Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/FLxVkFeYzFyq51wZlvOwQ7MPuug.roa
File: FLxVkFeYzFyq51wZlvOwQ7MPuug.roa (raw, json)
Hash identifier: /X8Ns7jsjHuDgxxydr4v1Y0aZvCvdUL+Qmkq2C+a9P8=
Subject key identifier: 14:BC:55:90:57:98:CC:5C:AA:E7:5C:19:96:F3:B0:43:B3:0F:BA:E8
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018879FAFD70DE9E9DA27AF6085943C367EC
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/FLxVkFeYzFyq51wZlvOwQ7MPuug.roa
Signing time: Fri 02 Jun 2023 02:41:11 +0000
ROA not before: Fri 02 Jun 2023 02:41:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 194.31.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:79:fa:fd:70:de:9e:9d:a2:7a:f6:08:59:43:c3:67:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jun 2 02:41:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14bc55905798cc5caae75c1996f3b043b30fbae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bc:1c:06:7a:ed:5c:7c:42:f6:42:1f:a2:67:
67:78:c6:a5:05:85:7d:bc:6f:aa:c7:19:67:ce:ce:
ab:85:56:0c:5e:6f:04:a0:fe:ed:42:85:57:04:0d:
f9:bf:f1:5b:77:06:f0:4e:e1:df:0f:67:ba:c8:bb:
40:92:83:92:52:d5:f5:b6:12:66:7c:71:60:2a:b3:
ff:a6:78:ef:4f:c0:8f:79:f9:01:29:7e:46:0b:f4:
7b:d0:3d:09:70:2e:67:53:c5:5c:66:02:b6:7a:3c:
2e:a9:98:79:ad:da:a9:f2:8a:ef:2d:da:6e:5c:9a:
c1:88:fa:df:b2:5d:d4:f6:e8:d4:57:6c:b6:f8:9b:
a9:b6:7c:95:21:f9:6e:a6:dd:39:24:c3:db:90:47:
d2:76:49:14:eb:d1:65:74:c2:c7:11:29:1c:06:3e:
f8:ef:e7:09:82:16:80:13:63:d6:1a:1a:ce:c1:fc:
92:48:b0:53:ad:9c:ef:f8:31:96:f6:a5:a6:02:c0:
57:28:09:ca:0c:fa:99:cc:48:8c:42:1f:55:8c:8f:
d1:c8:c9:c0:2c:19:bf:a1:21:8a:4c:b3:98:5a:b8:
6b:28:b1:75:fb:6e:e5:04:c1:83:2c:91:f3:f4:b1:
8b:c4:13:9d:87:f7:95:6b:e4:8a:e1:c4:3f:ce:53:
14:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:BC:55:90:57:98:CC:5C:AA:E7:5C:19:96:F3:B0:43:B3:0F:BA:E8
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/FLxVkFeYzFyq51wZlvOwQ7MPuug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.132.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:4d:fa:bb:59:a8:9b:23:06:2a:f5:8d:ef:18:6e:31:67:61:
76:94:19:0e:75:6d:25:18:3b:99:86:5a:a7:9e:0c:95:1f:b1:
71:c7:a4:04:3d:37:cb:cd:11:de:66:a1:12:07:9d:0a:6f:5a:
72:4e:bb:84:7b:d8:59:17:e4:aa:1b:c7:d1:5a:a9:a7:5c:f0:
e4:2b:a4:64:25:28:3a:e2:dc:8f:d3:ec:2a:38:49:64:ec:57:
0a:50:64:3a:14:fe:78:36:0f:33:7f:eb:94:27:cd:05:a5:37:
94:8f:86:8e:a6:96:47:45:19:19:6a:f4:9d:73:a2:33:7b:e2:
f2:52:49:02:cb:aa:11:35:95:d5:aa:91:be:f2:ac:bd:f5:d5:
a2:52:23:b5:46:70:62:b6:d8:81:61:b5:5a:36:dc:25:29:92:
a5:33:98:4d:5a:77:26:c7:d4:f8:7c:b6:2a:81:aa:7d:39:76:
af:ad:17:b8:48:c6:fa:96:79:01:22:9b:6b:ba:67:8d:9e:c8:
64:8b:ca:b3:26:e8:f8:21:da:bc:c2:8d:f2:df:25:0b:15:6f:
ae:8d:36:24:dc:dd:80:45:c8:2d:5a:f9:f7:bc:5b:cc:ce:04:
81:88:24:e2:88:04:7b:3a:c0:b1:4a:0c:08:4b:e7:95:91:8d:
13:bf:55:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh5+v1w3p6donr2CFlDw2fsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjMwNjAyMDI0MTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGJjNTU5MDU3OThjYzVjYWFlNzVjMTk5NmYzYjA0M2IzMGZiYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrwcBnrtXHxC9kIfomdneMalBYV9
vG+qxxlnzs6rhVYMXm8EoP7tQoVXBA35v/FbdwbwTuHfD2e6yLtAkoOSUtX1thJm
fHFgKrP/pnjvT8CPefkBKX5GC/R70D0JcC5nU8VcZgK2ejwuqZh5rdqp8orvLdpu
XJrBiPrfsl3U9ujUV2y2+JuptnyVIflupt05JMPbkEfSdkkU69FldMLHESkcBj74
7+cJghaAE2PWGhrOwfySSLBTrZzv+DGW9qWmAsBXKAnKDPqZzEiMQh9VjI/RyMnA
LBm/oSGKTLOYWrhrKLF1+27lBMGDLJHz9LGLxBOdh/eVa+SK4cQ/zlMUDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBS8VZBXmMxcqudcGZbzsEOzD7roMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvRkx4VmtGZVl6RnlxNTF3Wmx2T3dRN01QdXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwh+EMA0G
CSqGSIb3DQEBCwUAA4IBAQBMTfq7WaibIwYq9Y3vGG4xZ2F2lBkOdW0lGDuZhlqn
ngyVH7Fxx6QEPTfLzRHeZqESB50Kb1pyTruEe9hZF+SqG8fRWqmnXPDkK6RkJSg6
4tyP0+wqOElk7FcKUGQ6FP54Ng8zf+uUJ80FpTeUj4aOppZHRRkZavSdc6Ize+Ly
UkkCy6oRNZXVqpG+8qy99dWiUiO1RnBittiBYbVaNtwlKZKlM5hNWncmx9T4fLYq
gap9OXavrRe4SMb6lnkBIptrumeNnshki8qzJuj4Idq8wo3y3yULFW+ujTYk3N2A
RcgtWvn3vFvMzgSBiCTiiAR7OsCxSgwIS+eVkY0Tv1VX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:37 2025 by rpki-client