Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/FP4XE1kUCyRMUGoKHdnbgQhHjU4.roa
File: FP4XE1kUCyRMUGoKHdnbgQhHjU4.roa (raw, json)
Hash identifier: OQb0bKQ/0YVieMTQcGmCBTktf9w3gNz1a3zYobh28mg=
Subject key identifier: 14:FE:17:13:59:14:0B:24:4C:50:6A:0A:1D:D9:DB:81:08:47:8D:4E
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 0186B67FE636914728CBB3EC38E12E3460E4
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/FP4XE1kUCyRMUGoKHdnbgQhHjU4.roa
Signing time: Mon 06 Mar 2023 10:38:00 +0000
ROA not before: Mon 06 Mar 2023 10:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29405
IP address blocks: 185.176.72.0/22 maxlen: 22
46.229.230.0/24 maxlen: 24
81.89.48.0/20 maxlen: 20
86.110.224.0/19 maxlen: 19
176.109.56.0/21 maxlen: 21
86.110.229.0/24 maxlen: 24
92.240.230.0/24 maxlen: 24
92.240.229.0/24 maxlen: 24
92.240.228.0/24 maxlen: 24
92.240.231.0/24 maxlen: 24
92.240.234.0/24 maxlen: 24
92.240.237.0/24 maxlen: 24
92.240.236.0/24 maxlen: 24
92.240.235.0/24 maxlen: 24
92.240.241.0/24 maxlen: 24
92.240.244.0/24 maxlen: 24
92.240.242.0/24 maxlen: 24
92.240.245.0/24 maxlen: 24
92.240.253.0/24 maxlen: 24
92.240.249.0/24 maxlen: 24
92.240.254.0/24 maxlen: 24
217.73.16.0/24 maxlen: 24
217.73.16.0/20 maxlen: 20
217.73.17.0/24 maxlen: 24
93.184.64.0/20 maxlen: 24
46.229.224.0/20 maxlen: 20
109.74.144.0/20 maxlen: 20
2a01:390::/32 maxlen: 32
2a00:10d8::/32 maxlen: 32
2a00:10d8:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:7f:e6:36:91:47:28:cb:b3:ec:38:e1:2e:34:60:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Mar 6 10:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14fe171359140b244c506a0a1dd9db8108478d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:24:3a:0b:c2:be:85:6c:ad:7c:fb:e0:01:68:
e0:f6:21:64:c6:4c:4b:03:06:d2:e9:36:c3:1b:ff:
51:dd:d6:5d:9b:1f:c7:b0:a4:66:c8:8a:68:b4:45:
c0:44:70:3d:42:a7:ab:13:53:e7:65:6c:f2:a8:c6:
53:1c:46:74:eb:93:18:db:dc:1f:f7:04:25:8c:a3:
9a:90:27:dd:cd:b8:54:3f:d5:a4:68:2c:a9:9d:96:
2b:66:fc:a2:53:2d:7e:a8:e3:26:73:37:c5:f9:cc:
d3:cf:77:d1:86:96:85:7a:26:48:fe:51:86:94:98:
48:cd:bf:d0:e9:7f:6c:b2:59:98:43:d0:27:17:ec:
44:3c:44:de:05:43:e8:28:43:bf:99:d3:05:f2:4f:
82:ee:d8:27:60:78:82:a3:4c:94:34:1f:c4:bb:5e:
38:be:b7:c0:f8:dd:a7:f3:4f:1e:1c:f5:1e:85:ff:
2a:65:a8:50:2c:8c:8d:1b:be:95:a0:00:a4:41:f9:
2a:93:65:ca:65:12:a7:74:1b:83:0d:92:c3:d7:eb:
ca:94:e6:3f:c3:85:d8:5f:29:53:80:8e:dc:6e:eb:
39:3f:62:d9:1a:62:fd:90:5f:69:4b:51:dd:ad:5b:
d2:03:37:53:a9:7a:65:71:4d:fb:8b:40:1d:f0:ca:
10:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:FE:17:13:59:14:0B:24:4C:50:6A:0A:1D:D9:DB:81:08:47:8D:4E
