Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/FtuQJgmtq4paE9W2SFWPlthzRcU.roa
File: FtuQJgmtq4paE9W2SFWPlthzRcU.roa (raw, json)
Hash identifier: 56vTWV2RVH5UTzCzSLSH1GjzX6elBOuNwXwEhuMxnZk=
Subject key identifier: 16:DB:90:26:09:AD:AB:8A:5A:13:D5:B6:48:55:8F:96:D8:73:45:C5
Certificate issuer: /CN=485e3ee1c3258175f4ff6d9b559da54c83ec0b4f
Certificate serial: 0185718C2C4B721030589CAD3FDD14190E4B
Authority key identifier: 48:5E:3E:E1:C3:25:81:75:F4:FF:6D:9B:55:9D:A5:4C:83:EC:0B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF4-4cMlgXX0_22bVZ2lTIPsC08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/FtuQJgmtq4paE9W2SFWPlthzRcU.roa
Signing time: Mon 02 Jan 2023 08:14:49 +0000
ROA not before: Mon 02 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30935
IP address blocks: 185.253.204.0/22 maxlen: 24
193.16.220.0/24 maxlen: 24
91.223.186.0/24 maxlen: 24
2a0c:40c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2c:4b:72:10:30:58:9c:ad:3f:dd:14:19:0e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=485e3ee1c3258175f4ff6d9b559da54c83ec0b4f
Validity
Not Before: Jan 2 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16db902609adab8a5a13d5b648558f96d87345c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6f:bb:7f:bd:bd:74:a3:58:a7:fa:11:4f:b6:
a4:e9:7f:01:6f:00:93:31:c1:51:3d:0f:04:98:9b:
b0:4d:ab:01:1a:c3:40:67:75:b4:53:17:e1:b7:14:
00:82:ca:d8:f1:cc:d3:41:fe:44:af:01:8c:e7:a3:
36:42:cd:76:38:55:92:cb:76:2c:40:84:06:3b:5e:
96:8a:d0:18:b5:01:60:ef:06:99:4a:26:02:47:fc:
aa:22:c0:be:a7:b8:59:8f:f9:ad:f1:7a:48:e7:a0:
66:fc:99:63:58:cf:2d:44:fe:ca:f9:78:ab:9c:90:
4a:d7:a9:f9:57:90:eb:54:5e:c1:00:1d:79:0b:40:
c4:af:19:8d:e0:3f:57:47:9e:fb:f7:4d:9b:24:ae:
f7:b6:42:fa:73:ab:46:b5:f5:95:39:5f:0d:02:56:
bc:8b:31:26:c0:cf:6a:a2:10:1a:12:52:b1:ce:38:
12:d0:c5:05:81:2a:fd:de:c0:db:7c:80:58:7e:f6:
b1:3f:16:ab:80:43:f0:55:bb:eb:f6:86:97:24:9f:
45:82:cf:96:95:99:39:f1:83:fd:b5:66:93:b2:2b:
74:b7:b7:f2:fe:f2:bb:c9:90:85:ee:e6:9d:91:e1:
51:f5:e5:fc:22:5a:a5:be:fb:c0:4a:3d:8c:f6:f3:
6e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:DB:90:26:09:AD:AB:8A:5A:13:D5:B6:48:55:8F:96:D8:73:45:C5
X509v3 Authority Key Identifier:
keyid:48:5E:3E:E1:C3:25:81:75:F4:FF:6D:9B:55:9D:A5:4C:83:EC:0B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF4-4cMlgXX0_22bVZ2lTIPsC08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/FtuQJgmtq4paE9W2SFWPlthzRcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/SF4-4cMlgXX0_22bVZ2lTIPsC08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.186.0/24
185.253.204.0/22
193.16.220.0/24
