Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/FZZgeZdxdCefm2pR58QQpWJRbGg.roa
File: FZZgeZdxdCefm2pR58QQpWJRbGg.roa (raw, json)
Hash identifier: 4M7lZGNxp/aqPbBZ4RbP7rxe1vs2i4f9mnvZC/MK9zQ=
Subject key identifier: 15:96:60:79:97:71:74:27:9F:9B:6A:51:E7:C4:10:A5:62:51:6C:68
Certificate issuer: /CN=13b43dace8663447ee4725520d78c54ab7b99ad4
Certificate serial: 0185712791C8D918C66A3142AB739C4481FA
Authority key identifier: 13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/FZZgeZdxdCefm2pR58QQpWJRbGg.roa
Signing time: Mon 02 Jan 2023 06:24:56 +0000
ROA not before: Mon 02 Jan 2023 06:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207603
IP address blocks: 193.41.58.0/24 maxlen: 24
185.178.20.0/22 maxlen: 24
185.101.140.0/22 maxlen: 22
2a10:5940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:91:c8:d9:18:c6:6a:31:42:ab:73:9c:44:81:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b43dace8663447ee4725520d78c54ab7b99ad4
Validity
Not Before: Jan 2 06:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15966079977174279f9b6a51e7c410a562516c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2c:37:7f:84:59:85:e3:e8:19:d5:fb:b3:eb:
b6:46:57:1c:3f:4b:21:e2:8f:99:cd:e6:67:7f:1e:
31:7d:6f:41:f3:d9:cb:df:df:ff:22:b6:34:e2:8c:
86:16:b3:a8:15:c3:a6:a6:64:84:e0:e1:08:b8:c1:
bb:3a:63:ff:18:c0:d1:49:07:57:bb:34:91:f6:c3:
3a:ad:da:da:52:f6:cd:ad:26:67:f4:91:e5:38:43:
2c:14:8e:b2:d5:df:2b:f2:12:ff:2b:32:db:b6:80:
26:61:ab:9e:c2:e6:d0:db:3f:78:02:b7:43:43:fd:
00:84:c7:14:8f:28:77:d9:57:b1:ed:10:07:ab:c3:
98:e8:12:1c:46:ba:3a:9b:10:fd:a3:08:ee:cf:38:
d6:91:6e:82:15:25:2e:f9:42:76:f6:f0:d8:4d:26:
df:a3:e3:51:99:20:1e:42:19:46:65:7f:f1:50:b3:
d6:e7:ee:1a:67:4f:c9:89:29:7b:64:b2:9b:ff:31:
e0:12:84:12:d9:90:1a:6e:5a:3c:fd:03:2d:91:9b:
e7:d7:36:2c:f2:16:0f:81:46:a2:0e:dc:40:7d:e5:
db:78:a9:7d:a7:b0:ba:56:13:a6:21:3f:a2:16:2d:
7c:74:61:09:71:df:57:45:01:f3:f5:ea:f1:82:70:
69:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:96:60:79:97:71:74:27:9F:9B:6A:51:E7:C4:10:A5:62:51:6C:68
X509v3 Authority Key Identifier:
keyid:13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/FZZgeZdxdCefm2pR58QQpWJRbGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.140.0/22
185.178.20.0/22
193.41.58.0/24
IPv6:
2a10:5940::/29
Signature Algorithm: sha256WithRSAEncryption
d4:c1:ac:cf:f9:5e:0f:f9:b1:0a:8b:ea:5b:2b:92:65:7d:07:
a4:9e:57:ad:ce:bf:c7:94:1c:f3:ce:af:e0:4a:57:1a:6e:82:
34:28:0f:fd:7c:43:f4:88:21:19:2d:28:d0:71:4e:2e:c5:26:
ab:2b:1e:fe:7d:8f:ed:ab:d7:be:de:2f:35:9f:98:e4:bd:eb:
eb:72:0d:5d:60:93:b1:95:d3:cf:50:93:78:2b:9b:49:aa:f4:
dd:e0:7a:59:8e:32:00:a3:5a:6a:9a:2d:9c:4f:53:70:9f:f9:
72:9c:e4:c6:c4:c1:16:0a:2c:06:c5:5d:e5:92:9a:b8:10:63:
39:4c:88:1b:95:a9:91:68:83:21:c5:07:68:ec:8f:56:ae:7c:
b8:46:9e:fc:fb:36:42:51:2a:6c:aa:02:4a:fd:09:1d:3f:b4:
4f:73:4d:cb:a1:59:91:e1:da:c5:1e:91:d0:8c:5c:9d:7c:c4:
34:19:96:11:e4:20:d7:06:aa:0e:8e:1d:2f:57:f5:6f:98:f2:
3d:eb:08:ba:25:c0:fa:3a:64:12:dc:21:30:53:df:6e:5f:51:
85:a7:4e:9e:a1:c3:2b:04:22:19:35:db:70:98:03:7b:a2:08:
3a:4d:f0:fd:6b:01:a8:68:5b:90:c0:6a:51:39:b2:2a:c0:ef:
3f:fd:76:36
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxJ5HI2RjGajFCq3OcRIH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjQzZGFjZTg2NjM0NDdlZTQ3MjU1MjBkNzhjNTRhYjdi
OTlhZDQwHhcNMjMwMTAyMDYyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTk2NjA3OTk3NzE3NDI3OWY5YjZhNTFlN2M0MTBhNTYyNTE2YzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyw3f4RZhePoGdX7s+u2RlccP0sh
4o+ZzeZnfx4xfW9B89nL39//IrY04oyGFrOoFcOmpmSE4OEIuMG7OmP/GMDRSQdX
uzSR9sM6rdraUvbNrSZn9JHlOEMsFI6y1d8r8hL/KzLbtoAmYauewubQ2z94ArdD
Q/0AhMcUjyh32Vex7RAHq8OY6BIcRro6mxD9owjuzzjWkW6CFSUu+UJ29vDYTSbf
o+NRmSAeQhlGZX/xULPW5+4aZ0/JiSl7ZLKb/zHgEoQS2ZAablo8/QMtkZvn1zYs
8hYPgUaiDtxAfeXbeKl9p7C6VhOmIT+iFi18dGEJcd9XRQHz9erxgnBpUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBWWYHmXcXQnn5tqUefEEKViUWxoMB8GA1UdIwQY
MBaAFBO0PazoZjRH7kclUg14xUq3uZrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdROXJPaG1ORWZ1UnlWU0RYakZTcmU1bXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82NTY5MGEtMGFjZi00ZjM2LWE4OWMt
MmI0YTI3MTQyMTRhLzEvRlpaZ2VaZHhkQ2VmbTJwUjU4UVFwV0pSYkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82NTY5MGEtMGFjZi00ZjM2LWE4OWMtMmI0YTI3MTQyMTRh
LzEvRTdROXJPaG1ORWZ1UnlWU0RYakZTcmU1bXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWWMAwQC
ubIUAwQAwSk6MA0EAgACMAcDBQMqEFlAMA0GCSqGSIb3DQEBCwUAA4IBAQDUwazP
+V4P+bEKi+pbK5JlfQeknletzr/HlBzzzq/gSlcaboI0KA/9fEP0iCEZLSjQcU4u
xSarKx7+fY/tq9e+3i81n5jkvevrcg1dYJOxldPPUJN4K5tJqvTd4HpZjjIAo1pq
mi2cT1Nwn/lynOTGxMEWCiwGxV3lkpq4EGM5TIgblamRaIMhxQdo7I9Wrny4Rp78
+zZCUSpsqgJK/QkdP7RPc03LoVmR4drFHpHQjFydfMQ0GZYR5CDXBqoOjh0vV/Vv
mPI96wi6JcD6OmQS3CEwU99uX1GFp06eocMrBCIZNdtwmAN7ogg6TfD9awGoaFuQ
wGpRObIqwO8//XY2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:48 2025 by rpki-client