Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/_2l0FWSR5GLYM2psCRT2r06xR3E.roa
File: _2l0FWSR5GLYM2psCRT2r06xR3E.roa (raw, json)
Hash identifier: c36TZ9YjRyq5KCGwt7oH5DQwPePTuyKnTTWPhbVHSqk=
Subject key identifier: FF:69:74:15:64:91:E4:62:D8:33:6A:6C:09:14:F6:AF:4E:B1:47:71
Certificate issuer: /CN=f97f69ed26c2e4687dbab2e6c6cca88d17c4c332
Certificate serial: 01856C53F31380AEE032A5987D3502306C7A
Authority key identifier: F9:7F:69:ED:26:C2:E4:68:7D:BA:B2:E6:C6:CC:A8:8D:17:C4:C3:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-X9p7SbC5Gh9urLmxsyojRfEwzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/_2l0FWSR5GLYM2psCRT2r06xR3E.roa
Signing time: Sun 01 Jan 2023 07:55:19 +0000
ROA not before: Sun 01 Jan 2023 07:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47347
IP address blocks: 79.142.32.0/22 maxlen: 22
2a01:7b40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f3:13:80:ae:e0:32:a5:98:7d:35:02:30:6c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f97f69ed26c2e4687dbab2e6c6cca88d17c4c332
Validity
Not Before: Jan 1 07:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff6974156491e462d8336a6c0914f6af4eb14771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3c:47:1c:ad:a0:f2:f3:98:05:61:fc:4b:8a:
32:75:ad:df:53:97:52:d4:21:36:b7:fb:1a:46:ed:
59:d9:df:90:ea:05:24:58:66:e2:19:c4:89:55:d8:
77:a7:92:9e:36:84:9c:b1:a4:94:59:c9:4b:06:ec:
cd:f2:24:5a:a0:50:28:de:0b:64:07:ab:1b:c4:73:
2c:4c:e7:57:e6:13:37:9e:15:6f:96:54:63:8c:c7:
4c:f0:d3:ba:8a:d2:5f:72:2d:ae:8c:67:d0:58:9d:
51:a4:13:37:a9:88:54:29:aa:05:70:17:a4:46:ef:
16:fb:95:23:35:ee:8f:bf:ba:c3:52:3a:bf:03:83:
bb:54:ff:56:70:52:20:30:c8:df:e9:05:d0:36:90:
5e:bb:70:4c:35:14:87:f0:01:e0:69:b6:7d:5a:9d:
54:89:01:e3:fb:02:90:6f:56:c2:df:ae:0d:62:a2:
a5:d5:8f:f8:cd:87:60:0e:6e:4c:a6:8b:79:45:86:
99:f0:6e:fb:53:8c:70:dc:d6:de:ed:5e:ee:45:d7:
2d:61:6b:76:51:7d:db:df:51:f8:b4:70:8a:31:f8:
8a:ed:cf:f6:b2:7e:a5:8a:de:15:23:f5:17:1d:34:
6a:a4:9f:c7:44:0e:fe:4f:b7:87:76:48:16:e1:66:
dc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:69:74:15:64:91:E4:62:D8:33:6A:6C:09:14:F6:AF:4E:B1:47:71
X509v3 Authority Key Identifier:
keyid:F9:7F:69:ED:26:C2:E4:68:7D:BA:B2:E6:C6:CC:A8:8D:17:C4:C3:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-X9p7SbC5Gh9urLmxsyojRfEwzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/_2l0FWSR5GLYM2psCRT2r06xR3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/32441e-5e9b-4a32-8cc4-1eb75bb68233/1/1-X9p7SbC5Gh9urLmxsyojRfEwzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.32.0/22
IPv6:
2a01:7b40::/32
