Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1374c0-4bd4-4156-a77f-653a70bf0925/1/FvIcKDXWhfHktJT52jaOkQ68dsM.roa
File: FvIcKDXWhfHktJT52jaOkQ68dsM.roa (raw, json)
Hash identifier: oXJnFIiCVGxEZpZfFMflNuBvt9sk6V4zzkWzfPKxcHE=
Subject key identifier: 16:F2:1C:28:35:D6:85:F1:E4:B4:94:F9:DA:36:8E:91:0E:BC:76:C3
Certificate issuer: /CN=3ad77fe68fa9dab644fd0a3dfb3a02566a809590
Certificate serial: 018572033DD9B86834093EAAF8CD28940D0E
Authority key identifier: 3A:D7:7F:E6:8F:A9:DA:B6:44:FD:0A:3D:FB:3A:02:56:6A:80:95:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Otd_5o-p2rZE_Qo9-zoCVmqAlZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1374c0-4bd4-4156-a77f-653a70bf0925/1/FvIcKDXWhfHktJT52jaOkQ68dsM.roa
Signing time: Mon 02 Jan 2023 10:24:53 +0000
ROA not before: Mon 02 Jan 2023 10:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208678
IP address blocks: 185.141.4.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:3d:d9:b8:68:34:09:3e:aa:f8:cd:28:94:0d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad77fe68fa9dab644fd0a3dfb3a02566a809590
Validity
Not Before: Jan 2 10:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16f21c2835d685f1e4b494f9da368e910ebc76c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c6:89:34:a6:11:9c:51:af:ea:f4:84:02:87:
3a:db:35:a7:80:9d:34:e5:c7:1e:36:51:ae:00:46:
6c:63:4a:de:47:d6:d3:83:af:26:84:fb:7f:6f:35:
07:4e:95:1a:ab:d2:84:c8:c3:cf:21:80:45:28:41:
84:41:83:9f:28:1a:e9:93:c8:01:e7:f0:70:52:9e:
65:fa:e4:89:01:c7:08:93:85:a1:3e:90:2c:10:fa:
99:df:e2:1c:65:00:01:1d:98:20:42:ca:6c:7f:dd:
96:1b:8f:22:a4:6a:e8:42:50:07:59:79:b5:3f:a3:
18:fb:bf:aa:d7:55:9d:08:0e:fb:7b:b6:dc:10:fe:
8c:72:18:7d:3b:00:0b:2e:35:d0:3e:8f:92:52:0e:
eb:7b:31:ef:26:9a:be:8a:71:c0:f0:84:7a:28:8d:
df:76:45:5b:9e:7e:37:92:17:b5:21:9b:29:e6:1b:
dc:d4:15:99:a8:15:d7:25:8e:20:68:e6:69:d2:0a:
42:d3:8b:55:c1:d4:8b:ce:ec:35:b9:01:47:5c:0d:
ec:60:34:10:00:f6:4e:23:fa:2b:ee:58:b8:a4:63:
0b:a9:57:ae:77:ec:1a:94:8c:e0:db:55:f4:54:bf:
ca:a7:8c:b7:14:ad:3c:9a:9d:0c:35:a3:b7:2c:79:
10:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:F2:1C:28:35:D6:85:F1:E4:B4:94:F9:DA:36:8E:91:0E:BC:76:C3
X509v3 Authority Key Identifier:
keyid:3A:D7:7F:E6:8F:A9:DA:B6:44:FD:0A:3D:FB:3A:02:56:6A:80:95:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Otd_5o-p2rZE_Qo9-zoCVmqAlZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1374c0-4bd4-4156-a77f-653a70bf0925/1/FvIcKDXWhfHktJT52jaOkQ68dsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1374c0-4bd4-4156-a77f-653a70bf0925/1/Otd_5o-p2rZE_Qo9-zoCVmqAlZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.4.0/22
