ZxQlvaQOx1R6cFO6SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.156.0/22
185.22.40.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:91:39:92:8a:13:36:e7:03:7f:d9:a4:6c:ae:f1:bb:6b:94:
3b:f2:5f:1a:77:b6:74:07:dd:c6:50:94:0c:32:87:e4:dc:11:
ae:74:aa:59:ff:6f:ba:58:60:9c:e0:68:53:a8:b3:c2:31:c7:
c1:01:4e:b1:f7:6b:3d:d8:64:34:33:03:25:a6:61:a2:6e:de:
07:1c:20:67:d5:59:aa:56:ea:36:94:bb:24:05:96:fc:a1:b8:
41:5e:16:04:2f:37:2f:ea:c1:4f:91:8e:44:f0:cd:c3:02:02:
ac:d2:c9:c8:3f:de:5d:bb:7c:7b:b4:da:41:33:41:27:34:3a:
1c:47:ef:16:af:95:3b:ea:2a:41:e4:ec:cb:1e:07:03:71:8a:
c5:ae:69:91:be:36:bc:bf:a9:16:4b:1f:ff:6b:e9:bd:ea:a1:
13:ea:13:1b:51:fb:fe:3d:27:7c:90:cb:e3:5c:d6:79:9d:d0:
36:b7:a2:29:cf:9a:82:23:3d:47:03:96:6a:67:07:e4:51:5d:
8f:c9:d5:81:a9:37:87:49:96:1e:88:56:8b:4e:c4:3a:39:03:
c0:7c:2d:e6:e8:02:7c:01:95:eb:a2:91:a9:04:f5:7a:dd:0d:
e3:6e:e3:a5:2b:bd:e5:a0:0e:44:d8:91:93:49:54:1f:78:50:
16:24:ee:e7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB6ElZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmIyYmI3YmFkNTBmMTkyMTgxMGEwMjhlNzhlZGQ2NWY4MWY2YTdkMB4XDTIyMDEw
MTA5MDMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJiOWQ2NzY3ZTkx
ZDU5YzUwOTZmNjkwM2IxZDUxZTljMTRlZTkyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIoc7YAYlRGP2iws9xfrpy/9M5V99Y9iRhq+xyuOymBAKAJ
YWhVKc/gH1U2FU5mFfBBFGnZkLNR7224xe5Fjr1kElUXy6jku9QebwWYghGagApB
SdWjvO6khLVN+GPLC4dieDepLOavhPAe36Qm0guV+56zBhue/rOFqxnmcDZIOEW7
yb8FqCLlGvVecrBOr6V0v5GGmubzc/hcMVuEuRO45qf7/wCD6F/IDfsYKXs3npuf
IQ9sxnKZ9Y3UhF0VYolFmgLWFylCIB1Sd7FCpz2bmWykyEchksNpI8VPfqn3dXlv
TM8Tym9y6phW1V+T1CIqGR0sStRTf9Cs4pkPnuUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSLudZ2fpHVnFCW9pA7HVHpwU7pIDAfBgNVHSMEGDAWgBRPsrt7rVDxkhgQ
oCjnjt1l+B9qfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3SzdlNjFROFpJWUVLQW81NDdkWmZnZmFuMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvZmRhMzgyLTQyNTctNDFjMy04ZWM2LTI3ZmJjOTllYTNjNi8x
L2k3bldkbjZSMVp4UWx2YVFPeDFSNmNGTzZTQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
ZmRhMzgyLTQyNTctNDFjMy04ZWM2LTI3ZmJjOTllYTNjNi8xL1Q3SzdlNjFROFpJ
WUVLQW81NDdkWmZnZmFuMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgWWnAMEArkWKDANBgkqhkiG9w0B
AQsFAAOCAQEAxZE5kooTNucDf9mkbK7xu2uUO/JfGne2dAfdxlCUDDKH5NwRrnSq
Wf9vulhgnOBoU6izwjHHwQFOsfdrPdhkNDMDJaZhom7eBxwgZ9VZqlbqNpS7JAWW
/KG4QV4WBC83L+rBT5GORPDNwwICrNLJyD/eXbt8e7TaQTNBJzQ6HEfvFq+VO+oq
QeTsyx4HA3GKxa5pkb42vL+pFksf/2vpveqhE+oTG1H7/j0nfJDL41zWeZ3QNrei
Kc+agiM9RwOWamcH5FFdj8nVgak3h0mWHohWi07EOjkDwHwt5ugCfAGV66KRqQT1
et0N427jpSu95aAORNiRk0lUH3hQFiTu5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:59 2024 by rpki-client on console-fra.rpki-client.org