Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/FAf8jEJA-kAxPit8dl-QRWwZY38.roa
File: FAf8jEJA-kAxPit8dl-QRWwZY38.roa (raw, json)
Hash identifier: VlGsa/OZEqkkqBYfEXRaMzUJzkPOlVtqiI4L7WLVNj8=
Subject key identifier: 14:07:FC:8C:42:40:FA:40:31:3E:2B:7C:76:5F:90:45:6C:19:63:7F
Certificate issuer: /CN=37891a4724aac6b5da0005329aa3a5abe87779d6
Certificate serial: 018570951BBB2AE623B47F3B13ED83B2F708
Authority key identifier: 37:89:1A:47:24:AA:C6:B5:DA:00:05:32:9A:A3:A5:AB:E8:77:79:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N4kaRySqxrXaAAUymqOlq-h3edY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/FAf8jEJA-kAxPit8dl-QRWwZY38.roa
Signing time: Mon 02 Jan 2023 03:44:58 +0000
ROA not before: Mon 02 Jan 2023 03:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207767
IP address blocks: 176.119.209.0/24 maxlen: 24
185.90.44.0/22 maxlen: 22
2a0f:ffc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:1b:bb:2a:e6:23:b4:7f:3b:13:ed:83:b2:f7:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37891a4724aac6b5da0005329aa3a5abe87779d6
Validity
Not Before: Jan 2 03:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1407fc8c4240fa40313e2b7c765f90456c19637f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a1:5d:87:dd:57:fd:cf:62:d1:15:b4:e4:79:
68:f1:94:93:cf:aa:2e:1b:e1:e2:6f:85:4b:01:fb:
10:70:13:23:97:d4:e1:ab:13:c8:a0:15:db:d6:a1:
a0:b7:38:79:8c:73:21:65:0b:bb:f5:46:7f:22:25:
15:d9:3e:1a:c0:33:1d:d3:1f:08:71:02:d3:7b:6a:
17:84:6a:43:b6:2e:bc:9d:97:e4:89:c0:1a:60:89:
a4:63:01:5a:2d:f8:77:a5:63:cd:a5:a0:d9:e9:85:
9c:f3:44:3e:63:85:05:ca:6a:0a:ca:25:db:bd:32:
55:51:9f:db:34:01:bf:dc:92:98:3c:46:c0:c3:18:
f2:e0:51:42:c1:ca:45:9c:ba:18:c7:2f:ac:2f:b9:
18:d5:bd:76:f9:1d:94:87:70:53:d2:71:c3:65:a5:
42:5d:98:13:21:d7:72:c9:4c:73:4c:3d:8b:d5:47:
83:77:7d:cf:47:be:d3:ae:3a:3f:b5:b7:f9:79:2e:
99:10:a6:4a:0c:7e:c2:6c:58:ed:02:7b:37:cb:a2:
8f:4d:22:78:80:a9:01:64:29:b8:f0:54:b5:00:ca:
fc:df:17:35:fa:89:db:b2:e4:2b:83:fc:9d:46:78:
83:11:bd:cb:f0:96:1c:01:9e:a0:cd:3f:63:19:17:
89:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:07:FC:8C:42:40:FA:40:31:3E:2B:7C:76:5F:90:45:6C:19:63:7F
X509v3 Authority Key Identifier:
keyid:37:89:1A:47:24:AA:C6:B5:DA:00:05:32:9A:A3:A5:AB:E8:77:79:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N4kaRySqxrXaAAUymqOlq-h3edY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/FAf8jEJA-kAxPit8dl-QRWwZY38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/N4kaRySqxrXaAAUymqOlq-h3edY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.209.0/24
185.90.44.0/22
IPv6:
