Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/FkqEmxkUNO35JBLCmqAjJZ7l7Gk.roa
File: FkqEmxkUNO35JBLCmqAjJZ7l7Gk.roa (raw, json)
Hash identifier: Wh7c1ilEd1GbxdpnuFGb8fGaMsUTCLtBzONbQ/X5w4g=
Subject key identifier: 16:4A:84:9B:19:14:34:ED:F9:24:12:C2:9A:A0:23:25:9E:E5:EC:69
Certificate issuer: /CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Certificate serial: 0185703995D60B6A26836F245D42461FBB18
Authority key identifier: AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/FkqEmxkUNO35JBLCmqAjJZ7l7Gk.roa
Signing time: Mon 02 Jan 2023 02:05:00 +0000
ROA not before: Mon 02 Jan 2023 02:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198385
IP address blocks: 89.249.40.0/23 maxlen: 23
185.63.36.0/22 maxlen: 22
37.35.104.0/21 maxlen: 21
5.1.96.0/21 maxlen: 21
185.75.32.0/22 maxlen: 22
2a03:2040::/29 maxlen: 29
2a00:e6c0::/32 maxlen: 32
2a03:2040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:95:d6:0b:6a:26:83:6f:24:5d:42:46:1f:bb:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Validity
Not Before: Jan 2 02:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=164a849b191434edf92412c29aa023259ee5ec69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:34:84:26:e8:52:14:02:2c:32:d3:46:8f:39:
1e:04:b4:5e:f0:fc:58:3b:f0:f4:be:a3:5f:5a:7a:
1c:56:27:18:72:71:2f:1f:33:c1:bf:28:f4:53:3f:
1a:ae:5e:20:49:fe:c6:11:0b:0f:70:2b:e7:98:10:
86:8d:ce:e0:68:a4:db:04:b5:4c:9c:49:54:85:b3:
dc:d6:e2:a4:97:27:50:c0:3a:6a:36:2a:12:c6:60:
f2:23:47:5f:63:6c:44:32:a3:08:f2:d8:dc:32:8c:
cc:1f:55:73:97:85:e4:c6:d0:d7:55:49:bc:25:71:
50:1c:8e:7e:0a:65:fc:ae:81:28:08:3f:0c:59:16:
5d:e6:1a:b5:93:fc:b9:a6:87:c8:e4:12:7d:2c:a4:
1d:15:97:da:9a:44:04:19:8d:f2:6f:3c:12:6c:2c:
f1:d4:79:8d:85:db:e8:e9:b1:aa:f1:35:54:bc:a3:
7a:2b:4a:2f:4d:59:28:c3:aa:65:13:b4:a9:32:06:
5b:88:23:8c:c4:06:dc:2f:d4:50:fe:e0:b8:21:ee:
10:e2:8b:32:91:dc:81:cc:84:c6:6a:f1:9c:07:7c:
b4:a5:ee:c9:f4:7e:2e:37:72:37:e1:1a:18:ad:07:
96:63:d6:16:95:53:7f:db:67:0f:4b:37:3b:a9:41:
55:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4A:84:9B:19:14:34:ED:F9:24:12:C2:9A:A0:23:25:9E:E5:EC:69
X509v3 Authority Key Identifier:
keyid:AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/FkqEmxkUNO35JBLCmqAjJZ7l7Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/r-xPShbMUb1RYhARU5zrV0rBXQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.96.0/21
37.35.104.0/21
89.249.40.0/23
185.63.36.0/22
185.75.32.0/22
IPv6:
2a00:e6c0::/32
