Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/fOGDTMwS_RFZL3jx_lTKt0oPYxM.roa
File: fOGDTMwS_RFZL3jx_lTKt0oPYxM.roa (raw, json)
Hash identifier: /inyBd+MmtpJaCKLk67oCRCUXIn0/4Q6dKuPWsUGs/w=
Subject key identifier: 7C:E1:83:4C:CC:12:FD:11:59:2F:78:F1:FE:54:CA:B7:4A:0F:63:13
Certificate issuer: /CN=f9629775283733a45c454b8d7be5a66df0db1a17
Certificate serial: 01856C411333D8DB777B2BC9AE16CFE7B4EE
Authority key identifier: F9:62:97:75:28:37:33:A4:5C:45:4B:8D:7B:E5:A6:6D:F0:DB:1A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/fOGDTMwS_RFZL3jx_lTKt0oPYxM.roa
Signing time: Sun 01 Jan 2023 07:34:42 +0000
ROA not before: Sun 01 Jan 2023 07:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48418
IP address blocks: 185.254.32.0/24 maxlen: 24
185.254.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:13:33:d8:db:77:7b:2b:c9:ae:16:cf:e7:b4:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9629775283733a45c454b8d7be5a66df0db1a17
Validity
Not Before: Jan 1 07:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ce1834ccc12fd11592f78f1fe54cab74a0f6313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a4:71:d9:7c:e5:6f:7d:59:86:90:bc:23:8d:
a4:fe:c4:be:ed:21:09:08:4e:ca:7a:2b:58:4a:b0:
40:04:a8:d1:51:4b:9b:eb:ac:80:68:ae:72:06:02:
e6:9c:e2:d7:23:ee:19:29:06:94:3d:c3:e6:98:65:
bd:0a:93:05:44:79:d5:28:19:68:61:80:cb:29:c0:
3a:32:ca:05:a8:60:7f:3c:8c:72:69:8b:97:ee:ae:
d7:ff:a4:fc:d8:3b:37:ae:69:37:1a:4c:f2:38:96:
3b:91:36:ab:9d:12:3c:f1:63:98:5e:5c:b1:1b:87:
90:fc:78:8b:d5:a7:e4:36:72:14:51:6f:6c:c2:be:
ae:80:24:7a:87:7f:55:63:7b:9b:b7:62:eb:46:11:
2d:61:1a:d9:9f:1d:86:85:d2:07:5e:bb:80:91:e5:
52:05:32:f2:1a:84:3a:a8:ed:8b:26:71:da:ca:61:
a9:3b:b8:74:a1:81:69:98:46:79:91:8b:7c:f6:6c:
0a:13:18:28:12:5d:e4:d4:af:1e:b9:99:d3:1f:19:
74:7a:e2:1a:58:f9:10:09:3d:f2:6b:7b:6a:a8:e4:
08:25:22:fb:bb:fb:88:3b:8e:c1:c8:9c:be:e6:af:
34:bc:f7:d2:e3:a3:d4:ea:15:6c:c4:b1:f5:92:fe:
78:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E1:83:4C:CC:12:FD:11:59:2F:78:F1:FE:54:CA:B7:4A:0F:63:13
X509v3 Authority Key Identifier:
keyid:F9:62:97:75:28:37:33:A4:5C:45:4B:8D:7B:E5:A6:6D:F0:DB:1A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/fOGDTMwS_RFZL3jx_lTKt0oPYxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.32.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:0a:68:d6:63:16:2e:d7:8f:e8:34:b8:85:31:8a:0f:89:ee:
24:10:a6:32:e4:8e:0a:7c:90:9c:73:41:5c:5f:f2:25:c6:24:
