Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/fGOZz13SRI6HTvN1o1YPqQ8soaI.roa
File: fGOZz13SRI6HTvN1o1YPqQ8soaI.roa (raw, json)
Hash identifier: 2f4Xr/LMK5u4tgLbUh35MxTTOk4m8jUqtf7QO8z80DI=
Subject key identifier: 7C:63:99:CF:5D:D2:44:8E:87:4E:F3:75:A3:56:0F:A9:0F:2C:A1:A2
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 1AAB1469
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/fGOZz13SRI6HTvN1o1YPqQ8soaI.roa
Signing time: Sat 01 Jan 2022 12:02:40 +0000
ROA not before: Sat 01 Jan 2022 12:02:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40065
IP address blocks: 198.105.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447419497 (0x1aab1469)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 12:02:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c6399cf5dd2448e874ef375a3560fa90f2ca1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:da:59:1e:49:17:57:13:9e:4b:81:de:d1:db:
4b:06:a8:2e:43:b1:90:b7:84:c0:e7:f8:e6:43:63:
84:07:df:14:21:5f:ff:03:c0:b2:6f:c9:f9:96:20:
2a:da:0c:b5:16:d9:1e:0e:ab:b8:76:e6:06:9e:6c:
b3:fb:91:aa:11:8f:dc:af:f1:e4:a8:f7:d1:d9:5b:
ca:04:cc:38:cf:f7:24:e5:9f:63:96:9c:6e:12:f8:
85:d4:f7:cd:af:3b:e6:0a:72:2e:b2:c8:9a:1b:49:
8f:36:3f:18:64:f8:51:8d:21:1a:fd:3b:5d:2a:69:
49:8b:48:d5:8b:b8:8d:09:aa:4c:6c:16:de:0c:e6:
e4:c0:25:17:ca:a5:43:c6:2a:98:00:24:b8:41:d4:
8d:c0:e2:b1:dc:a9:9a:94:0b:5c:ad:29:86:4e:e6:
86:cd:c9:ba:b1:d0:02:7f:f9:92:3c:aa:62:1a:db:
f8:39:68:09:a8:02:10:5a:6c:be:a7:fd:2b:b5:10:
30:26:d3:fa:d2:b7:8f:cc:a9:90:4e:2c:2f:3e:ff:
5d:48:0f:0d:4b:30:44:74:87:a9:86:1c:27:5d:60:
25:fa:12:a4:7a:f2:89:b6:f4:e8:cd:c3:56:c8:cf:
44:67:19:42:a1:b6:2e:c9:e9:de:9c:87:40:9d:50:
95:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:63:99:CF:5D:D2:44:8E:87:4E:F3:75:A3:56:0F:A9:0F:2C:A1:A2
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/fGOZz13SRI6HTvN1o1YPqQ8soaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.105.101.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:db:09:84:5e:fb:e1:2f:7d:cb:d9:69:a8:83:3e:09:b5:49:
bb:7b:2d:17:f6:4d:b7:a4:f4:84:22:a4:4e:12:9a:ce:58:45:
4f:15:32:1d:26:c7:84:29:76:b9:0e:2a:91:32:2b:b6:9b:73:
17:97:c7:3b:f2:8c:1c:7e:87:2a:36:fb:4b:27:0d:6b:ea:c4:
8f:fc:2b:f0:79:99:23:64:2a:f4:6d:5e:ad:d8:ea:2a:94:5a:
92:5c:9f:2d:01:67:53:79:8e:6b:89:af:7d:c6:05:c1:f2:0e:
d3:d8:a3:37:e1:75:7c:9d:e1:0f:23:db:c2:0b:af:f1:c1:91:
e7:55:ec:2c:14:6c:83:69:a0:dd:04:d2:d1:c8:8b:0e:ac:bc:
99:73:b2:15:2f:6b:17:10:41:ea:52:23:74:f6:fc:2b:49:c7:
12:c6:72:b5:7f:13:81:b6:6b:f1:a0:e6:38:ae:6b:01:8a:1c:
08:b2:ed:70:27:8b:41:a3:74:1f:3d:5d:b8:79:1b:7a:b8:17:
bf:29:7b:c2:90:8a:4f:d0:77:de:bb:39:2f:07:b7:ab:4e:82:
f7:e2:29:fd:ff:b8:fe:62:68:b9:5f:6a:06:53:30:08:18:d0:
f1:91:b7:fb:8c:da:c1:40:fc:0c:59:4d:07:cc:f0:58:e3:e2:
c7:48:f0:2f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGqsUaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzU0YzM0N2Q2OGQxNTQ5M2RlNzFiYjk2MmYwYTU2N2UxMzRkNjAzMB4XDTIyMDEw
MTEyMDI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M2Mzk5Y2Y1ZGQy
NDQ4ZTg3NGVmMzc1YTM1NjBmYTkwZjJjYTFhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/aWR5JF1cTnkuB3tHbSwaoLkOxkLeEwOf45kNjhAffFCFf
/wPAsm/J+ZYgKtoMtRbZHg6ruHbmBp5ss/uRqhGP3K/x5Kj30dlbygTMOM/3JOWf
Y5acbhL4hdT3za875gpyLrLImhtJjzY/GGT4UY0hGv07XSppSYtI1Yu4jQmqTGwW
3gzm5MAlF8qlQ8YqmAAkuEHUjcDisdypmpQLXK0phk7mhs3JurHQAn/5kjyqYhrb
+DloCagCEFpsvqf9K7UQMCbT+tK3j8ypkE4sLz7/XUgPDUswRHSHqYYcJ11gJfoS
pHryibb06M3DVsjPRGcZQqG2Lsnp3pyHQJ1QlbUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR8Y5nPXdJEjodO83WjVg+pDyyhojAfBgNVHSMEGDAWgBTnVMNH1o0VST3n
G7li8KVn4TTWAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUxVERSOWFORlVrOTV4dTVZdkNsWi1FMDFnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8x
L2ZHT1p6MTNTUkk2SFR2TjFvMVlQcVE4c29hSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8xLzUxVERSOWFORlVr
OTV4dTVZdkNsWi1FMDFnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMZpZTANBgkqhkiG9w0BAQsFAAOC
AQEAT9sJhF774S99y9lpqIM+CbVJu3stF/ZNt6T0hCKkThKazlhFTxUyHSbHhCl2
uQ4qkTIrtptzF5fHO/KMHH6HKjb7SycNa+rEj/wr8HmZI2Qq9G1erdjqKpRaklyf
LQFnU3mOa4mvfcYFwfIO09ijN+F1fJ3hDyPbwguv8cGR51XsLBRsg2mg3QTS0ciL
Dqy8mXOyFS9rFxBB6lIjdPb8K0nHEsZytX8TgbZr8aDmOK5rAYocCLLtcCeLQaN0
Hz1duHkbergXvyl7wpCKT9B33rs5Lwe3q06C9+Ip/f+4/mJouV9qBlMwCBjQ8ZG3
+4zawUD8DFlNB8zwWOPix0jwLw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:50:00 2025 by rpki-client