Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/FS_4X67w6lnULYFVcTGgOZNUteU.roa
File: FS_4X67w6lnULYFVcTGgOZNUteU.roa (raw, json)
Hash identifier: oKmU4KExutrLkpwPsFQwOkTY4begsEN4fWRJWa+8qgU=
Subject key identifier: 15:2F:F8:5F:AE:F0:EA:59:D4:2D:81:55:71:31:A0:39:93:54:B5:E5
Certificate issuer: /CN=fd1196d98decd38eb03f5f06b48e556c74f231f4
Certificate serial: 01856D53F9D4F5003D55B2C8D05E1A8792B0
Authority key identifier: FD:11:96:D9:8D:EC:D3:8E:B0:3F:5F:06:B4:8E:55:6C:74:F2:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RGW2Y3s046wP18GtI5VbHTyMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/FS_4X67w6lnULYFVcTGgOZNUteU.roa
Signing time: Sun 01 Jan 2023 12:34:58 +0000
ROA not before: Sun 01 Jan 2023 12:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202339
IP address blocks: 185.47.96.0/22 maxlen: 22
185.47.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f9:d4:f5:00:3d:55:b2:c8:d0:5e:1a:87:92:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd1196d98decd38eb03f5f06b48e556c74f231f4
Validity
Not Before: Jan 1 12:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=152ff85faef0ea59d42d81557131a0399354b5e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cb:2e:10:26:2d:a2:c8:e9:6b:d5:5b:92:9f:
5b:03:62:3a:41:ed:31:39:ca:fa:c9:4a:85:43:84:
5f:70:40:fa:32:08:6e:5b:50:a3:fd:23:56:02:f4:
df:80:9f:56:7a:67:ce:a7:04:8b:17:ca:88:d5:ba:
d9:8e:b6:cf:96:8a:ef:77:fc:bf:57:6f:bc:84:e1:
33:84:24:c3:d3:82:5d:67:e0:b1:1e:4d:82:13:6f:
66:18:51:ce:90:d4:ef:a6:93:42:2d:99:52:40:0c:
e5:a6:2b:ae:06:ba:6b:7d:cf:97:7f:e6:aa:d5:17:
b4:f0:16:d2:9a:01:c0:b7:bc:34:1c:c7:f0:93:07:
a1:93:9e:e6:90:73:b4:9f:e0:3e:e1:c7:58:82:17:
5b:1d:00:f1:f3:03:45:e2:e0:78:65:c9:00:68:5d:
8d:17:b5:7b:30:80:fc:d8:3e:cd:07:d4:68:27:de:
4a:f1:aa:bd:dd:4d:61:e0:6b:92:c8:bb:9c:eb:5e:
b1:a3:3c:7a:b4:40:07:d6:54:9c:83:71:6b:4b:0d:
3c:d2:c8:99:19:fa:67:b6:26:60:35:58:7f:7b:39:
00:ac:bd:27:27:ed:31:05:1f:a0:75:34:87:88:9e:
1f:be:be:49:29:a2:5b:04:c1:d3:77:42:b9:1e:36:
1c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2F:F8:5F:AE:F0:EA:59:D4:2D:81:55:71:31:A0:39:93:54:B5:E5
X509v3 Authority Key Identifier:
keyid:FD:11:96:D9:8D:EC:D3:8E:B0:3F:5F:06:B4:8E:55:6C:74:F2:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RGW2Y3s046wP18GtI5VbHTyMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/FS_4X67w6lnULYFVcTGgOZNUteU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/_RGW2Y3s046wP18GtI5VbHTyMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.96.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:9d:46:19:75:0e:c8:6c:57:80:a3:be:a7:33:79:90:3c:48:
