Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/F0FL083yHOjArtUCSj11_9mQYwA.roa
File: F0FL083yHOjArtUCSj11_9mQYwA.roa (raw, json)
Hash identifier: 4l9AfCKDd+5khjyd7101GhWB3WYNf/GcGWmpbUqJTA4=
Subject key identifier: 17:41:4B:D3:CD:F2:1C:E8:C0:AE:D5:02:4A:3D:75:FF:D9:90:63:00
Certificate issuer: /CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Certificate serial: 0186C5BFE69112CBFB59F9897AC510E68537
Authority key identifier: CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/F0FL083yHOjArtUCSj11_9mQYwA.roa
Signing time: Thu 09 Mar 2023 09:42:13 +0000
ROA not before: Thu 09 Mar 2023 09:42:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.136.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:bf:e6:91:12:cb:fb:59:f9:89:7a:c5:10:e6:85:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Validity
Not Before: Mar 9 09:42:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17414bd3cdf21ce8c0aed5024a3d75ffd9906300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3d:5b:4f:f5:40:12:d4:48:2e:b7:6d:da:6e:
6b:02:e5:43:f6:1c:99:62:aa:1d:c1:0b:5f:a9:e4:
48:ff:72:2e:77:42:7e:86:76:42:29:bd:ea:65:d2:
ca:8f:94:e8:0f:06:b0:32:33:f8:32:4e:7e:a6:10:
3c:81:6a:bb:91:32:fb:b2:66:82:d0:ab:65:ce:bb:
30:06:c9:f7:ff:dd:c0:a0:b7:7a:df:f9:4c:ab:f7:
60:d5:ed:25:54:5b:0a:8a:1a:83:92:9f:2a:2e:78:
df:40:dd:58:03:32:ba:10:c2:29:7e:a1:85:39:26:
71:a4:1d:d7:3f:28:4d:94:fc:55:45:ef:ff:5e:4e:
b0:09:fc:98:23:f1:ed:4c:38:f4:6c:fd:72:2a:c9:
89:13:01:40:4f:39:89:b1:74:00:f5:c4:79:da:b3:
e4:b9:94:be:8f:c4:59:4c:c1:58:aa:a0:9b:f7:1d:
23:0a:2a:08:ce:95:89:2c:15:fb:bd:85:e3:f0:8b:
06:8f:42:08:2f:2a:5c:92:51:82:33:33:04:18:93:
f7:cc:e6:e0:d3:0c:8c:01:fc:39:1c:14:30:bb:e2:
86:6d:9f:49:f9:53:a8:92:f8:81:e6:67:ee:ca:93:
5a:f8:8b:25:ce:c7:32:b0:61:8a:0c:22:1c:8b:33:
de:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:41:4B:D3:CD:F2:1C:E8:C0:AE:D5:02:4A:3D:75:FF:D9:90:63:00
X509v3 Authority Key Identifier:
keyid:CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/F0FL083yHOjArtUCSj11_9mQYwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/yvRJQqKfrGEs1E-DrTF6HA9bjuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.135.0/24
Signature Algorithm: sha256WithRSAEncryption
81:bc:8f:9c:61:c4:bd:22:67:72:a6:bb:2d:99:30:8d:23:00:
00:e1:f0:28:77:44:80:c9:c8:d9:e9:0b:78:97:39:f9:1f:34:
98:3f:89:f4:89:8f:0b:06:fb:a4:79:18:85:7e:40:cb:71:e7:
24:4a:12:13:da:a4:9e:a1:81:c1:8d:55:94:1f:bd:e1:aa:6b:
39:ae:7d:0c:64:27:14:13:a2:ca:07:85:be:45:14:80:20:9e:
3e:11:a6:a5:72:9f:b5:4d:d6:67:bd:27:db:8a:ef:76:39:a3:
38:e0:08:f4:02:ed:ae:4f:ff:f1:d8:a9:a0:7d:52:bb:b9:1a:
a1:04:dd:c7:c7:d2:ea:ee:01:b6:8b:2a:10:8e:b2:13:31:94:
31:b8:89:83:bc:7d:74:ff:4f:0a:b2:10:88:6b:98:09:b4:f3:
27:3d:e4:80:9f:35:ad:28:10:82:52:48:7a:92:7f:55:57:66:
f5:d4:0b:b2:47:bb:8b:09:06:2a:7b:5d:4a:ba:3d:24:88:92:
54:e9:cd:56:2b:8c:52:fb:ac:a8:6d:4a:87:a4:6f:d3:f3:7f:
f3:db:54:a9:34:df:c4:b2:0d:d8:0e:15:78:6c:1d:0f:10:cb:
00:f4:a3:a4:1a:1d:5b:5e:22:e1:cf:24:3c:54:eb:bb:96:3e:
11:5c:af:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbFv+aREsv7WfmJesUQ5oU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjQ0OTQyYTI5ZmFjNjEyY2Q0NGY4M2FkMzE3YTFjMGY1
YjhlZWEwHhcNMjMwMzA5MDk0MjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQxNGJkM2NkZjIxY2U4YzBhZWQ1MDI0YTNkNzVmZmQ5OTA2MzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD1bT/VAEtRILrdt2m5rAuVD9hyZ
YqodwQtfqeRI/3Iud0J+hnZCKb3qZdLKj5ToDwawMjP4Mk5+phA8gWq7kTL7smaC
0KtlzrswBsn3/93AoLd63/lMq/dg1e0lVFsKihqDkp8qLnjfQN1YAzK6EMIpfqGF
OSZxpB3XPyhNlPxVRe//Xk6wCfyYI/HtTDj0bP1yKsmJEwFATzmJsXQA9cR52rPk
uZS+j8RZTMFYqqCb9x0jCioIzpWJLBX7vYXj8IsGj0IILypcklGCMzMEGJP3zObg
0wyMAfw5HBQwu+KGbZ9J+VOokviB5mfuypNa+IslzscysGGKDCIcizPejQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBdBS9PN8hzowK7VAko9df/ZkGMAMB8GA1UdIwQY
MBaAFMr0SUKin6xhLNRPg60xehwPW47qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUt
NDgzNmJhZDYxYmEyLzEvRjBGTDA4M3lIT2pBcnRVQ1NqMTFfOW1RWXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUtNDgzNmJhZDYxYmEy
LzEveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYiHMA0G
CSqGSIb3DQEBCwUAA4IBAQCBvI+cYcS9ImdyprstmTCNIwAA4fAod0SAycjZ6Qt4
lzn5HzSYP4n0iY8LBvukeRiFfkDLceckShIT2qSeoYHBjVWUH73hqms5rn0MZCcU
E6LKB4W+RRSAIJ4+Eaalcp+1TdZnvSfbiu92OaM44Aj0Au2uT//x2KmgfVK7uRqh
BN3Hx9Lq7gG2iyoQjrITMZQxuImDvH10/08KshCIa5gJtPMnPeSAnzWtKBCCUkh6
kn9VV2b11AuyR7uLCQYqe11Kuj0kiJJU6c1WK4xS+6yobUqHpG/T83/z21SpNN/E
sg3YDhV4bB0PEMsA9KOkGh1bXiLhzyQ8VOu7lj4RXK/Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:17 2025 by rpki-client