Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/Fy-GthLEJv3VjqopxHv-b7o1uKY.roa
File: Fy-GthLEJv3VjqopxHv-b7o1uKY.roa (raw, json)
Hash identifier: Wa2D//FSAz0KRl27QBMxiYHBAaLJq113i2vXmxzsCr4=
Subject key identifier: 17:2F:86:B6:12:C4:26:FD:D5:8E:AA:29:C4:7B:FE:6F:BA:35:B8:A6
Certificate issuer: /CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Certificate serial: 0187D8C32F70CEA639F56267EDDFB357F0BF
Authority key identifier: C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/Fy-GthLEJv3VjqopxHv-b7o1uKY.roa
Signing time: Mon 01 May 2023 19:21:22 +0000
ROA not before: Mon 01 May 2023 19:21:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58007
IP address blocks: 194.8.28.0/24 maxlen: 24
2a13:4380::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d8:c3:2f:70:ce:a6:39:f5:62:67:ed:df:b3:57:f0:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Validity
Not Before: May 1 19:21:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=172f86b612c426fdd58eaa29c47bfe6fba35b8a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a3:89:5c:f0:32:75:2b:84:04:77:9f:d9:55:
53:86:c8:4b:1f:4c:6a:f0:90:a6:2b:2d:00:33:ee:
d0:c5:51:0f:de:4b:8e:42:f0:23:03:55:74:d0:6a:
fc:aa:f2:52:22:b1:61:89:38:7f:1c:c3:1f:37:35:
22:8c:da:9c:2e:e9:71:5a:0a:c1:af:8a:e8:c3:ae:
ca:32:4b:22:a6:5e:ae:64:da:c1:91:72:31:a7:d2:
10:60:23:48:24:9f:49:7b:8e:1b:73:2d:87:69:0b:
89:de:76:ef:47:c3:b8:c0:7d:c1:fb:b6:c2:5d:3c:
59:a4:04:68:55:60:c9:40:87:31:ad:cf:37:03:62:
d8:fb:56:d2:73:bf:f9:6e:75:06:70:b6:4a:80:0c:
ca:cf:f5:52:57:87:d4:ad:14:28:00:4d:c7:40:bd:
04:a7:ce:49:36:e0:2c:ea:c7:59:cd:f5:2c:ff:08:
2a:c7:55:d6:6c:b1:4b:a9:fc:a8:25:d2:68:be:4c:
6e:6e:fc:72:f6:21:02:55:c4:c7:de:c4:36:83:57:
a1:d2:85:d0:54:85:3f:23:0c:49:99:97:c0:ca:76:
bc:46:a0:97:05:80:b1:bd:ce:4c:c0:0e:72:39:0f:
11:c2:6a:de:ed:8c:bd:97:af:f6:ce:a8:56:70:b6:
c2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:2F:86:B6:12:C4:26:FD:D5:8E:AA:29:C4:7B:FE:6F:BA:35:B8:A6
X509v3 Authority Key Identifier:
keyid:C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/Fy-GthLEJv3VjqopxHv-b7o1uKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.28.0/24
IPv6:
2a13:4380::/32
Signature Algorithm: sha256WithRSAEncryption
67:90:50:24:77:08:82:9e:23:d4:fe:45:8f:18:b5:d5:69:0e:
f5:31:f7:8f:ec:8e:bd:a3:2e:00:aa:01:b5:b1:3a:82:83:b4:
b0:24:db:aa:1e:a3:50:31:d5:2b:9c:f5:3c:c5:93:c8:e6:2d:
8b:ca:77:9e:bd:de:d5:d8:a5:e9:40:be:e7:c2:19:2d:b6:af:
ad:f1:6a:c9:09:05:ae:bc:c3:d8:be:2f:5b:29:37:db:dc:d0:
19:5b:61:a3:06:bb:ac:3a:eb:c2:4d:99:ef:67:ef:2e:2f:04:
56:26:72:b6:be:56:d5:c1:d8:f3:88:a4:e3:64:d0:dc:d2:d0:
49:a7:c0:76:5e:60:13:00:ef:9f:d6:b9:aa:9f:fd:c8:93:c8:
2b:08:20:52:ba:f0:32:4f:5d:12:ef:4e:7d:07:89:40:83:68:
d2:d9:59:56:64:05:6c:4d:80:6a:1d:fe:ef:1d:b9:b7:5e:51:
da:c2:83:5c:6d:8d:42:24:00:7b:da:08:d8:7d:09:63:20:37:
00:6f:8a:87:8f:d6:1c:97:f1:ce:7e:e7:01:37:7f:f2:d7:7f:
c5:f4:fc:14:5d:b6:b8:b6:5c:ae:1c:64:21:23:b5:b4:ab:b2:
d8:2f:3a:e6:eb:8d:a5:0d:17:8a:95:b4:18:ec:88:c2:a9:b7:
5a:b9:7b:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfYwy9wzqY59WJn7d+zV/C/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDZjNGJlZmUwZmJiZTM2MjRiZDc0ODI5NmI1ZmUyZTdl
YzJkNjgwHhcNMjMwNTAxMTkyMTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzJmODZiNjEyYzQyNmZkZDU4ZWFhMjljNDdiZmU2ZmJhMzViOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaOJXPAydSuEBHef2VVThshLH0xq
8JCmKy0AM+7QxVEP3kuOQvAjA1V00Gr8qvJSIrFhiTh/HMMfNzUijNqcLulxWgrB
r4row67KMksipl6uZNrBkXIxp9IQYCNIJJ9Je44bcy2HaQuJ3nbvR8O4wH3B+7bC
XTxZpARoVWDJQIcxrc83A2LY+1bSc7/5bnUGcLZKgAzKz/VSV4fUrRQoAE3HQL0E
p85JNuAs6sdZzfUs/wgqx1XWbLFLqfyoJdJovkxubvxy9iECVcTH3sQ2g1eh0oXQ
VIU/IwxJmZfAyna8RqCXBYCxvc5MwA5yOQ8Rwmre7Yy9l6/2zqhWcLbCZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBcvhrYSxCb91Y6qKcR7/m+6NbimMB8GA1UdIwQY
MBaAFMlGxL7+D7vjYkvXSClrX+Ln7C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODkt
NmJiYjI3MDgxZGUyLzEvRnktR3RoTEVKdjNWanFvcHhIdi1iN28xdUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODktNmJiYjI3MDgxZGUy
LzEveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwggcMA0E
AgACMAcDBQAqE0OAMA0GCSqGSIb3DQEBCwUAA4IBAQBnkFAkdwiCniPU/kWPGLXV
aQ71MfeP7I69oy4AqgG1sTqCg7SwJNuqHqNQMdUrnPU8xZPI5i2Lyneevd7V2KXp
QL7nwhkttq+t8WrJCQWuvMPYvi9bKTfb3NAZW2GjBrusOuvCTZnvZ+8uLwRWJnK2
vlbVwdjziKTjZNDc0tBJp8B2XmATAO+f1rmqn/3Ik8grCCBSuvAyT10S7059B4lA
g2jS2VlWZAVsTYBqHf7vHbm3XlHawoNcbY1CJAB72gjYfQljIDcAb4qHj9Ycl/HO
fucBN3/y13/F9PwUXba4tlyuHGQhI7W0q7LYLzrm642lDReKlbQY7IjCqbdauXsl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:04 2025 by rpki-client