Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d6dbd8-6466-48d0-a597-3ec447310dfb/1/_PmwOFd6jQ3M1TbIVNuyr1p_wU4.roa
File: _PmwOFd6jQ3M1TbIVNuyr1p_wU4.roa (raw, json)
Hash identifier: 7Klwg+ijd9MO5QmJSzYU2TzGtngQPuIxK1VYVYREfw0=
Subject key identifier: FC:F9:B0:38:57:7A:8D:0D:CC:D5:36:C8:54:DB:B2:AF:5A:7F:C1:4E
Certificate issuer: /CN=5f82ae9a304ac082c18a2891666f64cee81d5ca8
Certificate serial: 01856DD41ED9BFF76E55C08AD77DE3EF7E04
Authority key identifier: 5F:82:AE:9A:30:4A:C0:82:C1:8A:28:91:66:6F:64:CE:E8:1D:5C:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X4KumjBKwILBiiiRZm9kzugdXKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d6dbd8-6466-48d0-a597-3ec447310dfb/1/_PmwOFd6jQ3M1TbIVNuyr1p_wU4.roa
Signing time: Sun 01 Jan 2023 14:54:56 +0000
ROA not before: Sun 01 Jan 2023 14:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35773
IP address blocks: 195.214.248.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:1e:d9:bf:f7:6e:55:c0:8a:d7:7d:e3:ef:7e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f82ae9a304ac082c18a2891666f64cee81d5ca8
Validity
Not Before: Jan 1 14:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcf9b038577a8d0dccd536c854dbb2af5a7fc14e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5e:da:fa:fa:cf:fe:c6:65:a7:d1:90:db:a8:
a9:ed:19:37:89:10:96:14:60:7d:3a:02:6a:55:0f:
b5:6c:90:16:68:14:72:bd:ab:16:32:b5:95:cb:69:
bf:18:37:61:9e:15:78:04:49:02:ab:bd:1e:4f:ff:
ab:dd:46:9c:8f:4a:8d:45:11:cd:ec:33:c7:d2:27:
89:44:61:c9:af:2b:bd:34:5f:3f:1b:25:d0:05:5a:
e8:32:03:a7:2c:4d:f0:72:0b:73:4a:fa:00:95:bc:
43:04:2b:25:c7:bc:11:78:ba:2a:0f:04:7f:bb:5d:
6a:c6:c0:f4:25:74:91:a4:32:b7:46:13:33:0a:07:
9e:25:1e:45:e7:a0:e9:3d:f7:3a:07:92:15:99:07:
85:81:01:78:d5:8b:f1:2c:01:2b:5e:28:c5:54:d4:
67:fa:85:b8:a7:f4:3b:b6:48:2e:77:d6:3a:20:ae:
05:c9:d7:42:44:0d:a5:c3:e1:99:cc:f8:40:ee:99:
4d:57:6f:67:7a:34:95:e3:90:0c:fa:1c:3e:ab:6e:
20:de:47:bc:52:88:01:ee:b1:98:81:64:81:2f:98:
41:36:67:31:aa:70:1f:7c:9f:aa:f0:96:95:08:46:
ac:2a:c9:56:11:5b:d2:f2:5b:db:65:bb:12:b2:b3:
e0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F9:B0:38:57:7A:8D:0D:CC:D5:36:C8:54:DB:B2:AF:5A:7F:C1:4E
X509v3 Authority Key Identifier:
keyid:5F:82:AE:9A:30:4A:C0:82:C1:8A:28:91:66:6F:64:CE:E8:1D:5C:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X4KumjBKwILBiiiRZm9kzugdXKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d6dbd8-6466-48d0-a597-3ec447310dfb/1/_PmwOFd6jQ3M1TbIVNuyr1p_wU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d6dbd8-6466-48d0-a597-3ec447310dfb/1/X4KumjBKwILBiiiRZm9kzugdXKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.248.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:df:9f:15:a3:48:70:c7:d3:0c:52:79:6b:18:0f:75:b4:5f:
