Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FE9MMsrXV4QloKM9NfxAQfZCXkg.roa
File: FE9MMsrXV4QloKM9NfxAQfZCXkg.roa (raw, json)
Hash identifier: tvv/MQK/I3SgY2lvep9ys2zdA4T+AZ95XJZpHIG1jsk=
Subject key identifier: 14:4F:4C:32:CA:D7:57:84:25:A0:A3:3D:35:FC:40:41:F6:42:5E:48
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187525414A3D205F2389E6F10F09F351BD8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FE9MMsrXV4QloKM9NfxAQfZCXkg.roa
Signing time: Wed 05 Apr 2023 16:50:54 +0000
ROA not before: Wed 05 Apr 2023 16:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51659
IP address blocks: 194.87.196.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:54:14:a3:d2:05:f2:38:9e:6f:10:f0:9f:35:1b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=144f4c32cad7578425a0a33d35fc4041f6425e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:44:a1:59:a5:2a:25:8b:32:c1:60:8d:8f:5d:
88:38:cf:07:58:99:a1:ee:b0:d0:f3:38:79:90:a3:
97:db:c8:83:7a:8c:2e:62:c0:9f:d9:9c:7d:7d:3b:
58:e6:ad:65:d1:57:0b:fb:36:5a:a8:55:8b:37:9f:
f8:ae:e3:52:41:21:6d:50:24:2b:81:8c:35:4a:dc:
10:9a:b9:14:48:9d:08:32:da:cd:aa:4e:30:33:88:
73:2b:3f:a6:d8:21:d2:50:00:45:b5:08:6a:46:2c:
a7:c5:fd:ff:9d:37:df:76:6d:0d:a0:ea:23:82:64:
c1:e7:fe:f0:e1:df:bd:be:d1:54:09:4e:70:eb:0c:
21:2f:3f:7f:d8:10:d4:12:4f:eb:6e:dd:53:98:0b:
73:f3:5e:78:89:64:68:35:8c:c6:2c:7d:a0:11:6c:
c4:06:1c:74:d4:b9:d1:2a:6c:fb:2b:02:e8:7b:7a:
e1:65:30:3f:3d:be:dc:c1:c4:2c:46:92:44:81:ef:
5a:51:62:f1:19:f1:c6:8b:ce:f6:40:44:f3:cc:61:
c5:27:b9:93:e5:42:9d:f8:6c:2d:24:05:d5:76:59:
79:0a:66:f2:3c:05:0b:e7:99:1b:c9:53:c8:99:a8:
a2:52:58:9f:0c:95:f4:e9:9a:05:4e:f2:25:9a:30:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:4F:4C:32:CA:D7:57:84:25:A0:A3:3D:35:FC:40:41:F6:42:5E:48
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FE9MMsrXV4QloKM9NfxAQfZCXkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.196.0/23
Signature Algorithm: sha256WithRSAEncryption
52:4f:e9:d3:4d:30:30:be:45:de:e2:f3:db:e0:55:f4:4a:66:
d1:f6:58:56:ec:67:ff:b0:c1:14:79:5f:93:8c:e3:a8:1f:d0:
75:64:85:b9:6e:7b:3f:7a:33:3e:e5:f4:69:b3:6f:35:77:b3:
7b:05:e0:55:c6:de:42:5f:82:93:b7:20:e7:61:b3:47:07:f2:
b9:14:0c:68:8f:d6:ee:e7:84:2d:08:d1:f7:3e:7e:31:95:90:
dc:d1:b9:35:c9:e9:44:e6:9b:c1:80:1b:d5:89:0a:cf:72:48:
37:51:4b:0d:d0:8e:ab:21:cb:6d:a8:df:7d:e3:af:77:c0:5b:
0d:8d:4f:7b:64:d3:4b:09:85:b3:a9:58:bc:e1:df:d8:0f:ba:
b2:23:87:26:03:bf:79:3a:eb:c7:6b:b5:e0:cd:5b:74:f8:b8:
f3:34:21:33:b2:5c:0c:b9:65:0b:f0:9c:46:8c:c3:7d:2a:26:
f1:d4:6a:ab:45:ed:9a:74:7d:0c:d5:02:6b:c5:35:cb:c9:48:
fe:0b:93:b3:ff:94:96:7e:d1:b0:8f:3a:5e:fd:ed:28:aa:3f:
da:f5:ea:f7:29:13:c0:b2:b9:be:f6:a6:8c:8b:ba:0e:36:e2:
d1:89:0a:79:06:09:eb:21:db:06:0d:50:60:7e:63:45:8c:8b:
25:6b:cb:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdSVBSj0gXyOJ5vEPCfNRvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTY1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDRmNGMzMmNhZDc1Nzg0MjVhMGEzM2QzNWZjNDA0MWY2NDI1ZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEShWaUqJYsywWCNj12IOM8HWJmh
7rDQ8zh5kKOX28iDeowuYsCf2Zx9fTtY5q1l0VcL+zZaqFWLN5/4ruNSQSFtUCQr
gYw1StwQmrkUSJ0IMtrNqk4wM4hzKz+m2CHSUABFtQhqRiynxf3/nTffdm0NoOoj
gmTB5/7w4d+9vtFUCU5w6wwhLz9/2BDUEk/rbt1TmAtz8154iWRoNYzGLH2gEWzE
Bhx01LnRKmz7KwLoe3rhZTA/Pb7cwcQsRpJEge9aUWLxGfHGi872QETzzGHFJ7mT
5UKd+GwtJAXVdll5CmbyPAUL55kbyVPImaiiUlifDJX06ZoFTvIlmjC6lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBRPTDLK11eEJaCjPTX8QEH2Ql5IMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRkU5TU1zclhWNFFsb0tNOU5meEFRZlpDWGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwlfEMA0G
CSqGSIb3DQEBCwUAA4IBAQBST+nTTTAwvkXe4vPb4FX0SmbR9lhW7Gf/sMEUeV+T
jOOoH9B1ZIW5bns/ejM+5fRps281d7N7BeBVxt5CX4KTtyDnYbNHB/K5FAxoj9bu
54QtCNH3Pn4xlZDc0bk1yelE5pvBgBvViQrPckg3UUsN0I6rIcttqN994693wFsN
jU97ZNNLCYWzqVi84d/YD7qyI4cmA795OuvHa7XgzVt0+LjzNCEzslwMuWUL8JxG
jMN9Kibx1GqrRe2adH0M1QJrxTXLyUj+C5Oz/5SWftGwjzpe/e0oqj/a9er3KRPA
srm+9qaMi7oONuLRiQp5BgnrIdsGDVBgfmNFjIsla8sC
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:26:45 2025 by rpki-client