Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/14821a-2119-4771-8c76-387706c2a849/1/FXpl5tlyn2VyNhiHvdCknIU87zg.roa
File: FXpl5tlyn2VyNhiHvdCknIU87zg.roa (raw, json)
Hash identifier: MxVq9A3TUAcwTEqHqXXZG8oIoXOlQzM/fko6I4nZ61M=
Subject key identifier: 15:7A:65:E6:D9:72:9F:65:72:36:18:87:BD:D0:A4:9C:85:3C:EF:38
Certificate issuer: /CN=13ef32d8bf153c04c6393be24f063243f7e8a7e2
Certificate serial: 01884D30394E34BA8CE7401C12AA30339CFF
Authority key identifier: 13:EF:32:D8:BF:15:3C:04:C6:39:3B:E2:4F:06:32:43:F7:E8:A7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E-8y2L8VPATGOTviTwYyQ_fop-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/14821a-2119-4771-8c76-387706c2a849/1/FXpl5tlyn2VyNhiHvdCknIU87zg.roa
Signing time: Wed 24 May 2023 09:56:25 +0000
ROA not before: Wed 24 May 2023 09:56:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204315
IP address blocks: 185.253.148.0/24 maxlen: 24
185.253.148.0/22 maxlen: 22
185.253.149.0/24 maxlen: 24
2a0c:3d40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:30:39:4e:34:ba:8c:e7:40:1c:12:aa:30:33:9c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13ef32d8bf153c04c6393be24f063243f7e8a7e2
Validity
Not Before: May 24 09:56:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=157a65e6d9729f6572361887bdd0a49c853cef38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:19:eb:d8:3f:81:72:c7:f7:46:60:f7:60:4f:
d0:0b:86:1b:de:c4:2b:04:b8:37:aa:5f:0d:7e:34:
cc:14:99:08:65:31:77:95:bd:44:03:10:aa:6e:ee:
5d:27:f9:e2:94:07:aa:a5:6d:1c:79:ad:2e:a6:06:
ea:48:ba:2a:a0:2c:69:1a:9e:b7:7e:b7:dc:e7:9d:
fa:44:8a:ff:a2:a8:15:59:b6:d3:2f:7b:4a:df:2e:
54:8c:4b:a6:a2:b4:04:5d:4b:79:f2:d2:0c:32:b4:
22:82:b1:3a:f2:04:38:76:5d:ed:66:4a:86:30:58:
ea:30:a8:b0:2e:8a:6b:69:4a:ef:aa:8c:46:62:8e:
b6:b9:7e:0f:90:33:68:96:7e:d8:41:99:ed:12:7c:
c6:66:26:66:df:a1:6e:d8:e7:43:9f:3f:71:fc:24:
fd:6b:46:9e:18:df:c2:91:4f:a7:ec:c4:33:8b:d6:
40:85:12:bf:7a:93:c4:a0:5a:65:2f:0e:55:9b:5e:
4b:ab:b0:12:5e:88:a4:46:09:59:6d:ef:fb:57:f0:
cb:e5:22:fa:5d:a0:6f:71:a3:d9:da:5e:52:c9:58:
6a:8a:3c:45:e1:61:73:06:34:7f:57:7a:16:fa:67:
20:8d:19:53:ae:c7:cf:be:74:e0:c2:d1:38:62:07:
38:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7A:65:E6:D9:72:9F:65:72:36:18:87:BD:D0:A4:9C:85:3C:EF:38
X509v3 Authority Key Identifier:
keyid:13:EF:32:D8:BF:15:3C:04:C6:39:3B:E2:4F:06:32:43:F7:E8:A7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-8y2L8VPATGOTviTwYyQ_fop-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/14821a-2119-4771-8c76-387706c2a849/1/FXpl5tlyn2VyNhiHvdCknIU87zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/14821a-2119-4771-8c76-387706c2a849/1/E-8y2L8VPATGOTviTwYyQ_fop-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.148.0/22
