Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cc1013-5dcb-4ebc-b79e-5c067b8b91a5/1/fii9kqbrPwF-lEsm61-TCO9qdJk.roa
File: fii9kqbrPwF-lEsm61-TCO9qdJk.roa (raw, json)
Hash identifier: q3mOGIv+sxB0Wn/XQ5y/pxNtGU9U6L6nXnPpn2j6hWw=
Subject key identifier: 7E:28:BD:92:A6:EB:3F:01:7E:94:4B:26:EB:5F:93:08:EF:6A:74:99
Certificate issuer: /CN=f59d56c52c7733f83be774afa47bbd55d28797ac
Certificate serial: 0182D6661082137E4EFB422F0BD50D647DA4
Authority key identifier: F5:9D:56:C5:2C:77:33:F8:3B:E7:74:AF:A4:7B:BD:55:D2:87:97:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Z1WxSx3M_g753SvpHu9VdKHl6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/cc1013-5dcb-4ebc-b79e-5c067b8b91a5/1/fii9kqbrPwF-lEsm61-TCO9qdJk.roa
Signing time: Thu 25 Aug 2022 19:06:29 +0000
ROA not before: Thu 25 Aug 2022 19:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41227
IP address blocks: 194.34.160.0/24 maxlen: 24
194.34.161.0/24 maxlen: 24
194.34.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d6:66:10:82:13:7e:4e:fb:42:2f:0b:d5:0d:64:7d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f59d56c52c7733f83be774afa47bbd55d28797ac
Validity
Not Before: Aug 25 19:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e28bd92a6eb3f017e944b26eb5f9308ef6a7499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a3:e6:13:e2:32:22:ac:b8:00:75:e6:8b:b9:
1f:e5:d2:71:6a:c2:ab:d0:6b:31:ba:a9:ed:ee:3d:
a5:d2:86:95:d1:95:2f:73:bd:55:50:5a:4e:58:8e:
33:3b:bc:ca:99:9a:04:a1:f0:7b:63:34:b2:ce:7f:
8a:14:07:2c:3d:56:0a:28:04:39:16:46:94:26:9d:
0f:e0:90:50:16:54:f6:e7:67:83:3e:e8:04:b4:f4:
23:cf:bf:96:29:9a:c6:6f:34:3a:51:d2:a2:f6:85:
9a:a2:79:01:54:69:5c:68:27:2b:c3:d8:5f:23:fb:
a9:b0:b4:c6:f1:a4:74:f7:8a:a6:7d:e5:47:c7:a9:
66:fc:26:e2:a3:d5:6d:f1:a6:d2:c0:d7:8a:fe:76:
1a:51:d4:c7:f6:c5:94:b0:8a:14:5d:52:85:f5:ed:
c6:d2:9a:c9:69:d5:0e:8d:e0:f6:05:a6:4a:3a:02:
b4:5a:e6:1e:07:06:cd:96:89:1b:61:97:98:15:94:
2e:aa:fa:b3:05:e1:74:6b:69:73:a5:4c:9c:e5:18:
ff:2a:23:a4:a9:72:f4:17:0d:05:bd:c6:f9:da:1c:
3b:4d:69:32:31:d1:0c:80:04:bd:1c:e8:59:a1:fc:
d8:b9:f4:c9:e0:22:b1:59:27:02:03:86:f3:05:27:
15:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:28:BD:92:A6:EB:3F:01:7E:94:4B:26:EB:5F:93:08:EF:6A:74:99
X509v3 Authority Key Identifier:
keyid:F5:9D:56:C5:2C:77:33:F8:3B:E7:74:AF:A4:7B:BD:55:D2:87:97:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Z1WxSx3M_g753SvpHu9VdKHl6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cc1013-5dcb-4ebc-b79e-5c067b8b91a5/1/fii9kqbrPwF-lEsm61-TCO9qdJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cc1013-5dcb-4ebc-b79e-5c067b8b91a5/1/9Z1WxSx3M_g753SvpHu9VdKHl6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.160.0-194.34.162.255
