Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cc8e7a-e413-43ff-aa59-0914ad24a3e4/1/FnyxTO0-slb7fv_PDlzV75tjT-I.roa
File: FnyxTO0-slb7fv_PDlzV75tjT-I.roa (raw, json)
Hash identifier: IR2sdJEckHAi7cPLeLzUq59TfMKVuSmI676KaI3Grto=
Subject key identifier: 16:7C:B1:4C:ED:3E:B2:56:FB:7E:FF:CF:0E:5C:D5:EF:9B:63:4F:E2
Certificate issuer: /CN=a3c71c86459de74bbd35a3ccbfd8ae5d9cb4d2d8
Certificate serial: 018570FBD33855E6828CF9BB9F1F26A145ED
Authority key identifier: A3:C7:1C:86:45:9D:E7:4B:BD:35:A3:CC:BF:D8:AE:5D:9C:B4:D2:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8cchkWd50u9NaPMv9iuXZy00tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/cc8e7a-e413-43ff-aa59-0914ad24a3e4/1/FnyxTO0-slb7fv_PDlzV75tjT-I.roa
Signing time: Mon 02 Jan 2023 05:37:09 +0000
ROA not before: Mon 02 Jan 2023 05:37:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211080
IP address blocks: 185.182.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:d3:38:55:e6:82:8c:f9:bb:9f:1f:26:a1:45:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c71c86459de74bbd35a3ccbfd8ae5d9cb4d2d8
Validity
Not Before: Jan 2 05:37:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=167cb14ced3eb256fb7effcf0e5cd5ef9b634fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:97:2f:88:e5:1a:6e:24:6c:49:0c:2f:70:61:
d6:ca:50:f0:d2:e8:22:e7:4b:d3:f4:4f:64:4b:ed:
fa:ea:87:fb:20:ef:da:9e:ad:35:07:f4:22:e6:f0:
11:4d:94:b3:82:68:ea:0f:74:23:8f:ec:ef:b8:f1:
46:00:98:ce:2c:b6:82:bc:0e:be:7c:19:c9:5a:c3:
f6:4d:11:80:07:76:3f:c4:cd:61:5f:1e:5c:ae:4b:
99:c0:f9:82:f1:06:3a:08:95:5a:17:03:3f:31:70:
6d:60:6f:fa:53:25:44:77:cc:bd:13:bb:d0:23:79:
0b:2c:56:98:d4:57:53:1f:85:dc:b7:3a:c4:95:d8:
b2:11:2c:e2:cd:ee:e2:de:d9:44:3c:cd:79:bf:0d:
6d:16:9f:0c:78:2e:1c:db:ec:f5:d4:ef:03:84:88:
80:74:c5:80:a6:60:4b:f3:5e:70:2c:12:66:7a:5d:
d5:8b:40:62:74:ea:b2:3f:e3:14:86:66:dd:6b:0d:
1d:35:78:ea:31:8a:50:fc:78:c5:27:82:14:b6:df:
dd:cb:fa:19:e3:1a:8b:c5:0b:fd:c3:10:c0:1f:15:
55:95:cc:e4:b9:7d:ad:38:27:fa:05:f4:51:2f:77:
cb:fe:81:9f:9d:de:67:ab:fe:38:ad:3b:70:a7:16:
1f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7C:B1:4C:ED:3E:B2:56:FB:7E:FF:CF:0E:5C:D5:EF:9B:63:4F:E2
X509v3 Authority Key Identifier:
keyid:A3:C7:1C:86:45:9D:E7:4B:BD:35:A3:CC:BF:D8:AE:5D:9C:B4:D2:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8cchkWd50u9NaPMv9iuXZy00tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cc8e7a-e413-43ff-aa59-0914ad24a3e4/1/FnyxTO0-slb7fv_PDlzV75tjT-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cc8e7a-e413-43ff-aa59-0914ad24a3e4/1/o8cchkWd50u9NaPMv9iuXZy00tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.158.0/24
