Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/017XI6NDwZuKuAYnBhqnOk9aaZs.roa
File: 017XI6NDwZuKuAYnBhqnOk9aaZs.roa (raw, json)
Hash identifier: a78owd4qhAR9qUp/1ezD9/PoBjC+GKLgMFn2fb2B05c=
Subject key identifier: D3:5E:D7:23:A3:43:C1:9B:8A:B8:06:27:06:1A:A7:3A:4F:5A:69:9B
Certificate issuer: /CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Certificate serial: 018774BBF7974188A3423EB9D96E52FC07B7
Authority key identifier: FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/017XI6NDwZuKuAYnBhqnOk9aaZs.roa
Signing time: Wed 12 Apr 2023 09:11:28 +0000
ROA not before: Wed 12 Apr 2023 09:11:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207203
IP address blocks: 185.82.120.0/22 maxlen: 24
193.228.80.0/22 maxlen: 22
2a04:7700::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:bb:f7:97:41:88:a3:42:3e:b9:d9:6e:52:fc:07:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Validity
Not Before: Apr 12 09:11:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d35ed723a343c19b8ab80627061aa73a4f5a699b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f2:54:30:03:12:14:16:44:21:c7:d0:a1:19:
ee:95:93:2d:b1:5e:a7:85:ce:8b:e3:c9:15:a2:74:
a3:7f:58:16:7e:c2:f3:c4:e3:e0:19:9f:12:e9:b6:
5e:17:d2:62:d7:d0:46:a8:fa:d2:45:81:97:4e:62:
20:24:80:89:8c:f7:06:af:6c:57:17:3c:0e:73:8f:
82:02:b3:d1:d1:82:9a:1f:f9:dc:e6:83:9f:eb:c7:
8c:38:ef:dd:ab:38:31:19:63:95:e8:57:c3:eb:25:
1e:33:53:23:01:08:bb:00:5a:87:84:f3:61:17:6d:
af:e5:01:fe:4a:fe:43:44:94:c1:b4:f0:34:cd:9a:
8a:1d:4f:b5:30:ec:e3:cd:a4:ac:d3:8b:7e:6a:03:
61:1e:fd:2c:2a:da:e3:fe:1d:e5:c9:9b:f5:a2:d7:
ed:43:c3:ab:fd:5a:98:90:1c:5e:9b:b1:63:4b:f9:
93:35:d6:42:2f:a7:03:26:db:72:2b:95:0a:06:51:
de:a2:e9:bb:83:59:ca:45:c3:83:f9:4c:7c:17:10:
76:02:92:e5:65:0b:af:76:05:22:3e:26:f9:94:24:
dc:af:d1:a3:45:eb:d0:83:e8:50:6f:f0:25:1c:7d:
65:ee:64:c4:2b:47:18:99:64:15:59:15:5d:01:d3:
63:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5E:D7:23:A3:43:C1:9B:8A:B8:06:27:06:1A:A7:3A:4F:5A:69:9B
X509v3 Authority Key Identifier:
keyid:FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/017XI6NDwZuKuAYnBhqnOk9aaZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.120.0/22
193.228.80.0/22
IPv6:
2a04:7700::/29
Signature Algorithm: sha256WithRSAEncryption
a4:d1:b0:04:c6:c3:af:7b:01:75:0f:a6:2c:71:9b:e3:3d:5b:
5b:06:b7:bd:11:b9:3e:db:67:04:65:b1:4a:f7:c5:cd:9c:a4:
95:6e:97:92:2a:7e:35:be:c2:81:5d:a7:d5:44:4a:a1:2b:bf:
6c:fa:74:94:02:38:f2:64:8a:a2:48:64:d2:b2:71:67:07:eb:
d6:dd:86:e4:12:a9:9d:4c:50:13:03:66:dc:31:42:2d:6d:13:
33:62:d5:07:e7:d3:cd:a8:5a:30:94:db:f8:71:f4:74:9e:a3:
dd:8f:21:43:01:e0:bf:6d:79:ff:30:44:6b:c5:44:19:b9:f5:
f7:24:98:56:ef:cf:b3:d2:8c:39:78:5d:8d:90:55:26:37:ef:
7f:e4:06:a9:f3:5b:68:b3:d2:47:e7:05:a9:4b:eb:d7:7e:28:
ec:0b:e6:00:b3:91:c8:33:ea:e6:64:f3:25:59:1d:64:c5:ab:
95:ce:c4:43:cd:73:16:95:d8:62:91:42:b9:ba:68:89:60:50:
97:6d:f6:ad:33:2a:ff:6b:fa:08:30:3d:20:3e:56:82:59:15:
31:06:f0:5d:e9:be:33:3f:e9:5b:46:77:1e:8b:d2:2c:13:f3:
80:39:a5:3d:f3:27:7c:d8:0f:3a:eb:7b:31:c6:cc:8a:c8:fb:
30:7d:2a:62
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYd0u/eXQYijQj652W5S/Ae3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2QwMjMzODA4NTcwZTMxZmZiMmZjZGUxYjg3NzA3MWNi
YzY2MDMwHhcNMjMwNDEyMDkxMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzVlZDcyM2EzNDNjMTliOGFiODA2MjcwNjFhYTczYTRmNWE2OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fJUMAMSFBZEIcfQoRnulZMtsV6n
hc6L48kVonSjf1gWfsLzxOPgGZ8S6bZeF9Ji19BGqPrSRYGXTmIgJICJjPcGr2xX
FzwOc4+CArPR0YKaH/nc5oOf68eMOO/dqzgxGWOV6FfD6yUeM1MjAQi7AFqHhPNh
F22v5QH+Sv5DRJTBtPA0zZqKHU+1MOzjzaSs04t+agNhHv0sKtrj/h3lyZv1otft
Q8Or/VqYkBxem7FjS/mTNdZCL6cDJttyK5UKBlHeoum7g1nKRcOD+Ux8FxB2ApLl
ZQuvdgUiPib5lCTcr9GjRevQg+hQb/AlHH1l7mTEK0cYmWQVWRVdAdNjrQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNNe1yOjQ8GbirgGJwYapzpPWmmbMB8GA1UdIwQY
MBaAFPvNAjOAhXDjH/svzeG4dwccvGYDMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04MENNNENGY09NZi15X040YmgzQnh5OFpnTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3
LTYxZDczMzNmODU3MC8xLzAxN1hJNk5Ed1p1S3VBWW5CaHFuT2s5YWFacy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3LTYxZDczMzNmODU3
MC8xLzEtODBDTTRDRmNPTWYteV9ONGJoM0J4eThaZ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5UngD
BALB5FAwDQQCAAIwBwMFAyoEdwAwDQYJKoZIhvcNAQELBQADggEBAKTRsATGw697
AXUPpixxm+M9W1sGt70RuT7bZwRlsUr3xc2cpJVul5IqfjW+woFdp9VESqErv2z6
dJQCOPJkiqJIZNKycWcH69bdhuQSqZ1MUBMDZtwxQi1tEzNi1Qfn082oWjCU2/hx
9HSeo92PIUMB4L9tef8wRGvFRBm59fckmFbvz7PSjDl4XY2QVSY373/kBqnzW2iz
0kfnBalL69d+KOwL5gCzkcgz6uZk8yVZHWTFq5XOxEPNcxaV2GKRQrm6aIlgUJdt
9q0zKv9r+ggwPSA+VoJZFTEG8F3pvjM/6VtGdx6L0iwT84A5pT3zJ3zYDzrrezHG
zIrI+zB9KmI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:03:48 2025 by rpki-client