Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/feFttF1E9rYNdCW-NA3ehBDhQTU.roa
File: feFttF1E9rYNdCW-NA3ehBDhQTU.roa (raw, json)
Hash identifier: FVi1nkEJmtdks86KmbvlrstZ3zq0Pcl+6T2sHCnBi+M=
Subject key identifier: 7D:E1:6D:B4:5D:44:F6:B6:0D:74:25:BE:34:0D:DE:84:10:E1:41:35
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F0FBF230C68C254FEA7D92BDBE9396
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/feFttF1E9rYNdCW-NA3ehBDhQTU.roa
Signing time: Mon 02 Jan 2023 10:04:56 +0000
ROA not before: Mon 02 Jan 2023 10:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199380
IP address blocks: 84.232.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:fb:f2:30:c6:8c:25:4f:ea:7d:92:bd:be:93:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7de16db45d44f6b60d7425be340dde8410e14135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:38:47:2e:32:e3:c5:a2:db:f7:cd:83:93:1c:
b7:58:b5:99:06:7c:a6:7b:a2:fd:73:6e:a9:e8:d2:
7b:60:a4:85:14:4b:1d:70:d9:b4:e9:64:ea:72:7d:
cf:6e:aa:d2:79:b5:35:4d:74:39:df:d9:c3:34:fd:
6d:4e:2b:6b:2f:c6:24:0e:ea:3a:5a:05:6f:1f:a4:
93:5b:97:a1:58:c2:57:1c:01:12:06:1e:e8:29:a7:
a8:0d:1a:a3:ba:ec:0c:35:53:bc:6f:a1:e8:94:9c:
0e:a8:7b:94:92:80:5e:2f:f6:e4:38:66:cf:de:7a:
61:29:d4:2f:05:bc:e8:ee:61:1e:10:9c:eb:80:2d:
ca:b3:5b:25:9f:55:81:56:40:07:bf:06:48:03:10:
fd:8b:bf:93:fc:30:0d:dd:89:22:00:7f:c2:eb:85:
e1:00:56:a5:96:8c:82:e3:2f:18:40:5f:85:5c:d8:
65:42:48:60:1c:54:92:be:30:8a:73:ce:64:82:46:
2c:71:a4:38:00:0a:bc:51:51:5f:0b:dc:f6:34:b8:
64:72:17:42:5d:26:69:0d:d8:9e:33:6d:61:d0:eb:
70:8d:d8:3a:9c:29:c8:e5:40:d2:76:51:e0:04:c1:
e6:85:b1:bd:02:3e:8f:3e:67:0c:62:ef:1f:d7:10:
40:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E1:6D:B4:5D:44:F6:B6:0D:74:25:BE:34:0D:DE:84:10:E1:41:35
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/feFttF1E9rYNdCW-NA3ehBDhQTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.98.0/24
Signature Algorithm: sha256WithRSAEncryption
67:4b:19:32:db:9b:7c:a9:91:6f:2e:05:7b:7e:5e:34:ad:10:
11:e0:de:8b:8c:14:3e:19:3d:9a:5d:3c:08:72:0c:c9:ff:97:
be:93:5c:28:e2:a8:c2:08:52:03:ff:7e:e6:30:29:cf:68:49:
40:c9:d5:0d:35:b5:9c:eb:89:f4:4b:1d:89:d1:32:fd:a9:42:
44:eb:00:6a:de:d0:69:4c:66:b5:86:59:cd:11:6f:6e:b9:d2:
39:50:0d:4c:96:ad:7b:6f:11:66:86:1d:7e:2c:28:1e:a7:b9:
8a:9b:fb:35:0f:44:11:c3:79:11:f3:23:bc:fb:16:75:94:65:
65:a5:69:83:4c:05:55:1a:e7:31:7f:73:56:80:aa:ae:20:fe:
81:70:c9:bd:e1:1e:d5:c3:eb:b5:5e:e8:03:21:22:11:ab:ea:
62:bc:6f:d1:89:e6:3e:a2:e0:82:31:95:14:44:43:1e:a2:ed:
5d:87:c0:e3:86:6f:e0:0b:86:04:58:04:8f:c4:cc:91:88:b4:
c5:cc:71:b7:f2:af:63:52:94:01:6a:8b:21:ad:3b:41:5b:ad:
3a:27:19:52:3e:83:f4:c6:7b:a0:49:a4:de:68:d7:ce:8b:11:
ca:29:6b:d0:1f:e4:42:19:ec:6e:1b:39:6e:61:9d:32:b3:21:
c3:b3:0b:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8PvyMMaMJU/qfZK9vpOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGUxNmRiNDVkNDRmNmI2MGQ3NDI1YmUzNDBkZGU4NDEwZTE0MTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDhHLjLjxaLb982Dkxy3WLWZBnym
e6L9c26p6NJ7YKSFFEsdcNm06WTqcn3PbqrSebU1TXQ539nDNP1tTitrL8YkDuo6
WgVvH6STW5ehWMJXHAESBh7oKaeoDRqjuuwMNVO8b6HolJwOqHuUkoBeL/bkOGbP
3nphKdQvBbzo7mEeEJzrgC3Ks1sln1WBVkAHvwZIAxD9i7+T/DAN3YkiAH/C64Xh
AFalloyC4y8YQF+FXNhlQkhgHFSSvjCKc85kgkYscaQ4AAq8UVFfC9z2NLhkchdC
XSZpDdieM21h0Otwjdg6nCnI5UDSdlHgBMHmhbG9Aj6PPmcMYu8f1xBANwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH3hbbRdRPa2DXQlvjQN3oQQ4UE1MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvZmVGdHRGMUU5cllOZENXLU5BM2VoQkRoUVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVOhiMA0G
CSqGSIb3DQEBCwUAA4IBAQBnSxky25t8qZFvLgV7fl40rRAR4N6LjBQ+GT2aXTwI
cgzJ/5e+k1wo4qjCCFID/37mMCnPaElAydUNNbWc64n0Sx2J0TL9qUJE6wBq3tBp
TGa1hlnNEW9uudI5UA1Mlq17bxFmhh1+LCgep7mKm/s1D0QRw3kR8yO8+xZ1lGVl
pWmDTAVVGucxf3NWgKquIP6BcMm94R7Vw+u1XugDISIRq+pivG/RieY+ouCCMZUU
REMeou1dh8Djhm/gC4YEWASPxMyRiLTFzHG38q9jUpQBaoshrTtBW606JxlSPoP0
xnugSaTeaNfOixHKKWvQH+RCGexuGzluYZ0ysyHDswtI
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:17 2025 by rpki-client