cf:dc:58:f5:4c:44:7e:ea:6a:6a:1f:1f:40:27:c1:68:02:50:
03:8d:53:75:17:ee:58:1d:aa:af:75:d0:55:06:62:63:b1:96:
e4:3c:91:f9:1c:ee:eb:43:a9:63:2e:d3:c8:0f:0e:17:ed:d7:
ed:06:2a:6f:c3:b3:96:6e:19:15:13:9e:c8:53:ee:f9:5f:6d:
26:a1:48:7d:08:aa:5c:56:30:38:eb:cb:0d:0b:cf:11:0b:b9:
82:1d:01:bf:fd:4b:ae:61:5f:01:3f:43:bd:7a:e7:0a:b4:c8:
ae:0e:8a:44:40:7c:02:02:f0:61:5c:3c:2f:9b:ed:e8:59:e2:
e9:dc:8e:b4:41:b9:85:9d:77:56:95:81:44:6b:80:02:f9:c1:
91:95:b4:83:6a:cb:56:ea:b8:6e:30:d0:5b:55:0a:89:6a:fb:
c7:df:ad:d1:0e:0f:58:27:3a:a5:05:c7:21:ef:08:6e:ad:48:
2c:be:08:39:c5:4b:d9:3c:b8:d3:86:ea:3c:d2:92:25:b0:9f:
5d:64:8f:07:b1:db:e4:7c:86:90:af:21:cb:fb:72:8f:c1:df:
a3:b6:67:f7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsQRMz2Nt3eyvJrhbP57TuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NjI5Nzc1MjgzNzMzYTQ1YzQ1NGI4ZDdiZTVhNjZkZjBk
YjFhMTcwHhcNMjMwMTAxMDczNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2UxODM0Y2NjMTJmZDExNTkyZjc4ZjFmZTU0Y2FiNzRhMGY2MzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16Rx2Xzlb31ZhpC8I42k/sS+7SEJ
CE7KeitYSrBABKjRUUub66yAaK5yBgLmnOLXI+4ZKQaUPcPmmGW9CpMFRHnVKBlo
YYDLKcA6MsoFqGB/PIxyaYuX7q7X/6T82Ds3rmk3GkzyOJY7kTarnRI88WOYXlyx
G4eQ/HiL1afkNnIUUW9swr6ugCR6h39VY3ubt2LrRhEtYRrZnx2GhdIHXruAkeVS
BTLyGoQ6qO2LJnHaymGpO7h0oYFpmEZ5kYt89mwKExgoEl3k1K8euZnTHxl0euIa
WPkQCT3ya3tqqOQIJSL7u/uIO47ByJy+5q80vPfS46PU6hVsxLH1kv544QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHzhg0zMEv0RWS948f5UyrdKD2MTMB8GA1UdIwQY
MBaAFPlil3UoNzOkXEVLjXvlpm3w2xoXMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1XS1hkU2czTTZSY1JVdU5lLVdtYmZEYkdoYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2QvZWJmY2U2LTI4NTctNDA0Yi05Yjc0
LWIzMjRlMDI1YjkyOS8xL2ZPR0RUTXdTX1JGWkwzanhfbFRLdDBvUFl4TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2QvZWJmY2U2LTI4NTctNDA0Yi05Yjc0LWIzMjRlMDI1Yjky
OS8xLzEtV0tYZFNnM002UmNSVXVOZS1XbWJmRGJHaGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG5/iAw
DQYJKoZIhvcNAQELBQADggEBAAwKaNZjFi7Xj+g0uIUxig+J7iQQpjLkjgp8kJxz
QVxf8iXGJM/cWPVMRH7qamofH0AnwWgCUAONU3UX7lgdqq910FUGYmOxluQ8kfkc
7utDqWMu08gPDhft1+0GKm/Ds5ZuGRUTnshT7vlfbSahSH0IqlxWMDjryw0LzxEL
uYIdAb/9S65hXwE/Q7165wq0yK4OikRAfAIC8GFcPC+b7ehZ4uncjrRBuYWdd1aV
gURrgAL5wZGVtINqy1bquG4w0FtVColq+8ffrdEOD1gnOqUFxyHvCG6tSCy+CDnF
S9k8uNOG6jzSkiWwn11kjwex2+R8hpCvIcv7co/B36O2Z/c=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:39 2025 by rpki-client