Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/FmPvWenBqmbOviifeQDBrdrXneQ.roa
File: FmPvWenBqmbOviifeQDBrdrXneQ.roa (raw, json)
Hash identifier: EQKfNc2SKiVnC/FI3O6iItGAjd/M2+NVco5bSeHuJyI=
Subject key identifier: 16:63:EF:59:E9:C1:AA:66:CE:BE:28:9F:79:00:C1:AD:DA:D7:9D:E4
Certificate issuer: /CN=f9503c075a690556bd462122b24699e1b6b19278
Certificate serial: 01866DFFAA7183BB3639B91AEF48E9AC661C
Authority key identifier: F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/FmPvWenBqmbOviifeQDBrdrXneQ.roa
Signing time: Mon 20 Feb 2023 08:45:17 +0000
ROA not before: Mon 20 Feb 2023 08:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60350
IP address blocks: 195.189.178.0/23 maxlen: 24
185.45.180.0/22 maxlen: 24
193.161.254.0/23 maxlen: 23
193.105.151.0/24 maxlen: 24
91.221.146.0/23 maxlen: 24
193.164.2.0/24 maxlen: 24
193.164.2.0/23 maxlen: 23
193.148.6.0/23 maxlen: 24
185.183.112.0/22 maxlen: 22
185.183.112.0/24 maxlen: 24
185.183.113.0/24 maxlen: 24
45.137.178.0/23 maxlen: 23
45.137.176.0/23 maxlen: 23
45.137.176.0/22 maxlen: 22
2a0b:c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:ff:aa:71:83:bb:36:39:b9:1a:ef:48:e9:ac:66:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9503c075a690556bd462122b24699e1b6b19278
Validity
Not Before: Feb 20 08:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1663ef59e9c1aa66cebe289f7900c1addad79de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:15:26:be:e5:b5:58:5f:0d:71:72:88:95:77:
32:44:73:28:9b:07:a0:8f:d4:b8:04:17:91:a8:89:
c2:d3:5b:9b:60:bd:dd:e7:b5:1e:62:d5:5b:d9:ea:
42:b2:ed:4b:5d:d5:91:e0:41:b3:36:12:0e:27:34:
d1:08:1e:55:44:a3:c7:e5:5b:d8:ae:cf:cc:82:fa:
4f:56:df:38:39:6e:19:14:1d:25:e2:6b:30:94:0d:
fa:d0:4d:42:59:5a:3a:2f:72:af:ef:b1:57:0b:8a:
cd:47:8c:fb:8c:81:c1:fd:4c:77:04:47:23:65:35:
f7:7b:8c:d6:aa:12:9f:72:17:17:44:02:26:2b:2c:
90:08:8f:ca:6b:a0:d7:cb:a2:f5:2c:b2:25:e7:d6:
e4:a4:89:7c:4f:11:8d:50:f4:fd:81:da:ef:5c:a4:
66:5f:76:38:d7:18:1d:ce:f1:96:8e:83:95:c9:d1:
5a:5c:e4:a5:00:89:3d:fe:32:60:86:11:5b:d7:d3:
a6:bd:9c:49:7c:c0:a3:cf:77:fe:ed:29:9e:e3:60:
99:b6:4b:59:2c:91:9e:7a:cb:8d:d9:d7:89:a5:93:
58:90:c9:7b:23:e4:b7:c5:58:a6:27:d4:d9:fe:fc:
a5:e4:2e:6a:76:4b:cc:be:d6:ed:a4:cc:0a:f2:ec:
ed:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:63:EF:59:E9:C1:AA:66:CE:BE:28:9F:79:00:C1:AD:DA:D7:9D:E4
X509v3 Authority Key Identifier:
keyid:F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/FmPvWenBqmbOviifeQDBrdrXneQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1-VA8B1ppBVa9RiEiskaZ4baxkng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.176.0/22
91.221.146.0/23
185.45.180.0/22
185.183.112.0/22
193.105.151.0/24
193.148.6.0/23
