Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9b34b0-301a-41a2-b4c5-a8866aa95c71/1/FDeJYnoD1MWZWf5JilOwaoyl3jY.roa
File: FDeJYnoD1MWZWf5JilOwaoyl3jY.roa (raw, json)
Hash identifier: NJYx42K2nm3csGGRqCPgG2B3JhnYQUFIZ/PDJlDk5o4=
Subject key identifier: 14:37:89:62:7A:03:D4:C5:99:59:FE:49:8A:53:B0:6A:8C:A5:DE:36
Certificate issuer: /CN=3066ad61c162df0650ee0ab60c68075b29a211c8
Certificate serial: 01856C8A5B9E6FDC5746506F1D715A274420
Authority key identifier: 30:66:AD:61:C1:62:DF:06:50:EE:0A:B6:0C:68:07:5B:29:A2:11:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGatYcFi3wZQ7gq2DGgHWymiEcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/9b34b0-301a-41a2-b4c5-a8866aa95c71/1/FDeJYnoD1MWZWf5JilOwaoyl3jY.roa
Signing time: Sun 01 Jan 2023 08:54:44 +0000
ROA not before: Sun 01 Jan 2023 08:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41960
IP address blocks: 185.203.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:5b:9e:6f:dc:57:46:50:6f:1d:71:5a:27:44:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3066ad61c162df0650ee0ab60c68075b29a211c8
Validity
Not Before: Jan 1 08:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=143789627a03d4c59959fe498a53b06a8ca5de36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b1:f7:e1:11:dc:b7:f2:30:f3:6a:da:1c:72:
1e:de:00:a4:4a:d8:ac:26:bd:d7:5c:a4:74:a1:77:
97:21:e6:31:64:5f:b1:7a:96:f7:b1:f1:60:8e:81:
d9:7e:f7:0a:8b:ee:5b:a4:9f:66:cc:46:88:e1:49:
dc:a6:86:29:ff:6f:a7:45:e3:08:3e:d5:74:cd:f0:
b8:ac:30:18:82:e4:87:18:2e:cd:dd:bc:8a:8c:d6:
36:08:fb:a4:f2:54:6c:8d:5e:fb:bc:51:93:cb:af:
c2:e5:83:60:0a:b6:5d:6e:83:93:2b:54:f4:de:f3:
0e:42:c1:b8:46:9c:f7:0a:68:c0:e7:2f:20:2b:c1:
22:b6:30:3c:3b:4b:b1:68:ba:0c:bc:9d:61:f7:e9:
45:1a:6b:e8:ad:5e:cb:a4:ea:13:9a:41:66:3f:eb:
09:18:ed:14:df:50:2f:69:8b:f1:6f:da:54:7e:f1:
15:fb:e3:06:3c:44:61:fb:58:0b:80:76:b0:fa:3b:
a1:d0:9f:92:6b:0a:ab:3b:8d:06:19:92:99:23:7f:
75:87:0b:78:19:ba:54:e4:06:eb:b5:38:eb:8b:c3:
01:97:4f:d6:98:be:a0:6c:83:6c:e4:63:bb:99:87:
7c:a0:16:9d:12:d0:0b:7d:97:63:8a:ea:55:89:29:
25:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:37:89:62:7A:03:D4:C5:99:59:FE:49:8A:53:B0:6A:8C:A5:DE:36
X509v3 Authority Key Identifier:
keyid:30:66:AD:61:C1:62:DF:06:50:EE:0A:B6:0C:68:07:5B:29:A2:11:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGatYcFi3wZQ7gq2DGgHWymiEcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9b34b0-301a-41a2-b4c5-a8866aa95c71/1/FDeJYnoD1MWZWf5JilOwaoyl3jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9b34b0-301a-41a2-b4c5-a8866aa95c71/1/MGatYcFi3wZQ7gq2DGgHWymiEcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.188.0/22
