Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/fg_eYktgEpOK6qIdA35rifZLZCU.roa
File: fg_eYktgEpOK6qIdA35rifZLZCU.roa (raw, json)
Hash identifier: zQbIphQNn3pOAFypezNlVbHo+aFHd4kn4puLML9dkmo=
Subject key identifier: 7E:0F:DE:62:4B:60:12:93:8A:EA:A2:1D:03:7E:6B:89:F6:4B:64:25
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 01856F14DA4D00F3E75801C030795EA1383E
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/fg_eYktgEpOK6qIdA35rifZLZCU.roa
Signing time: Sun 01 Jan 2023 20:45:15 +0000
ROA not before: Sun 01 Jan 2023 20:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60782
IP address blocks: 185.74.84.0/22 maxlen: 32
185.97.16.0/22 maxlen: 32
79.139.66.0/24 maxlen: 32
79.139.68.0/22 maxlen: 32
79.139.116.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:da:4d:00:f3:e7:58:01:c0:30:79:5e:a1:38:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Jan 1 20:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e0fde624b6012938aeaa21d037e6b89f64b6425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:f8:9f:d3:ed:dc:bc:d4:1c:af:4b:0d:12:
39:5a:eb:94:62:87:f0:1e:d8:7f:3c:16:85:69:a0:
2b:65:6e:e6:2c:e0:7f:0d:39:84:64:f3:53:a8:9e:
91:ad:b7:da:bf:4c:b7:66:29:f0:3d:9a:1e:e8:e0:
3a:39:13:91:6a:cd:12:0a:f8:75:14:79:82:a4:37:
d6:89:c2:bf:65:78:eb:04:c5:6c:a7:87:ed:2c:17:
59:9a:3f:85:e9:0c:d6:e6:fe:8e:fa:f0:5e:c0:2b:
55:77:66:ea:f3:20:f7:52:14:6c:4e:63:81:cb:32:
c7:6d:f2:0d:62:d0:55:37:d3:63:49:71:97:8a:a6:
54:14:f7:c6:93:ee:15:44:ae:95:d9:87:2b:6c:f0:
a3:48:a5:bc:bd:74:bc:97:a1:63:c3:22:af:2f:94:
60:ec:03:52:50:9a:2a:fa:58:29:af:96:fe:50:09:
7b:4b:b3:04:db:f4:76:3f:2b:58:00:c0:b7:ee:a3:
d9:28:64:97:38:de:6c:4b:e1:d4:bf:0a:e3:30:c5:
1e:e2:af:2b:3c:72:64:ea:e6:55:08:32:65:fd:27:
6f:c4:66:af:2a:c4:a3:fb:9c:2b:b5:a3:7a:9f:df:
38:63:24:7a:e6:5b:b0:d2:a4:83:63:70:bf:c6:39:
61:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:0F:DE:62:4B:60:12:93:8A:EA:A2:1D:03:7E:6B:89:F6:4B:64:25
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/fg_eYktgEpOK6qIdA35rifZLZCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.66.0/24
79.139.68.0/22
79.139.116.0/22
185.74.84.0/22
185.97.16.0/22
Signature Algorithm: sha256WithRSAEncryption
11:c6:f0:6a:42:aa:aa:2d:06:14:13:a7:f8:a8:03:1c:1f:6a:
e7:04:e7:c0:c5:22:10:89:05:69:87:f1:b3:e0:e6:dc:d2:2e:
d9:50:76:22:60:1d:31:0e:e1:c5:69:ff:f2:2d:0f:cc:fe:59:
b4:b9:a9:84:c7:73:55:8a:72:e1:24:71:c8:96:89:8e:fe:b4:
d3:d8:52:b1:0e:70:ed:f1:18:7d:af:70:38:55:e9:13:9c:80:
fa:22:d7:fa:90:b5:61:1b:19:82:db:89:5a:07:28:3b:67:45:
45:2a:97:65:e4:0a:20:96:37:31:d4:47:f7:93:fe:ee:f7:be:
76:05:c5:85:14:51:83:43:f9:75:82:76:cf:43:87:ba:10:51:
4a:bf:33:45:0f:19:f8:8b:c4:55:32:93:4e:bc:0e:83:12:66:
70:e3:39:25:36:09:91:70:a2:d3:5b:4d:22:d6:80:b3:13:4a:
66:bb:7a:ee:c0:f2:11:d4:4c:a4:97:f1:1d:78:6c:bf:51:3e:
7f:f1:22:b4:a2:7b:63:0e:e5:dc:64:41:40:c5:fa:13:7a:79:
2c:02:6b:03:ce:9b:05:79:a3:5f:73:76:9a:f1:e5:c0:73:c0:
86:dc:9d:66:03:e7:b8:b7:64:af:f1:fb:fd:4b:16:8f:25:6e:
79:43:ee:c0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvFNpNAPPnWAHAMHleoTg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjMwMTAxMjA0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTBmZGU2MjRiNjAxMjkzOGFlYWEyMWQwMzdlNmI4OWY2NGI2NDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMf4n9Pt3LzUHK9LDRI5WuuUYofw
Hth/PBaFaaArZW7mLOB/DTmEZPNTqJ6Rrbfav0y3ZinwPZoe6OA6ORORas0SCvh1
FHmCpDfWicK/ZXjrBMVsp4ftLBdZmj+F6QzW5v6O+vBewCtVd2bq8yD3UhRsTmOB
yzLHbfINYtBVN9NjSXGXiqZUFPfGk+4VRK6V2YcrbPCjSKW8vXS8l6FjwyKvL5Rg
7ANSUJoq+lgpr5b+UAl7S7ME2/R2PytYAMC37qPZKGSXON5sS+HUvwrjMMUe4q8r
PHJk6uZVCDJl/SdvxGavKsSj+5wrtaN6n984YyR65luw0qSDY3C/xjlhkQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH4P3mJLYBKTiuqiHQN+a4n2S2QlMB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvZmdfZVlrdGdFcE9LNnFJZEEzNXJpZlpMWkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAT4tCAwQC
T4tEAwQCT4t0AwQCuUpUAwQCuWEQMA0GCSqGSIb3DQEBCwUAA4IBAQARxvBqQqqq
LQYUE6f4qAMcH2rnBOfAxSIQiQVph/Gz4Obc0i7ZUHYiYB0xDuHFaf/yLQ/M/lm0
uamEx3NVinLhJHHIlomO/rTT2FKxDnDt8Rh9r3A4VekTnID6Itf6kLVhGxmC24la
Byg7Z0VFKpdl5Aogljcx1Ef3k/7u9752BcWFFFGDQ/l1gnbPQ4e6EFFKvzNFDxn4
i8RVMpNOvA6DEmZw4zklNgmRcKLTW00i1oCzE0pmu3ruwPIR1Eykl/EdeGy/UT5/
8SK0ontjDuXcZEFAxfoTenksAmsDzpsFeaNfc3aa8eXAc8CG3J1mA+e4t2Sv8fv9
SxaPJW55Q+7A
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:08:54 2025 by rpki-client