Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/fcfBaSFj1lJQX44axFVQrLA2CKc.roa
File: fcfBaSFj1lJQX44axFVQrLA2CKc.roa (raw, json)
Hash identifier: yoOVRLCNB8GBA7OM98p3iN5i3hDoCr0DFzcwkx/G0Ac=
Subject key identifier: 7D:C7:C1:69:21:63:D6:52:50:5F:8E:1A:C4:55:50:AC:B0:36:08:A7
Certificate issuer: /CN=9a4d76dd2f46068b0871ad4500ac6e577afe469c
Certificate serial: 0185153D3FF02C0C554DCA8B690F268B2F2D
Authority key identifier: 9A:4D:76:DD:2F:46:06:8B:08:71:AD:45:00:AC:6E:57:7A:FE:46:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mk123S9GBosIca1FAKxuV3r-Rpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/fcfBaSFj1lJQX44axFVQrLA2CKc.roa
Signing time: Thu 15 Dec 2022 10:03:33 +0000
ROA not before: Thu 15 Dec 2022 10:03:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50309
IP address blocks: 185.221.184.0/22 maxlen: 32
46.182.192.0/21 maxlen: 32
185.160.128.0/22 maxlen: 32
94.142.132.0/22 maxlen: 22
2a0c:1000::/29 maxlen: 32
2a0b:5e00::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:3d:3f:f0:2c:0c:55:4d:ca:8b:69:0f:26:8b:2f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a4d76dd2f46068b0871ad4500ac6e577afe469c
Validity
Not Before: Dec 15 10:03:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7dc7c1692163d652505f8e1ac45550acb03608a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:67:e5:b1:67:32:74:0e:63:3c:5e:1f:84:2a:
8e:1e:bc:46:a3:0a:a8:bd:77:9b:36:1d:45:eb:31:
99:2b:76:3e:1f:93:02:cb:58:96:0b:8b:7e:2a:a8:
0e:4d:1c:b9:e8:7e:43:10:6b:dd:cf:f8:c3:cd:23:
2f:37:c6:f8:52:07:a8:16:b8:b7:bf:7a:a8:e3:5c:
0b:18:e2:a9:c6:4e:93:d8:94:3d:83:24:b3:58:0d:
9d:f4:e8:fe:18:12:82:1d:f1:97:db:f9:b9:fe:8b:
9e:00:15:bc:d5:dc:b9:fd:ff:3b:3a:00:6b:b8:0c:
83:46:0f:1a:52:d1:e8:71:3f:7f:94:ca:24:95:82:
b0:83:4d:81:c1:1b:8e:5d:57:0f:60:7d:d3:5d:52:
9d:d6:79:f3:2a:cf:a7:94:1a:63:44:a7:08:33:05:
73:30:5b:d5:7d:b1:b2:db:78:94:af:27:78:d8:70:
93:6a:95:37:ef:2f:62:3a:de:d0:b1:15:cb:26:85:
a6:c7:bc:38:8a:22:67:5b:a1:f8:00:f3:bd:25:52:
9e:51:dd:06:e2:65:34:a1:c9:6e:74:b1:c9:47:15:
95:f7:96:8f:cf:0d:57:e7:7c:96:1b:1f:cc:6a:62:
09:ac:8b:45:c8:0b:b8:e7:d5:02:90:67:7c:9d:29:
c0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C7:C1:69:21:63:D6:52:50:5F:8E:1A:C4:55:50:AC:B0:36:08:A7
X509v3 Authority Key Identifier:
keyid:9A:4D:76:DD:2F:46:06:8B:08:71:AD:45:00:AC:6E:57:7A:FE:46:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mk123S9GBosIca1FAKxuV3r-Rpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/fcfBaSFj1lJQX44axFVQrLA2CKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/mk123S9GBosIca1FAKxuV3r-Rpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.192.0/21
94.142.132.0/22
185.160.128.0/22
