Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a39138-f4f1-4259-a4b9-acd87c546048/1/FdokIZjF7EUTgqrijMJWcPAF7F8.roa
File: FdokIZjF7EUTgqrijMJWcPAF7F8.roa (raw, json)
Hash identifier: qetmj9VAbHfgY5murrBj2NY1RfJMuHlfmYOMhCJIh0E=
Subject key identifier: 15:DA:24:21:98:C5:EC:45:13:82:AA:E2:8C:C2:56:70:F0:05:EC:5F
Certificate issuer: /CN=a9480cf18fd7859df9ad997940013a99b8dee374
Certificate serial: 01856F0B4829F191E7E7C5C6BB2BCB6F31A0
Authority key identifier: A9:48:0C:F1:8F:D7:85:9D:F9:AD:99:79:40:01:3A:99:B8:DE:E3:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUgM8Y_XhZ35rZl5QAE6mbje43Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a39138-f4f1-4259-a4b9-acd87c546048/1/FdokIZjF7EUTgqrijMJWcPAF7F8.roa
Signing time: Sun 01 Jan 2023 20:34:48 +0000
ROA not before: Sun 01 Jan 2023 20:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50304
IP address blocks: 185.91.64.0/22 maxlen: 24
2a05:e880::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:48:29:f1:91:e7:e7:c5:c6:bb:2b:cb:6f:31:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9480cf18fd7859df9ad997940013a99b8dee374
Validity
Not Before: Jan 1 20:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15da242198c5ec451382aae28cc25670f005ec5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:89:67:8b:12:90:ab:0a:21:da:4d:e8:24:2d:
c8:f1:27:4b:44:71:d2:77:af:ca:dc:4e:81:97:5d:
33:22:9e:3b:f1:3c:16:16:72:d7:68:63:b8:cb:66:
2f:30:30:96:3d:73:15:a7:0c:5d:36:2b:99:91:76:
53:4e:7f:ad:e0:9e:8a:fa:6b:f2:e8:98:d4:99:84:
b4:78:01:68:03:52:0c:d1:94:15:38:82:1f:a9:bf:
72:f0:3f:aa:6b:1c:35:40:7a:de:ab:29:f9:46:db:
3f:c2:e4:ee:2b:35:bd:64:85:c8:d9:95:ed:4b:17:
fd:9e:7b:45:5f:d1:e4:33:27:f2:28:4e:a7:a4:11:
44:98:f8:0f:6a:d4:25:c4:29:30:a1:d1:17:f2:6b:
d9:d4:ae:9c:83:1a:03:03:cc:3a:30:3a:c8:ce:b5:
6b:93:91:1d:d4:c9:6c:03:dd:16:26:6c:05:6d:40:
45:f1:b9:b8:b9:c9:71:63:c4:ec:14:d2:e3:5e:cd:
03:8b:96:71:34:22:a2:97:3c:22:c2:8a:9a:3b:67:
8a:38:c4:3b:ba:80:c2:fc:d3:d3:9c:a9:77:1b:ec:
f0:a0:b8:84:fd:05:32:ab:61:a7:06:4d:8c:20:39:
48:80:42:2a:56:c4:91:10:e9:9e:54:47:a8:33:8f:
54:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DA:24:21:98:C5:EC:45:13:82:AA:E2:8C:C2:56:70:F0:05:EC:5F
X509v3 Authority Key Identifier:
keyid:A9:48:0C:F1:8F:D7:85:9D:F9:AD:99:79:40:01:3A:99:B8:DE:E3:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUgM8Y_XhZ35rZl5QAE6mbje43Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a39138-f4f1-4259-a4b9-acd87c546048/1/FdokIZjF7EUTgqrijMJWcPAF7F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a39138-f4f1-4259-a4b9-acd87c546048/1/qUgM8Y_XhZ35rZl5QAE6mbje43Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.64.0/22
