Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/fASzYYJEXHQfINqJn1BwhiG7YMA.roa
File: fASzYYJEXHQfINqJn1BwhiG7YMA.roa (raw, json)
Hash identifier: 2+FqElk1x+r11z1P5CEsU8NdJLT9zf6bPIWUuBGIQ2s=
Subject key identifier: 7C:04:B3:61:82:44:5C:74:1F:20:DA:89:9F:50:70:86:21:BB:60:C0
Certificate issuer: /CN=c5450afa73f0b87a420028c2b2a48cce0fe92b0a
Certificate serial: 01856F0251EE76590D206E86AAA3BF7CD1EC
Authority key identifier: C5:45:0A:FA:73:F0:B8:7A:42:00:28:C2:B2:A4:8C:CE:0F:E9:2B:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xUUK-nPwuHpCACjCsqSMzg_pKwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/fASzYYJEXHQfINqJn1BwhiG7YMA.roa
Signing time: Sun 01 Jan 2023 20:25:01 +0000
ROA not before: Sun 01 Jan 2023 20:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201263
IP address blocks: 147.229.255.0/24 maxlen: 24
2001:67c:1223::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:51:ee:76:59:0d:20:6e:86:aa:a3:bf:7c:d1:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5450afa73f0b87a420028c2b2a48cce0fe92b0a
Validity
Not Before: Jan 1 20:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c04b36182445c741f20da899f50708621bb60c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:51:f9:89:c9:03:ad:11:d7:e5:e6:3f:fd:9c:
07:39:e4:b4:54:79:5c:b3:9a:cb:2b:f1:b9:24:0a:
89:bf:9e:0b:2c:0b:ee:ac:06:c6:49:b9:b4:61:e8:
3d:b2:c1:2b:7c:33:8c:14:de:9d:74:2b:00:0a:df:
f0:1e:c3:99:fe:48:a1:33:c7:d0:3a:42:52:25:fe:
8b:a1:79:50:d7:c6:83:5a:09:c3:2a:55:6c:1e:64:
67:a8:2e:be:cf:0a:ab:40:6c:3c:04:61:3a:26:9f:
f3:46:a3:16:32:03:de:6f:7b:90:47:cd:7d:8b:d8:
33:97:21:0b:5a:97:58:3c:fb:e0:16:aa:e4:b1:1d:
74:47:e5:86:bb:03:d2:a6:7a:45:c2:10:83:6e:a5:
3e:a4:7c:65:f7:75:93:2d:a3:cf:24:db:07:d3:5d:
f0:b4:ba:b7:d7:f3:6c:47:f1:a3:4e:c9:4f:90:4f:
f4:91:43:b5:2c:49:72:38:83:cd:19:a7:b4:de:b4:
9d:f8:25:f9:d4:e4:98:4b:a6:5a:a5:ee:17:f1:7e:
2d:fe:34:90:64:aa:ef:db:b7:c6:81:5b:0d:dc:5a:
ce:10:40:5a:83:e4:4a:2b:27:dd:13:a3:17:0c:56:
6e:7f:58:8d:3e:19:30:ba:36:d5:af:68:f7:41:57:
36:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:04:B3:61:82:44:5C:74:1F:20:DA:89:9F:50:70:86:21:BB:60:C0
X509v3 Authority Key Identifier:
keyid:C5:45:0A:FA:73:F0:B8:7A:42:00:28:C2:B2:A4:8C:CE:0F:E9:2B:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xUUK-nPwuHpCACjCsqSMzg_pKwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/fASzYYJEXHQfINqJn1BwhiG7YMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/xUUK-nPwuHpCACjCsqSMzg_pKwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.229.255.0/24
IPv6:
2001:67c:1223::/48