193.161.254.0/23
193.164.2.0/23
195.189.178.0/23
IPv6:
2a0b:c80::/29
Signature Algorithm: sha256WithRSAEncryption
84:c1:ac:fb:d4:09:b2:f0:24:1f:04:aa:78:36:73:11:fc:98:
a6:7e:76:07:d6:3c:cd:f9:8a:bd:f3:7c:5f:82:b1:7d:b8:13:
6f:d5:17:0e:99:dc:ae:db:94:e7:15:af:96:b8:4d:f2:44:63:
0b:7e:5b:6f:9a:e6:8d:51:77:28:b1:f0:13:48:d9:6a:89:00:
b3:d5:ba:57:dc:4b:a0:d2:9e:bd:ac:30:5d:c3:6a:ff:a2:cf:
ca:74:dd:c9:eb:fd:1f:60:6c:85:8e:54:ba:3f:71:63:3a:0b:
2a:56:df:0f:e5:b8:6f:5a:1b:9f:8e:80:82:d3:d2:25:d6:b2:
f5:72:73:d0:ee:a4:71:60:6a:ee:bc:5b:bb:82:f0:a7:e6:4f:
e9:69:ee:1b:2d:4a:1a:3b:5b:3a:e6:12:a2:92:64:ce:2e:25:
b6:fb:79:04:ff:82:d0:70:c6:87:4a:b9:58:8c:39:d8:e5:cb:
ae:98:c0:95:74:bf:e1:6e:6f:75:cd:92:8b:16:7f:e6:ff:bc:
92:59:32:ff:cf:6e:3b:1b:09:83:97:a0:09:11:ac:78:8e:65:
28:ee:44:5c:7a:85:d2:af:3b:f6:88:25:c3:21:b0:00:f3:0b:
dd:48:87:9e:1b:a8:92:8f:d4:25:e6:88:73:1f:eb:db:45:70:
65:13:37:e4
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYZt/6pxg7s2Obka70jprGYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NTAzYzA3NWE2OTA1NTZiZDQ2MjEyMmIyNDY5OWUxYjZi
MTkyNzgwHhcNMjMwMjIwMDg0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjYzZWY1OWU5YzFhYTY2Y2ViZTI4OWY3OTAwYzFhZGRhZDc5ZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhUmvuW1WF8NcXKIlXcyRHMomweg
j9S4BBeRqInC01ubYL3d57UeYtVb2epCsu1LXdWR4EGzNhIOJzTRCB5VRKPH5VvY
rs/MgvpPVt84OW4ZFB0l4mswlA360E1CWVo6L3Kv77FXC4rNR4z7jIHB/Ux3BEcj
ZTX3e4zWqhKfchcXRAImKyyQCI/Ka6DXy6L1LLIl59bkpIl8TxGNUPT9gdrvXKRm
X3Y41xgdzvGWjoOVydFaXOSlAIk9/jJghhFb19OmvZxJfMCjz3f+7Sme42CZtktZ
LJGeesuN2deJpZNYkMl7I+S3xVimJ9TZ/vyl5C5qdkvMvtbtpMwK8uzt/QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBZj71npwapmzr4on3kAwa3a153kMB8GA1UdIwQY
MBaAFPlQPAdaaQVWvUYhIrJGmeG2sZJ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WQThCMXBwQlZhOVJpRWlza2FaNGJheGtuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQw
LTNmMjMxNmI1NTNmNS8xL0ZtUHZXZW5CcW1iT3ZpaWZlUURCcmRyWG5lUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQwLTNmMjMxNmI1NTNm
NS8xLzEtVkE4QjFwcEJWYTlSaUVpc2thWjRiYXhrbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXgYIKwYBBQUHAQcBAf8ETzBNMDwEAgABMDYDBAItibAD
BAFb3ZIDBAK5LbQDBAK5t3ADBADBaZcDBAHBlAYDBAHBof4DBAHBpAIDBAHDvbIw
DQQCAAIwBwMFAyoLDIAwDQYJKoZIhvcNAQELBQADggEBAITBrPvUCbLwJB8Eqng2
cxH8mKZ+dgfWPM35ir3zfF+CsX24E2/VFw6Z3K7blOcVr5a4TfJEYwt+W2+a5o1R
dyix8BNI2WqJALPVulfcS6DSnr2sMF3Dav+iz8p03cnr/R9gbIWOVLo/cWM6CypW
3w/luG9aG5+OgILT0iXWsvVyc9DupHFgau68W7uC8KfmT+lp7hstSho7WzrmEqKS
ZM4uJbb7eQT/gtBwxodKuViMOdjly66YwJV0v+Fub3XNkosWf+b/vJJZMv/Pbjsb
CYOXoAkRrHiOZSjuRFx6hdKvO/aIJcMhsADzC91Ih54bqJKP1CXmiHMf69tFcGUT
N+Q=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:47 2025 by rpki-client