2a0f:ffc0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:4f:33:11:86:df:00:4f:20:8a:12:a1:30:35:b8:c8:fa:8f:
ca:22:db:69:59:2d:d7:4b:85:81:32:72:65:09:e7:22:62:60:
63:45:55:92:bf:ab:7b:8b:e6:22:e1:02:3c:d4:c0:43:2d:f1:
01:e1:00:9d:9e:53:68:65:92:a0:aa:c9:21:ac:d4:6e:af:3b:
aa:d2:cb:e9:aa:eb:2f:14:5c:07:fe:9f:83:71:6f:6d:a9:03:
f0:a6:a1:12:f6:dc:8c:81:a7:62:13:48:b2:12:dd:df:aa:77:
cd:2c:18:7e:db:ab:f9:7c:af:c8:f4:6c:b6:f6:ee:5a:09:b7:
68:af:c0:da:a7:be:03:33:09:75:38:cb:41:1f:e8:3b:74:9a:
93:84:e4:68:b7:b1:b0:42:7a:45:2c:b1:b8:03:d6:86:46:8a:
35:64:79:61:b4:36:e3:73:f2:53:7d:e5:f5:cd:58:38:de:99:
d6:f1:91:87:31:09:5f:15:68:32:82:60:db:1f:97:dd:dd:90:
bf:dc:af:de:83:b2:a7:05:bf:3f:1e:bb:02:fb:96:79:48:0e:
84:44:83:6f:1d:3e:d3:5c:c8:e4:e4:43:65:a9:e8:71:44:28:
33:91:eb:56:1b:b5:e4:dc:eb:64:62:73:9c:fe:fb:96:03:35:
5e:e1:1a:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwlRu7KuYjtH87E+2DsvcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ODkxYTQ3MjRhYWM2YjVkYTAwMDUzMjlhYTNhNWFiZTg3
Nzc5ZDYwHhcNMjMwMTAyMDM0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDA3ZmM4YzQyNDBmYTQwMzEzZTJiN2M3NjVmOTA0NTZjMTk2MzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqFdh91X/c9i0RW05Hlo8ZSTz6ou
G+Hib4VLAfsQcBMjl9ThqxPIoBXb1qGgtzh5jHMhZQu79UZ/IiUV2T4awDMd0x8I
cQLTe2oXhGpDti68nZfkicAaYImkYwFaLfh3pWPNpaDZ6YWc80Q+Y4UFymoKyiXb
vTJVUZ/bNAG/3JKYPEbAwxjy4FFCwcpFnLoYxy+sL7kY1b12+R2Uh3BT0nHDZaVC
XZgTIddyyUxzTD2L1UeDd33PR77Trjo/tbf5eS6ZEKZKDH7CbFjtAns3y6KPTSJ4
gKkBZCm48FS1AMr83xc1+onbsuQrg/ydRniDEb3L8JYcAZ6gzT9jGReJnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBQH/IxCQPpAMT4rfHZfkEVsGWN/MB8GA1UdIwQY
MBaAFDeJGkckqsa12gAFMpqjpavod3nWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjRrYVJ5U3F4clhhQUFVeW1xT2xxLWgzZWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lMTI4ZTAtMDBhNi00Njg5LTk1YmUt
NTI0YzIxMDljYjA1LzEvRkFmOGpFSkEta0F4UGl0OGRsLVFSV3daWTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lMTI4ZTAtMDBhNi00Njg5LTk1YmUtNTI0YzIxMDljYjA1
LzEvTjRrYVJ5U3F4clhhQUFVeW1xT2xxLWgzZWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAsHfRAwQC
uVosMA0EAgACMAcDBQMqD//AMA0GCSqGSIb3DQEBCwUAA4IBAQCOTzMRht8ATyCK
EqEwNbjI+o/KIttpWS3XS4WBMnJlCeciYmBjRVWSv6t7i+Yi4QI81MBDLfEB4QCd
nlNoZZKgqskhrNRurzuq0svpqusvFFwH/p+DcW9tqQPwpqES9tyMgadiE0iyEt3f
qnfNLBh+26v5fK/I9Gy29u5aCbdor8Dap74DMwl1OMtBH+g7dJqThORot7GwQnpF
LLG4A9aGRoo1ZHlhtDbjc/JTfeX1zVg43pnW8ZGHMQlfFWgygmDbH5fd3ZC/3K/e
g7KnBb8/HrsC+5Z5SA6ERINvHT7TXMjk5ENlqehxRCgzketWG7Xk3OtkYnOc/vuW
AzVe4Rou
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:05:30 2025 by rpki-client