Signature Algorithm: sha256WithRSAEncryption
84:8d:00:79:61:ac:61:f7:43:7c:61:e6:37:ad:41:fa:d7:39:
a4:9d:6b:01:01:e1:5c:f4:bf:1a:6a:bf:f2:1a:3b:6c:ef:01:
eb:24:76:ca:0d:a2:b9:cc:1c:ef:0e:a4:da:d4:e0:7b:07:2b:
b8:2a:03:c3:5f:13:76:91:ed:d8:97:d7:a4:68:96:5c:88:d2:
38:42:b3:07:8d:0f:c4:bb:23:e6:13:7d:21:19:fa:09:a2:61:
da:47:b0:0c:38:6a:ef:93:17:47:5f:02:d0:be:82:ca:90:be:
dc:c3:c2:48:f6:42:8b:2a:36:1b:1c:8a:a1:63:c6:e7:05:64:
c9:78:fa:26:e0:0a:ae:b4:ec:c8:79:28:d0:76:d1:b4:8a:35:
a0:28:bb:47:dc:d0:8c:c5:7b:4b:86:78:f7:92:8a:16:54:e8:
24:47:e5:99:02:5c:cd:80:45:12:5c:54:1e:cd:7e:21:73:65:
67:11:d8:5f:e3:43:39:f0:90:b7:b0:e9:8a:d8:17:8d:0d:0d:
63:6f:b3:57:bc:ff:4f:d6:9d:6c:76:ca:7e:0c:ba:ea:1d:7d:
fb:b6:5f:35:6c:68:0e:f8:b5:85:32:40:74:91:e6:68:66:15:
b1:3d:8d:61:b7:1c:4f:4c:8c:e3:69:2e:9c:dd:50:5f:23:a1:
77:2f:66:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsU/MTgK7gMqWYfTUCMGx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5N2Y2OWVkMjZjMmU0Njg3ZGJhYjJlNmM2Y2NhODhkMTdj
NGMzMzIwHhcNMjMwMTAxMDc1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY5NzQxNTY0OTFlNDYyZDgzMzZhNmMwOTE0ZjZhZjRlYjE0NzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjxHHK2g8vOYBWH8S4oyda3fU5dS
1CE2t/saRu1Z2d+Q6gUkWGbiGcSJVdh3p5KeNoScsaSUWclLBuzN8iRaoFAo3gtk
B6sbxHMsTOdX5hM3nhVvllRjjMdM8NO6itJfci2ujGfQWJ1RpBM3qYhUKaoFcBek
Ru8W+5UjNe6Pv7rDUjq/A4O7VP9WcFIgMMjf6QXQNpBeu3BMNRSH8AHgabZ9Wp1U
iQHj+wKQb1bC364NYqKl1Y/4zYdgDm5Mpot5RYaZ8G77U4xw3Nbe7V7uRdctYWt2
UX3b31H4tHCKMfiK7c/2sn6lit4VI/UXHTRqpJ/HRA7+T7eHdkgW4Wbc6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP9pdBVkkeRi2DNqbAkU9q9OsUdxMB8GA1UdIwQY
MBaAFPl/ae0mwuRofbqy5sbMqI0XxMMyMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YOXA3U2JDNUdoOXVyTG14c3lvalJmRXd6SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYvMzI0NDFlLTVlOWItNGEzMi04Y2M0
LTFlYjc1YmI2ODIzMy8xL18ybDBGV1NSNUdMWU0ycHNDUlQycjA2eFIzRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjYvMzI0NDFlLTVlOWItNGEzMi04Y2M0LTFlYjc1YmI2ODIz
My8xLzEtWDlwN1NiQzVHaDl1ckxteHN5b2pSZkV3ekkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJPjiAw
DQQCAAIwBwMFACoBe0AwDQYJKoZIhvcNAQELBQADggEBAISNAHlhrGH3Q3xh5jet
QfrXOaSdawEB4Vz0vxpqv/IaO2zvAeskdsoNornMHO8OpNrU4HsHK7gqA8NfE3aR
7diX16RollyI0jhCsweND8S7I+YTfSEZ+gmiYdpHsAw4au+TF0dfAtC+gsqQvtzD
wkj2QosqNhsciqFjxucFZMl4+ibgCq607Mh5KNB20bSKNaAou0fc0IzFe0uGePeS
ihZU6CRH5ZkCXM2ARRJcVB7NfiFzZWcR2F/jQznwkLew6YrYF40NDWNvs1e8/0/W
nWx2yn4Muuodffu2XzVsaA74tYUyQHSR5mhmFbE9jWG3HE9MjONpLpzdUF8joXcv
ZmE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:19 2025 by rpki-client