Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/bff799-9e32-43be-85cd-824760714dfb/1/fqn-l9MR-urdbccuyeQCilivTM0.roa
File: fqn-l9MR-urdbccuyeQCilivTM0.roa (raw, json)
Hash identifier: injFyTINA3vO1xB0hS0AV9l10RQNnE7vW7O8jsUqeN8=
Subject key identifier: 7E:A9:FE:97:D3:11:FA:EA:DD:6D:C7:2E:C9:E4:02:8A:58:AF:4C:CD
Certificate issuer: /CN=e544e266d4eb9cc7ded292c12b06b1ca7bcea778
Certificate serial: 01856CE638C36D457026DB25E825D2DCB2AB
Authority key identifier: E5:44:E2:66:D4:EB:9C:C7:DE:D2:92:C1:2B:06:B1:CA:7B:CE:A7:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5UTiZtTrnMfe0pLBKwaxynvOp3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/bff799-9e32-43be-85cd-824760714dfb/1/fqn-l9MR-urdbccuyeQCilivTM0.roa
Signing time: Sun 01 Jan 2023 10:35:05 +0000
ROA not before: Sun 01 Jan 2023 10:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20813
IP address blocks: 193.108.160.0/23 maxlen: 23
194.24.226.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:38:c3:6d:45:70:26:db:25:e8:25:d2:dc:b2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e544e266d4eb9cc7ded292c12b06b1ca7bcea778
Validity
Not Before: Jan 1 10:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ea9fe97d311faeadd6dc72ec9e4028a58af4ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:47:1b:e3:c0:8c:ba:a4:a4:b4:b5:6c:ff:25:
20:38:d5:52:2d:ec:11:0c:01:b0:44:df:67:cb:c4:
0a:90:c0:62:91:93:3f:0a:78:39:cd:b9:d1:f3:59:
3c:1b:49:95:96:3f:c9:05:9d:50:5d:cd:91:f4:0d:
a0:1d:d1:15:b3:13:3a:a7:dc:06:04:df:62:40:4a:
99:8e:78:e7:3b:25:9d:18:78:12:58:ab:65:a6:41:
73:05:59:84:2c:91:e5:b9:91:55:e1:40:69:c8:81:
f4:9e:79:e0:56:fe:92:b6:77:d8:49:15:f0:d3:02:
7a:89:dc:a9:82:e7:72:f8:df:12:ee:74:aa:13:94:
89:71:99:a8:29:12:0c:fe:88:13:ee:87:2c:c5:86:
8c:09:9d:a7:cc:31:39:6f:bb:a5:ec:8e:7d:64:59:
9f:42:34:73:41:80:68:15:31:92:60:f1:79:2f:31:
52:26:f6:6a:f3:92:56:88:45:45:62:12:8d:20:e8:
e6:dd:65:37:84:39:07:a5:64:1d:ea:0c:45:5b:8b:
34:cd:c4:3d:88:ae:59:e0:db:68:e8:2e:84:d0:0f:
79:40:34:a4:50:5b:7b:f2:22:97:29:20:81:47:1a:
0b:c0:66:2c:0f:e9:87:48:b2:75:7a:03:0c:d6:9a:
f5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A9:FE:97:D3:11:FA:EA:DD:6D:C7:2E:C9:E4:02:8A:58:AF:4C:CD
X509v3 Authority Key Identifier:
keyid:E5:44:E2:66:D4:EB:9C:C7:DE:D2:92:C1:2B:06:B1:CA:7B:CE:A7:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UTiZtTrnMfe0pLBKwaxynvOp3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bff799-9e32-43be-85cd-824760714dfb/1/fqn-l9MR-urdbccuyeQCilivTM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bff799-9e32-43be-85cd-824760714dfb/1/5UTiZtTrnMfe0pLBKwaxynvOp3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.160.0/23