2a03:2040::/29
Signature Algorithm: sha256WithRSAEncryption
ab:11:23:7d:50:d9:6f:b5:24:50:17:2c:d0:5e:0e:8c:0c:1a:
45:3c:a5:36:4c:14:68:cb:cb:1c:6a:37:e0:a2:7c:86:49:e8:
05:91:12:b8:d5:d8:15:1c:01:49:2e:3c:07:56:b6:58:03:e6:
a6:1e:a0:48:51:54:ec:60:13:68:ea:d9:56:17:10:cf:69:76:
58:2e:a1:61:fb:8e:5f:99:77:f8:3e:07:18:97:fd:b5:b6:a9:
f9:33:f5:cb:b3:34:8a:1d:03:de:44:4a:33:18:b0:fd:d3:0a:
6e:16:a7:48:3f:66:80:66:c0:72:a3:c9:58:71:3b:18:8e:ef:
11:11:e4:8d:69:d7:28:39:15:1f:f0:d0:65:0c:2f:9a:a0:1e:
8d:b3:36:a4:24:4e:5d:0a:af:f2:3b:2d:42:58:74:d9:cd:0f:
5a:6a:6f:91:de:7b:18:63:bf:b7:6c:41:1f:fb:ae:6d:4d:4e:
f2:88:93:e8:da:1b:06:66:69:e4:73:da:5f:ee:5e:0f:45:9f:
b9:6c:29:9e:af:1f:46:0a:5c:aa:86:0a:74:25:5f:0c:57:76:
93:63:c4:1a:ba:9b:78:fb:c4:03:9d:25:26:33:57:9f:ad:48:
3d:99:0d:14:a5:f0:35:9c:6c:c9:10:36:52:45:fe:2e:5e:dd:
d0:02:d6:be
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVwOZXWC2omg28kXUJGH7sYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZWM0ZjRhMTZjYzUxYmQ1MTYyMTAxMTUzOWNlYjU3NGFj
MTVkMDIwHhcNMjMwMTAyMDIwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjRhODQ5YjE5MTQzNGVkZjkyNDEyYzI5YWEwMjMyNTllZTVlYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzSEJuhSFAIsMtNGjzkeBLRe8PxY
O/D0vqNfWnocVicYcnEvHzPBvyj0Uz8arl4gSf7GEQsPcCvnmBCGjc7gaKTbBLVM
nElUhbPc1uKklydQwDpqNioSxmDyI0dfY2xEMqMI8tjcMozMH1Vzl4XkxtDXVUm8
JXFQHI5+CmX8roEoCD8MWRZd5hq1k/y5pofI5BJ9LKQdFZfamkQEGY3ybzwSbCzx
1HmNhdvo6bGq8TVUvKN6K0ovTVkow6plE7SpMgZbiCOMxAbcL9RQ/uC4Ie4Q4osy
kdyBzITGavGcB3y0pe7J9H4uN3I34RoYrQeWY9YWlVN/22cPSzc7qUFVRwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBZKhJsZFDTt+SQSwpqgIyWe5expMB8GA1UdIwQY
MBaAFK/sT0oWzFG9UWIQEVOc61dKwV0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0Nzgt
MjdlZmMxM2FmZjFlLzEvRmtxRW14a1VOTzM1SkJMQ21xQWpKWjdsN0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0NzgtMjdlZmMxM2FmZjFl
LzEvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDBQFgAwQD
JSNoAwQBWfkoAwQCuT8kAwQCuUsgMBQEAgACMA4DBQAqAObAAwUDKgMgQDANBgkq
hkiG9w0BAQsFAAOCAQEAqxEjfVDZb7UkUBcs0F4OjAwaRTylNkwUaMvLHGo34KJ8
hknoBZESuNXYFRwBSS48B1a2WAPmph6gSFFU7GATaOrZVhcQz2l2WC6hYfuOX5l3
+D4HGJf9tbap+TP1y7M0ih0D3kRKMxiw/dMKbhanSD9mgGbAcqPJWHE7GI7vERHk
jWnXKDkVH/DQZQwvmqAejbM2pCROXQqv8jstQlh02c0PWmpvkd57GGO/t2xBH/uu
bU1O8oiT6NobBmZp5HPaX+5eD0WfuWwpnq8fRgpcqoYKdCVfDFd2k2PEGrqbePvE
A50lJjNXn61IPZkNFKXwNZxsyRA2UkX+Ll7d0ALWvg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:56 2025 by rpki-client