Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/1pcvHxVlgucMwoA9YwRHpuOd5Y8.roa
File: 1pcvHxVlgucMwoA9YwRHpuOd5Y8.roa (raw, json)
Hash identifier: RzilGZ+7rJKt7tFkfBqraTofHD9bjyReB5XW1YucQHQ=
Subject key identifier: D6:97:2F:1F:15:65:82:E7:0C:C2:80:3D:63:04:47:A6:E3:9D:E5:8F
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 1A8DF8AB
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/1pcvHxVlgucMwoA9YwRHpuOd5Y8.roa
Signing time: Sat 01 Jan 2022 11:03:43 +0000
ROA not before: Sat 01 Jan 2022 11:03:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212914
IP address blocks: 185.158.243.0/24 maxlen: 24
185.223.232.0/24 maxlen: 24
213.166.85.0/24 maxlen: 24
193.176.28.0/24 maxlen: 24
178.239.174.0/24 maxlen: 24
89.37.64.0/24 maxlen: 24
2a01:4020:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 445511851 (0x1a8df8ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jan 1 11:03:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6972f1f156582e70cc2803d630447a6e39de58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:60:2a:5f:cf:f5:2c:fa:8c:a2:d3:63:5b:ab:
6e:b7:51:51:51:61:6a:91:9e:c1:a3:a9:72:73:c3:
0e:76:15:8e:fa:f6:16:0b:19:28:71:f4:fc:38:76:
b2:6a:8d:ab:8c:29:b3:06:c6:06:b8:60:c5:ea:85:
6f:f1:fa:3a:c6:ec:cf:5b:fa:1b:09:5a:87:54:c9:
90:5b:f2:8d:17:4d:42:1d:37:13:1e:b2:8f:1e:0e:
ab:ab:e6:55:46:8e:b5:55:7a:26:c1:90:9d:a9:b7:
8e:c1:8e:7d:ed:88:b3:ef:1d:d0:86:1e:eb:25:c2:
a4:fc:33:bb:64:eb:7d:b1:d5:e7:f1:14:2b:be:ab:
e4:32:41:b1:7e:b2:71:af:fe:c2:a5:42:79:56:8c:
fb:2c:23:ef:28:f9:c1:bd:ba:47:25:4a:0e:dd:2e:
5e:d7:70:4f:6b:a6:79:05:77:43:10:33:e3:0f:b3:
c8:fe:aa:01:f6:a0:f9:f6:aa:b6:63:7c:98:fd:ad:
9b:fe:e4:dd:c3:ae:4d:ac:f7:d8:c2:0c:d8:05:2a:
46:78:bc:47:39:24:56:01:19:87:63:89:68:ed:8c:
56:c0:8c:9a:7d:1e:1d:8e:a6:ac:71:9f:12:a0:0e:
be:bb:c3:80:a4:0d:df:5d:d2:b7:a1:12:21:65:f2:
89:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:97:2F:1F:15:65:82:E7:0C:C2:80:3D:63:04:47:A6:E3:9D:E5:8F
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/1pcvHxVlgucMwoA9YwRHpuOd5Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.64.0/24
178.239.174.0/24
185.158.243.0/24
185.223.232.0/24
193.176.28.0/24
213.166.85.0/24
IPv6:
2a01:4020:6::/48
Signature Algorithm: sha256WithRSAEncryption
e5:56:4b:49:ef:76:5f:7d:21:d0:93:1f:53:ef:08:a2:1e:d1:
90:b6:bd:a8:29:7e:5c:0c:d6:3e:ff:67:21:d2:6a:ba:03:c3:
3c:3f:51:ff:16:c0:95:b5:c3:1a:50:d8:5f:9f:2e:7e:aa:f0:
fb:8b:21:57:71:df:fe:ad:5a:c7:40:20:13:2a:c0:d3:de:32:
b1:cb:20:34:58:77:35:bf:dd:1e:10:34:ee:a2:ae:08:84:e7:
6c:e3:a8:f4:d2:50:e9:c8:04:93:3f:13:72:34:c6:62:dd:2d:
70:fd:db:c4:fa:22:6e:7a:53:52:1a:41:45:86:23:cf:6c:0c:
f1:c9:57:c4:8f:f8:cf:e8:ff:60:08:f7:ba:2b:d0:02:36:8a:
96:16:bb:0e:52:26:cc:7d:c2:b2:28:51:65:57:34:cf:64:52:
82:0f:fa:1e:f6:df:64:c6:41:67:16:27:1d:f3:d3:5e:1d:96:
82:c8:02:81:c0:9d:8e:05:82:03:f9:ae:95:52:bf:f0:bf:24:
65:f4:80:0e:6d:a1:8c:70:3c:9d:6a:ab:ab:b0:b2:5a:86:19:
fa:3a:3b:87:bd:e4:19:45:38:05:4d:31:04:cc:83:59:59:04:
20:e9:b1:36:5a:b2:70:5b:a4:1e:09:11:33:a3:32:bf:09:5f:
8f:ac:26:2d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEGo34qzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDM3Y2M4ZjE2YjNjNmNiZDMzNDZhYTNlZDYxNzcxZjNlODNhYzk3MB4XDTIyMDEw
MTExMDM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY5NzJmMWYxNTY1
ODJlNzBjYzI4MDNkNjMwNDQ3YTZlMzlkZTU4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKlgKl/P9Sz6jKLTY1urbrdRUVFhapGewaOpcnPDDnYVjvr2
FgsZKHH0/Dh2smqNq4wpswbGBrhgxeqFb/H6Osbsz1v6Gwlah1TJkFvyjRdNQh03
Ex6yjx4Oq6vmVUaOtVV6JsGQnam3jsGOfe2Is+8d0IYe6yXCpPwzu2TrfbHV5/EU
K76r5DJBsX6yca/+wqVCeVaM+ywj7yj5wb26RyVKDt0uXtdwT2umeQV3QxAz4w+z
yP6qAfag+faqtmN8mP2tm/7k3cOuTaz32MIM2AUqRni8RzkkVgEZh2OJaO2MVsCM
mn0eHY6mrHGfEqAOvrvDgKQN313St6ESIWXyiVkCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBTWly8fFWWC5wzCgD1jBEem453ljzAfBgNVHSMEGDAWgBT9N8yPFrPGy9M0
aqPtYXcfPoOslzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19UZk1qeGF6eHN2VE5HcWo3V0YzSHo2RHJKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvMDVlMTdmLWQzMWYtNDMxZi1hOGJjLTdlMDVhYjQxYjZlNC8x
LzFwY3ZIeFZsZ3VjTXdvQTlZd1JIcHVPZDVZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
MDVlMTdmLWQzMWYtNDMxZi1hOGJjLTdlMDVhYjQxYjZlNC8xL19UZk1qeGF6eHN2
VE5HcWo3V0YzSHo2RHJKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wKgQCAAEwJAMEAFklQAMEALLvrgMEALme8wMEALnf
6AMEAMGwHAMEANWmVTAPBAIAAjAJAwcAKgFAIAAGMA0GCSqGSIb3DQEBCwUAA4IB
AQDlVktJ73ZffSHQkx9T7wiiHtGQtr2oKX5cDNY+/2ch0mq6A8M8P1H/FsCVtcMa
UNhfny5+qvD7iyFXcd/+rVrHQCATKsDT3jKxyyA0WHc1v90eEDTuoq4IhOds46j0
0lDpyASTPxNyNMZi3S1w/dvE+iJuelNSGkFFhiPPbAzxyVfEj/jP6P9gCPe6K9AC
NoqWFrsOUibMfcKyKFFlVzTPZFKCD/oe9t9kxkFnFicd89NeHZaCyAKBwJ2OBYID
+a6VUr/wvyRl9IAObaGMcDydaqursLJahhn6OjuHveQZRTgFTTEEzINZWQQg6bE2
WrJwW6QeCREzozK/CV+PrCYt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org