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/FP4XE1kUCyRMUGoKHdnbgQhHjU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.224.0/20
81.89.48.0/20
86.110.224.0/19
92.240.228.0/22
92.240.234.0-92.240.237.255
92.240.241.0-92.240.242.255
92.240.244.0/23
92.240.249.0/24
92.240.253.0-92.240.254.255
93.184.64.0/20
109.74.144.0/20
176.109.56.0/21
185.176.72.0/22
217.73.16.0/20
IPv6:
2a00:10d8::/32
2a01:390::/32
Signature Algorithm: sha256WithRSAEncryption
8b:93:27:f5:7a:c4:fa:5e:37:c6:df:70:e4:cd:f6:95:d4:fa:
fa:df:89:cc:2c:e5:b9:85:71:45:67:c3:d0:18:b6:07:18:03:
43:e0:7b:05:76:1b:95:b0:62:70:5b:40:e1:e0:40:e6:81:fa:
d0:d3:aa:09:83:b2:60:f8:df:fe:8e:95:96:da:b5:a5:b3:f9:
5d:07:b1:1d:32:33:32:b1:41:6c:72:ba:de:41:0c:5f:04:4f:
15:bc:af:78:2f:d5:cb:37:dc:03:23:a3:24:5a:94:a5:1b:44:
e5:f4:72:27:dd:37:d2:2a:85:8d:71:2c:19:07:06:8d:50:41:
38:f0:46:1c:3c:1e:9b:1a:72:c4:a9:42:ce:5c:df:ee:b7:bc:
2f:25:0c:c7:58:47:4a:ca:fe:63:eb:9e:4f:56:a6:a8:2b:9a:
dc:35:12:d0:8a:d1:00:d9:ab:f2:39:60:95:26:d4:1a:1f:7a:
6e:cd:12:69:67:cb:a5:fd:5f:d9:f9:e3:f4:ae:b4:ee:81:92:
41:69:39:87:22:be:10:30:9a:1e:a9:f7:c2:91:84:70:f3:b1:
ef:36:cd:01:8f:62:a3:d9:11:f8:f9:4d:fb:ee:6a:73:25:7a:
a3:2c:21:10:f3:29:58:26:21:19:d4:71:9d:14:e9:99:14:c6:
54:30:4f:72
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYa2f+Y2kUcoy7PsOOEuNGDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjMwMzA2MTAzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGZlMTcxMzU5MTQwYjI0NGM1MDZhMGExZGQ5ZGI4MTA4NDc4ZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCQ6C8K+hWytfPvgAWjg9iFkxkxL
AwbS6TbDG/9R3dZdmx/HsKRmyIpotEXARHA9QqerE1PnZWzyqMZTHEZ065MY29wf
9wQljKOakCfdzbhUP9WkaCypnZYrZvyiUy1+qOMmczfF+czTz3fRhpaFeiZI/lGG
lJhIzb/Q6X9sslmYQ9AnF+xEPETeBUPoKEO/mdMF8k+C7tgnYHiCo0yUNB/Eu144
vrfA+N2n808eHPUehf8qZahQLIyNG76VoACkQfkqk2XKZRKndBuDDZLD1+vKlOY/
w4XYXylTgI7cbus5P2LZGmL9kF9pS1HdrVvSAzdTqXplcU37i0Ad8MoQgQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFBT+FxNZFAskTFBqCh3Z24EIR41OMB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvRlA0WEUxa1VDeVJNVUdvS0hkbmJnUWhIalU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
i5Mn9XrE+l43xt9w5M32ldT6+t+JzCzluYVxRWfD0Bi2BxgDQ+B7BXYblbBicFtA
4eBA5oH60NOqCYOyYPjf/o6Vltq1pbP5XQexHTIzMrFBbHK63kEMXwRPFbyveC/V
yzfcAyOjJFqUpRtE5fRyJ9030iqFjXEsGQcGjVBBOPBGHDwemxpyxKlCzlzf7re8
LyUMx1hHSsr+Y+ueT1amqCua3DUS0IrRANmr8jlglSbUGh96bs0SaWfLpf1f2fnj
9K607oGSQWk5hyK+EDCaHqn3wpGEcPOx7zbNAY9io9kR+PlN++5qcyV6oywhEPMp
WCYhGdRxnRTpmRTGVDBPcg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:24 2025 by rpki-client