Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/F6UTawTB99aHKfNFNIMs6ZGa4xI.roa
File: F6UTawTB99aHKfNFNIMs6ZGa4xI.roa (raw, json)
Hash identifier: YWAL6EEem9eJ6JoVqea942nHIfLnNun0klZoxp2fzlU=
Subject key identifier: 17:A5:13:6B:04:C1:F7:D6:87:29:F3:45:34:83:2C:E9:91:9A:E3:12
Certificate issuer: /CN=40a249eadeb2a928fe0c2e75c918248b5a1a28b9
Certificate serial: 01856D4AC0A25CC180708A9927E84B22C14F
Authority key identifier: 40:A2:49:EA:DE:B2:A9:28:FE:0C:2E:75:C9:18:24:8B:5A:1A:28:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKJJ6t6yqSj-DC51yRgki1oaKLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/F6UTawTB99aHKfNFNIMs6ZGa4xI.roa
Signing time: Sun 01 Jan 2023 12:24:53 +0000
ROA not before: Sun 01 Jan 2023 12:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29259
IP address blocks: 83.170.0.0/18 maxlen: 18
84.11.0.0/16 maxlen: 16
195.158.212.0/22 maxlen: 24
2001:1b10::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:c0:a2:5c:c1:80:70:8a:99:27:e8:4b:22:c1:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40a249eadeb2a928fe0c2e75c918248b5a1a28b9
Validity
Not Before: Jan 1 12:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17a5136b04c1f7d68729f34534832ce9919ae312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7d:49:27:2d:28:d0:1e:12:59:f4:04:fc:b0:
aa:06:e1:bf:eb:9e:53:bf:40:1d:6c:60:40:7c:50:
4b:eb:9a:d3:33:6f:60:1a:6f:05:a4:d9:b9:f1:60:
75:9a:04:f9:06:04:74:5a:96:6a:e1:6f:78:8e:1d:
4d:18:af:54:da:ac:91:ed:3d:d5:9c:b9:6f:3e:c9:
35:0f:08:76:ad:72:f1:b5:06:07:cf:8b:fd:46:96:
72:e6:28:26:cb:fd:62:93:fc:1f:57:b9:e6:14:a9:
6e:d6:5d:9a:b1:c2:66:f1:56:3e:45:b8:6a:b4:45:
bc:f5:0f:5b:a3:96:f0:f0:ad:3c:44:29:d9:b7:fa:
f0:97:57:0c:45:9e:19:02:22:56:15:3f:42:8d:25:
d4:da:f9:02:d3:68:75:e0:82:53:20:c2:a5:cd:6b:
e1:c9:df:33:b0:c3:3e:9c:9a:e3:0b:07:f9:ce:67:
69:e5:2a:20:a3:72:69:28:d8:c0:ce:23:25:68:7b:
76:3b:50:55:c7:11:e9:15:00:5a:36:a1:b3:5b:97:
25:8c:58:49:a3:60:1d:78:bb:42:85:8f:7e:59:64:
72:91:62:df:e3:18:6f:ad:e3:3b:bf:70:fe:af:81:
9f:fb:2a:9b:23:cc:91:98:56:60:0a:24:38:19:a3:
20:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A5:13:6B:04:C1:F7:D6:87:29:F3:45:34:83:2C:E9:91:9A:E3:12
X509v3 Authority Key Identifier:
keyid:40:A2:49:EA:DE:B2:A9:28:FE:0C:2E:75:C9:18:24:8B:5A:1A:28:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKJJ6t6yqSj-DC51yRgki1oaKLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/F6UTawTB99aHKfNFNIMs6ZGa4xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ae5488-119d-40aa-ae40-8330e7e32e19/1/QKJJ6t6yqSj-DC51yRgki1oaKLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.170.0.0/18
84.11.0.0/16
