Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/FSSIYwhqMry-g931nD5v7SIPCA0.roa
File: FSSIYwhqMry-g931nD5v7SIPCA0.roa (raw, json)
Hash identifier: 57pGmkt+rxUTV5uIx4KtmbepnBIKXusXoR9N1mS/zbs=
Subject key identifier: 15:24:88:63:08:6A:32:BC:BE:83:DD:F5:9C:3E:6F:ED:22:0F:08:0D
Certificate issuer: /CN=a3698b01053911607edb2a76090a6aced95a3ed5
Certificate serial: 01856E01EEE5824EEC967A29B9B98C79D99C
Authority key identifier: A3:69:8B:01:05:39:11:60:7E:DB:2A:76:09:0A:6A:CE:D9:5A:3E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2mLAQU5EWB-2yp2CQpqztlaPtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/FSSIYwhqMry-g931nD5v7SIPCA0.roa
Signing time: Sun 01 Jan 2023 15:44:58 +0000
ROA not before: Sun 01 Jan 2023 15:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 194.61.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:ee:e5:82:4e:ec:96:7a:29:b9:b9:8c:79:d9:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3698b01053911607edb2a76090a6aced95a3ed5
Validity
Not Before: Jan 1 15:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15248863086a32bcbe83ddf59c3e6fed220f080d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:79:65:93:71:18:75:d8:85:64:92:f8:dc:e2:
a1:69:95:29:9a:ee:02:e3:6c:40:55:4c:1e:68:5f:
4f:38:dd:2d:36:cf:76:42:e3:6c:6c:07:71:67:b2:
00:88:71:be:43:15:91:30:14:f4:33:20:7d:af:9e:
b5:f7:b9:d7:57:39:59:0c:50:3a:27:dc:25:78:13:
56:ef:16:cc:a9:8e:3c:1e:af:2b:37:27:5c:cd:15:
ee:bd:c6:df:0e:27:e4:cd:b1:3a:fb:19:26:62:43:
60:d3:64:13:01:e0:0e:3f:d6:05:a5:59:a5:5d:8a:
f1:cc:be:d7:2c:a4:d8:72:04:f3:d2:c6:3e:5a:cb:
5a:bf:0f:1a:28:a5:7f:e0:53:ff:92:d1:39:a1:04:
a5:27:b8:87:2f:e5:e9:21:21:d5:f9:5d:ad:68:c8:
30:8e:2b:38:9e:97:80:b4:e6:78:3d:91:87:ab:9c:
52:9d:a2:88:65:9c:42:2d:89:4d:6e:c3:cb:6f:25:
3c:3e:19:5e:78:06:69:15:af:21:3c:74:8a:80:79:
fb:dd:9f:45:7e:91:2e:26:0a:e2:a0:c7:6a:a3:bb:
de:af:6e:d4:db:f6:cb:7f:56:87:bd:d7:b0:18:f4:
6c:b7:0d:43:d3:be:6e:af:c1:75:31:85:45:14:d7:
07:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:24:88:63:08:6A:32:BC:BE:83:DD:F5:9C:3E:6F:ED:22:0F:08:0D
X509v3 Authority Key Identifier:
keyid:A3:69:8B:01:05:39:11:60:7E:DB:2A:76:09:0A:6A:CE:D9:5A:3E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2mLAQU5EWB-2yp2CQpqztlaPtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/FSSIYwhqMry-g931nD5v7SIPCA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/o2mLAQU5EWB-2yp2CQpqztlaPtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.224.0/22
Signature Algorithm: sha256WithRSAEncryption