Signature Algorithm: sha256WithRSAEncryption
50:05:c9:0c:e3:09:2f:5b:6f:0b:66:63:9f:35:03:dc:72:68:
4f:00:8c:d6:07:87:08:d5:8f:22:fa:7d:af:e5:3f:f9:22:72:
e1:62:5f:1e:6d:69:6f:ab:96:d3:38:94:48:dc:fd:26:5e:da:
c4:d2:45:b4:6c:a9:e2:08:8f:12:d5:5f:38:83:12:a5:89:56:
0c:6c:d7:de:bd:02:66:29:2c:c7:d0:b5:1d:42:4f:3d:ac:63:
c4:f6:14:ba:53:8e:ac:34:97:e2:b3:53:24:58:94:cd:87:12:
c6:40:87:04:bf:a1:79:15:67:46:12:1b:1b:a2:f7:3f:98:79:
ce:43:db:fd:de:51:90:30:9d:17:36:36:a2:e3:ec:b8:d2:88:
bf:41:20:cb:d6:2c:ba:c7:f2:c5:be:1b:ab:11:66:ae:8f:23:
cc:c5:47:11:6a:d9:02:2b:cc:ac:a1:f5:1a:66:58:68:51:65:
64:b9:f2:c0:a5:21:7d:0e:c4:23:b5:70:e6:6a:34:bb:2d:ec:
86:27:db:1d:e9:d4:52:e1:09:cf:f4:56:f6:b1:0a:41:e6:44:
94:be:3a:29:9e:24:b0:9e:02:26:e3:0b:61:e8:aa:f5:18:0f:
cd:0d:85:f8:7d:71:0a:3f:bf:c5:b6:3d:27:ce:cc:bc:9d:6e:
bb:34:6d:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyAz3ZuGg0CT6q+M0olA0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDc3ZmU2OGZhOWRhYjY0NGZkMGEzZGZiM2EwMjU2NmE4
MDk1OTAwHhcNMjMwMTAyMTAyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmYyMWMyODM1ZDY4NWYxZTRiNDk0ZjlkYTM2OGU5MTBlYmM3NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMaJNKYRnFGv6vSEAoc62zWngJ00
5cceNlGuAEZsY0reR9bTg68mhPt/bzUHTpUaq9KEyMPPIYBFKEGEQYOfKBrpk8gB
5/BwUp5l+uSJAccIk4WhPpAsEPqZ3+IcZQABHZggQspsf92WG48ipGroQlAHWXm1
P6MY+7+q11WdCA77e7bcEP6Mchh9OwALLjXQPo+SUg7rezHvJpq+inHA8IR6KI3f
dkVbnn43khe1IZsp5hvc1BWZqBXXJY4gaOZp0gpC04tVwdSLzuw1uQFHXA3sYDQQ
APZOI/or7li4pGMLqVeud+walIzg21X0VL/Kp4y3FK08mp0MNaO3LHkQiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbyHCg11oXx5LSU+do2jpEOvHbDMB8GA1UdIwQY
MBaAFDrXf+aPqdq2RP0KPfs6AlZqgJWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RkXzVvLXAyclpFX1FvOS16b0NWbXFBbFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xMzc0YzAtNGJkNC00MTU2LWE3N2Yt
NjUzYTcwYmYwOTI1LzEvRnZJY0tEWFdoZkhrdEpUNTJqYU9rUTY4ZHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xMzc0YzAtNGJkNC00MTU2LWE3N2YtNjUzYTcwYmYwOTI1
LzEvT3RkXzVvLXAyclpFX1FvOS16b0NWbXFBbFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY0EMA0G
CSqGSIb3DQEBCwUAA4IBAQBQBckM4wkvW28LZmOfNQPccmhPAIzWB4cI1Y8i+n2v
5T/5InLhYl8ebWlvq5bTOJRI3P0mXtrE0kW0bKniCI8S1V84gxKliVYMbNfevQJm
KSzH0LUdQk89rGPE9hS6U46sNJfis1MkWJTNhxLGQIcEv6F5FWdGEhsbovc/mHnO
Q9v93lGQMJ0XNjai4+y40oi/QSDL1iy6x/LFvhurEWaujyPMxUcRatkCK8ysofUa
ZlhoUWVkufLApSF9DsQjtXDmajS7LeyGJ9sd6dRS4QnP9Fb2sQpB5kSUvjopniSw
ngIm4wth6Kr1GA/NDYX4fXEKP7/Ftj0nzsy8nW67NG2o
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:18:52 2025 by rpki-client