IPv6:
2a0c:3d40::/32
Signature Algorithm: sha256WithRSAEncryption
9c:47:21:9e:9c:e3:e7:fa:c7:ef:b1:d4:d2:66:ce:29:a4:dc:
cf:b9:9f:fe:cb:7a:57:a5:ae:97:62:31:68:f0:ae:fd:14:4b:
bc:64:2a:96:f7:9b:8f:c6:17:4a:12:91:37:92:d6:75:cc:a6:
d9:50:0a:1b:1c:cb:2d:35:88:5f:34:ce:65:19:e3:27:30:5c:
16:1d:a0:ad:5a:b9:61:00:3b:9d:17:82:77:14:09:39:53:ff:
b6:35:90:26:d1:9c:0f:4b:d8:73:51:92:65:46:dc:bf:9f:d4:
e1:36:ea:77:32:a2:06:f6:c7:0d:46:a1:5c:0b:66:65:93:ff:
ed:f4:c3:2a:62:80:81:83:ff:f1:38:ca:99:e4:30:bb:c3:dd:
8c:9c:d9:c4:43:06:a9:bc:84:11:09:0d:99:e6:81:06:53:0a:
64:d7:8d:a1:b7:fb:4c:88:7a:e2:08:b6:c3:8a:1a:40:e6:4f:
33:27:66:43:94:30:87:ab:37:02:e5:6a:cf:a6:bd:cc:61:51:
eb:29:2b:32:5d:04:1e:85:fd:37:59:5f:bd:25:45:08:98:5e:
9c:fd:95:ea:af:47:26:6f:be:c0:73:ca:7c:b9:5d:3b:10:7e:
0a:43:fc:d2:e4:14:84:a1:6c:6d:77:20:61:97:56:ff:66:80:
e8:a6:e2:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhNMDlONLqM50AcEqowM5z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZWYzMmQ4YmYxNTNjMDRjNjM5M2JlMjRmMDYzMjQzZjdl
OGE3ZTIwHhcNMjMwNTI0MDk1NjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdhNjVlNmQ5NzI5ZjY1NzIzNjE4ODdiZGQwYTQ5Yzg1M2NlZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxnr2D+Bcsf3RmD3YE/QC4Yb3sQr
BLg3ql8NfjTMFJkIZTF3lb1EAxCqbu5dJ/nilAeqpW0cea0upgbqSLoqoCxpGp63
frfc5536RIr/oqgVWbbTL3tK3y5UjEumorQEXUt58tIMMrQigrE68gQ4dl3tZkqG
MFjqMKiwLopraUrvqoxGYo62uX4PkDNoln7YQZntEnzGZiZm36Fu2OdDnz9x/CT9
a0aeGN/CkU+n7MQzi9ZAhRK/epPEoFplLw5Vm15Lq7ASXoikRglZbe/7V/DL5SL6
XaBvcaPZ2l5SyVhqijxF4WFzBjR/V3oW+mcgjRlTrsfPvnTgwtE4Ygc4zwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBV6ZebZcp9lcjYYh73QpJyFPO84MB8GA1UdIwQY
MBaAFBPvMti/FTwExjk74k8GMkP36KfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRS04eTJMOFZQQVRHT1R2aVR3WXlRX2ZvcC1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xNDgyMWEtMjExOS00NzcxLThjNzYt
Mzg3NzA2YzJhODQ5LzEvRlhwbDV0bHluMlZ5TmhpSHZkQ2tuSVU4N3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xNDgyMWEtMjExOS00NzcxLThjNzYtMzg3NzA2YzJhODQ5
LzEvRS04eTJMOFZQQVRHT1R2aVR3WXlRX2ZvcC1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf2UMA0E
AgACMAcDBQAqDD1AMA0GCSqGSIb3DQEBCwUAA4IBAQCcRyGenOPn+sfvsdTSZs4p
pNzPuZ/+y3pXpa6XYjFo8K79FEu8ZCqW95uPxhdKEpE3ktZ1zKbZUAobHMstNYhf
NM5lGeMnMFwWHaCtWrlhADudF4J3FAk5U/+2NZAm0ZwPS9hzUZJlRty/n9ThNup3
MqIG9scNRqFcC2Zlk//t9MMqYoCBg//xOMqZ5DC7w92MnNnEQwapvIQRCQ2Z5oEG
Uwpk142ht/tMiHriCLbDihpA5k8zJ2ZDlDCHqzcC5WrPpr3MYVHrKSsyXQQehf03
WV+9JUUImF6c/ZXqr0cmb77Ac8p8uV07EH4KQ/zS5BSEoWxtdyBhl1b/ZoDopuIf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:36 2025 by rpki-client