85:04:85:e9:9c:53:8a:04:2d:6c:1e:aa:99:56:6f:75:ab:d9:
26:0d:7b:96:5a:24:66:55:ea:37:bc:9a:56:63:60:69:60:62:
5e:63:7d:00:f2:79:b5:73:f0:c7:95:b7:94:56:c5:9e:48:32:
98:59:a3:1f:16:86:6f:ba:bd:4f:b3:85:e3:5d:b5:1d:31:4a:
28:4f:51:1a:ae:64:e0:4b:bc:d5:75:86:10:bd:30:03:a4:aa:
25:aa:1a:58:0b:71:cb:37:a7:57:7a:66:53:3c:9a:00:b0:82:
18:a8:78:5b:00:01:57:31:ea:e5:17:d4:7c:6b:3c:f0:54:40:
a1:4b:4c:de:01:2f:4c:eb:7d:ba:84:e3:00:d4:7f:26:87:31:
69:cd:f6:e8:aa:09:e8:08:d0:c3:21:8c:40:6c:59:94:b7:a4:
a1:70:70:93:8e:c8:dd:f6:d6:76:e2:02:92:4d:94:9a:15:5d:
e8:85:89:79:1f:06:a6:50:64:a9:7e:d4:a6:93:61:dc:e0:75:
b7:7d:78:8a:fd:07:5b:62:12:df:89:3a:1f:1f:cd:25:d6:e5:
52:b7:15:23:18:d3:80:86:c8:5a:d3:21:4c:66:77:9e:f3:97:
ad:b3:6c:42:b4:61:6d:bd:f5:ef:65:a2:19:d5:19:7e:68:9e:
f1:40:d6:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAe7lgk7slnopubmMedmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjk4YjAxMDUzOTExNjA3ZWRiMmE3NjA5MGE2YWNlZDk1
YTNlZDUwHhcNMjMwMTAxMTU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTI0ODg2MzA4NmEzMmJjYmU4M2RkZjU5YzNlNmZlZDIyMGYwODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXllk3EYddiFZJL43OKhaZUpmu4C
42xAVUweaF9PON0tNs92QuNsbAdxZ7IAiHG+QxWRMBT0MyB9r56197nXVzlZDFA6
J9wleBNW7xbMqY48Hq8rNydczRXuvcbfDifkzbE6+xkmYkNg02QTAeAOP9YFpVml
XYrxzL7XLKTYcgTz0sY+Wstavw8aKKV/4FP/ktE5oQSlJ7iHL+XpISHV+V2taMgw
jis4npeAtOZ4PZGHq5xSnaKIZZxCLYlNbsPLbyU8PhleeAZpFa8hPHSKgHn73Z9F
fpEuJgrioMdqo7ver27U2/bLf1aHvdewGPRstw1D075ur8F1MYVFFNcH9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBUkiGMIajK8voPd9Zw+b+0iDwgNMB8GA1UdIwQY
MBaAFKNpiwEFORFgftsqdgkKas7ZWj7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJtTEFRVTVFV0ItMnlwMkNRcHF6dGxhUHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84MWQ2OGEtNTM2Yy00NDQyLWI4NTIt
YmJkMzExMTg2OTUwLzEvRlNTSVl3aHFNcnktZzkzMW5ENXY3U0lQQ0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS84MWQ2OGEtNTM2Yy00NDQyLWI4NTItYmJkMzExMTg2OTUw
LzEvbzJtTEFRVTVFV0ItMnlwMkNRcHF6dGxhUHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwj3gMA0G
CSqGSIb3DQEBCwUAA4IBAQCFBIXpnFOKBC1sHqqZVm91q9kmDXuWWiRmVeo3vJpW
Y2BpYGJeY30A8nm1c/DHlbeUVsWeSDKYWaMfFoZvur1Ps4XjXbUdMUooT1EarmTg
S7zVdYYQvTADpKolqhpYC3HLN6dXemZTPJoAsIIYqHhbAAFXMerlF9R8azzwVECh
S0zeAS9M6326hOMA1H8mhzFpzfboqgnoCNDDIYxAbFmUt6ShcHCTjsjd9tZ24gKS
TZSaFV3ohYl5HwamUGSpftSmk2Hc4HW3fXiK/QdbYhLfiTofH80l1uVStxUjGNOA
hsha0yFMZnee85ets2xCtGFtvfXvZaIZ1Rl+aJ7xQNa7
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:15:30 2025 by rpki-client