Signature Algorithm: sha256WithRSAEncryption
89:fe:c6:74:70:52:0d:37:bc:e7:c5:1f:9c:b8:db:ff:73:3f:
82:4d:e3:34:90:a4:9e:b4:c9:12:c9:a5:7a:37:e2:cc:13:cf:
1f:fb:ae:8b:94:8e:4e:55:20:1e:a1:90:b0:aa:7e:0a:4d:7f:
7a:7d:dd:5d:03:af:71:34:10:f4:a5:68:2d:dc:4b:e4:e5:f3:
24:72:74:bd:42:85:21:4d:b9:54:96:ce:e8:38:05:7e:cd:18:
4a:45:4c:26:ab:29:a0:3b:f3:29:14:b0:43:20:da:fc:69:51:
0b:df:6e:6d:af:66:24:0b:79:8b:dc:22:09:f2:d8:8e:ab:8e:
27:6c:28:9f:ba:77:7e:e7:52:0e:61:88:0e:37:72:bd:fa:ac:
71:f1:bd:82:73:03:d3:0e:40:53:d7:d0:cf:76:de:d7:15:b3:
ba:41:69:27:5f:2b:22:a7:5f:cc:40:15:6b:f0:41:e2:0b:8f:
0b:c8:a6:7e:39:e7:d7:8b:3a:60:ad:6d:8f:07:da:12:af:29:
26:c7:ba:dc:ab:48:89:8e:cd:45:e3:91:40:63:c9:23:e2:8b:
c4:fa:8b:95:a7:3f:3b:e8:0f:e1:fc:e1:fa:5b:96:f1:0d:47:
61:20:95:c0:8a:ea:e6:5a:ab:b2:39:fb:b7:67:44:a6:78:f1:
d7:bc:03:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsilueb9xXRlBvHXFaJ0QgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNjZhZDYxYzE2MmRmMDY1MGVlMGFiNjBjNjgwNzViMjlh
MjExYzgwHhcNMjMwMTAxMDg1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDM3ODk2MjdhMDNkNGM1OTk1OWZlNDk4YTUzYjA2YThjYTVkZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbH34RHct/Iw82raHHIe3gCkStis
Jr3XXKR0oXeXIeYxZF+xepb3sfFgjoHZfvcKi+5bpJ9mzEaI4UncpoYp/2+nReMI
PtV0zfC4rDAYguSHGC7N3byKjNY2CPuk8lRsjV77vFGTy6/C5YNgCrZdboOTK1T0
3vMOQsG4Rpz3CmjA5y8gK8EitjA8O0uxaLoMvJ1h9+lFGmvorV7LpOoTmkFmP+sJ
GO0U31AvaYvxb9pUfvEV++MGPERh+1gLgHaw+juh0J+SawqrO40GGZKZI391hwt4
GbpU5AbrtTjri8MBl0/WmL6gbINs5GO7mYd8oBadEtALfZdjiupViSklxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBQ3iWJ6A9TFmVn+SYpTsGqMpd42MB8GA1UdIwQY
MBaAFDBmrWHBYt8GUO4KtgxoB1spohHIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUdhdFljRmkzd1pRN2dxMkRHZ0hXeW1pRWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85YjM0YjAtMzAxYS00MWEyLWI0YzUt
YTg4NjZhYTk1YzcxLzEvRkRlSllub0QxTVdaV2Y1SmlsT3dhb3lsM2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85YjM0YjAtMzAxYS00MWEyLWI0YzUtYTg4NjZhYTk1Yzcx
LzEvTUdhdFljRmkzd1pRN2dxMkRHZ0hXeW1pRWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucu8MA0G
CSqGSIb3DQEBCwUAA4IBAQCJ/sZ0cFINN7znxR+cuNv/cz+CTeM0kKSetMkSyaV6
N+LME88f+66LlI5OVSAeoZCwqn4KTX96fd1dA69xNBD0pWgt3Evk5fMkcnS9QoUh
TblUls7oOAV+zRhKRUwmqymgO/MpFLBDINr8aVEL325tr2YkC3mL3CIJ8tiOq44n
bCifund+51IOYYgON3K9+qxx8b2CcwPTDkBT19DPdt7XFbO6QWknXysip1/MQBVr
8EHiC48LyKZ+OefXizpgrW2PB9oSrykmx7rcq0iJjs1F45FAY8kj4ovE+ouVpz87
6A/h/OH6W5bxDUdhIJXAiurmWquyOfu3Z0SmePHXvANK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:19 2025 by rpki-client