IPv6:
2a0c:40c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:cc:9f:5c:b3:83:4c:28:b5:3e:75:56:52:96:6c:5d:5c:c0:
92:d0:3d:99:00:4d:4c:41:e0:40:53:68:a1:be:03:12:fc:58:
0d:3f:df:06:d4:d0:f3:95:26:31:11:da:be:8a:ca:43:41:db:
69:ed:48:62:49:65:26:20:3d:fb:c1:84:b8:da:10:ff:b6:5d:
bf:e8:fa:db:c2:8b:8c:57:5f:3a:ac:d2:f8:51:6f:26:25:cc:
53:c5:f0:e5:ca:f5:f2:2e:2a:a2:5a:70:e6:a6:8a:48:da:09:
be:65:04:6d:d9:3b:45:40:00:7c:40:c0:74:12:5d:da:ff:14:
c2:74:61:e5:f8:67:b4:90:d9:ed:87:ec:76:43:95:bc:77:21:
a7:97:bc:62:b2:fa:20:80:f1:c6:c8:06:48:03:5b:a8:62:b6:
b2:87:88:0d:5f:78:35:d3:75:f7:13:1a:67:ff:3b:e8:86:ea:
7f:e5:c9:75:64:4d:5f:c1:f6:ec:30:52:10:14:89:9f:50:c3:
9d:9d:74:6e:80:19:c4:d5:68:1c:33:68:90:18:18:31:f1:35:
03:67:ea:53:33:b3:3f:aa:35:c2:26:a8:87:66:3f:6b:e4:33:
89:50:e6:3b:7f:a1:27:4f:d1:33:e7:18:5c:a1:b7:bb:90:5d:
ae:97:de:33
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxjCxLchAwWJytP90UGQ5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NWUzZWUxYzMyNTgxNzVmNGZmNmQ5YjU1OWRhNTRjODNl
YzBiNGYwHhcNMjMwMTAyMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmRiOTAyNjA5YWRhYjhhNWExM2Q1YjY0ODU1OGY5NmQ4NzM0NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG+7f729dKNYp/oRT7ak6X8BbwCT
McFRPQ8EmJuwTasBGsNAZ3W0UxfhtxQAgsrY8czTQf5ErwGM56M2Qs12OFWSy3Ys
QIQGO16WitAYtQFg7waZSiYCR/yqIsC+p7hZj/mt8XpI56Bm/JljWM8tRP7K+Xir
nJBK16n5V5DrVF7BAB15C0DErxmN4D9XR577902bJK73tkL6c6tGtfWVOV8NAla8
izEmwM9qohAaElKxzjgS0MUFgSr93sDbfIBYfvaxPxargEPwVbvr9oaXJJ9Fgs+W
lZk58YP9tWaTsit0t7fy/vK7yZCF7uadkeFR9eX8IlqlvvvASj2M9vNukwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBbbkCYJrauKWhPVtkhVj5bYc0XFMB8GA1UdIwQY
MBaAFEhePuHDJYF19P9tm1WdpUyD7AtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0Y0LTRjTWxnWFgwXzIyYlZaMmxUSVBzQzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85NmQwMjItZWUwMi00NDdjLWEzNDkt
OWM5MzNjY2QxNmM3LzEvRnR1UUpnbXRxNHBhRTlXMlNGV1BsdGh6UmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85NmQwMjItZWUwMi00NDdjLWEzNDktOWM5MzNjY2QxNmM3
LzEvU0Y0LTRjTWxnWFgwXzIyYlZaMmxUSVBzQzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9+6AwQC
uf3MAwQAwRDcMA0EAgACMAcDBQMqDEDAMA0GCSqGSIb3DQEBCwUAA4IBAQBCzJ9c
s4NMKLU+dVZSlmxdXMCS0D2ZAE1MQeBAU2ihvgMS/FgNP98G1NDzlSYxEdq+ispD
Qdtp7UhiSWUmID37wYS42hD/tl2/6PrbwouMV186rNL4UW8mJcxTxfDlyvXyLiqi
WnDmpopI2gm+ZQRt2TtFQAB8QMB0El3a/xTCdGHl+Ge0kNnth+x2Q5W8dyGnl7xi
svoggPHGyAZIA1uoYrayh4gNX3g103X3Expn/zvohup/5cl1ZE1fwfbsMFIQFImf
UMOdnXRugBnE1WgcM2iQGBgx8TUDZ+pTM7M/qjXCJqiHZj9r5DOJUOY7f6EnT9Ez
5xhcobe7kF2ul94z
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:10 2025 by rpki-client