Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/FsMdL68HnFCif_pPilJ2zFckjdA.roa
File: FsMdL68HnFCif_pPilJ2zFckjdA.roa (raw, json)
Hash identifier: iV6NnJNC/XcayUt6sguoXFj1OGeaRfQ5EFLXK2cZO4Q=
Subject key identifier: 16:C3:1D:2F:AF:07:9C:50:A2:7F:FA:4F:8A:52:76:CC:57:24:8D:D0
Certificate issuer: /CN=9e57f843b17ffceaa9b8636581fe4d54e346ddcc
Certificate serial: 01856F14CBCB953E271BAC32562F1A1A77BC
Authority key identifier: 9E:57:F8:43:B1:7F:FC:EA:A9:B8:63:65:81:FE:4D:54:E3:46:DD:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlf4Q7F__OqpuGNlgf5NVONG3cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/FsMdL68HnFCif_pPilJ2zFckjdA.roa
Signing time: Sun 01 Jan 2023 20:45:11 +0000
ROA not before: Sun 01 Jan 2023 20:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34399
IP address blocks: 195.114.120.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:cb:cb:95:3e:27:1b:ac:32:56:2f:1a:1a:77:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e57f843b17ffceaa9b8636581fe4d54e346ddcc
Validity
Not Before: Jan 1 20:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16c31d2faf079c50a27ffa4f8a5276cc57248dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:63:d7:da:d0:37:78:8f:c6:cd:64:52:df:f3:
65:df:2e:87:97:8e:9a:63:b3:68:17:3e:14:8b:6d:
8a:de:19:a0:34:b9:19:8b:5b:de:ef:3c:90:1f:0e:
44:32:e8:f9:e3:b9:d6:1f:80:53:84:09:3e:c5:19:
bb:bc:63:be:1f:1e:0d:99:ee:47:be:37:26:f8:db:
e8:92:4c:2b:50:1c:8c:24:fa:92:36:c8:24:43:7d:
db:b3:2e:8e:a1:17:3b:79:b6:4a:e1:4b:a9:99:4a:
67:57:59:c8:51:a3:57:99:26:9b:a0:b9:9d:ed:3b:
f7:2b:c4:58:37:4e:09:4e:86:54:09:9c:2a:fe:71:
cf:ee:a8:74:77:ff:08:15:65:3d:fc:10:fb:68:7b:
a7:28:3c:d1:3c:6f:49:35:71:67:30:96:2b:be:26:
83:07:9a:a4:da:7f:3f:da:d8:11:43:2f:f0:ae:35:
3e:22:a0:71:99:72:da:76:d3:d3:cc:cd:e2:bd:6e:
e9:27:e5:2a:28:a2:5e:4b:52:07:8d:45:15:4a:97:
d2:c3:02:77:78:dd:7d:89:1f:95:6f:cd:38:9d:2e:
8c:a7:4c:7d:dc:d8:a3:75:14:68:a8:b9:c6:bb:ab:
18:4f:f7:1a:04:06:34:fb:9f:84:df:fd:e9:c4:05:
48:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C3:1D:2F:AF:07:9C:50:A2:7F:FA:4F:8A:52:76:CC:57:24:8D:D0
X509v3 Authority Key Identifier:
keyid:9E:57:F8:43:B1:7F:FC:EA:A9:B8:63:65:81:FE:4D:54:E3:46:DD:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlf4Q7F__OqpuGNlgf5NVONG3cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/FsMdL68HnFCif_pPilJ2zFckjdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7d0efe-709d-4d11-b692-0e230806b579/1/nlf4Q7F__OqpuGNlgf5NVONG3cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.120.0/23
