Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/1-1K7YRtDvAU6hChC646wlj6ObNw.roa
File: 1-1K7YRtDvAU6hChC646wlj6ObNw.roa (raw, json)
Hash identifier: uKnC1q2HSqmWIL4EFme7gAIPLJeLxHauNQWhyS0DJ5E=
Subject key identifier: FB:52:BB:61:1B:43:BC:05:3A:84:28:42:EB:8E:B0:96:3E:8E:6C:DC
Certificate issuer: /CN=bdf7a0a048b68eccfa4d49eab4f16dc792c0d318
Certificate serial: 09D9F18F
Authority key identifier: BD:F7:A0:A0:48:B6:8E:CC:FA:4D:49:EA:B4:F1:6D:C7:92:C0:D3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfegoEi2jsz6TUnqtPFtx5LA0xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/1-1K7YRtDvAU6hChC646wlj6ObNw.roa
Signing time: Wed 16 Feb 2022 11:26:38 +0000
ROA not before: Wed 16 Feb 2022 11:26:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41887
IP address blocks: 194.140.230.0/24 maxlen: 24
2001:67c:144::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165278095 (0x9d9f18f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdf7a0a048b68eccfa4d49eab4f16dc792c0d318
Validity
Not Before: Feb 16 11:26:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb52bb611b43bc053a842842eb8eb0963e8e6cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:97:17:8e:f4:cb:29:a0:32:4a:43:2b:85:7d:
78:46:74:62:3a:33:68:e9:10:08:e5:71:5c:c9:7c:
b6:14:c2:13:f9:b3:31:db:12:44:31:18:02:96:db:
3a:e3:be:f2:9b:28:5b:08:75:05:af:35:02:92:9e:
1a:5e:0c:89:dc:d2:34:3f:bd:62:64:e2:98:be:f1:
67:8b:1d:5c:41:ee:49:2e:5d:37:87:c1:dc:34:ce:
3a:15:57:53:76:09:8d:28:76:39:d8:a7:01:0a:d3:
c6:5c:6f:9f:c8:ff:4e:74:79:0d:b4:2f:86:c4:77:
91:0d:3e:c7:04:5d:b4:78:8e:11:77:47:70:05:84:
35:27:0c:05:ce:ab:c2:f8:20:90:4c:70:69:0c:dc:
c4:97:be:f1:71:20:bd:b7:3d:bb:b6:4f:97:f5:82:
b2:ed:18:14:a2:ee:e7:73:c5:55:d1:c9:a0:cd:1d:
b0:d5:63:28:ae:29:bc:37:b2:df:f1:a0:0d:17:30:
23:9e:6b:1b:94:68:1b:70:3e:33:7d:55:ed:17:3f:
17:c0:92:c5:a5:f7:fd:2f:e3:ab:a4:1f:4d:65:b0:
ea:00:ec:16:26:ea:e2:37:c1:a9:77:b3:91:eb:cc:
0a:96:33:39:58:24:eb:30:63:4a:e5:46:8f:b5:2f:
93:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:52:BB:61:1B:43:BC:05:3A:84:28:42:EB:8E:B0:96:3E:8E:6C:DC
X509v3 Authority Key Identifier:
keyid:BD:F7:A0:A0:48:B6:8E:CC:FA:4D:49:EA:B4:F1:6D:C7:92:C0:D3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfegoEi2jsz6TUnqtPFtx5LA0xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/1-1K7YRtDvAU6hChC646wlj6ObNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e16cb6-b454-48d6-bdc8-3516191a9d68/1/vfegoEi2jsz6TUnqtPFtx5LA0xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.140.230.0/24
IPv6:
2001:67c:144::/48
