Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/fwlAVo2N1eKLLGsbnGlm9RvNFwY.roa
File: fwlAVo2N1eKLLGsbnGlm9RvNFwY.roa (raw, json)
Hash identifier: LLehst9vhKXH7VpiPRsfZqRTejcw0rXRXDBOa898ZEY=
Subject key identifier: 7F:09:40:56:8D:8D:D5:E2:8B:2C:6B:1B:9C:69:66:F5:1B:CD:17:06
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 018BCFDF9184B5F97CFD62A6F9BADAEC801F
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/fwlAVo2N1eKLLGsbnGlm9RvNFwY.roa
Signing time: Tue 14 Nov 2023 22:06:57 +0000
ROA not before: Tue 14 Nov 2023 22:06:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204957
IP address blocks: 176.126.163.0/24 maxlen: 24
185.39.30.0/24 maxlen: 24
185.237.224.0/23 maxlen: 23
91.210.164.0/23 maxlen: 23
91.210.167.0/24 maxlen: 24
91.90.195.0/24 maxlen: 24
91.90.193.0/24 maxlen: 24
185.190.251.0/24 maxlen: 24
92.118.151.0/24 maxlen: 24
92.118.150.0/24 maxlen: 24
92.118.149.0/24 maxlen: 24
193.162.47.0/24 maxlen: 24
185.253.44.0/23 maxlen: 23
185.253.46.0/23 maxlen: 23
2a0a:8c44::/32 maxlen: 32
2a0a:8c45::/32 maxlen: 32
2a0a:8c43::/32 maxlen: 32
2a0a:8c42::/32 maxlen: 32
2a0a:8c47::/32 maxlen: 32
2a0a:8c41::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cf:df:91:84:b5:f9:7c:fd:62:a6:f9:ba:da:ec:80:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Nov 14 22:06:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f0940568d8dd5e28b2c6b1b9c6966f51bcd1706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:68:09:04:d5:82:74:14:2c:3b:ed:c9:10:65:
90:15:c5:94:03:44:90:c4:9e:d9:d1:ce:2b:04:e0:
25:fd:54:61:41:f4:8f:ff:4f:d7:ee:3f:59:8f:e6:
6e:ed:1d:94:f1:14:d0:fc:b8:4d:f9:ab:f9:53:ba:
af:fa:59:89:2d:2c:11:04:40:34:d3:67:6d:4e:29:
16:92:ee:92:05:e1:87:5b:16:1a:a3:fc:18:03:10:
cd:57:c7:ab:b9:32:4e:4c:73:21:db:c8:1c:19:b1:
9d:1a:50:42:a2:f3:61:4d:56:18:b0:57:a6:ed:19:
4b:1d:6f:34:68:fd:eb:63:94:84:78:2f:9f:e3:e9:
22:f7:67:ea:56:b9:bd:68:68:3f:02:49:d9:fc:5a:
46:c5:a6:31:c6:37:d8:04:06:dc:99:b7:68:54:81:
db:18:66:5a:9f:76:07:e3:7d:13:a3:82:f5:c9:dc:
f0:0e:6c:b8:e0:89:94:a6:19:13:f3:1d:45:cf:91:
52:9c:8f:97:16:7a:81:db:10:bb:0f:3d:28:09:59:
01:41:f5:e1:88:12:0e:c6:c8:3e:d2:7f:11:2d:b0:
62:5e:35:92:c9:71:9c:63:db:1f:a3:e5:9b:3f:5a:
78:64:06:06:1b:c0:d7:af:09:be:8c:88:6d:ab:d5:
08:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:09:40:56:8D:8D:D5:E2:8B:2C:6B:1B:9C:69:66:F5:1B:CD:17:06
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/fwlAVo2N1eKLLGsbnGlm9RvNFwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.193.0/24
91.90.195.0/24
91.210.164.0/23
