Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/f_FaVUFuJDtogWVHCgHgLcFCqb8.roa
File: f_FaVUFuJDtogWVHCgHgLcFCqb8.roa (raw, json)
Hash identifier: 3qVegfP2uhxc7sdITBAtq8ADRZ11wvFWowflvxslWoU=
Subject key identifier: 7F:F1:5A:55:41:6E:24:3B:68:81:65:47:0A:01:E0:2D:C1:42:A9:BF
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 0185821834DA6A168A1936DC1DD8504A890D
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/f_FaVUFuJDtogWVHCgHgLcFCqb8.roa
Signing time: Thu 05 Jan 2023 13:21:42 +0000
ROA not before: Thu 05 Jan 2023 13:21:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201971
IP address blocks: 217.145.236.0/24 maxlen: 24
217.145.238.0/24 maxlen: 24
217.145.239.0/24 maxlen: 24
139.28.204.0/24 maxlen: 24
139.28.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:82:18:34:da:6a:16:8a:19:36:dc:1d:d8:50:4a:89:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 5 13:21:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ff15a55416e243b688165470a01e02dc142a9bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:c4:ce:d2:38:e1:61:b1:9c:9f:13:17:21:
53:c5:c2:92:b5:12:93:c8:19:29:f7:f7:af:c4:15:
4d:29:e7:4a:ba:92:83:14:a2:00:92:d0:02:cd:e4:
54:aa:20:c3:d8:eb:55:17:bc:49:72:b3:19:54:e9:
b8:18:95:48:4b:ba:37:71:f4:6b:27:b5:35:2b:ad:
19:be:22:7a:33:6c:98:d7:0b:da:5f:50:cb:1b:81:
c2:1b:6b:cc:da:f4:ef:a2:93:14:d8:05:ab:5e:63:
e4:b5:5e:1e:87:8d:c7:e6:d3:a9:58:00:40:fb:fa:
6f:e8:e8:de:b5:25:e7:84:21:57:b8:f5:94:18:9f:
67:cc:33:b7:10:c4:8c:d7:0f:47:e2:5a:47:3a:5c:
50:00:2b:d4:29:8e:82:21:6d:bf:50:4f:a5:1a:d2:
82:e3:2f:11:c9:0f:07:be:e9:72:3b:2b:06:bc:e4:
3c:b4:b8:bb:6d:b9:04:c0:97:41:36:fe:db:dd:fc:
c0:d2:cf:a8:5d:24:79:35:61:9f:b6:eb:1c:7f:44:
ab:41:44:46:23:90:da:af:8b:49:47:c7:b6:16:b6:
03:e5:b7:48:71:6b:2b:39:9a:a2:e0:e2:71:41:ca:
17:1c:9a:5c:1f:e6:74:92:a9:79:f8:4f:ed:2b:d7:
9e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F1:5A:55:41:6E:24:3B:68:81:65:47:0A:01:E0:2D:C1:42:A9:BF
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/f_FaVUFuJDtogWVHCgHgLcFCqb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.204.0/24
139.28.207.0/24
217.145.236.0/24
217.145.238.0/23
Signature Algorithm: sha256WithRSAEncryption
57:23:ce:de:58:62:f7:5f:0a:53:1d:96:39:a4:e0:c5:d0:98:
47:2c:8c:a3:2a:1b:69:8d:50:28:6c:f1:9a:51:aa:ae:d0:82:
dc:06:07:b1:20:8e:52:a9:4e:f3:88:ec:39:9f:7e:c5:16:0c:
48:dd:2f:c7:f5:bd:6b:0a:4f:3a:ac:cf:a1:56:71:e5:37:77:
b1:03:b3:fe:1d:1b:47:39:b3:25:cc:01:ac:c1:ca:ec:80:19:
e6:82:b1:67:b7:82:a2:51:33:34:27:be:f7:42:ec:07:86:a4:
48:0e:ef:03:af:de:58:6a:15:a1:58:75:6c:0a:df:a5:41:db:
7a:c3:68:c9:50:dc:6f:5c:5b:dd:d6:aa:f4:25:02:7e:da:48:
10:6c:6f:06:04:2a:24:26:9f:62:2c:72:23:00:c5:b5:37:b0:
43:b5:f7:ce:6c:23:76:bb:0e:af:52:4e:1a:b7:aa:ec:55:97:
aa:1b:6c:6a:8b:ec:04:cb:e1:bb:df:a5:e2:45:40:d5:29:5e:
da:ce:49:95:ad:a6:42:6c:7f:83:ce:d8:92:79:69:92:f1:c5:
37:36:39:07:a0:4e:81:e4:54:7f:f9:9d:ec:ea:c8:1e:19:12:
97:ae:bb:f7:8a:f2:97:00:8b:6c:60:87:1c:4b:56:c9:a5:64:
8b:25:48:10
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWCGDTaahaKGTbcHdhQSokNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjMwMTA1MTMyMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmYxNWE1NTQxNmUyNDNiNjg4MTY1NDcwYTAxZTAyZGMxNDJhOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIvEztI44WGxnJ8TFyFTxcKStRKT
yBkp9/evxBVNKedKupKDFKIAktACzeRUqiDD2OtVF7xJcrMZVOm4GJVIS7o3cfRr
J7U1K60ZviJ6M2yY1wvaX1DLG4HCG2vM2vTvopMU2AWrXmPktV4eh43H5tOpWABA
+/pv6OjetSXnhCFXuPWUGJ9nzDO3EMSM1w9H4lpHOlxQACvUKY6CIW2/UE+lGtKC
4y8RyQ8HvulyOysGvOQ8tLi7bbkEwJdBNv7b3fzA0s+oXSR5NWGftuscf0SrQURG
I5Dar4tJR8e2FrYD5bdIcWsrOZqi4OJxQcoXHJpcH+Z0kql5+E/tK9eegwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH/xWlVBbiQ7aIFlRwoB4C3BQqm/MB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvZl9GYVZVRnVKRHRvZ1dWSENnSGdMY0ZDcWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAixzMAwQA
ixzPAwQA2ZHsAwQB2ZHuMA0GCSqGSIb3DQEBCwUAA4IBAQBXI87eWGL3XwpTHZY5
pODF0JhHLIyjKhtpjVAobPGaUaqu0ILcBgexII5SqU7ziOw5n37FFgxI3S/H9b1r
Ck86rM+hVnHlN3exA7P+HRtHObMlzAGswcrsgBnmgrFnt4KiUTM0J773QuwHhqRI
Du8Dr95YahWhWHVsCt+lQdt6w2jJUNxvXFvd1qr0JQJ+2kgQbG8GBCokJp9iLHIj
AMW1N7BDtffObCN2uw6vUk4at6rsVZeqG2xqi+wEy+G736XiRUDVKV7azkmVraZC
bH+DztiSeWmS8cU3NjkHoE6B5FR/+Z3s6sgeGRKXrrv3ivKXAItsYIccS1bJpWSL
JUgQ
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:22:21 2025 by rpki-client