Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/FvKmKPZyaGbj7CCjuUeAoh5iHco.roa
File: FvKmKPZyaGbj7CCjuUeAoh5iHco.roa (raw, json)
Hash identifier: D7t4SHGI3bBVx3hz4zRLpC8MzVZd2mGjEqxM9ygeilQ=
Subject key identifier: 16:F2:A6:28:F6:72:68:66:E3:EC:20:A3:B9:47:80:A2:1E:62:1D:CA
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 0184E1980C289C5AF0136326A97D7A1A465F
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/FvKmKPZyaGbj7CCjuUeAoh5iHco.roa
Signing time: Mon 05 Dec 2022 09:22:28 +0000
ROA not before: Mon 05 Dec 2022 09:22:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210998
IP address blocks: 194.6.177.0/24 maxlen: 24
217.193.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:98:0c:28:9c:5a:f0:13:63:26:a9:7d:7a:1a:46:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Dec 5 09:22:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16f2a628f6726866e3ec20a3b94780a21e621dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:be:41:47:50:e3:dc:41:38:ef:f3:4e:a6:14:
71:29:cf:9d:23:21:b9:d6:d9:21:87:d9:21:ec:3d:
cf:14:ec:a6:8e:8f:ee:3c:cd:d6:62:9f:e3:b1:5e:
ca:b2:81:54:3f:08:6a:ad:0d:e6:08:9a:d0:2c:4b:
4c:ca:b7:39:49:22:26:18:d7:40:1a:07:dc:da:25:
4b:40:e2:bc:49:d9:69:2f:57:35:a2:18:8f:4f:e5:
8d:70:f3:2b:9d:b8:b9:9f:c8:6f:4c:d5:50:6a:8c:
b6:b3:85:c0:6a:86:b9:3d:e0:7b:c0:4c:5a:4a:36:
27:0a:0d:fb:e1:13:86:06:b2:58:e2:0e:64:eb:d3:
11:5e:3b:83:fc:fe:64:ef:a9:1c:bd:59:20:ba:4e:
be:a4:c4:10:3f:ea:46:50:c2:38:6c:ef:00:98:53:
74:75:dc:18:8c:05:38:36:b3:26:05:a7:b1:19:1d:
f4:07:b0:ed:12:dd:47:6d:1c:86:3d:45:d3:c8:c6:
7e:1e:23:4b:c3:f5:1c:49:50:dc:cc:07:6f:7b:c6:
42:ba:9d:03:4d:1c:61:87:45:8e:30:9e:48:aa:86:
19:87:f7:2e:85:31:d4:59:3c:fa:ba:0b:c6:b4:7e:
07:b9:ea:c9:61:4b:ca:fe:6a:19:34:18:82:d0:42:
2e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:F2:A6:28:F6:72:68:66:E3:EC:20:A3:B9:47:80:A2:1E:62:1D:CA
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/FvKmKPZyaGbj7CCjuUeAoh5iHco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.177.0/24
217.193.221.0/24
Signature Algorithm: sha256WithRSAEncryption
79:10:6a:f7:63:a8:33:e7:80:6f:5e:63:62:d4:f1:4b:da:d7:
f4:f9:70:55:d2:d3:00:3d:3c:e6:e1:14:35:1e:c9:75:40:77:
9a:11:2e:55:93:45:55:da:cb:56:51:07:48:49:cc:7b:e7:66:
32:61:8e:86:92:c0:86:b5:15:e7:4d:49:d1:c8:1f:c0:89:26:
aa:65:0a:bf:73:7d:5d:ef:8b:09:73:0d:f6:46:c2:be:ce:89:
45:1f:15:29:3b:ea:0e:61:53:0d:7f:48:9e:f4:e2:1e:da:5d:
34:a2:21:b9:06:39:17:f5:04:22:e7:0f:57:d0:9b:2c:c1:1b:
11:20:4a:b7:8c:c2:0d:31:27:c1:83:ea:5f:a4:1d:8b:b9:69:
87:7c:e5:bf:ce:6a:6f:0f:ba:cd:16:99:44:0e:44:76:4f:62:
28:9f:1e:51:ed:30:7c:f9:4c:10:d9:66:3a:93:b7:75:ec:dd:
2b:ec:23:a9:c6:85:6b:24:5e:ba:40:71:11:1b:ba:b3:db:86:
49:49:45:d4:34:33:60:d8:7c:8c:bf:6e:92:59:bf:62:f2:91:
5f:7e:ae:04:a9:de:5b:55:7f:39:50:db:b4:03:f1:ce:ed:c8:
1b:e0:a2:3e:2f:a8:d8:05:97:5a:c7:67:55:59:a9:3e:73:74:
45:7b:d0:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYThmAwonFrwE2MmqX16GkZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjIxMjA1MDkyMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmYyYTYyOGY2NzI2ODY2ZTNlYzIwYTNiOTQ3ODBhMjFlNjIxZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzb5BR1Dj3EE47/NOphRxKc+dIyG5
1tkhh9kh7D3PFOymjo/uPM3WYp/jsV7KsoFUPwhqrQ3mCJrQLEtMyrc5SSImGNdA
Ggfc2iVLQOK8SdlpL1c1ohiPT+WNcPMrnbi5n8hvTNVQaoy2s4XAaoa5PeB7wExa
SjYnCg374ROGBrJY4g5k69MRXjuD/P5k76kcvVkguk6+pMQQP+pGUMI4bO8AmFN0
ddwYjAU4NrMmBaexGR30B7DtEt1HbRyGPUXTyMZ+HiNLw/UcSVDczAdve8ZCup0D
TRxhh0WOMJ5IqoYZh/cuhTHUWTz6ugvGtH4HuerJYUvK/moZNBiC0EIuBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBbypij2cmhm4+wgo7lHgKIeYh3KMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvRnZLbUtQWnlhR2JqN0NDanVVZUFvaDVpSGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgaxAwQA
2cHdMA0GCSqGSIb3DQEBCwUAA4IBAQB5EGr3Y6gz54BvXmNi1PFL2tf0+XBV0tMA
PTzm4RQ1Hsl1QHeaES5Vk0VV2stWUQdIScx752YyYY6GksCGtRXnTUnRyB/AiSaq
ZQq/c31d74sJcw32RsK+zolFHxUpO+oOYVMNf0ie9OIe2l00oiG5BjkX9QQi5w9X
0JsswRsRIEq3jMINMSfBg+pfpB2LuWmHfOW/zmpvD7rNFplEDkR2T2Ionx5R7TB8
+UwQ2WY6k7d17N0r7COpxoVrJF66QHERG7qz24ZJSUXUNDNg2HyMv26SWb9i8pFf
fq4Eqd5bVX85UNu0A/HO7cgb4KI+L6jYBZdax2dVWak+c3RFe9CF
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:32 2025 by rpki-client