Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/frjlw04lXhH9VsCD1mIy3CPLYHo.roa
File: frjlw04lXhH9VsCD1mIy3CPLYHo.roa (raw, json)
Hash identifier: fA3Y2U/khGZYw0ywCUv+lqYoCjAhjKblcaVWPDVfUXk=
Subject key identifier: 7E:B8:E5:C3:4E:25:5E:11:FD:56:C0:83:D6:62:32:DC:23:CB:60:7A
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 0A41B2F6
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/frjlw04lXhH9VsCD1mIy3CPLYHo.roa
Signing time: Sat 01 Jan 2022 13:59:01 +0000
ROA not before: Sat 01 Jan 2022 13:59:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34432
IP address blocks: 194.34.225.0/24 maxlen: 24
2a0d:f9c1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172077814 (0xa41b2f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Jan 1 13:59:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7eb8e5c34e255e11fd56c083d66232dc23cb607a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c9:00:0d:f3:0c:23:0d:82:39:60:ea:4a:bf:
5b:56:ae:f7:17:ec:ec:32:ec:6c:99:b6:3e:c3:1b:
c3:db:63:37:f4:74:33:e7:01:a4:6f:79:f9:5a:96:
a7:d8:4c:0d:9a:a0:a1:49:ef:56:77:88:dc:10:ce:
37:eb:2a:ff:59:ea:92:fc:0d:fd:8d:77:5e:f8:66:
1d:8b:4a:d8:e1:76:38:cc:a0:81:19:f6:74:1b:7e:
ec:79:43:99:bf:3c:a3:b7:82:13:0b:b9:b6:0c:c7:
ac:0c:15:13:cf:e0:21:f9:56:be:39:48:a3:74:2d:
33:c3:50:a9:98:2f:39:d1:20:a0:e1:07:06:1e:97:
22:b4:86:83:b0:04:f9:18:20:c9:42:09:07:58:8f:
7b:fc:0c:f1:d0:de:ae:d9:84:c3:24:b0:16:d3:76:
59:8f:70:fa:d3:c0:0f:a6:89:4d:29:2c:da:9e:5c:
f2:c9:ee:53:a7:80:32:3e:ee:c4:65:67:f8:f8:05:
6f:52:a4:b1:51:6e:f1:62:f8:f4:d4:eb:0c:58:54:
87:f3:95:bf:73:2a:8b:08:d3:04:c2:2f:84:9e:e1:
5c:4e:e3:1c:08:ae:a0:bb:e2:13:5d:1a:8e:ac:e4:
8e:57:59:e5:c6:7d:3b:bd:a4:d5:98:db:8c:a4:97:
1b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B8:E5:C3:4E:25:5E:11:FD:56:C0:83:D6:62:32:DC:23:CB:60:7A
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/frjlw04lXhH9VsCD1mIy3CPLYHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.225.0/24
IPv6:
2a0d:f9c1::/32
Signature Algorithm: sha256WithRSAEncryption
03:50:e0:ef:a1:c4:40:d6:41:e9:96:22:ec:5c:b7:cf:be:53:
3e:7b:ea:78:40:b2:a1:9a:1c:b6:91:3a:d7:df:27:ca:d9:f5:
f0:b4:6b:9b:fb:45:31:50:06:29:ae:d2:56:1d:48:0a:fa:20:
3e:4f:f6:d7:0c:bf:3f:3f:2b:83:84:a1:a8:73:6b:3a:40:ef:
67:9e:04:4a:5c:4b:ad:2f:83:5e:df:2d:b0:3f:36:4d:07:80:
20:18:dd:29:0c:b8:f6:d8:25:2d:c8:1a:3e:4e:fa:91:e7:1a:
e3:97:f9:ae:b8:36:d7:87:b5:eb:df:0b:50:a9:43:4b:9b:8f:
5c:65:eb:e6:92:01:0d:61:c2:9b:90:11:c2:29:51:af:36:f9:
03:88:cf:06:b7:83:2a:e4:3d:67:ce:fe:6b:09:b3:7e:22:39:
95:8e:07:1d:76:f9:e2:bb:ed:e7:20:d6:e5:3b:49:8a:d2:86:
07:57:75:48:b0:a4:68:a4:73:a6:54:3d:0f:50:27:1f:c2:d2:
b7:b3:e9:7f:5a:e2:99:91:1c:55:63:b6:1c:88:78:b3:89:51:
1c:0c:7f:82:51:ac:c5:32:92:ac:e2:dd:85:fb:4b:6d:1c:1a:
69:38:69:62:b3:39:5f:13:e6:01:c1:76:78:4c:50:79:1a:3d:
dd:a3:bd:38
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECkGy9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NDNlMWJhOTFjNTY5YThiMjFhNmQyZDY3ZjVkYmJkNmMwNGU0M2VhMB4XDTIyMDEw
MTEzNTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ViOGU1YzM0ZTI1
NWUxMWZkNTZjMDgzZDY2MjMyZGMyM2NiNjA3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7JAA3zDCMNgjlg6kq/W1au9xfs7DLsbJm2PsMbw9tjN/R0
M+cBpG95+VqWp9hMDZqgoUnvVneI3BDON+sq/1nqkvwN/Y13XvhmHYtK2OF2OMyg
gRn2dBt+7HlDmb88o7eCEwu5tgzHrAwVE8/gIflWvjlIo3QtM8NQqZgvOdEgoOEH
Bh6XIrSGg7AE+RggyUIJB1iPe/wM8dDertmEwySwFtN2WY9w+tPAD6aJTSks2p5c
8snuU6eAMj7uxGVn+PgFb1KksVFu8WL49NTrDFhUh/OVv3MqiwjTBMIvhJ7hXE7j
HAiuoLviE10ajqzkjldZ5cZ9O72k1ZjbjKSXGw8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR+uOXDTiVeEf1WwIPWYjLcI8tgejAfBgNVHSMEGDAWgBRkPhupHFaaiyGm
0tZ/XbvWwE5D6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pENGJxUnhXbW9zaHB0TFdmMTI3MXNCT1Etby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvYWNhOTEyLTllOGQtNDc0OS05NWUwLWZlYTBhZmYzNTlmNS8x
L2Zyamx3MDRsWGhIOVZzQ0QxbUl5M0NQTFlIby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
YWNhOTEyLTllOGQtNDc0OS05NWUwLWZlYTBhZmYzNTlmNS8xL1pENGJxUnhXbW9z
aHB0TFdmMTI3MXNCT1Etby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMIi4TANBAIAAjAHAwUAKg35wTAN
BgkqhkiG9w0BAQsFAAOCAQEAA1Dg76HEQNZB6ZYi7Fy3z75TPnvqeECyoZoctpE6
198nytn18LRrm/tFMVAGKa7SVh1ICvogPk/21wy/Pz8rg4ShqHNrOkDvZ54ESlxL
rS+DXt8tsD82TQeAIBjdKQy49tglLcgaPk76keca45f5rrg214e1698LUKlDS5uP
XGXr5pIBDWHCm5ARwilRrzb5A4jPBreDKuQ9Z87+awmzfiI5lY4HHXb54rvt5yDW
5TtJitKGB1d1SLCkaKRzplQ9D1AnH8LSt7Ppf1rimZEcVWO2HIh4s4lRHAx/glGs
xTKSrOLdhftLbRwaaThpYrM5XxPmAcF2eExQeRo93aO9OA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:02:54 2025 by rpki-client