Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/7WAv4ZfMvraYEZ1jDUcRlda1zbs.roa
File: 7WAv4ZfMvraYEZ1jDUcRlda1zbs.roa (raw, json)
Hash identifier: DIQnzWo/8wWYzY97r+hbCb7MFTpP4FUYzNOLFkedr8g=
Subject key identifier: ED:60:2F:E1:97:CC:BE:B6:98:11:9D:63:0D:47:11:95:D6:B5:CD:BB
Certificate issuer: /CN=fde8d1c6aaf4a93ff41bbfa1bd1dac6197d59575
Certificate serial: 01856F391E3335FD871E3AF6F01445980B39
Authority key identifier: FD:E8:D1:C6:AA:F4:A9:3F:F4:1B:BF:A1:BD:1D:AC:61:97:D5:95:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/7WAv4ZfMvraYEZ1jDUcRlda1zbs.roa
Signing time: Sun 01 Jan 2023 21:24:52 +0000
ROA not before: Sun 01 Jan 2023 21:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15866
IP address blocks: 185.45.88.0/22 maxlen: 22
94.232.192.0/21 maxlen: 21
217.171.240.0/20 maxlen: 20
2a00:1920::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:1e:33:35:fd:87:1e:3a:f6:f0:14:45:98:0b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fde8d1c6aaf4a93ff41bbfa1bd1dac6197d59575
Validity
Not Before: Jan 1 21:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed602fe197ccbeb698119d630d471195d6b5cdbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0f:bd:cc:99:e8:e5:34:16:17:7e:9e:6a:5a:
73:47:4b:07:5e:dd:84:2b:c6:3c:9f:88:40:0c:c0:
43:da:dd:95:c9:92:12:ca:5c:17:2a:91:46:bf:c7:
64:99:74:31:a8:3e:00:2b:e2:44:e7:52:2f:6e:ec:
99:45:6e:bb:d7:a0:bd:57:f1:4d:11:d3:73:05:ba:
35:43:83:84:6b:44:41:bd:8a:99:18:a0:fa:19:26:
b0:68:6b:c2:43:86:36:54:d9:64:ed:e6:51:5d:95:
17:ca:f1:06:ec:66:34:ea:0d:56:ec:08:b7:db:6e:
8d:02:8d:c3:f0:e5:a4:03:01:d0:9a:00:aa:d3:25:
e0:f8:f7:ee:86:d8:8e:6c:88:78:8a:2b:9f:41:07:
7f:bc:ab:da:ab:26:6f:0e:64:84:3b:51:5b:a9:5b:
0f:f3:59:a5:74:9b:4f:fc:6b:5f:0d:89:8b:e2:20:
78:59:da:11:a3:84:7b:de:c5:dd:b5:4a:7f:90:0d:
e5:96:d2:4a:57:2b:d9:66:37:fe:e5:1c:aa:b7:c7:
9a:57:52:9e:b3:73:2c:eb:e8:1c:ab:1b:a2:8c:b2:
29:79:29:51:c0:13:27:92:a6:ab:9f:7a:1c:06:7b:
67:4a:30:b0:98:10:02:e6:67:7f:ff:51:94:3d:ad:
21:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:60:2F:E1:97:CC:BE:B6:98:11:9D:63:0D:47:11:95:D6:B5:CD:BB
X509v3 Authority Key Identifier:
keyid:FD:E8:D1:C6:AA:F4:A9:3F:F4:1B:BF:A1:BD:1D:AC:61:97:D5:95:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/7WAv4ZfMvraYEZ1jDUcRlda1zbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/_ejRxqr0qT_0G7-hvR2sYZfVlXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.192.0/21
185.45.88.0/22
217.171.240.0/20
IPv6:
2a00:1920::/48
Signature Algorithm: sha256WithRSAEncryption
