Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fdi01OSpX1Gw5gHQDmya7QCrej8.roa
File: fdi01OSpX1Gw5gHQDmya7QCrej8.roa (raw, json)
Hash identifier: 5B0ybyFUmi8mUFhkQ+q8KG7zVS2gs8cEYs5axefEKyw=
Subject key identifier: 7D:D8:B4:D4:E4:A9:5F:51:B0:E6:01:D0:0E:6C:9A:ED:00:AB:7A:3F
Certificate issuer: /CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Certificate serial: 018544B3E63BCFE2806CC917902B1682EE8D
Authority key identifier: 7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fdi01OSpX1Gw5gHQDmya7QCrej8.roa
Signing time: Sat 24 Dec 2022 15:15:18 +0000
ROA not before: Sat 24 Dec 2022 15:15:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64433
IP address blocks: 185.117.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:44:b3:e6:3b:cf:e2:80:6c:c9:17:90:2b:16:82:ee:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Validity
Not Before: Dec 24 15:15:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7dd8b4d4e4a95f51b0e601d00e6c9aed00ab7a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ac:82:6c:d5:50:ea:04:43:da:e3:8d:c7:2f:
22:5b:9a:de:65:a7:f0:21:96:b4:22:15:be:a6:7d:
58:1d:15:41:4e:16:1f:36:c4:c8:80:72:83:18:6b:
28:54:d5:96:48:a0:9a:24:f1:ff:10:f1:32:73:ef:
ac:9e:63:79:ca:88:f9:5d:52:61:9d:47:8f:ae:e4:
00:32:d0:b6:5c:53:79:85:cc:ab:85:57:81:e5:da:
54:bb:de:e2:29:1e:44:72:8a:5d:3f:a2:2f:f4:eb:
5d:8f:fd:24:f4:98:62:9b:01:74:d5:f5:8f:f6:40:
4c:78:29:f0:a0:f9:98:63:64:af:42:27:83:37:fb:
ca:9c:97:96:fe:6d:65:0b:a2:b3:2e:26:d9:a9:d9:
46:d3:a0:e8:7e:69:36:29:43:b7:12:f9:0a:52:5b:
be:4a:29:19:ec:6c:5e:fd:47:b8:7b:e5:ec:a6:e3:
ea:0b:50:ba:f3:32:40:e5:b8:4c:d6:16:99:5b:0c:
5c:67:82:f4:76:3c:50:87:26:5a:5b:9f:b4:5d:6f:
44:98:0c:f0:72:d2:9f:ad:99:9a:21:49:2f:29:49:
1c:d1:75:cf:7f:c2:7e:19:eb:67:70:d1:d2:e8:4a:
19:45:d0:76:43:b4:c0:6b:fc:41:ad:1f:2a:10:6b:
00:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D8:B4:D4:E4:A9:5F:51:B0:E6:01:D0:0E:6C:9A:ED:00:AB:7A:3F
X509v3 Authority Key Identifier:
keyid:7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fdi01OSpX1Gw5gHQDmya7QCrej8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.29.0/24
Signature Algorithm: sha256WithRSAEncryption
10:a9:0e:27:f9:16:1f:b9:06:8c:d1:af:84:f9:c8:d0:a2:3f:
9d:be:54:80:07:aa:6f:b5:13:d4:19:5f:5b:f8:14:39:b7:fd:
0d:22:7e:02:5d:b5:e5:9b:03:28:b9:84:3b:ef:59:2e:19:68:
94:c4:4f:c2:33:1f:3b:ae:1d:cd:8c:2e:f0:44:4a:ac:df:28:
35:d4:50:fc:87:be:1e:90:3b:39:b2:9f:4a:15:70:0b:ba:9d:
24:e1:b0:f6:f9:9c:d6:0b:8d:a4:f7:1d:e7:3c:06:bc:55:5b:
46:da:11:a4:44:60:83:46:1e:33:e8:c8:47:9d:54:b1:80:b6:
f0:6c:fc:dc:35:81:79:c0:63:21:ce:c3:e0:23:55:ff:de:d7:
97:97:0f:25:b8:df:05:67:04:85:be:b2:74:aa:0c:c9:d5:7e:
a6:94:4b:46:c6:6b:6e:bd:df:fe:75:1f:88:a3:7c:f4:ce:85:
73:54:28:be:df:06:90:4f:91:79:dd:04:b3:cb:7e:49:c9:3d:
2a:0d:14:30:c1:8b:4b:0d:a6:42:68:5e:c8:0d:f4:0b:e4:83:
6e:08:90:a4:38:9d:54:a7:f8:9e:1b:f4:40:54:85:90:9d:0b:
13:34:aa:44:6b:2c:e3:96:d0:d3:bc:c7:c0:19:9f:bf:7e:3f:
dc:67:0c:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVEs+Y7z+KAbMkXkCsWgu6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTVjMGY5NWFiN2JlOGI4NWY3MTFmYTQzMzY2NWMxNGU2
ZTkzNTkwHhcNMjIxMjI0MTUxNTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQ4YjRkNGU0YTk1ZjUxYjBlNjAxZDAwZTZjOWFlZDAwYWI3YTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qyCbNVQ6gRD2uONxy8iW5reZafw
IZa0IhW+pn1YHRVBThYfNsTIgHKDGGsoVNWWSKCaJPH/EPEyc++snmN5yoj5XVJh
nUePruQAMtC2XFN5hcyrhVeB5dpUu97iKR5EcopdP6Iv9Otdj/0k9JhimwF01fWP
9kBMeCnwoPmYY2SvQieDN/vKnJeW/m1lC6KzLibZqdlG06Dofmk2KUO3EvkKUlu+
SikZ7Gxe/Ue4e+XspuPqC1C68zJA5bhM1haZWwxcZ4L0djxQhyZaW5+0XW9EmAzw
ctKfrZmaIUkvKUkc0XXPf8J+GetncNHS6EoZRdB2Q7TAa/xBrR8qEGsAdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH3YtNTkqV9RsOYB0A5smu0Aq3o/MB8GA1UdIwQY
MBaAFH7lwPlat76LhfcR+kM2ZcFObpNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEt
OTAxOTRiZDY4NDI4LzEvZmRpMDFPU3BYMUd3NWdIUURteWE3UUNyZWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEtOTAxOTRiZDY4NDI4
LzEvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXUdMA0G
CSqGSIb3DQEBCwUAA4IBAQAQqQ4n+RYfuQaM0a+E+cjQoj+dvlSAB6pvtRPUGV9b
+BQ5t/0NIn4CXbXlmwMouYQ771kuGWiUxE/CMx87rh3NjC7wREqs3yg11FD8h74e
kDs5sp9KFXALup0k4bD2+ZzWC42k9x3nPAa8VVtG2hGkRGCDRh4z6MhHnVSxgLbw
bPzcNYF5wGMhzsPgI1X/3teXlw8luN8FZwSFvrJ0qgzJ1X6mlEtGxmtuvd/+dR+I
o3z0zoVzVCi+3waQT5F53QSzy35JyT0qDRQwwYtLDaZCaF7IDfQL5INuCJCkOJ1U
p/ieG/RAVIWQnQsTNKpEayzjltDTvMfAGZ+/fj/cZwzt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:17 2025 by rpki-client