Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_Z8LyLFCyB3uKgMp7n3gVoEu1BY.roa
File: _Z8LyLFCyB3uKgMp7n3gVoEu1BY.roa (raw, json)
Hash identifier: rHIqP/IezBKzRXM/sUdOv1syNoDZupPZjE+C7y7U0ZQ=
Subject key identifier: FD:9F:0B:C8:B1:42:C8:1D:EE:2A:03:29:EE:7D:E0:56:81:2E:D4:16
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 1A8B2937
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_Z8LyLFCyB3uKgMp7n3gVoEu1BY.roa
Signing time: Sat 01 Jan 2022 11:03:42 +0000
ROA not before: Sat 01 Jan 2022 11:03:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64474
IP address blocks: 185.158.243.0/24 maxlen: 24
2a0d:7440:22::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 445327671 (0x1a8b2937)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jan 1 11:03:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd9f0bc8b142c81dee2a0329ee7de056812ed416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:9d:5e:4f:6e:81:d1:08:c7:ba:84:77:f6:d0:
7f:6e:3a:3c:f0:5a:3f:fe:d9:36:f5:23:6d:98:ce:
97:ea:95:55:67:2e:0c:c3:fa:c6:ab:36:8d:2e:d5:
82:17:5a:85:6f:ff:fb:6c:3d:b2:11:4d:f2:f4:06:
a7:f0:da:62:19:9d:37:d4:69:25:18:cf:7f:4a:c6:
55:fd:2a:b8:4f:3f:39:97:4f:41:f2:e1:3f:48:be:
da:cf:a1:14:b4:0f:06:97:90:dd:5b:df:5f:ca:fa:
39:df:36:5a:12:da:03:90:d8:0b:38:0b:86:99:19:
f8:69:8b:b1:a6:0c:2f:1f:88:b9:7e:c8:a9:e1:64:
8d:b2:17:eb:ec:a8:89:ce:01:84:38:3b:8a:85:31:
0d:1a:71:16:5e:1f:f6:f1:d7:6b:66:10:9e:61:c1:
90:3a:43:03:fb:96:a3:a4:a9:ee:12:c9:3c:62:51:
16:c9:ca:a5:7c:63:17:ee:eb:eb:73:cd:22:9c:93:
85:84:e8:23:79:40:50:7f:b0:1d:b5:2f:38:08:49:
4b:63:7a:4a:f0:ec:9b:e8:ed:6f:71:47:b0:79:e7:
b9:9b:ad:97:64:19:3f:fb:f4:26:d8:9f:06:99:c0:
e2:ac:e0:0c:4b:d0:33:08:91:b3:6a:01:b9:9c:a4:
bf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9F:0B:C8:B1:42:C8:1D:EE:2A:03:29:EE:7D:E0:56:81:2E:D4:16
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_Z8LyLFCyB3uKgMp7n3gVoEu1BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.243.0/24
IPv6:
2a0d:7440:22::/48
Signature Algorithm: sha256WithRSAEncryption
cb:fc:a8:c4:af:21:25:52:92:d3:17:bb:05:7e:3e:55:de:6f:
5b:77:ae:b9:ab:02:4c:7d:55:3d:74:ee:55:92:19:19:74:4b:
57:96:4a:96:b0:4a:54:d0:8c:70:8a:1d:b0:3b:4c:3d:cd:16:
70:4f:aa:a5:84:83:15:cd:2e:ff:20:33:f2:2b:a0:de:23:47:
90:d4:ce:69:c2:5d:db:c6:61:b1:b1:c5:86:5c:da:40:64:85:
88:39:9e:44:05:4a:4a:94:03:a0:5e:a6:14:f3:37:99:90:64:
bb:65:1f:22:4b:93:5e:f6:ca:af:49:dc:24:b7:95:29:0c:b6:
8b:91:ac:2c:11:21:3f:42:91:0f:d4:a0:49:e1:d5:82:90:6d:
40:8b:e4:66:60:2b:90:80:95:b5:d1:27:01:76:22:cc:96:ee:
11:46:6c:94:cd:a5:95:15:30:a1:06:1a:6b:0b:22:59:5f:3e:
31:36:a1:85:50:21:6f:33:36:62:80:03:e2:f8:e0:3b:b6:2a:
87:25:81:ae:94:fd:86:0e:90:02:5e:9b:dd:0e:ce:cd:2d:48:
fe:b8:62:f1:3b:fb:a6:90:cf:60:33:c4:9d:d1:c0:99:60:ac:
8b:f9:53:42:b6:d9:65:b0:da:05:47:b8:4c:af:54:2c:b8:d9:
f1:38:9c:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEGospNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDM3Y2M4ZjE2YjNjNmNiZDMzNDZhYTNlZDYxNzcxZjNlODNhYzk3MB4XDTIyMDEw
MTExMDM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ5ZjBiYzhiMTQy
YzgxZGVlMmEwMzI5ZWU3ZGUwNTY4MTJlZDQxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOidXk9ugdEIx7qEd/bQf246PPBaP/7ZNvUjbZjOl+qVVWcu
DMP6xqs2jS7VghdahW//+2w9shFN8vQGp/DaYhmdN9RpJRjPf0rGVf0quE8/OZdP
QfLhP0i+2s+hFLQPBpeQ3VvfX8r6Od82WhLaA5DYCzgLhpkZ+GmLsaYMLx+IuX7I
qeFkjbIX6+yoic4BhDg7ioUxDRpxFl4f9vHXa2YQnmHBkDpDA/uWo6Sp7hLJPGJR
FsnKpXxjF+7r63PNIpyThYToI3lAUH+wHbUvOAhJS2N6SvDsm+jtb3FHsHnnuZut
l2QZP/v0JtifBpnA4qzgDEvQMwiRs2oBuZykv9MCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT9nwvIsULIHe4qAynufeBWgS7UFjAfBgNVHSMEGDAWgBT9N8yPFrPGy9M0
aqPtYXcfPoOslzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19UZk1qeGF6eHN2VE5HcWo3V0YzSHo2RHJKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvMDVlMTdmLWQzMWYtNDMxZi1hOGJjLTdlMDVhYjQxYjZlNC8x
L19aOEx5TEZDeUIzdUtnTXA3bjNnVm9FdTFCWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
MDVlMTdmLWQzMWYtNDMxZi1hOGJjLTdlMDVhYjQxYjZlNC8xL19UZk1qeGF6eHN2
VE5HcWo3V0YzSHo2RHJKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALme8zAPBAIAAjAJAwcAKg10QAAi
MA0GCSqGSIb3DQEBCwUAA4IBAQDL/KjEryElUpLTF7sFfj5V3m9bd665qwJMfVU9
dO5VkhkZdEtXlkqWsEpU0Ixwih2wO0w9zRZwT6qlhIMVzS7/IDPyK6DeI0eQ1M5p
wl3bxmGxscWGXNpAZIWIOZ5EBUpKlAOgXqYU8zeZkGS7ZR8iS5Ne9sqvSdwkt5Up
DLaLkawsESE/QpEP1KBJ4dWCkG1Ai+RmYCuQgJW10ScBdiLMlu4RRmyUzaWVFTCh
BhprCyJZXz4xNqGFUCFvMzZigAPi+OA7tiqHJYGulP2GDpACXpvdDs7NLUj+uGLx
O/umkM9gM8Sd0cCZYKyL+VNCttllsNoFR7hMr1QsuNnxOJxf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:32 2024 by rpki-client on console-ams.rpki-client.org