IPv6:
2a05:e880::/29
Signature Algorithm: sha256WithRSAEncryption
5c:fa:cc:00:a9:78:56:e0:26:b0:0d:7f:e9:0f:b3:34:6a:14:
37:3d:e5:28:e4:d5:be:d3:bb:81:b4:82:6e:50:22:b5:27:1b:
31:5a:a5:c3:7b:60:0d:e3:fc:47:05:97:99:c0:dd:c9:4d:22:
2d:49:91:52:69:0c:1d:4a:dc:10:60:cf:93:9a:60:e4:20:84:
80:55:8d:28:8c:26:17:76:9b:70:23:95:ce:22:15:47:b2:d7:
23:bb:9a:88:06:5e:6a:bd:63:93:44:cd:41:cd:b3:ba:f7:8b:
0b:36:1f:a9:2d:74:c2:a7:2f:99:d6:c6:76:09:db:de:60:d5:
4a:40:a1:86:e0:30:db:be:40:d3:01:b6:51:28:89:9f:ea:d0:
c6:16:02:9a:17:5a:78:8b:37:3b:31:8f:93:32:da:83:09:d8:
81:16:1b:9b:cc:ac:78:eb:2a:db:a8:0f:47:e2:3e:93:79:ec:
71:03:f4:ee:92:74:a5:a0:29:37:40:ee:91:0b:eb:72:52:71:
b5:b1:32:62:a6:a1:fd:cb:52:35:1f:cf:5a:e7:ab:cf:3c:2c:
26:c7:17:c3:9d:2d:44:52:8c:0e:b3:25:b4:96:90:74:4e:0b:
27:ec:36:43:43:cf:2b:4b:71:00:6c:5d:c9:ac:ee:19:b9:6e:
79:00:78:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvC0gp8ZHn58XGuyvLbzGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NDgwY2YxOGZkNzg1OWRmOWFkOTk3OTQwMDEzYTk5Yjhk
ZWUzNzQwHhcNMjMwMTAxMjAzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWRhMjQyMTk4YzVlYzQ1MTM4MmFhZTI4Y2MyNTY3MGYwMDVlYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4lnixKQqwoh2k3oJC3I8SdLRHHS
d6/K3E6Bl10zIp478TwWFnLXaGO4y2YvMDCWPXMVpwxdNiuZkXZTTn+t4J6K+mvy
6JjUmYS0eAFoA1IM0ZQVOIIfqb9y8D+qaxw1QHreqyn5Rts/wuTuKzW9ZIXI2ZXt
Sxf9nntFX9HkMyfyKE6npBFEmPgPatQlxCkwodEX8mvZ1K6cgxoDA8w6MDrIzrVr
k5Ed1MlsA90WJmwFbUBF8bm4uclxY8TsFNLjXs0Di5ZxNCKilzwiwoqaO2eKOMQ7
uoDC/NPTnKl3G+zwoLiE/QUyq2GnBk2MIDlIgEIqVsSREOmeVEeoM49UUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBXaJCGYxexFE4Kq4ozCVnDwBexfMB8GA1UdIwQY
MBaAFKlIDPGP14Wd+a2ZeUABOpm43uN0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVVnTThZX1hoWjM1clpsNVFBRTZtYmplNDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9hMzkxMzgtZjRmMS00MjU5LWE0Yjkt
YWNkODdjNTQ2MDQ4LzEvRmRva0laakY3RVVUZ3FyaWpNSldjUEFGN0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9hMzkxMzgtZjRmMS00MjU5LWE0YjktYWNkODdjNTQ2MDQ4
LzEvcVVnTThZX1hoWjM1clpsNVFBRTZtYmplNDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVtAMA0E
AgACMAcDBQMqBeiAMA0GCSqGSIb3DQEBCwUAA4IBAQBc+swAqXhW4CawDX/pD7M0
ahQ3PeUo5NW+07uBtIJuUCK1JxsxWqXDe2AN4/xHBZeZwN3JTSItSZFSaQwdStwQ
YM+TmmDkIISAVY0ojCYXdptwI5XOIhVHstcju5qIBl5qvWOTRM1BzbO694sLNh+p
LXTCpy+Z1sZ2CdveYNVKQKGG4DDbvkDTAbZRKImf6tDGFgKaF1p4izc7MY+TMtqD
CdiBFhubzKx46yrbqA9H4j6TeexxA/TuknSloCk3QO6RC+tyUnG1sTJipqH9y1I1
H89a56vPPCwmxxfDnS1EUowOsyW0lpB0Tgsn7DZDQ88rS3EAbF3JrO4ZuW55AHjp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:31 2025 by rpki-client