Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/F0OVIUXQP2-wKy6GlcbIVVz6qO8.roa
File: F0OVIUXQP2-wKy6GlcbIVVz6qO8.roa (raw, json)
Hash identifier: xzO+KpUzaqxhvsHgKK/1hZO6XrbyvPQ5xvFio6t9ErY=
Subject key identifier: 17:43:95:21:45:D0:3F:6F:B0:2B:2E:86:95:C6:C8:55:5C:FA:A8:EF
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01856F54A85288516B4F3478862B53AA7523
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/F0OVIUXQP2-wKy6GlcbIVVz6qO8.roa
Signing time: Sun 01 Jan 2023 21:54:57 +0000
ROA not before: Sun 01 Jan 2023 21:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12643
IP address blocks: 192.44.32.0/22 maxlen: 22
192.67.200.0/21 maxlen: 21
153.96.244.0/22 maxlen: 22
129.233.208.0/23 maxlen: 23
2a03:db80:3410::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a8:52:88:51:6b:4f:34:78:86:2b:53:aa:75:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 21:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1743952145d03f6fb02b2e8695c6c8555cfaa8ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e8:19:08:d3:c7:81:3c:c5:c5:79:b9:e4:8d:
42:f2:a3:f9:0a:54:6d:17:84:58:c9:ba:e3:21:e2:
4f:75:a1:08:a7:16:7e:4e:9a:a0:5e:17:a8:97:4c:
40:d0:5e:c6:33:cf:d2:b7:f0:74:4e:94:fd:29:ff:
70:e8:a8:dd:69:9e:6c:3a:98:18:2c:c0:2b:07:22:
1e:6b:dc:69:e3:05:e0:27:ca:44:7d:87:76:18:3b:
d5:db:2c:5d:52:27:8a:fd:00:a8:29:b2:df:45:7b:
71:5a:64:92:c3:6b:65:ec:cb:6d:9a:e7:1b:2c:83:
1c:69:e2:36:9e:0a:bb:b8:e2:2b:ac:56:c1:10:3e:
2d:14:82:05:b1:29:82:28:20:90:28:28:bb:5a:42:
07:91:8a:7a:69:c7:58:d3:38:7a:bf:e5:6f:ea:da:
7e:87:bb:e8:50:1c:7d:b6:e4:95:b8:09:8b:66:0f:
e1:fd:9c:b2:ab:01:77:e8:1f:a2:7a:16:55:56:78:
5b:7c:ef:b1:63:c2:51:e3:4f:f8:0d:71:f6:5d:12:
fb:6d:eb:58:60:d8:17:da:63:b3:dc:aa:56:8c:3b:
a2:c1:fe:2c:fd:c9:e9:b2:38:1d:ef:59:2d:24:b4:
43:33:82:9e:9b:c4:01:6d:c6:fd:0c:7c:27:d6:09:
52:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:43:95:21:45:D0:3F:6F:B0:2B:2E:86:95:C6:C8:55:5C:FA:A8:EF
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/F0OVIUXQP2-wKy6GlcbIVVz6qO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.208.0/23
153.96.244.0/22
192.44.32.0/22
192.67.200.0/21
IPv6:
2a03:db80:3410::/48
Signature Algorithm: sha256WithRSAEncryption
90:32:f9:07:ef:82:95:63:1d:e5:c0:e7:23:c3:17:f9:c8:a8:
9a:da:d5:86:44:66:25:9d:0e:5b:ea:6b:42:ef:9d:51:bc:a1:
24:41:1d:57:a6:10:b9:9f:1f:a1:40:32:40:4a:7b:89:c1:3e:
5b:ae:13:97:8d:f6:01:a0:4e:bd:2a:34:32:4e:4f:dc:bd:ce:
b6:68:40:8e:dc:35:1e:77:21:96:00:d1:87:f8:b1:5f:fe:91:
26:5f:0a:59:d0:aa:35:4a:b7:27:c8:be:b2:b9:ce:59:ee:8a:
21:d0:6e:16:6f:90:f4:fb:a5:ae:ee:9c:ab:96:88:f1:ca:03:
88:e4:91:85:ae:c5:a6:b4:79:d1:48:1f:9a:a5:b7:46:16:3e:
b5:00:b9:30:b0:cc:03:50:13:72:44:5a:c9:19:8d:ce:bf:6b:
49:36:ef:0a:ab:73:33:d0:61:57:ab:e8:45:11:28:26:82:67:
de:a9:d0:fe:4e:36:6e:90:08:f8:5b:05:bc:f7:3f:42:eb:a7:
17:ae:06:68:f3:41:f3:e7:4f:57:05:c3:44:4a:65:41:06:82:
51:8b:59:77:47:83:0f:f2:86:a9:c9:26:9d:d4:00:1a:49:cc:
82:b1:ec:e6:0f:49:ef:a9:ff:34:48:0d:92:2e:03:ab:c3:e9:
f9:69:22:50
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVvVKhSiFFrTzR4hitTqnUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMTAxMjE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQzOTUyMTQ1ZDAzZjZmYjAyYjJlODY5NWM2Yzg1NTVjZmFhOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtegZCNPHgTzFxXm55I1C8qP5ClRt
F4RYybrjIeJPdaEIpxZ+TpqgXheol0xA0F7GM8/St/B0TpT9Kf9w6KjdaZ5sOpgY
LMArByIea9xp4wXgJ8pEfYd2GDvV2yxdUieK/QCoKbLfRXtxWmSSw2tl7Mttmucb
LIMcaeI2ngq7uOIrrFbBED4tFIIFsSmCKCCQKCi7WkIHkYp6acdY0zh6v+Vv6tp+
h7voUBx9tuSVuAmLZg/h/ZyyqwF36B+iehZVVnhbfO+xY8JR40/4DXH2XRL7betY
YNgX2mOz3KpWjDuiwf4s/cnpsjgd71ktJLRDM4Kem8QBbcb9DHwn1glSqQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBdDlSFF0D9vsCsuhpXGyFVc+qjvMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvRjBPVklVWFFQMi13S3k2R2xjYklWVno2cU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBgenQAwQC
mWD0AwQCwCwgAwQDwEPIMA8EAgACMAkDBwAqA9uANBAwDQYJKoZIhvcNAQELBQAD
ggEBAJAy+QfvgpVjHeXA5yPDF/nIqJra1YZEZiWdDlvqa0LvnVG8oSRBHVemELmf
H6FAMkBKe4nBPluuE5eN9gGgTr0qNDJOT9y9zrZoQI7cNR53IZYA0Yf4sV/+kSZf
ClnQqjVKtyfIvrK5zlnuiiHQbhZvkPT7pa7unKuWiPHKA4jkkYWuxaa0edFIH5ql
t0YWPrUAuTCwzANQE3JEWskZjc6/a0k27wqrczPQYVer6EURKCaCZ96p0P5ONm6Q
CPhbBbz3P0LrpxeuBmjzQfPnT1cFw0RKZUEGglGLWXdHgw/yhqnJJp3UABpJzIKx
7OYPSe+p/zRIDZIuA6vD6flpIlA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:49 2025 by rpki-client