Signature Algorithm: sha256WithRSAEncryption
22:65:20:35:37:b7:43:c1:03:d5:80:5d:de:57:86:13:6f:bd:
28:2f:85:01:31:79:99:2a:cc:35:5c:7a:54:98:bf:eb:bb:ff:
38:4c:d3:72:36:27:e8:d0:8e:75:ef:42:a1:bc:78:4c:13:63:
63:07:b2:eb:2b:82:53:7c:d2:c9:c3:ab:44:e6:0a:ab:73:de:
3b:85:26:b1:ad:d5:4e:83:93:65:6c:0c:b1:bc:70:c4:b8:b9:
84:fa:4b:de:29:d6:5d:a0:54:28:01:eb:18:92:f5:6f:c6:1e:
0f:ae:96:89:f5:a3:a0:d2:db:1c:7d:45:5e:73:04:5e:1a:54:
ae:92:2c:92:e1:05:40:c8:97:e8:b5:8c:5e:59:d6:3b:2f:7a:
62:4a:a7:a2:c1:bb:49:d5:97:b2:4d:07:a4:35:3f:11:62:1e:
0c:14:f4:fb:77:6c:55:76:a1:e8:f7:92:69:a3:60:f7:b8:fa:
28:5a:7f:00:f3:f1:db:3b:24:81:02:2d:a0:e1:2c:9a:fc:57:
9c:76:d9:7d:71:53:f6:85:b4:f8:76:bd:77:d9:ff:2b:25:a8:
e6:0a:7a:9e:49:25:f9:18:d8:82:42:c5:90:f3:2b:e0:7a:ee:
b6:de:96:8b:6d:01:ab:46:fb:42:ed:14:d6:ea:ab:69:8a:6e:
2b:eb:0c:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFMvLlT4nG6wyVi8aGne8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTdmODQzYjE3ZmZjZWFhOWI4NjM2NTgxZmU0ZDU0ZTM0
NmRkY2MwHhcNMjMwMTAxMjA0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmMzMWQyZmFmMDc5YzUwYTI3ZmZhNGY4YTUyNzZjYzU3MjQ4ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2PX2tA3eI/GzWRS3/Nl3y6Hl46a
Y7NoFz4Ui22K3hmgNLkZi1ve7zyQHw5EMuj547nWH4BThAk+xRm7vGO+Hx4Nme5H
vjcm+NvokkwrUByMJPqSNsgkQ33bsy6OoRc7ebZK4UupmUpnV1nIUaNXmSaboLmd
7Tv3K8RYN04JToZUCZwq/nHP7qh0d/8IFWU9/BD7aHunKDzRPG9JNXFnMJYrviaD
B5qk2n8/2tgRQy/wrjU+IqBxmXLadtPTzM3ivW7pJ+UqKKJeS1IHjUUVSpfSwwJ3
eN19iR+Vb804nS6Mp0x93NijdRRoqLnGu6sYT/caBAY0+5+E3/3pxAVIdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbDHS+vB5xQon/6T4pSdsxXJI3QMB8GA1UdIwQY
MBaAFJ5X+EOxf/zqqbhjZYH+TVTjRt3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxmNFE3Rl9fT3FwdUdObGdmNU5WT05HM2N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83ZDBlZmUtNzA5ZC00ZDExLWI2OTIt
MGUyMzA4MDZiNTc5LzEvRnNNZEw2OEhuRkNpZl9wUGlsSjJ6RmNramRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83ZDBlZmUtNzA5ZC00ZDExLWI2OTItMGUyMzA4MDZiNTc5
LzEvbmxmNFE3Rl9fT3FwdUdObGdmNU5WT05HM2N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw3J4MA0G
CSqGSIb3DQEBCwUAA4IBAQAiZSA1N7dDwQPVgF3eV4YTb70oL4UBMXmZKsw1XHpU
mL/ru/84TNNyNifo0I5170KhvHhME2NjB7LrK4JTfNLJw6tE5gqrc947hSaxrdVO
g5NlbAyxvHDEuLmE+kveKdZdoFQoAesYkvVvxh4PrpaJ9aOg0tscfUVecwReGlSu
kiyS4QVAyJfotYxeWdY7L3piSqeiwbtJ1ZeyTQekNT8RYh4MFPT7d2xVdqHo95Jp
o2D3uPooWn8A8/HbOySBAi2g4Sya/Fecdtl9cVP2hbT4dr132f8rJajmCnqeSSX5
GNiCQsWQ8yvgeu623paLbQGrRvtC7RTW6qtpim4r6wwV
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:04:39 2025 by rpki-client