Signature Algorithm: sha256WithRSAEncryption
9c:2c:0d:7c:dd:6b:81:e3:1c:28:dc:d6:85:7a:aa:e5:7a:b8:
49:65:dd:6d:30:29:e8:c0:e5:15:27:cb:d8:2f:54:ee:15:54:
31:d2:3d:a4:19:17:ad:c8:fa:fb:1d:4f:60:c3:81:30:b8:fc:
e0:8c:74:2e:60:18:a1:1a:de:6d:c0:4a:e3:d6:8d:d9:6d:04:
fc:44:d6:e2:94:08:47:22:3d:57:9a:ef:df:cf:ff:ec:cd:5b:
7d:33:25:63:05:37:5c:c4:cc:2c:6d:f0:72:88:c9:dd:53:74:
1e:07:1c:e2:46:8c:ba:a6:3d:13:1b:7f:eb:16:33:58:19:86:
dc:b7:bb:a4:0b:83:73:fc:6d:a8:63:33:ab:47:92:53:dd:dd:
92:34:82:9b:bf:24:e8:f4:d8:7e:65:88:e0:31:7b:ff:9d:32:
37:e0:85:63:29:7d:c6:63:60:5e:99:56:a1:d0:94:59:16:4b:
1f:8d:d6:3b:4a:4b:3d:e4:20:96:34:ae:13:93:31:a1:71:5f:
ec:5d:7c:f4:99:0e:40:eb:c3:34:e9:78:88:ce:40:0c:de:54:
fe:cb:37:e3:c5:52:26:4b:11:30:f1:9f:b4:39:e9:c5:ec:df:
13:d3:f5:0a:cb:bb:d5:aa:67:b3:f6:26:5e:1c:74:26:19:58:
e8:0e:b3:15
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYLWZhCCE35O+0IvC9UNZH2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OWQ1NmM1MmM3NzMzZjgzYmU3NzRhZmE0N2JiZDU1ZDI4
Nzk3YWMwHhcNMjIwODI1MTkwNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTI4YmQ5MmE2ZWIzZjAxN2U5NDRiMjZlYjVmOTMwOGVmNmE3NDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaPmE+IyIqy4AHXmi7kf5dJxasKr
0Gsxuqnt7j2l0oaV0ZUvc71VUFpOWI4zO7zKmZoEofB7YzSyzn+KFAcsPVYKKAQ5
FkaUJp0P4JBQFlT252eDPugEtPQjz7+WKZrGbzQ6UdKi9oWaonkBVGlcaCcrw9hf
I/upsLTG8aR094qmfeVHx6lm/Cbio9Vt8abSwNeK/nYaUdTH9sWUsIoUXVKF9e3G
0prJadUOjeD2BaZKOgK0WuYeBwbNlokbYZeYFZQuqvqzBeF0a2lzpUyc5Rj/KiOk
qXL0Fw0Fvcb52hw7TWkyMdEMgAS9HOhZofzYufTJ4CKxWScCA4bzBScVRwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFH4ovZKm6z8BfpRLJutfkwjvanSZMB8GA1UdIwQY
MBaAFPWdVsUsdzP4O+d0r6R7vVXSh5esMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVoxV3hTeDNNX2c3NTNTdnBIdTlWZEtIbDZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jYzEwMTMtNWRjYi00ZWJjLWI3OWUt
NWMwNjdiOGI5MWE1LzEvZmlpOWtxYnJQd0YtbEVzbTYxLVRDTzlxZEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jYzEwMTMtNWRjYi00ZWJjLWI3OWUtNWMwNjdiOGI5MWE1
LzEvOVoxV3hTeDNNX2c3NTNTdnBIdTlWZEtIbDZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXCIqAD
BADCIqIwDQYJKoZIhvcNAQELBQADggEBAJwsDXzda4HjHCjc1oV6quV6uEll3W0w
KejA5RUny9gvVO4VVDHSPaQZF63I+vsdT2DDgTC4/OCMdC5gGKEa3m3ASuPWjdlt
BPxE1uKUCEciPVea79/P/+zNW30zJWMFN1zEzCxt8HKIyd1TdB4HHOJGjLqmPRMb
f+sWM1gZhty3u6QLg3P8bahjM6tHklPd3ZI0gpu/JOj02H5liOAxe/+dMjfghWMp
fcZjYF6ZVqHQlFkWSx+N1jtKSz3kIJY0rhOTMaFxX+xdfPSZDkDrwzTpeIjOQAze
VP7LN+PFUiZLETDxn7Q56cXs3xPT9QrLu9WqZ7P2Jl4cdCYZWOgOsxU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:05 2025 by rpki-client