Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/37aedf-5bc0-40d5-84cc-00b0137f29ff/1/1-7FjkUiqD7peGpoGzE_0QAtddbQ.roa
File: 1-7FjkUiqD7peGpoGzE_0QAtddbQ.roa (raw, json)
Hash identifier: cdzIop21p5KvTKraKko01BTlFNnYw16dBIJQDU3C9aQ=
Subject key identifier: FB:B1:63:91:48:AA:0F:BA:5E:1A:9A:06:CC:4F:F4:40:0B:5D:75:B4
Certificate issuer: /CN=1a7d610942d4d9f96d5731b9538fd4c78ba0f20d
Certificate serial: 01856E6F94B9BBFD79C2BB288E713C800215
Authority key identifier: 1A:7D:61:09:42:D4:D9:F9:6D:57:31:B9:53:8F:D4:C7:8B:A0:F2:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn1hCULU2fltVzG5U4_Ux4ug8g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/37aedf-5bc0-40d5-84cc-00b0137f29ff/1/1-7FjkUiqD7peGpoGzE_0QAtddbQ.roa
Signing time: Sun 01 Jan 2023 17:44:44 +0000
ROA not before: Sun 01 Jan 2023 17:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203520
IP address blocks: 185.16.196.0/22 maxlen: 24
2a03:dfc0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:94:b9:bb:fd:79:c2:bb:28:8e:71:3c:80:02:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7d610942d4d9f96d5731b9538fd4c78ba0f20d
Validity
Not Before: Jan 1 17:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbb1639148aa0fba5e1a9a06cc4ff4400b5d75b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2b:f7:a4:db:0d:dd:bf:3a:0b:65:49:a9:a8:
40:3e:3a:d4:ab:40:7b:09:6e:e3:30:c4:e9:fc:73:
40:3d:fc:ce:ca:30:e8:3b:e9:f1:8d:fe:1a:05:30:
5e:ae:0d:d5:28:91:c7:9a:41:b9:ca:39:af:29:62:
c5:1d:bf:b6:b7:79:72:59:e3:0e:6c:74:9c:28:5f:
fc:c9:b6:ed:70:ff:1e:e0:8e:96:29:86:97:ce:c0:
e5:f9:25:79:a3:aa:03:8f:e0:6d:94:1c:9f:f0:34:
59:50:dc:0a:0d:f7:9f:ef:62:1d:e1:d1:f2:36:8b:
c5:69:fb:b4:73:85:94:b0:1f:e7:d9:41:f1:4e:d4:
f6:31:3d:91:c9:c2:5f:ae:5e:3b:68:8b:f5:ad:b0:
d9:84:d8:a1:73:27:43:77:de:4b:60:e4:3f:a1:63:
d9:a8:5d:26:2a:81:72:05:dc:81:ec:b0:4d:03:71:
e9:71:32:5b:ea:a0:3f:43:8b:b1:42:40:0c:7a:99:
36:19:54:8c:06:95:ab:27:e4:fc:66:a5:b2:da:a5:
4f:e7:10:01:55:9b:66:65:51:96:06:84:b3:a8:c8:
d9:c2:65:06:2e:1e:77:21:01:6d:02:16:b3:85:9d:
6d:c7:23:f1:43:7c:b7:f8:35:b0:62:9a:84:60:d9:
97:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B1:63:91:48:AA:0F:BA:5E:1A:9A:06:CC:4F:F4:40:0B:5D:75:B4
X509v3 Authority Key Identifier:
keyid:1A:7D:61:09:42:D4:D9:F9:6D:57:31:B9:53:8F:D4:C7:8B:A0:F2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn1hCULU2fltVzG5U4_Ux4ug8g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/37aedf-5bc0-40d5-84cc-00b0137f29ff/1/1-7FjkUiqD7peGpoGzE_0QAtddbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/37aedf-5bc0-40d5-84cc-00b0137f29ff/1/Gn1hCULU2fltVzG5U4_Ux4ug8g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.196.0/22
