Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/fQONkZxQG8li4lpKmlVNyv7KpxA.roa
File: fQONkZxQG8li4lpKmlVNyv7KpxA.roa (raw, json)
Hash identifier: nGlCaWZ0CFLPg563W/0UWSQ0e15Sppbk1USjLaXo3/Y=
Subject key identifier: 7D:03:8D:91:9C:50:1B:C9:62:E2:5A:4A:9A:55:4D:CA:FE:CA:A7:10
Certificate issuer: /CN=949ff40831ca66f996c76ea466af49476fecd1ff
Certificate serial: 0453FD4E
Authority key identifier: 94:9F:F4:08:31:CA:66:F9:96:C7:6E:A4:66:AF:49:47:6F:EC:D1:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJ_0CDHKZvmWx26kZq9JR2_s0f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/fQONkZxQG8li4lpKmlVNyv7KpxA.roa
Signing time: Sat 01 Jan 2022 10:01:00 +0000
ROA not before: Sat 01 Jan 2022 10:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48131
IP address blocks: 193.33.140.0/24 maxlen: 24
37.221.116.0/24 maxlen: 24
2a09:500::/32 maxlen: 32
2a0f:ae80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72613198 (0x453fd4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=949ff40831ca66f996c76ea466af49476fecd1ff
Validity
Not Before: Jan 1 10:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d038d919c501bc962e25a4a9a554dcafecaa710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f2:a9:89:73:bd:3f:e2:bb:8c:51:57:10:bf:
58:c2:16:c2:4b:57:e3:ec:f2:f8:4c:dc:f9:bb:65:
d2:e5:8d:22:91:e6:8c:10:1a:85:62:7b:e7:9c:73:
c5:58:e9:2c:26:b4:d7:9f:87:fa:89:3b:19:97:60:
4c:1c:11:25:62:dc:3e:b9:23:6f:26:d9:05:2d:c1:
82:cc:d5:fa:6c:cc:8a:b3:30:7d:1d:e5:23:06:72:
87:63:b7:6c:09:aa:8c:5b:f3:d3:e8:a6:86:2b:5e:
0f:78:ad:fa:67:3a:ed:b9:2b:84:00:75:6f:c0:e5:
15:a0:cd:45:49:a5:37:94:45:16:99:2e:92:e6:43:
1a:99:bb:54:a7:74:d6:73:83:a9:79:63:df:d4:f2:
42:db:1f:42:08:e8:bd:7c:07:17:52:7c:7f:36:90:
66:14:87:1f:44:66:80:b6:1b:bd:b9:8b:2a:53:a5:
c7:18:ea:03:77:d5:6d:85:81:6f:3b:9d:5e:45:fc:
59:46:66:80:a8:e7:16:81:63:59:b8:5a:ef:ee:a1:
19:8f:89:a2:76:7f:12:ee:3e:d5:6b:1b:94:91:54:
28:83:4f:bb:33:44:ee:e3:5e:96:ba:2e:cd:f2:87:
cb:54:f3:c4:5c:e8:31:32:bb:22:98:22:cb:4d:15:
63:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:03:8D:91:9C:50:1B:C9:62:E2:5A:4A:9A:55:4D:CA:FE:CA:A7:10
X509v3 Authority Key Identifier:
keyid:94:9F:F4:08:31:CA:66:F9:96:C7:6E:A4:66:AF:49:47:6F:EC:D1:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJ_0CDHKZvmWx26kZq9JR2_s0f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/fQONkZxQG8li4lpKmlVNyv7KpxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/lJ_0CDHKZvmWx26kZq9JR2_s0f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.116.0/24
193.33.140.0/24
IPv6:
2a09:500::/32
2a0f:ae80::/32