185.221.184.0/22
IPv6:
2a0b:5e00::/29
2a0c:1000::/29
Signature Algorithm: sha256WithRSAEncryption
0b:5f:f9:bd:27:97:b6:2c:9a:2e:4c:ff:08:ed:dc:5d:f4:40:
19:14:15:32:15:d8:cc:06:b3:b8:71:c6:d9:9f:41:4a:6e:b4:
f9:f7:70:c5:5e:f6:af:b5:56:64:92:60:56:49:02:2f:f3:2c:
0b:e0:80:54:71:b9:53:7f:a7:7a:2c:7c:0a:6f:d7:d7:7e:ae:
cd:63:32:c7:c0:f4:67:fe:e3:64:c9:c5:10:31:2a:f7:8e:9e:
4d:4e:25:0d:87:27:43:c5:1c:2a:10:47:bd:30:11:9a:b1:29:
9b:2e:c9:3d:b6:46:18:50:f4:17:ec:7c:10:36:7c:6c:98:7b:
e5:09:1e:ac:b8:b7:85:ce:8d:6a:11:74:f0:db:9b:12:cf:27:
a7:67:ac:c0:58:2d:a5:8d:19:59:95:89:46:2a:26:52:0d:fc:
1d:ff:2c:c9:bc:4e:62:04:51:80:0b:a3:1f:94:0e:dd:59:f2:
ea:c6:38:86:bb:57:8e:db:8f:37:12:4f:67:56:fa:a9:a2:17:
2c:8b:5c:07:28:7c:17:bc:e8:a5:af:ff:35:fa:83:11:70:56:
3a:1c:00:38:2a:3a:a9:06:7f:cf:3d:da:19:70:83:ce:53:91:
a1:d6:d2:76:92:c5:71:80:58:24:b2:e8:db:5a:65:c5:87:61:
30:88:9c:44
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYUVPT/wLAxVTcqLaQ8miy8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNGQ3NmRkMmY0NjA2OGIwODcxYWQ0NTAwYWM2ZTU3N2Fm
ZTQ2OWMwHhcNMjIxMjE1MTAwMzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM3YzE2OTIxNjNkNjUyNTA1ZjhlMWFjNDU1NTBhY2IwMzYwOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2flsWcydA5jPF4fhCqOHrxGowqo
vXebNh1F6zGZK3Y+H5MCy1iWC4t+KqgOTRy56H5DEGvdz/jDzSMvN8b4UgeoFri3
v3qo41wLGOKpxk6T2JQ9gySzWA2d9Oj+GBKCHfGX2/m5/oueABW81dy5/f87OgBr
uAyDRg8aUtHocT9/lMoklYKwg02BwRuOXVcPYH3TXVKd1nnzKs+nlBpjRKcIMwVz
MFvVfbGy23iUryd42HCTapU37y9iOt7QsRXLJoWmx7w4iiJnW6H4APO9JVKeUd0G
4mU0ocludLHJRxWV95aPzw1X53yWGx/MamIJrItFyAu459UCkGd8nSnAIQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFH3HwWkhY9ZSUF+OGsRVUKywNginMB8GA1UdIwQY
MBaAFJpNdt0vRgaLCHGtRQCsbld6/kacMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWsxMjNTOUdCb3NJY2ExRkFLeHVWM3ItUnB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lZDdjOGEtMzk1Mi00NDAxLTlkZDQt
NDQ2OTJkYmNjYjMyLzEvZmNmQmFTRmoxbEpRWDQ0YXhGVlFyTEEyQ0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lZDdjOGEtMzk1Mi00NDAxLTlkZDQtNDQ2OTJkYmNjYjMy
LzEvbWsxMjNTOUdCb3NJY2ExRkFLeHVWM3ItUnB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLrbAAwQC
Xo6EAwQCuaCAAwQCud24MBQEAgACMA4DBQMqC14AAwUDKgwQADANBgkqhkiG9w0B
AQsFAAOCAQEAC1/5vSeXtiyaLkz/CO3cXfRAGRQVMhXYzAazuHHG2Z9BSm60+fdw
xV72r7VWZJJgVkkCL/MsC+CAVHG5U3+neix8Cm/X136uzWMyx8D0Z/7jZMnFEDEq
946eTU4lDYcnQ8UcKhBHvTARmrEpmy7JPbZGGFD0F+x8EDZ8bJh75QkerLi3hc6N
ahF08NubEs8np2eswFgtpY0ZWZWJRiomUg38Hf8sybxOYgRRgAujH5QO3Vny6sY4
hrtXjtuPNxJPZ1b6qaIXLItcByh8F7zopa//NfqDEXBWOhwAOCo6qQZ/zz3aGXCD
zlORodbSdpLFcYBYJLLo21plxYdhMIicRA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:28 2023 by rpki-client on console.sobornost.net