IPv6:
2a03:dfc0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:b6:94:c5:9c:54:de:f3:0d:ee:5e:4b:b9:d8:91:73:1f:1e:
55:7d:fa:b4:0d:60:38:6f:c9:1b:52:a5:1f:0a:52:81:65:88:
e5:c7:15:6f:67:d3:8b:40:c7:e2:20:7e:c4:a8:02:3b:fd:bf:
40:04:99:52:a4:d5:70:ae:55:d7:84:e6:3c:e7:74:8f:23:bd:
45:f9:28:e2:23:98:8b:6a:de:3f:22:ae:0f:0f:1e:00:00:e5:
d9:fa:19:3c:e4:91:44:11:13:4a:f2:fb:b0:12:a8:6b:d8:8f:
ed:bb:6b:d3:69:d4:71:92:ab:59:13:1a:e2:84:b8:b7:79:b2:
e5:1f:10:ad:6e:7b:00:69:bf:ba:22:94:4f:9f:24:a1:23:8f:
a8:db:d9:8a:69:e7:86:7c:5b:8a:11:2e:e6:0f:24:df:59:67:
a3:b8:e8:4e:46:7e:c0:90:61:4e:89:15:5c:e8:ce:70:78:fb:
94:d9:0c:8b:28:29:3c:fd:8d:d6:99:f3:5c:fe:70:53:a2:5d:
e9:99:be:0c:8e:bf:8c:11:3f:09:66:d0:f4:d6:a3:e0:ef:ac:
d6:a2:e3:bc:a6:ee:09:6c:bd:7d:46:bd:e4:be:c2:80:50:16:
bb:10:29:0e:67:7c:85:fc:d3:bd:01:8e:b1:89:98:36:cc:36:
5c:73:45:91
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVub5S5u/15wrsojnE8gAIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2Q2MTA5NDJkNGQ5Zjk2ZDU3MzFiOTUzOGZkNGM3OGJh
MGYyMGQwHhcNMjMwMTAxMTc0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmIxNjM5MTQ4YWEwZmJhNWUxYTlhMDZjYzRmZjQ0MDBiNWQ3NWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCv3pNsN3b86C2VJqahAPjrUq0B7
CW7jMMTp/HNAPfzOyjDoO+nxjf4aBTBerg3VKJHHmkG5yjmvKWLFHb+2t3lyWeMO
bHScKF/8ybbtcP8e4I6WKYaXzsDl+SV5o6oDj+BtlByf8DRZUNwKDfef72Id4dHy
NovFafu0c4WUsB/n2UHxTtT2MT2RycJfrl47aIv1rbDZhNihcydDd95LYOQ/oWPZ
qF0mKoFyBdyB7LBNA3HpcTJb6qA/Q4uxQkAMepk2GVSMBpWrJ+T8ZqWy2qVP5xAB
VZtmZVGWBoSzqMjZwmUGLh53IQFtAhazhZ1txyPxQ3y3+DWwYpqEYNmXOQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPuxY5FIqg+6XhqaBsxP9EALXXW0MB8GA1UdIwQY
MBaAFBp9YQlC1Nn5bVcxuVOP1MeLoPINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR24xaENVTFUyZmx0VnpHNVU0X1V4NHVnOGcwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zN2FlZGYtNWJjMC00MGQ1LTg0Y2Mt
MDBiMDEzN2YyOWZmLzEvMS03RmprVWlxRDdwZUdwb0d6RV8wUUF0ZGRiUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODIvMzdhZWRmLTViYzAtNDBkNS04NGNjLTAwYjAxMzdmMjlm
Zi8xL0duMWhDVUxVMmZsdFZ6RzVVNF9VeDR1ZzhnMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkQxDAN
BAIAAjAHAwUAKgPfwDANBgkqhkiG9w0BAQsFAAOCAQEAbraUxZxU3vMN7l5LudiR
cx8eVX36tA1gOG/JG1KlHwpSgWWI5ccVb2fTi0DH4iB+xKgCO/2/QASZUqTVcK5V
14TmPOd0jyO9Rfko4iOYi2rePyKuDw8eAADl2foZPOSRRBETSvL7sBKoa9iP7btr
02nUcZKrWRMa4oS4t3my5R8QrW57AGm/uiKUT58koSOPqNvZimnnhnxbihEu5g8k
31lno7joTkZ+wJBhTokVXOjOcHj7lNkMiygpPP2N1pnzXP5wU6Jd6Zm+DI6/jBE/
CWbQ9Naj4O+s1qLjvKbuCWy9fUa95L7CgFAWuxApDmd8hfzTvQGOsYmYNsw2XHNF
kQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:42:54 2025 by rpki-client