195.158.212.0/22
IPv6:
2001:1b10::/32
Signature Algorithm: sha256WithRSAEncryption
2f:da:e6:9c:54:56:65:bf:7c:7d:be:5e:23:db:3c:c3:11:11:
b2:99:7a:a3:fd:48:c6:ab:2f:d6:7a:8c:77:ac:dc:97:e1:0a:
4a:2d:e2:75:8e:b2:67:4a:6c:1c:ad:3b:7f:78:91:fd:8b:2b:
d2:85:42:fa:50:2f:90:84:45:fc:65:c3:8a:5b:78:40:43:b4:
3e:ed:54:1a:79:e0:b2:fe:c9:f9:9c:e5:4f:d4:72:40:7c:ae:
2e:bc:d2:93:e0:af:9c:30:8c:8b:5b:37:6b:74:91:79:ff:e6:
e7:70:5a:90:cf:88:55:e5:62:ee:76:d5:9c:6a:ca:e6:22:f9:
f9:83:90:a1:8f:4e:cb:46:3b:5e:65:fb:0b:68:e6:60:7f:af:
f1:0f:7b:b7:21:d2:b0:45:17:b7:67:cc:76:ad:e0:50:27:00:
42:14:14:ca:95:f0:20:2d:31:1d:f6:c3:be:fe:03:60:00:41:
d0:17:25:49:f4:f1:25:f3:f1:05:16:f4:81:b1:12:b5:e5:d4:
36:2d:b7:18:09:9f:41:e7:65:7a:76:f6:ec:94:8f:87:e2:80:
36:94:d0:1e:e5:0c:a8:76:60:90:be:65:f3:0c:f8:9c:a6:f2:
62:79:3c:94:ed:f6:35:72:d3:4d:6b:9e:6c:f0:51:6b:82:85:
4b:16:1d:a7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVtSsCiXMGAcIqZJ+hLIsFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYTI0OWVhZGViMmE5MjhmZTBjMmU3NWM5MTgyNDhiNWEx
YTI4YjkwHhcNMjMwMTAxMTIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2E1MTM2YjA0YzFmN2Q2ODcyOWYzNDUzNDgzMmNlOTkxOWFlMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn1JJy0o0B4SWfQE/LCqBuG/655T
v0AdbGBAfFBL65rTM29gGm8FpNm58WB1mgT5BgR0WpZq4W94jh1NGK9U2qyR7T3V
nLlvPsk1Dwh2rXLxtQYHz4v9RpZy5igmy/1ik/wfV7nmFKlu1l2ascJm8VY+Rbhq
tEW89Q9bo5bw8K08RCnZt/rwl1cMRZ4ZAiJWFT9CjSXU2vkC02h14IJTIMKlzWvh
yd8zsMM+nJrjCwf5zmdp5Sogo3JpKNjAziMlaHt2O1BVxxHpFQBaNqGzW5cljFhJ
o2AdeLtChY9+WWRykWLf4xhvreM7v3D+r4Gf+yqbI8yRmFZgCiQ4GaMgKwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBelE2sEwffWhynzRTSDLOmRmuMSMB8GA1UdIwQY
MBaAFECiSeresqko/gwudckYJItaGii5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtKSjZ0NnlxU2otREM1MXlSZ2tpMW9hS0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hZTU0ODgtMTE5ZC00MGFhLWFlNDAt
ODMzMGU3ZTMyZTE5LzEvRjZVVGF3VEI5OWFIS2ZORk5JTXM2WkdhNHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hZTU0ODgtMTE5ZC00MGFhLWFlNDAtODMzMGU3ZTMyZTE5
LzEvUUtKSjZ0NnlxU2otREM1MXlSZ2tpMW9hS0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQGU6oAAwMA
VAsDBALDntQwDQQCAAIwBwMFACABGxAwDQYJKoZIhvcNAQELBQADggEBAC/a5pxU
VmW/fH2+XiPbPMMREbKZeqP9SMarL9Z6jHes3JfhCkot4nWOsmdKbBytO394kf2L
K9KFQvpQL5CERfxlw4pbeEBDtD7tVBp54LL+yfmc5U/UckB8ri680pPgr5wwjItb
N2t0kXn/5udwWpDPiFXlYu521ZxqyuYi+fmDkKGPTstGO15l+wto5mB/r/EPe7ch
0rBFF7dnzHat4FAnAEIUFMqV8CAtMR32w77+A2AAQdAXJUn08SXz8QUW9IGxErXl
1DYttxgJn0HnZXp29uyUj4figDaU0B7lDKh2YJC+ZfMM+Jym8mJ5PJTt9jVy001r
nmzwUWuChUsWHac=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:01:39 2025 by rpki-client