194.24.226.0/23
Signature Algorithm: sha256WithRSAEncryption
96:a5:9a:8e:1a:e6:27:38:4e:a4:a6:c6:24:cb:77:92:cc:bb:
f4:93:ec:2f:d9:0d:33:9a:a0:05:c8:d2:9e:56:0a:4d:a1:4b:
10:e2:f4:d9:32:3d:69:f1:48:ec:31:ad:31:6b:40:11:70:07:
5f:80:2d:64:4e:7a:6f:cb:95:dd:8a:5b:0a:ac:4c:cf:35:24:
ff:fb:cb:4e:fb:87:24:c1:68:51:7c:e4:05:6e:70:99:e2:a6:
a4:28:73:5e:0e:3d:94:ad:d9:e7:48:fc:99:05:63:04:fa:e6:
ed:b8:e2:44:80:b7:53:fd:a8:57:57:b9:61:e8:a2:a9:11:30:
0a:c9:32:0b:55:a4:99:e8:11:13:a0:9b:3c:c8:ee:4b:b6:a0:
0d:47:58:04:4b:48:ce:d6:54:53:e5:b1:25:ec:37:5a:fb:6e:
99:2f:b4:fd:7a:5f:eb:cf:82:56:a0:db:d7:33:c1:1a:fc:61:
1e:75:80:50:61:51:79:8b:00:c8:53:39:64:79:b2:48:e6:b3:
74:04:44:8e:1a:de:e3:c4:e9:e7:6d:0a:87:ad:22:76:0b:bc:
bb:c6:5b:95:1a:17:3e:ad:12:48:72:a2:2a:29:ae:f6:1d:42:
07:28:2a:d3:8e:da:cf:c9:9a:92:07:d7:ea:91:34:4a:19:37:
9b:49:22:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs5jjDbUVwJtsl6CXS3LKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDRlMjY2ZDRlYjljYzdkZWQyOTJjMTJiMDZiMWNhN2Jj
ZWE3NzgwHhcNMjMwMTAxMTAzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWE5ZmU5N2QzMTFmYWVhZGQ2ZGM3MmVjOWU0MDI4YTU4YWY0Y2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEcb48CMuqSktLVs/yUgONVSLewR
DAGwRN9ny8QKkMBikZM/Cng5zbnR81k8G0mVlj/JBZ1QXc2R9A2gHdEVsxM6p9wG
BN9iQEqZjnjnOyWdGHgSWKtlpkFzBVmELJHluZFV4UBpyIH0nnngVv6StnfYSRXw
0wJ6idypgudy+N8S7nSqE5SJcZmoKRIM/ogT7ocsxYaMCZ2nzDE5b7ul7I59ZFmf
QjRzQYBoFTGSYPF5LzFSJvZq85JWiEVFYhKNIOjm3WU3hDkHpWQd6gxFW4s0zcQ9
iK5Z4Nto6C6E0A95QDSkUFt78iKXKSCBRxoLwGYsD+mHSLJ1egMM1pr1fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH6p/pfTEfrq3W3HLsnkAopYr0zNMB8GA1UdIwQY
MBaAFOVE4mbU65zH3tKSwSsGscp7zqd4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVUaVp0VHJuTWZlMHBMQkt3YXh5bnZPcDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9iZmY3OTktOWUzMi00M2JlLTg1Y2Qt
ODI0NzYwNzE0ZGZiLzEvZnFuLWw5TVItdXJkYmNjdXllUUNpbGl2VE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9iZmY3OTktOWUzMi00M2JlLTg1Y2QtODI0NzYwNzE0ZGZi
LzEvNVVUaVp0VHJuTWZlMHBMQkt3YXh5bnZPcDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwWygAwQB
whjiMA0GCSqGSIb3DQEBCwUAA4IBAQCWpZqOGuYnOE6kpsYky3eSzLv0k+wv2Q0z
mqAFyNKeVgpNoUsQ4vTZMj1p8UjsMa0xa0ARcAdfgC1kTnpvy5XdilsKrEzPNST/
+8tO+4ckwWhRfOQFbnCZ4qakKHNeDj2UrdnnSPyZBWME+ubtuOJEgLdT/ahXV7lh
6KKpETAKyTILVaSZ6BEToJs8yO5LtqANR1gES0jO1lRT5bEl7Dda+26ZL7T9el/r
z4JWoNvXM8Ea/GEedYBQYVF5iwDIUzlkebJI5rN0BESOGt7jxOnnbQqHrSJ2C7y7
xluVGhc+rRJIcqIqKa72HUIHKCrTjtrPyZqSB9fqkTRKGTebSSJS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:12 2025 by rpki-client