Signature Algorithm: sha256WithRSAEncryption
d7:b8:fa:e2:e8:24:5a:a7:4f:46:ea:aa:24:60:f0:67:bb:40:
c3:84:49:96:c6:e1:52:9e:1d:95:29:75:87:a3:cf:d9:97:71:
27:01:c4:ce:12:a4:ce:6d:78:63:1b:23:eb:a8:03:79:19:0d:
97:76:cb:9d:bd:41:c4:c7:60:93:7f:38:ad:ac:bc:01:5b:7c:
24:9d:ed:bc:9f:af:a0:30:fa:c2:35:f7:e5:2f:58:60:c9:89:
49:23:d5:03:34:18:6f:ce:a4:46:49:da:d8:0f:d5:90:bb:79:
52:c6:6b:2d:5b:8d:b3:51:25:e3:3c:a4:4d:c4:36:22:ee:a5:
18:f2:50:67:39:19:ac:1f:7f:2e:9d:db:29:a3:56:ae:fd:9d:
b4:97:64:15:94:e7:7b:26:17:73:8c:00:fe:07:cd:71:3d:0d:
c0:cc:bb:b1:02:55:c3:61:65:29:ee:c1:c4:9c:35:99:07:a0:
25:8f:c4:27:2d:cb:e5:24:43:59:cb:94:11:1d:7c:c1:c7:b0:
fd:4b:99:bc:6a:9c:97:bc:69:1e:2e:2c:c4:1d:9e:57:fc:b4:
d8:e9:0b:ea:7e:ef:73:6b:16:27:fc:58:88:70:bd:1d:a8:36:
01:49:b8:45:1b:06:bc:6c:3c:d7:8b:7c:5e:61:82:69:5f:67:
79:e2:04:64
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECdnxjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGY3YTBhMDQ4YjY4ZWNjZmE0ZDQ5ZWFiNGYxNmRjNzkyYzBkMzE4MB4XDTIyMDIx
NjExMjYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI1MmJiNjExYjQz
YmMwNTNhODQyODQyZWI4ZWIwOTYzZThlNmNkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeXF470yymgMkpDK4V9eEZ0YjozaOkQCOVxXMl8thTCE/mz
MdsSRDEYApbbOuO+8psoWwh1Ba81ApKeGl4MidzSND+9YmTimL7xZ4sdXEHuSS5d
N4fB3DTOOhVXU3YJjSh2OdinAQrTxlxvn8j/TnR5DbQvhsR3kQ0+xwRdtHiOEXdH
cAWENScMBc6rwvggkExwaQzcxJe+8XEgvbc9u7ZPl/WCsu0YFKLu53PFVdHJoM0d
sNVjKK4pvDey3/GgDRcwI55rG5RoG3A+M31V7Rc/F8CSxaX3/S/jq6QfTWWw6gDs
Fibq4jfBqXezkevMCpYzOVgk6zBjSuVGj7UvkycCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBT7UrthG0O8BTqEKELrjrCWPo5s3DAfBgNVHSMEGDAWgBS996CgSLaOzPpN
Seq08W3HksDTGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZmZWdvRWkyanN6NlRVbnF0UEZ0eDVMQTB4Zy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvZTE2Y2I2LWI0NTQtNDhkNi1iZGM4LTM1MTYxOTFhOWQ2OC8x
LzEtMUs3WVJ0RHZBVTZoQ2hDNjQ2d2xqNk9iTncucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFh
L2UxNmNiNi1iNDU0LTQ4ZDYtYmRjOC0zNTE2MTkxYTlkNjgvMS92ZmVnb0VpMmpz
ejZUVW5xdFBGdHg1TEEweGcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADCjOYwDwQCAAIwCQMHACABBnwB
RDANBgkqhkiG9w0BAQsFAAOCAQEA17j64ugkWqdPRuqqJGDwZ7tAw4RJlsbhUp4d
lSl1h6PP2ZdxJwHEzhKkzm14Yxsj66gDeRkNl3bLnb1BxMdgk384ray8AVt8JJ3t
vJ+voDD6wjX35S9YYMmJSSPVAzQYb86kRkna2A/VkLt5UsZrLVuNs1El4zykTcQ2
Iu6lGPJQZzkZrB9/Lp3bKaNWrv2dtJdkFZTneyYXc4wA/gfNcT0NwMy7sQJVw2Fl
Ke7BxJw1mQegJY/EJy3L5SRDWcuUER18wcew/UuZvGqcl7xpHi4sxB2eV/y02OkL
6n7vc2sWJ/xYiHC9Hag2AUm4RRsGvGw814t8XmGCaV9neeIEZA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:39 2025 by rpki-client