61:09:37:9c:bb:44:d7:db:ef:eb:d6:3d:cd:53:97:8a:2a:e0:
58:e2:db:2a:87:99:6a:64:a2:96:83:0e:e8:df:92:b5:8d:26:
32:7b:12:30:b1:97:47:00:f6:13:94:5a:89:b9:8d:99:22:75:
d0:d5:f4:90:8f:12:e2:4a:1f:07:8a:fc:06:7c:1d:f4:b4:47:
ba:7f:de:6c:17:f8:7c:d9:fe:ff:30:92:f3:a0:01:c3:f0:b3:
67:d9:b6:8d:86:3d:4b:40:0f:7c:8d:05:71:ce:36:7d:9e:88:
f6:1a:8c:a5:36:2e:a8:87:f8:e0:6d:74:a8:af:c9:28:1a:99:
da:78:9d:a7:38:04:89:c6:08:3c:d5:37:29:e0:c2:0b:ca:39:
7c:54:7e:7d:e1:2d:00:81:d2:a1:50:8d:6c:5b:77:4e:d7:cd:
fb:c8:28:d9:62:b7:f3:7e:08:8d:52:92:a9:79:ea:1c:15:58:
98:b8:c2:c8:61:b4:59:ac:df:59:26:2a:b1:4b:8a:8f:e3:0a:
4e:5f:be:48:2f:78:f7:3d:66:f8:f0:37:8d:aa:07:00:74:98:
18:21:87:f5:5b:8e:5a:03:dc:d2:d4:0d:55:4f:64:d7:ab:99:
84:b4:5b:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU/nU9QA9VbLI0F4ah5KwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMTE5NmQ5OGRlY2QzOGViMDNmNWYwNmI0OGU1NTZjNzRm
MjMxZjQwHhcNMjMwMTAxMTIzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTJmZjg1ZmFlZjBlYTU5ZDQyZDgxNTU3MTMxYTAzOTkzNTRiNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8suECYtosjpa9Vbkp9bA2I6Qe0x
Ocr6yUqFQ4RfcED6MghuW1Cj/SNWAvTfgJ9WemfOpwSLF8qI1brZjrbPlorvd/y/
V2+8hOEzhCTD04JdZ+CxHk2CE29mGFHOkNTvppNCLZlSQAzlpiuuBrprfc+Xf+aq
1Re08BbSmgHAt7w0HMfwkwehk57mkHO0n+A+4cdYghdbHQDx8wNF4uB4ZckAaF2N
F7V7MID82D7NB9RoJ95K8aq93U1h4GuSyLuc616xozx6tEAH1lScg3FrSw080siZ
GfpntiZgNVh/ezkArL0nJ+0xBR+gdTSHiJ4fvr5JKaJbBMHTd0K5HjYcowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBUv+F+u8OpZ1C2BVXExoDmTVLXlMB8GA1UdIwQY
MBaAFP0RltmN7NOOsD9fBrSOVWx08jH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1JHVzJZM3MwNDZ3UDE4R3RJNVZiSFR5TWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS80ZDU2NjAtNTM2NC00NDU0LWE5YmUt
NGY4OTAyYmZlMTcyLzEvRlNfNFg2N3c2bG5VTFlGVmNUR2dPWk5VdGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS80ZDU2NjAtNTM2NC00NDU0LWE5YmUtNGY4OTAyYmZlMTcy
LzEvX1JHVzJZM3MwNDZ3UDE4R3RJNVZiSFR5TWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS9gMA0G
CSqGSIb3DQEBCwUAA4IBAQA6nUYZdQ7IbFeAo76nM3mQPEhhCTecu0TX2+/r1j3N
U5eKKuBY4tsqh5lqZKKWgw7o35K1jSYyexIwsZdHAPYTlFqJuY2ZInXQ1fSQjxLi
Sh8HivwGfB30tEe6f95sF/h82f7/MJLzoAHD8LNn2baNhj1LQA98jQVxzjZ9noj2
GoylNi6oh/jgbXSor8koGpnaeJ2nOASJxgg81Tcp4MILyjl8VH594S0AgdKhUI1s
W3dO1837yCjZYrfzfgiNUpKpeeocFViYuMLIYbRZrN9ZJiqxS4qP4wpOX75IL3j3
PWb48DeNqgcAdJgYIYf1W45aA9zS1A1VT2TXq5mEtFvi
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:33 2025 by rpki-client