Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/FYdst0IunKlhYyDHOUbn0og1yL8.roa
File: FYdst0IunKlhYyDHOUbn0og1yL8.roa (raw, json)
Hash identifier: QTC/ghnerAvpJV22crDHNU2I/hQ5/4BKsi79JqsF5ic=
Subject key identifier: 15:87:6C:B7:42:2E:9C:A9:61:63:20:C7:39:46:E7:D2:88:35:C8:BF
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01857042AD230D8C526BB42D8CEA4190AA7A
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/FYdst0IunKlhYyDHOUbn0og1yL8.roa
Signing time: Mon 02 Jan 2023 02:14:55 +0000
ROA not before: Mon 02 Jan 2023 02:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 194.32.144.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:ad:23:0d:8c:52:6b:b4:2d:8c:ea:41:90:aa:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 02:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15876cb7422e9ca9616320c73946e7d28835c8bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d7:68:dc:78:3d:4a:99:5d:f9:11:2b:4d:08:
8a:70:06:fd:cd:bc:aa:b1:f2:55:4d:fb:bd:04:83:
4c:aa:03:c5:d0:35:7c:b4:3f:56:b3:cb:e0:5e:a6:
fd:1d:65:b1:f2:b1:61:c6:1b:a7:f7:c7:a7:f4:a5:
6f:c7:7a:f6:76:41:9f:61:9f:ae:6c:52:b5:4f:af:
91:9e:99:33:2e:fd:3c:87:e2:64:90:e7:de:82:10:
cf:1b:9c:14:e0:5f:2b:66:47:29:bc:eb:40:2e:60:
f1:dd:e2:d4:db:45:66:ca:51:61:6a:fe:a6:bf:b2:
56:7c:81:d7:52:be:75:1a:66:fd:c1:d3:6a:b7:f8:
ca:59:4d:35:86:6e:ae:fe:2b:e0:f9:53:c7:fe:61:
47:81:5f:d3:4d:94:05:d1:dd:43:67:27:a0:8f:f0:
d2:92:39:08:4d:9b:f0:30:49:26:e1:18:83:21:64:
29:83:35:c6:28:46:f1:f8:19:77:8e:7f:2c:f2:f2:
73:c4:70:ce:38:0f:fa:59:33:10:f0:95:dd:78:60:
80:af:bb:b4:2b:a3:aa:f8:5a:d4:94:90:0b:88:af:
44:34:32:2f:22:ce:ea:3e:27:00:74:64:8e:20:76:
2b:29:d5:32:fa:38:6e:3f:7a:63:5c:14:76:1c:d9:
6a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:87:6C:B7:42:2E:9C:A9:61:63:20:C7:39:46:E7:D2:88:35:C8:BF
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/FYdst0IunKlhYyDHOUbn0og1yL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.144.0/23
Signature Algorithm: sha256WithRSAEncryption
54:67:41:8b:2e:3f:d7:77:82:9f:a3:01:c9:11:4f:32:55:ff:
41:5e:b7:9a:9f:ed:89:18:c1:e1:f7:59:62:bf:f1:90:c0:18:
86:eb:4b:e2:de:53:a3:fb:4b:78:aa:c2:71:70:f6:a9:c3:85:
09:55:34:6c:6a:3a:76:da:86:8d:01:7d:62:e0:b6:07:89:cc:
9e:fa:29:f9:bb:bb:ab:a0:0a:16:8c:5b:96:52:4c:d8:25:79:
f2:76:1a:1f:01:aa:20:1b:9c:7b:ad:2b:22:a2:1e:d0:e3:06:
87:d8:6e:18:9d:a1:07:b6:63:19:d7:54:88:27:16:aa:0d:b3:
5d:59:8d:05:b3:59:ed:2f:5e:9a:d2:11:81:c7:36:7f:51:26:
95:bb:74:24:da:43:db:3a:b7:59:36:df:6e:10:30:71:65:51:
47:79:7a:b8:a4:94:21:b4:40:b5:bc:b0:1d:00:5b:87:4a:9d:
35:cc:ca:fe:a1:dc:ca:ce:13:0c:25:2f:26:05:31:9b:94:bd:
87:fd:8e:04:88:66:39:4a:0d:45:aa:5d:89:67:74:8b:d9:95:
ce:7b:f0:b3:e9:11:36:8a:01:6d:b2:53:76:6c:50:91:e5:03:
29:71:e7:6f:50:9d:83:dc:d6:b1:3e:31:37:39:93:55:ce:c4:
ac:d2:00:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQq0jDYxSa7QtjOpBkKp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTg3NmNiNzQyMmU5Y2E5NjE2MzIwYzczOTQ2ZTdkMjg4MzVjOGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNdo3Hg9Spld+RErTQiKcAb9zbyq
sfJVTfu9BINMqgPF0DV8tD9Ws8vgXqb9HWWx8rFhxhun98en9KVvx3r2dkGfYZ+u
bFK1T6+RnpkzLv08h+JkkOfeghDPG5wU4F8rZkcpvOtALmDx3eLU20VmylFhav6m
v7JWfIHXUr51Gmb9wdNqt/jKWU01hm6u/ivg+VPH/mFHgV/TTZQF0d1DZyegj/DS
kjkITZvwMEkm4RiDIWQpgzXGKEbx+Bl3jn8s8vJzxHDOOA/6WTMQ8JXdeGCAr7u0
K6Oq+FrUlJALiK9ENDIvIs7qPicAdGSOIHYrKdUy+jhuP3pjXBR2HNlqHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBWHbLdCLpypYWMgxzlG59KINci/MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvRllkc3QwSXVuS2xoWXlESE9VYm4wb2cxeUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCQMA0G
CSqGSIb3DQEBCwUAA4IBAQBUZ0GLLj/Xd4KfowHJEU8yVf9BXrean+2JGMHh91li
v/GQwBiG60vi3lOj+0t4qsJxcPapw4UJVTRsajp22oaNAX1i4LYHicye+in5u7ur
oAoWjFuWUkzYJXnydhofAaogG5x7rSsioh7Q4waH2G4YnaEHtmMZ11SIJxaqDbNd
WY0Fs1ntL16a0hGBxzZ/USaVu3Qk2kPbOrdZNt9uEDBxZVFHeXq4pJQhtEC1vLAd
AFuHSp01zMr+odzKzhMMJS8mBTGblL2H/Y4EiGY5Sg1Fql2JZ3SL2ZXOe/Cz6RE2
igFtslN2bFCR5QMpcedvUJ2D3NaxPjE3OZNVzsSs0gB5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:48 2025 by rpki-client