Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/fvwPf9s5oWaY89sC2FnjdH1irw8.roa
File: fvwPf9s5oWaY89sC2FnjdH1irw8.roa (raw, json)
Hash identifier: 6WPR+8KI51BM5mboHvslMFjYrLEi8vZm0cqfhEoU904=
Subject key identifier: 7E:FC:0F:7F:DB:39:A1:66:98:F3:DB:02:D8:59:E3:74:7D:62:AF:0F
Certificate issuer: /CN=87b9313753bc0931af4393dbda009b0ff45ec7c2
Certificate serial: 0185728345350E6A6F99DDE3593127042E89
Authority key identifier: 87:B9:31:37:53:BC:09:31:AF:43:93:DB:DA:00:9B:0F:F4:5E:C7:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/fvwPf9s5oWaY89sC2FnjdH1irw8.roa
Signing time: Mon 02 Jan 2023 12:44:43 +0000
ROA not before: Mon 02 Jan 2023 12:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201395
IP address blocks: 176.105.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:45:35:0e:6a:6f:99:dd:e3:59:31:27:04:2e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87b9313753bc0931af4393dbda009b0ff45ec7c2
Validity
Not Before: Jan 2 12:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7efc0f7fdb39a16698f3db02d859e3747d62af0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e4:25:db:26:2e:f8:f4:93:c6:8a:5d:59:ac:
78:e9:85:83:70:e4:24:2a:ce:d8:a5:dc:b5:46:2c:
0d:fd:ed:96:1b:f8:96:3d:2d:83:e4:d3:cd:9e:86:
0b:20:bd:d5:2d:26:2f:00:46:d9:64:eb:1a:97:03:
8a:61:f2:9f:ee:e9:6b:66:ef:f4:a3:01:73:58:19:
9a:9c:3e:39:b8:8a:76:96:42:93:eb:00:26:94:db:
60:e6:2a:3a:02:55:b8:86:a0:57:65:f0:e9:68:e3:
31:69:c3:62:c2:97:b1:d7:41:e6:16:f5:ae:17:6d:
19:df:60:72:3e:f1:fd:08:68:48:5a:ed:4f:57:f3:
bd:6d:a3:9d:43:76:26:4c:b6:15:b1:5b:8c:3b:b8:
df:66:15:c6:fb:38:82:35:a9:56:1c:17:00:9b:62:
08:d1:1d:1f:43:f4:43:73:79:f9:0c:e4:b3:35:56:
c6:b5:4f:a4:46:1b:5c:a4:c8:bb:48:94:3c:c4:32:
b9:fc:79:a2:f4:74:82:3b:8f:fa:09:13:68:ad:2e:
8e:e4:7e:fd:65:35:71:ea:10:7c:8c:ed:6c:16:12:
30:bd:3d:e1:f9:ad:3c:9a:70:dc:e6:15:0c:38:81:
e9:a4:74:25:55:2d:ba:8d:3c:49:91:f5:69:a9:46:
7d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:FC:0F:7F:DB:39:A1:66:98:F3:DB:02:D8:59:E3:74:7D:62:AF:0F
X509v3 Authority Key Identifier:
keyid:87:B9:31:37:53:BC:09:31:AF:43:93:DB:DA:00:9B:0F:F4:5E:C7:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/fvwPf9s5oWaY89sC2FnjdH1irw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/71cb0c-3be0-4a9e-9b82-7d68366b59b7/1/h7kxN1O8CTGvQ5Pb2gCbD_Rex8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.240.0/22
Signature Algorithm: sha256WithRSAEncryption
dd:a4:b2:cb:5c:33:67:e5:d3:ff:0a:fb:42:75:17:68:a0:f1:
c6:b3:6d:8e:75:f3:b7:2a:84:a2:a5:8d:93:ad:97:3b:4d:18:
0a:8c:ab:fa:a3:26:29:24:dd:5c:98:6f:b7:01:c8:8d:51:f8:
0e:fc:2d:ae:9e:a2:29:bc:93:5d:3a:41:1f:5b:b8:1b:9c:db:
55:30:24:d2:10:68:7c:72:5e:8c:99:36:11:6f:c2:ca:3d:bd:
b2:0e:85:be:84:d4:0e:76:3b:a1:e3:5e:20:18:d4:5e:96:e0:
e5:6c:00:32:df:f5:d9:ad:2d:9f:3e:27:17:43:b6:53:48:fb:
91:85:e7:ca:83:25:b8:db:f5:dc:57:b5:e7:1c:c3:06:e5:9f:
e2:9b:cf:be:f2:b3:5e:00:dd:45:b6:5c:f4:f7:f2:77:9d:55:
7f:1e:0e:45:75:15:3e:18:9c:b9:bc:22:6d:8b:e1:d4:8d:f5:
d9:bf:f6:30:23:f7:e4:6e:8d:82:45:46:d7:a8:e4:c5:76:64:
51:fa:0c:03:e9:bd:1e:a3:66:e9:12:8c:5c:6c:95:a9:4c:c2:
e5:35:36:b3:19:26:a9:38:dc:38:d4:1e:41:5d:d1:4c:ad:f2:
32:5a:e5:53:3d:ac:44:02:45:95:86:60:38:20:3c:58:c4:a6:
01:8e:94:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyg0U1Dmpvmd3jWTEnBC6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YjkzMTM3NTNiYzA5MzFhZjQzOTNkYmRhMDA5YjBmZjQ1
ZWM3YzIwHhcNMjMwMTAyMTI0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWZjMGY3ZmRiMzlhMTY2OThmM2RiMDJkODU5ZTM3NDdkNjJhZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OQl2yYu+PSTxopdWax46YWDcOQk
Ks7Ypdy1RiwN/e2WG/iWPS2D5NPNnoYLIL3VLSYvAEbZZOsalwOKYfKf7ulrZu/0
owFzWBmanD45uIp2lkKT6wAmlNtg5io6AlW4hqBXZfDpaOMxacNiwpex10HmFvWu
F20Z32ByPvH9CGhIWu1PV/O9baOdQ3YmTLYVsVuMO7jfZhXG+ziCNalWHBcAm2II
0R0fQ/RDc3n5DOSzNVbGtU+kRhtcpMi7SJQ8xDK5/Hmi9HSCO4/6CRNorS6O5H79
ZTVx6hB8jO1sFhIwvT3h+a08mnDc5hUMOIHppHQlVS26jTxJkfVpqUZ9XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH78D3/bOaFmmPPbAthZ43R9Yq8PMB8GA1UdIwQY
MBaAFIe5MTdTvAkxr0OT29oAmw/0XsfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDdreE4xTzhDVEd2UTVQYjJnQ2JEX1JleDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83MWNiMGMtM2JlMC00YTllLTliODIt
N2Q2ODM2NmI1OWI3LzEvZnZ3UGY5czVvV2FZODlzQzJGbmpkSDFpcnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83MWNiMGMtM2JlMC00YTllLTliODItN2Q2ODM2NmI1OWI3
LzEvaDdreE4xTzhDVEd2UTVQYjJnQ2JEX1JleDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsGnwMA0G
CSqGSIb3DQEBCwUAA4IBAQDdpLLLXDNn5dP/CvtCdRdooPHGs22OdfO3KoSipY2T
rZc7TRgKjKv6oyYpJN1cmG+3AciNUfgO/C2unqIpvJNdOkEfW7gbnNtVMCTSEGh8
cl6MmTYRb8LKPb2yDoW+hNQOdjuh414gGNReluDlbAAy3/XZrS2fPicXQ7ZTSPuR
hefKgyW42/XcV7XnHMMG5Z/im8++8rNeAN1Ftlz09/J3nVV/Hg5FdRU+GJy5vCJt
i+HUjfXZv/YwI/fkbo2CRUbXqOTFdmRR+gwD6b0eo2bpEoxcbJWpTMLlNTazGSap
ONw41B5BXdFMrfIyWuVTPaxEAkWVhmA4IDxYxKYBjpTn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:22 2025 by rpki-client