Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/fys3uIwviC699OZeKA3FcWmr3hM.roa
File: fys3uIwviC699OZeKA3FcWmr3hM.roa (raw, json)
Hash identifier: VJP0B+Wa4X8IwU0W7P+QSObzs6oONdRUZGPesTHOlfk=
Subject key identifier: 7F:2B:37:B8:8C:2F:88:2E:BD:F4:E6:5E:28:0D:C5:71:69:AB:DE:13
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 018570B080786A91528B4BE3521738BAABB4
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/fys3uIwviC699OZeKA3FcWmr3hM.roa
Signing time: Mon 02 Jan 2023 04:14:53 +0000
ROA not before: Mon 02 Jan 2023 04:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31562
IP address blocks: 83.166.64.0/19 maxlen: 19
2a03:9600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:80:78:6a:91:52:8b:4b:e3:52:17:38:ba:ab:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: Jan 2 04:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f2b37b88c2f882ebdf4e65e280dc57169abde13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2c:8d:70:b9:4b:41:88:0c:0d:87:21:b6:2f:
f1:7a:72:71:39:c3:86:ee:37:4f:8a:9c:4e:29:de:
24:cb:f4:f7:83:ee:df:ad:cb:23:d2:cb:1f:2c:35:
c1:0a:32:8e:ba:b5:da:fd:37:fa:64:4e:c8:fe:8c:
df:ed:04:b4:53:ad:fb:22:59:10:18:a5:5a:82:e4:
ea:45:fd:a4:d1:5c:aa:72:62:7e:9c:57:5e:3f:8e:
23:c4:bb:e3:1e:81:20:8b:9d:67:67:12:8c:48:1d:
04:d4:53:ac:3f:a4:0f:24:a6:2f:fd:43:9f:81:13:
0a:85:5b:ea:fe:9b:f8:18:dc:48:9f:b1:1e:42:35:
5b:ad:66:e0:04:e4:7e:88:8a:4e:6d:0d:1f:bd:44:
db:af:ee:b9:09:58:2b:b9:6f:e5:18:45:84:7b:b9:
90:cc:d7:4b:97:25:39:1a:ef:54:69:c0:74:79:c7:
73:47:6c:44:c7:21:d4:6c:4a:6f:d1:2e:ca:e2:69:
15:fa:46:7a:0c:23:2f:ad:3c:f9:4e:8e:42:5a:e7:
10:dc:da:7c:90:69:b7:a1:c8:82:4d:02:fe:6f:d1:
69:2b:18:e8:ee:8b:53:d0:46:26:9f:3b:3f:00:ec:
37:28:5b:4e:f4:ad:d5:d4:9c:46:28:44:35:00:92:
bb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2B:37:B8:8C:2F:88:2E:BD:F4:E6:5E:28:0D:C5:71:69:AB:DE:13
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/fys3uIwviC699OZeKA3FcWmr3hM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.64.0/19
IPv6:
2a03:9600::/32
Signature Algorithm: sha256WithRSAEncryption
63:5d:6b:51:09:2b:6e:a4:90:8a:8b:ca:e6:3d:27:eb:8c:6b:
47:6c:6a:5e:ca:ea:33:05:b0:67:c7:d6:94:18:3b:fa:19:70:
1f:c0:8c:d6:ab:f3:09:b7:93:d9:78:16:ef:64:a4:f6:c6:ba:
cc:3a:74:df:a8:ee:2a:82:d9:19:6d:24:8f:f2:fc:2f:20:c5:
fb:6b:91:fd:65:6b:6b:93:3e:dd:65:32:40:e3:aa:84:ea:c9:
96:6d:7f:8c:d8:ff:e0:64:1c:eb:b7:72:e4:6f:de:e4:2f:d5:
c3:09:12:6b:7e:bf:62:e7:50:b7:a6:4a:e7:ea:07:5e:20:4a:
b7:dc:55:d9:86:01:ec:60:4f:a8:40:20:1f:6c:b5:b4:9c:b6:
f4:9b:8e:f0:96:06:9b:53:b4:72:b3:1f:14:69:3a:1b:15:40:
c0:da:66:9d:11:2d:ac:ef:32:53:2f:e4:4f:d7:38:88:29:83:
39:cf:84:92:d2:75:98:75:d6:62:d3:9d:62:83:88:db:f8:de:
5b:f2:32:f9:ff:24:a8:99:5e:fd:23:33:4a:27:2f:5d:93:c1:
b6:39:17:83:8c:ce:94:06:4d:98:00:93:b6:5e:aa:7c:e4:c7:
af:fa:cd:b9:d4:c8:95:7e:17:d9:d9:0e:05:4d:88:01:0b:9a:
2a:87:8b:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsIB4apFSi0vjUhc4uqu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjMwMTAyMDQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjJiMzdiODhjMmY4ODJlYmRmNGU2NWUyODBkYzU3MTY5YWJkZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SyNcLlLQYgMDYchti/xenJxOcOG
7jdPipxOKd4ky/T3g+7frcsj0ssfLDXBCjKOurXa/Tf6ZE7I/ozf7QS0U637IlkQ
GKVaguTqRf2k0VyqcmJ+nFdeP44jxLvjHoEgi51nZxKMSB0E1FOsP6QPJKYv/UOf
gRMKhVvq/pv4GNxIn7EeQjVbrWbgBOR+iIpObQ0fvUTbr+65CVgruW/lGEWEe7mQ
zNdLlyU5Gu9UacB0ecdzR2xExyHUbEpv0S7K4mkV+kZ6DCMvrTz5To5CWucQ3Np8
kGm3ociCTQL+b9FpKxjo7otT0EYmnzs/AOw3KFtO9K3V1JxGKEQ1AJK7EwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH8rN7iML4guvfTmXigNxXFpq94TMB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvZnlzM3VJd3ZpQzY5OU9aZUtBM0ZjV21yM2hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFU6ZAMA0E
AgACMAcDBQAqA5YAMA0GCSqGSIb3DQEBCwUAA4IBAQBjXWtRCStupJCKi8rmPSfr
jGtHbGpeyuozBbBnx9aUGDv6GXAfwIzWq/MJt5PZeBbvZKT2xrrMOnTfqO4qgtkZ
bSSP8vwvIMX7a5H9ZWtrkz7dZTJA46qE6smWbX+M2P/gZBzrt3Lkb97kL9XDCRJr
fr9i51C3pkrn6gdeIEq33FXZhgHsYE+oQCAfbLW0nLb0m47wlgabU7Rysx8UaTob
FUDA2madES2s7zJTL+RP1ziIKYM5z4SS0nWYddZi051ig4jb+N5b8jL5/ySomV79
IzNKJy9dk8G2OReDjM6UBk2YAJO2Xqp85Mev+s251MiVfhfZ2Q4FTYgBC5oqh4t/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:42 2025 by rpki-client