Signature Algorithm: sha256WithRSAEncryption
20:11:34:64:e5:28:b2:38:e3:48:5b:02:3e:b1:a9:ab:04:45:
75:c1:7a:3a:b4:06:57:9d:73:81:b7:69:4f:de:35:ad:8e:75:
ae:93:8e:2f:57:bf:c8:b0:dc:4a:39:8a:e3:66:4c:7a:7c:be:
d0:ee:de:f1:89:77:c2:6d:1c:74:e8:d1:ae:cc:06:00:0d:96:
bf:a3:f9:4e:59:6b:1b:2c:60:d8:24:7a:27:ac:93:56:90:3e:
9e:13:05:fa:1b:48:12:64:74:a6:49:55:f4:7b:f8:cf:09:ce:
4e:b0:1c:fe:53:36:5a:19:06:51:22:c3:9c:cf:e3:c0:a8:b6:
85:da:c6:94:4e:5f:f5:f1:01:f0:c4:91:a4:2d:3b:f0:69:8d:
76:35:e2:34:a5:e6:11:db:b5:ed:7e:dd:f5:2c:74:2f:42:ff:
d1:89:92:3b:3d:6b:33:86:f4:5b:89:73:d6:e2:a4:30:ae:a7:
c8:00:d1:95:05:0b:6b:a6:26:f9:50:39:37:ca:8d:81:53:45:
bf:e3:46:d7:84:27:ef:18:b4:7d:e6:8f:ca:5c:35:e7:f9:c8:
77:64:93:0e:ff:e1:05:3a:a6:da:7d:a4:b8:a6:45:0b:d6:f3:
b6:47:89:fd:f8:78:95:4c:3f:21:b4:2f:3a:b4:4c:da:9f:a6:
de:c5:0c:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvAlHudlkNIG6GqqO/fNHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NDUwYWZhNzNmMGI4N2E0MjAwMjhjMmIyYTQ4Y2NlMGZl
OTJiMGEwHhcNMjMwMTAxMjAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzA0YjM2MTgyNDQ1Yzc0MWYyMGRhODk5ZjUwNzA4NjIxYmI2MGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFH5ickDrRHX5eY//ZwHOeS0VHlc
s5rLK/G5JAqJv54LLAvurAbGSbm0Yeg9ssErfDOMFN6ddCsACt/wHsOZ/kihM8fQ
OkJSJf6LoXlQ18aDWgnDKlVsHmRnqC6+zwqrQGw8BGE6Jp/zRqMWMgPeb3uQR819
i9gzlyELWpdYPPvgFqrksR10R+WGuwPSpnpFwhCDbqU+pHxl93WTLaPPJNsH013w
tLq31/NsR/GjTslPkE/0kUO1LElyOIPNGae03rSd+CX51OSYS6Zape4X8X4t/jSQ
ZKrv27fGgVsN3FrOEEBag+RKKyfdE6MXDFZuf1iNPhkwujbVr2j3QVc23wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHwEs2GCRFx0HyDaiZ9QcIYhu2DAMB8GA1UdIwQY
MBaAFMVFCvpz8Lh6QgAowrKkjM4P6SsKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFVVSy1uUHd1SHBDQUNqQ3NxU016Z19wS3dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hMmE2YWQtYjE1Zi00NzM0LWI1OWUt
NjY0YTk5MjZmMzMzLzEvZkFTellZSkVYSFFmSU5xSm4xQndoaUc3WU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hMmE2YWQtYjE1Zi00NzM0LWI1OWUtNjY0YTk5MjZmMzMz
LzEveFVVSy1uUHd1SHBDQUNqQ3NxU016Z19wS3dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAk+X/MA8E
AgACMAkDBwAgAQZ8EiMwDQYJKoZIhvcNAQELBQADggEBACARNGTlKLI440hbAj6x
qasERXXBejq0Bledc4G3aU/eNa2Oda6Tji9Xv8iw3Eo5iuNmTHp8vtDu3vGJd8Jt
HHTo0a7MBgANlr+j+U5ZaxssYNgkeiesk1aQPp4TBfobSBJkdKZJVfR7+M8Jzk6w
HP5TNloZBlEiw5zP48CotoXaxpROX/XxAfDEkaQtO/BpjXY14jSl5hHbte1+3fUs
dC9C/9GJkjs9azOG9FuJc9bipDCup8gA0ZUFC2umJvlQOTfKjYFTRb/jRteEJ+8Y
tH3mj8pcNef5yHdkkw7/4QU6ptp9pLimRQvW87ZHif34eJVMPyG0Lzq0TNqfpt7F
DJc=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:20:37 2025 by rpki-client