83:b7:29:07:bd:30:46:5b:ee:ae:d4:2c:54:dd:52:7c:51:22:
02:7f:c6:06:9c:16:7e:4b:1f:bf:78:a5:c0:4d:9a:0b:15:27:
6e:fa:a0:cb:64:a3:bd:4c:fa:54:6a:ab:ff:76:c2:7a:70:ef:
1f:3e:a7:6d:d2:b3:ff:00:c2:2e:40:38:46:1e:90:4f:fd:c9:
93:ba:9c:18:5a:fb:03:d5:b9:aa:88:25:4f:44:5a:52:75:96:
a5:27:29:d2:11:67:0b:48:ee:c0:3d:d3:f7:36:4a:ce:56:b3:
32:50:a4:d5:2b:57:89:2b:19:05:0a:51:e2:28:89:18:7f:94:
84:df:f6:18:a4:cf:31:85:7f:ed:a2:42:74:d3:78:bb:ef:b9:
81:3a:7d:39:c8:b2:48:b9:52:f7:5f:52:fe:47:59:16:64:e9:
0c:6f:01:33:79:42:ec:11:42:78:54:f4:6f:35:f5:f5:11:3b:
ff:4d:0d:91:a2:6c:c4:3b:93:d9:36:a4:80:93:9f:2f:61:34:
23:13:4f:be:a5:4e:e1:cc:13:42:dc:9f:82:77:56:15:ac:77:
fd:e1:f3:90:8d:1c:d4:aa:db:80:d8:d2:ee:44:23:1e:9c:e0:
60:f8:80:6b:96:09:1c:0f:6b:22:96:16:7f:82:b4:a7:8b:cd:
78:1f:f8:d9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVvOR4zNf2HHjr28BRFmAs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZThkMWM2YWFmNGE5M2ZmNDFiYmZhMWJkMWRhYzYxOTdk
NTk1NzUwHhcNMjMwMTAxMjEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDYwMmZlMTk3Y2NiZWI2OTgxMTlkNjMwZDQ3MTE5NWQ2YjVjZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA+9zJno5TQWF36ealpzR0sHXt2E
K8Y8n4hADMBD2t2VyZISylwXKpFGv8dkmXQxqD4AK+JE51IvbuyZRW6716C9V/FN
EdNzBbo1Q4OEa0RBvYqZGKD6GSawaGvCQ4Y2VNlk7eZRXZUXyvEG7GY06g1W7Ai3
226NAo3D8OWkAwHQmgCq0yXg+PfuhtiObIh4iiufQQd/vKvaqyZvDmSEO1FbqVsP
81mldJtP/GtfDYmL4iB4WdoRo4R73sXdtUp/kA3lltJKVyvZZjf+5Ryqt8eaV1Ke
s3Ms6+gcqxuijLIpeSlRwBMnkqarn3ocBntnSjCwmBAC5md//1GUPa0hmwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFO1gL+GXzL62mBGdYw1HEZXWtc27MB8GA1UdIwQY
MBaAFP3o0caq9Kk/9Bu/ob0drGGX1ZV1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2VqUnhxcjBxVF8wRzctaHZSMnNZWmZWbFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC80OTY4ODUtNzA5Zi00YmJiLTkzNzUt
OTU0ZDE5NTQ5YjYxLzEvN1dBdjRaZk12cmFZRVoxakRVY1JsZGExemJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC80OTY4ODUtNzA5Zi00YmJiLTkzNzUtOTU0ZDE5NTQ5YjYx
LzEvX2VqUnhxcjBxVF8wRzctaHZSMnNZWmZWbFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDXujAAwQC
uS1YAwQE2avwMA8EAgACMAkDBwAqABkgAAAwDQYJKoZIhvcNAQELBQADggEBAIO3
KQe9MEZb7q7ULFTdUnxRIgJ/xgacFn5LH794pcBNmgsVJ276oMtko71M+lRqq/92
wnpw7x8+p23Ss/8Awi5AOEYekE/9yZO6nBha+wPVuaqIJU9EWlJ1lqUnKdIRZwtI
7sA90/c2Ss5WszJQpNUrV4krGQUKUeIoiRh/lITf9hikzzGFf+2iQnTTeLvvuYE6
fTnIski5UvdfUv5HWRZk6QxvATN5QuwRQnhU9G819fURO/9NDZGibMQ7k9k2pICT
ny9hNCMTT76lTuHME0Lcn4J3VhWsd/3h85CNHNSq24DY0u5EIx6c4GD4gGuWCRwP
ayKWFn+CtKeLzXgf+Nk=
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:31:10 2025 by rpki-client