Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/5fFB-htirvR09-fOBAZL7MiUve0.roa
File: 5fFB-htirvR09-fOBAZL7MiUve0.roa (raw, json)
Hash identifier: rrmKjlxjjwF5Or3YmCENg0TEdzDpUekC8vwqjOkQnME=
Subject key identifier: E5:F1:41:FA:1B:62:AE:F4:74:F7:E7:CE:04:06:4B:EC:C8:94:BD:ED
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 018C82FCF98CC285AE36FAC8EA45B54D06DF
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/5fFB-htirvR09-fOBAZL7MiUve0.roa
Signing time: Tue 19 Dec 2023 16:51:06 +0000
ROA not before: Tue 19 Dec 2023 16:51:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21217
IP address blocks: 185.34.102.0/24 maxlen: 24
45.66.220.0/22 maxlen: 22
185.54.7.0/24 maxlen: 24
2a0f:9180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:fc:f9:8c:c2:85:ae:36:fa:c8:ea:45:b5:4d:06:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Dec 19 16:51:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5f141fa1b62aef474f7e7ce04064becc894bded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:16:1d:50:fe:c4:4d:82:e8:72:10:55:7a:
76:ae:80:98:c9:23:99:f1:a0:70:20:de:cd:d3:17:
62:d9:f2:77:7c:91:74:1b:5e:15:0e:e1:05:fa:35:
2f:4f:5f:01:f8:3e:a4:ab:a3:8e:8d:cb:13:06:77:
25:2c:a5:88:57:7b:ec:92:a8:ed:8d:ef:88:03:05:
ea:28:b7:9f:c9:b0:3f:3b:d3:69:f0:24:49:37:9a:
8f:14:e4:3c:cb:f7:30:b3:b3:f9:8b:97:3d:a0:07:
4c:72:3f:0e:03:35:a0:48:38:20:89:8a:0c:32:b2:
b1:06:87:6d:b2:e5:a2:c7:b3:a1:29:39:24:e2:4f:
72:e2:c0:12:d8:fa:82:10:b4:36:da:c9:4a:49:83:
73:14:b5:b0:d5:c2:e0:10:20:8d:76:fe:6c:cd:49:
c0:2c:d1:8f:dd:cf:08:fe:5f:a7:dd:c1:69:82:02:
2b:61:c8:82:00:63:65:99:8c:f9:a3:88:23:90:8f:
93:fb:32:fa:8f:c2:9c:fe:53:96:2c:2b:be:b1:3c:
d1:b6:7f:6b:44:d0:eb:b7:16:59:a6:fe:ce:04:97:
9b:9f:a7:1c:0f:78:9c:96:0f:62:a1:77:51:7d:27:
b2:5d:ac:2a:01:fa:d1:3d:0e:40:89:27:66:a0:80:
d4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:F1:41:FA:1B:62:AE:F4:74:F7:E7:CE:04:06:4B:EC:C8:94:BD:ED
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/5fFB-htirvR09-fOBAZL7MiUve0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.220.0/22
185.34.102.0/24
185.54.7.0/24
IPv6:
2a0f:9180::/29
Signature Algorithm: sha256WithRSAEncryption
69:cd:ce:24:ce:be:61:c4:ea:ab:e6:3f:78:21:d3:b2:7d:2e:
0a:f7:bb:e0:a5:d5:46:7e:df:7d:9d:84:fd:6a:95:13:0c:71:
25:d3:07:96:cf:71:11:5d:30:89:7e:88:68:20:85:7a:d0:f0:
38:46:e9:1c:7f:a5:00:f1:58:e4:8e:9a:00:f7:5e:60:31:59:
58:79:e4:a0:3f:4e:52:de:43:37:ef:01:4a:22:80:d6:cd:c1:
51:bb:dc:3c:b9:06:69:f9:59:fb:fe:6e:88:05:9c:29:b8:32:
b2:8d:6c:92:50:47:26:66:37:49:ba:35:13:b8:ec:dd:3c:20:
47:db:6b:b1:e3:80:52:b6:e3:02:ed:8f:bd:2c:1b:e0:92:c1:
40:7c:8a:69:86:78:3c:38:f6:d8:e9:a7:32:d0:38:f8:8b:7e:
5c:be:1d:ed:d0:be:32:c6:60:ed:64:88:1f:8b:9c:ce:fe:da:
f8:d7:84:8d:d6:18:dd:6e:81:5f:05:ec:87:5a:d9:16:9d:b1:
6c:be:d7:ac:9d:6d:3e:56:1f:91:8c:97:32:10:80:e9:b0:73:
d0:31:bf:9f:55:9e:4e:48:4d:74:b3:95:c5:30:cc:ca:17:85:
a3:57:c9:92:60:d2:3c:cd:3a:d3:05:69:1b:73:23:4b:2a:6c:
4d:54:05:82
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYyC/PmMwoWuNvrI6kW1TQbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjMxMjE5MTY1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWYxNDFmYTFiNjJhZWY0NzRmN2U3Y2UwNDA2NGJlY2M4OTRiZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqQWHVD+xE2C6HIQVXp2roCYySOZ
8aBwIN7N0xdi2fJ3fJF0G14VDuEF+jUvT18B+D6kq6OOjcsTBnclLKWIV3vskqjt
je+IAwXqKLefybA/O9Np8CRJN5qPFOQ8y/cws7P5i5c9oAdMcj8OAzWgSDggiYoM
MrKxBodtsuWix7OhKTkk4k9y4sAS2PqCELQ22slKSYNzFLWw1cLgECCNdv5szUnA
LNGP3c8I/l+n3cFpggIrYciCAGNlmYz5o4gjkI+T+zL6j8Kc/lOWLCu+sTzRtn9r
RNDrtxZZpv7OBJebn6ccD3iclg9ioXdRfSeyXawqAfrRPQ5AiSdmoIDU/QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOXxQfobYq70dPfnzgQGS+zIlL3tMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvNWZGQi1odGlydlIwOS1mT0JBWkw3TWlVdmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLULcAwQA
uSJmAwQAuTYHMA0EAgACMAcDBQMqD5GAMA0GCSqGSIb3DQEBCwUAA4IBAQBpzc4k
zr5hxOqr5j94IdOyfS4K97vgpdVGft99nYT9apUTDHEl0weWz3ERXTCJfohoIIV6
0PA4Rukcf6UA8VjkjpoA915gMVlYeeSgP05S3kM37wFKIoDWzcFRu9w8uQZp+Vn7
/m6IBZwpuDKyjWySUEcmZjdJujUTuOzdPCBH22ux44BStuMC7Y+9LBvgksFAfIpp
hng8OPbY6acy0Dj4i35cvh3t0L4yxmDtZIgfi5zO/tr414SN1hjdboFfBeyHWtkW
nbFsvtesnW0+Vh+RjJcyEIDpsHPQMb+fVZ5OSE10s5XFMMzKF4WjV8mSYNI8zTrT
BWkbcyNLKmxNVAWC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:46 2025 by rpki-client