Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/a2_xxraAPoZfkf_Wp6649ac_fLE.roa
File: a2_xxraAPoZfkf_Wp6649ac_fLE.roa (raw, json)
Hash identifier: oou4ifnxG2kIObFjfM2Tpj+3mExvosVVJJQFHNQ7VVA=
Subject key identifier: 6B:6F:F1:C6:B6:80:3E:86:5F:91:FF:D6:A7:AE:B8:F5:A7:3F:7C:B1
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01840803B6BFF54CAA520CE0369D15A7EF5F
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/a2_xxraAPoZfkf_Wp6649ac_fLE.roa
Signing time: Mon 24 Oct 2022 03:22:51 +0000
ROA not before: Mon 24 Oct 2022 03:22:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203363
IP address blocks: 188.240.61.0/24 maxlen: 24
193.176.28.0/24 maxlen: 24
178.239.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:08:03:b6:bf:f5:4c:aa:52:0c:e0:36:9d:15:a7:ef:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Oct 24 03:22:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b6ff1c6b6803e865f91ffd6a7aeb8f5a73f7cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a4:f4:db:10:bb:00:52:6a:59:1d:ce:d1:4b:
91:7e:4e:83:a5:d3:5c:c9:14:06:48:24:59:7f:4b:
05:9e:d2:54:9c:49:cc:bc:ad:14:ba:39:3a:19:c1:
5a:8b:5f:0a:a8:ba:27:e8:9f:e8:99:54:93:54:63:
9f:5a:a1:d4:28:55:6a:cf:76:a4:ae:d0:63:83:95:
a7:ab:1c:d6:3b:2e:2e:73:d4:e8:70:f0:6b:b5:90:
5e:8f:24:e0:c4:4b:3e:06:09:70:4b:1e:84:ca:26:
e0:a0:cd:aa:5a:f9:90:fa:f6:bb:07:a5:a7:a7:dd:
a0:c0:ac:f8:3f:c0:0e:3e:43:34:d5:24:84:09:66:
41:7d:ae:e1:16:03:40:aa:62:0e:75:64:90:54:c0:
4c:32:4b:d1:f9:14:ce:b6:a1:79:26:63:8e:c6:ac:
91:af:08:6b:f6:31:18:5a:2c:af:a4:6d:fa:45:d1:
95:7b:19:02:a7:70:8b:61:ad:2d:4e:69:a7:3c:a4:
be:95:5f:82:7e:3b:e8:ae:38:dc:cd:02:69:c9:39:
34:dd:81:b3:3c:90:a1:54:00:82:20:d9:d2:44:0a:
d3:b9:07:2a:30:7f:11:fe:64:a7:1b:23:9a:31:a8:
a7:24:28:60:21:86:00:7f:f8:ec:e1:ef:70:99:93:
13:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6F:F1:C6:B6:80:3E:86:5F:91:FF:D6:A7:AE:B8:F5:A7:3F:7C:B1
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/a2_xxraAPoZfkf_Wp6649ac_fLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.174.0/24
188.240.61.0/24
193.176.28.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:29:6a:7d:16:34:d1:94:12:f4:12:1a:9f:4c:fa:70:7b:59:
c2:a3:63:cd:58:f0:54:39:10:ca:12:8b:72:3f:19:c7:77:61:
df:79:69:fe:0b:0c:65:93:e0:91:21:e1:b9:d2:9d:bf:32:3a:
da:21:c8:7d:6c:0a:72:89:05:65:f1:1e:62:0d:90:6e:e4:3a:
3f:de:fa:4a:c3:53:7d:6e:ad:10:43:94:41:be:29:a7:a5:1f:
20:2c:a2:1a:da:d9:f7:f6:dc:c7:58:27:4c:96:1d:12:49:9d:
af:52:a7:b1:7b:cf:aa:a1:04:55:a5:37:a7:b5:13:fe:d5:24:
6d:2b:ee:83:3d:7a:59:e1:c3:d6:cf:31:9e:2d:ee:e6:b4:22:
c7:be:7a:d0:5e:2e:ed:7f:f8:9f:f7:03:8a:06:4a:f1:15:37:
a2:64:f6:44:66:8e:17:ba:d4:d5:3e:57:be:d6:74:cf:4d:3a:
84:82:45:00:39:ce:d1:49:be:a1:83:35:bc:cc:e7:0f:fd:f8:
e4:2f:32:ba:7f:d7:87:be:2a:22:b7:e2:f4:ee:63:2a:64:8d:
8d:05:d3:5a:62:7f:b0:94:ce:5c:13:77:df:62:28:50:e9:c1:
f9:87:b4:a7:83:06:33:e5:8f:74:64:a4:ef:33:f3:c2:98:f7:
24:a8:57:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQIA7a/9UyqUgzgNp0Vp+9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjIxMDI0MDMyMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjZmZjFjNmI2ODAzZTg2NWY5MWZmZDZhN2FlYjhmNWE3M2Y3Y2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KT02xC7AFJqWR3O0UuRfk6DpdNc
yRQGSCRZf0sFntJUnEnMvK0Uujk6GcFai18KqLon6J/omVSTVGOfWqHUKFVqz3ak
rtBjg5WnqxzWOy4uc9TocPBrtZBejyTgxEs+BglwSx6EyibgoM2qWvmQ+va7B6Wn
p92gwKz4P8AOPkM01SSECWZBfa7hFgNAqmIOdWSQVMBMMkvR+RTOtqF5JmOOxqyR
rwhr9jEYWiyvpG36RdGVexkCp3CLYa0tTmmnPKS+lV+CfjvorjjczQJpyTk03YGz
PJChVACCINnSRArTuQcqMH8R/mSnGyOaMainJChgIYYAf/js4e9wmZMTIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGtv8ca2gD6GX5H/1qeuuPWnP3yxMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvYTJfeHhyYUFQb1pma2ZfV3A2NjQ5YWNfZkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsu+uAwQA
vPA9AwQAwbAcMA0GCSqGSIb3DQEBCwUAA4IBAQC2KWp9FjTRlBL0EhqfTPpwe1nC
o2PNWPBUORDKEotyPxnHd2HfeWn+Cwxlk+CRIeG50p2/MjraIch9bApyiQVl8R5i
DZBu5Do/3vpKw1N9bq0QQ5RBvimnpR8gLKIa2tn39tzHWCdMlh0SSZ2vUqexe8+q
oQRVpTentRP+1SRtK+6DPXpZ4cPWzzGeLe7mtCLHvnrQXi7tf/if9wOKBkrxFTei
ZPZEZo4XutTVPle+1nTPTTqEgkUAOc7RSb6hgzW8zOcP/fjkLzK6f9eHvioit+L0
7mMqZI2NBdNaYn+wlM5cE3ffYihQ6cH5h7SngwYz5Y90ZKTvM/PCmPckqFdt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org