Signature Algorithm: sha256WithRSAEncryption
59:8c:bb:9d:6b:89:15:60:be:fb:3a:8f:40:30:2c:29:99:a6:
a1:d1:ff:ce:3e:6d:5f:4e:2d:44:4d:e7:59:de:45:28:00:89:
62:c6:66:4b:17:9a:ac:15:5c:27:d9:1a:e2:70:ff:6e:8c:46:
2c:69:43:a5:49:b8:0a:e3:69:39:0a:86:2d:32:ad:b2:4e:d0:
53:87:fa:51:6f:17:47:b7:c6:5e:0a:fd:64:35:4d:00:12:00:
26:1d:1b:a8:a6:7a:01:fb:5d:cb:99:f8:01:f9:6f:41:a7:24:
53:2a:f6:73:40:21:8e:09:5b:32:51:9e:f4:fb:8f:74:fc:9d:
2a:df:a9:eb:3b:b3:be:81:bc:36:96:45:f3:5d:84:a3:9d:8d:
47:ee:85:b3:ae:4b:4d:90:f8:a5:5b:f3:00:e3:d7:49:2a:47:
2b:19:3b:fb:09:d2:c8:8c:85:6d:2c:51:c0:05:4e:93:fe:0b:
f1:d2:27:9f:78:3c:74:2b:6a:93:f4:49:30:7e:98:81:e2:fe:
d9:9e:f6:2f:c1:94:9c:5f:2c:86:90:d1:2d:b8:b4:1a:7c:d7:
8b:81:cd:88:ab:e2:db:b6:55:e5:f3:9e:eb:70:05:a7:87:30:
b6:7b:81:cf:c9:52:bd:62:0b:1c:63:b9:38:ed:ba:76:26:bf:
b3:ba:af:63
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBFP9TjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDlmZjQwODMxY2E2NmY5OTZjNzZlYTQ2NmFmNDk0NzZmZWNkMWZmMB4XDTIyMDEw
MTEwMDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2QwMzhkOTE5YzUw
MWJjOTYyZTI1YTRhOWE1NTRkY2FmZWNhYTcxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTyqYlzvT/iu4xRVxC/WMIWwktX4+zy+Ezc+btl0uWNIpHm
jBAahWJ755xzxVjpLCa015+H+ok7GZdgTBwRJWLcPrkjbybZBS3BgszV+mzMirMw
fR3lIwZyh2O3bAmqjFvz0+imhiteD3it+mc67bkrhAB1b8DlFaDNRUmlN5RFFpku
kuZDGpm7VKd01nODqXlj39TyQtsfQgjovXwHF1J8fzaQZhSHH0RmgLYbvbmLKlOl
xxjqA3fVbYWBbzudXkX8WUZmgKjnFoFjWbha7+6hGY+JonZ/Eu4+1WsblJFUKINP
uzNE7uNelrouzfKHy1TzxFzoMTK7Ipgiy00VY2ECAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBR9A42RnFAbyWLiWkqaVU3K/sqnEDAfBgNVHSMEGDAWgBSUn/QIMcpm+ZbH
bqRmr0lHb+zR/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xKXzBDREhLWnZtV3gyNmtacTlKUjJfczBmOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvNTVkMTBkLWI0NDgtNGI0Ny1iYTU4LTE0N2FkYzkwY2EwZi8x
L2ZRT05rWnhRRzhsaTRscEttbFZOeXY3S3B4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
NTVkMTBkLWI0NDgtNGI0Ny1iYTU4LTE0N2FkYzkwY2EwZi8xL2xKXzBDREhLWnZt
V3gyNmtacTlKUjJfczBmOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEACXddAMEAMEhjDAUBAIAAjAOAwUA
KgkFAAMFACoProAwDQYJKoZIhvcNAQELBQADggEBAFmMu51riRVgvvs6j0AwLCmZ
pqHR/84+bV9OLURN51neRSgAiWLGZksXmqwVXCfZGuJw/26MRixpQ6VJuArjaTkK
hi0yrbJO0FOH+lFvF0e3xl4K/WQ1TQASACYdG6imegH7XcuZ+AH5b0GnJFMq9nNA
IY4JWzJRnvT7j3T8nSrfqes7s76BvDaWRfNdhKOdjUfuhbOuS02Q+KVb8wDj10kq
RysZO/sJ0siMhW0sUcAFTpP+C/HSJ594PHQrapP0STB+mIHi/tme9i/BlJxfLIaQ
0S24tBp814uBzYir4tu2VeXznutwBaeHMLZ7gc/JUr1iCxxjuTjtunYmv7O6r2M=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:40:37 2025 by rpki-client