50:cb:51:c8:5d:68:f8:ce:4c:5c:e2:ee:7c:6f:d1:77:4b:43:
c0:55:09:7e:32:39:a9:23:c3:1a:f8:45:b8:02:84:78:de:f6:
f8:23:43:04:08:3a:7c:2c:78:5c:da:c9:1f:e6:2b:ac:cb:58:
46:95:49:0a:64:ae:f2:ec:fd:2c:1c:2c:6a:34:d3:80:4e:f4:
23:1a:9c:5f:92:73:d4:d6:f1:4b:b5:e8:e8:63:73:12:a0:e3:
60:f0:38:e8:a2:bc:9f:3a:d5:eb:95:79:b1:03:bf:e7:83:3e:
1f:38:83:bc:a2:6b:8c:3e:ea:50:22:da:66:71:a8:0c:cf:47:
a5:a3:ec:08:61:04:a8:a2:e7:e4:4c:33:43:8a:2a:82:3b:e0:
30:d7:a0:d8:cb:15:fc:0d:49:3e:23:7c:d9:48:34:17:3b:6a:
de:47:4b:55:f5:c3:3e:86:02:b5:d8:d6:ad:04:9d:b5:18:5f:
ee:94:c8:8d:35:cd:2c:61:3a:ad:8d:b6:8b:64:e7:07:fe:37:
56:f6:ea:d9:b7:52:1c:22:1a:d6:d0:9d:29:95:d0:e2:45:52:
05:4b:f9:bb:94:85:ad:26:d4:85:d8:89:eb:e2:3b:72:76:34:
35:a1:42:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1B7Zv/duVcCK133j734EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmODJhZTlhMzA0YWMwODJjMThhMjg5MTY2NmY2NGNlZTgx
ZDVjYTgwHhcNMjMwMTAxMTQ1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y5YjAzODU3N2E4ZDBkY2NkNTM2Yzg1NGRiYjJhZjVhN2ZjMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV7a+vrP/sZlp9GQ26ip7Rk3iRCW
FGB9OgJqVQ+1bJAWaBRyvasWMrWVy2m/GDdhnhV4BEkCq70eT/+r3Uacj0qNRRHN
7DPH0ieJRGHJryu9NF8/GyXQBVroMgOnLE3wcgtzSvoAlbxDBCslx7wReLoqDwR/
u11qxsD0JXSRpDK3RhMzCgeeJR5F56DpPfc6B5IVmQeFgQF41YvxLAErXijFVNRn
+oW4p/Q7tkgud9Y6IK4FyddCRA2lw+GZzPhA7plNV29nejSV45AM+hw+q24g3ke8
UogB7rGYgWSBL5hBNmcxqnAffJ+q8JaVCEasKslWEVvS8lvbZbsSsrPgsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPz5sDhXeo0NzNU2yFTbsq9af8FOMB8GA1UdIwQY
MBaAFF+CrpowSsCCwYookWZvZM7oHVyoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDRLdW1qQkt3SUxCaWlpUlptOWt6dWdkWEtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNmRiZDgtNjQ2Ni00OGQwLWE1OTct
M2VjNDQ3MzEwZGZiLzEvX1Btd09GZDZqUTNNMVRiSVZOdXlyMXBfd1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNmRiZDgtNjQ2Ni00OGQwLWE1OTctM2VjNDQ3MzEwZGZi
LzEvWDRLdW1qQkt3SUxCaWlpUlptOWt6dWdkWEtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDw9b4MA0G
CSqGSIb3DQEBCwUAA4IBAQAv358Vo0hwx9MMUnlrGA91tF9Qy1HIXWj4zkxc4u58
b9F3S0PAVQl+MjmpI8Ma+EW4AoR43vb4I0MECDp8LHhc2skf5iusy1hGlUkKZK7y
7P0sHCxqNNOATvQjGpxfknPU1vFLtejoY3MSoONg8DjooryfOtXrlXmxA7/ngz4f
OIO8omuMPupQItpmcagMz0elo+wIYQSooufkTDNDiiqCO+Aw16DYyxX8DUk+I3zZ
SDQXO2reR0tV9cM+hgK12NatBJ21GF/ulMiNNc0sYTqtjbaLZOcH/jdW9urZt1Ic
IhrW0J0pldDiRVIFS/m7lIWtJtSF2Inr4jtydjQ1oULf
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:28 2025 by rpki-client