Signature Algorithm: sha256WithRSAEncryption
98:06:61:28:ce:d1:88:99:6d:94:e5:45:7f:2d:e0:03:d9:79:
d8:56:b9:83:bf:b9:72:1a:df:55:7a:5f:5e:67:8f:0e:60:c9:
f4:f3:91:46:af:1e:bf:c5:33:83:7b:f5:78:32:69:72:81:3a:
04:ca:52:10:f9:da:0f:18:cc:0d:3b:b6:c4:c8:d5:ed:8d:69:
02:58:d4:c8:8a:0d:0f:cc:a4:c3:4c:0c:04:a2:3d:c7:81:71:
b8:80:f3:fd:58:2a:ae:3c:b9:d8:bd:ca:49:a9:cf:39:ef:60:
c4:56:73:3e:dc:fd:6e:5d:b1:8a:83:3d:fb:ff:33:51:50:51:
3f:e7:87:0e:61:83:fd:4e:fb:00:55:41:b1:4f:a0:fe:45:26:
f3:fb:ca:fa:87:da:17:ae:14:8a:8e:45:46:43:f2:8f:01:f5:
25:05:28:66:6f:48:40:50:50:b0:d5:23:29:c4:d1:4c:58:34:
9a:5d:0c:50:7b:42:8d:f0:25:11:2c:08:53:9c:ce:29:f0:7a:
38:c1:83:b0:c1:1b:fc:19:11:8b:bc:96:60:af:18:6d:fb:a7:
00:93:ef:43:76:a0:d9:aa:f5:fb:a0:f5:50:cb:b9:68:af:67:
30:19:8b:73:1f:3e:3f:f6:69:ff:f4:27:8e:74:3e:1a:1e:6b:
4a:98:13:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+9M4VeaCjPm7nx8moUXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzcxYzg2NDU5ZGU3NGJiZDM1YTNjY2JmZDhhZTVkOWNi
NGQyZDgwHhcNMjMwMTAyMDUzNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjdjYjE0Y2VkM2ViMjU2ZmI3ZWZmY2YwZTVjZDVlZjliNjM0ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZcviOUabiRsSQwvcGHWylDw0ugi
50vT9E9kS+366of7IO/anq01B/Qi5vARTZSzgmjqD3Qjj+zvuPFGAJjOLLaCvA6+
fBnJWsP2TRGAB3Y/xM1hXx5crkuZwPmC8QY6CJVaFwM/MXBtYG/6UyVEd8y9E7vQ
I3kLLFaY1FdTH4XctzrEldiyESzize7i3tlEPM15vw1tFp8MeC4c2+z11O8DhIiA
dMWApmBL815wLBJmel3Vi0BidOqyP+MUhmbdaw0dNXjqMYpQ/HjFJ4IUtt/dy/oZ
4xqLxQv9wxDAHxVVlczkuX2tOCf6BfRRL3fL/oGfnd5nq/44rTtwpxYfSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBZ8sUztPrJW+37/zw5c1e+bY0/iMB8GA1UdIwQY
MBaAFKPHHIZFnedLvTWjzL/Yrl2ctNLYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhjY2hrV2Q1MHU5TmFQTXY5aXVYWnkwMHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jYzhlN2EtZTQxMy00M2ZmLWFhNTkt
MDkxNGFkMjRhM2U0LzEvRm55eFRPMC1zbGI3ZnZfUERselY3NXRqVC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jYzhlN2EtZTQxMy00M2ZmLWFhNTktMDkxNGFkMjRhM2U0
LzEvbzhjY2hrV2Q1MHU5TmFQTXY5aXVYWnkwMHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubaeMA0G
CSqGSIb3DQEBCwUAA4IBAQCYBmEoztGImW2U5UV/LeAD2XnYVrmDv7lyGt9Vel9e
Z48OYMn085FGrx6/xTODe/V4MmlygToEylIQ+doPGMwNO7bEyNXtjWkCWNTIig0P
zKTDTAwEoj3HgXG4gPP9WCquPLnYvcpJqc8572DEVnM+3P1uXbGKgz37/zNRUFE/
54cOYYP9TvsAVUGxT6D+RSbz+8r6h9oXrhSKjkVGQ/KPAfUlBShmb0hAUFCw1SMp
xNFMWDSaXQxQe0KN8CURLAhTnM4p8Ho4wYOwwRv8GRGLvJZgrxht+6cAk+9DdqDZ
qvX7oPVQy7lor2cwGYtzHz4/9mn/9CeOdD4aHmtKmBMZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:19 2025 by rpki-client