91.210.167.0/24
92.118.149.0-92.118.151.255
176.126.163.0/24
185.39.30.0/24
185.190.251.0/24
185.237.224.0/23
185.253.44.0/22
193.162.47.0/24
IPv6:
2a0a:8c41::-2a0a:8c45:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:8c47::/32
Signature Algorithm: sha256WithRSAEncryption
29:5f:08:cf:bd:ab:e6:4d:9e:b1:2a:81:29:dd:d1:64:0f:40:
a0:75:4c:e2:24:3a:5f:b7:52:bd:e3:5c:05:53:3a:ac:76:c4:
50:b2:14:58:72:f2:2d:13:a2:bb:dd:79:94:82:84:f3:0b:5d:
14:6e:b6:d8:fe:c4:bf:71:86:85:ef:17:31:d4:b5:7f:64:6a:
f4:39:82:00:09:a2:83:03:83:f0:08:0f:87:cf:77:b6:86:40:
05:4c:ca:76:63:e9:26:13:7b:6c:ca:bc:51:ad:e3:eb:b5:25:
f1:43:ca:6f:5f:3d:e0:a4:ae:92:84:58:dd:c9:20:e4:db:a3:
dc:05:fa:55:96:49:a5:6e:6e:4a:5f:5b:52:7d:fb:f2:7c:f1:
d5:52:f2:89:97:04:ea:9a:97:08:e9:1b:8a:05:8d:c8:27:86:
81:7c:82:17:ca:15:78:21:ff:1a:f1:6f:17:62:25:1a:da:53:
3b:d0:95:ff:1f:40:51:f4:f6:68:89:f1:cf:40:0c:94:4b:29:
42:d5:69:89:e9:85:14:3c:3e:04:a7:3a:4a:cc:1f:16:1a:fc:
e8:40:ca:ce:a1:dd:90:62:98:e6:bb:3d:48:f7:a6:1f:0f:07:
e7:11:9f:10:a2:1f:03:41:8f:1e:8a:dd:53:21:de:bf:24:d9:
86:45:06:5a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYvP35GEtfl8/WKm+bra7IAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjMxMTE0MjIwNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjA5NDA1NjhkOGRkNWUyOGIyYzZiMWI5YzY5NjZmNTFiY2QxNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2gJBNWCdBQsO+3JEGWQFcWUA0SQ
xJ7Z0c4rBOAl/VRhQfSP/0/X7j9Zj+Zu7R2U8RTQ/LhN+av5U7qv+lmJLSwRBEA0
02dtTikWku6SBeGHWxYao/wYAxDNV8eruTJOTHMh28gcGbGdGlBCovNhTVYYsFem
7RlLHW80aP3rY5SEeC+f4+ki92fqVrm9aGg/AknZ/FpGxaYxxjfYBAbcmbdoVIHb
GGZan3YH430To4L1ydzwDmy44ImUphkT8x1Fz5FSnI+XFnqB2xC7Dz0oCVkBQfXh
iBIOxsg+0n8RLbBiXjWSyXGcY9sfo+WbP1p4ZAYGG8DXrwm+jIhtq9UIKwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFH8JQFaNjdXiiyxrG5xpZvUbzRcGMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvZndsQVZvMk4xZUtMTEdzYm5HbG05UnZORndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwUAQCAAEwSgMEAFtawQME
AFtawwMEAVvSpAMEAFvSpzAMAwQAXHaVAwQDXHaQAwQAsH6jAwQAuSceAwQAub77
AwQBue3gAwQCuf0sAwQAwaIvMB0EAgACMBcwDgMFACoKjEEDBQEqCoxEAwUAKgqM
RzANBgkqhkiG9w0BAQsFAAOCAQEAKV8Iz72r5k2esSqBKd3RZA9AoHVM4iQ6X7dS
veNcBVM6rHbEULIUWHLyLROiu915lIKE8wtdFG622P7Ev3GGhe8XMdS1f2Rq9DmC
AAmigwOD8AgPh893toZABUzKdmPpJhN7bMq8Ua3j67Ul8UPKb1894KSukoRY3ckg
5Nuj3AX6VZZJpW5uSl9bUn378nzx1VLyiZcE6pqXCOkbigWNyCeGgXyCF8oVeCH/
GvFvF2IlGtpTO9CV/x9AUfT2aInxz0AMlEspQtVpiemFFDw+BKc6SswfFhr86EDK
zqHdkGKY5rs9SPemHw8H5xGfEKIfA0GPHordUyHevyTZhkUGWg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:28:36 2025 by rpki-client