Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/fcQEFI-CHObV0qcQTwze46TFbCE.roa
File: fcQEFI-CHObV0qcQTwze46TFbCE.roa (raw, json)
Hash identifier: ic6VZzNS577w108jkpIzILrUB2CU7Ednt3a71IMdWcM=
Subject key identifier: 7D:C4:04:14:8F:82:1C:E6:D5:D2:A7:10:4F:0C:DE:E3:A4:C5:6C:21
Certificate issuer: /CN=578d854bd2bee242a82fb83922d149bccf19ed02
Certificate serial: 01856C65EA35C658BDE998EA2D6437F1141C
Authority key identifier: 57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/fcQEFI-CHObV0qcQTwze46TFbCE.roa
Signing time: Sun 01 Jan 2023 08:14:56 +0000
ROA not before: Sun 01 Jan 2023 08:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212865
IP address blocks: 185.164.153.0/24 maxlen: 24
185.164.154.0/24 maxlen: 24
185.164.155.0/24 maxlen: 24
5.57.201.0/24 maxlen: 24
5.57.202.0/23 maxlen: 23
5.57.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ea:35:c6:58:bd:e9:98:ea:2d:64:37:f1:14:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=578d854bd2bee242a82fb83922d149bccf19ed02
Validity
Not Before: Jan 1 08:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dc404148f821ce6d5d2a7104f0cdee3a4c56c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b8:ca:49:6e:17:2b:55:0b:55:8d:ba:03:cd:
92:c0:74:46:2d:33:d8:df:e2:2f:7a:d6:54:5b:43:
fc:fb:77:dd:0a:80:5b:9f:a1:06:19:a8:3b:7d:e8:
2c:75:6e:e3:f5:db:c5:b8:62:b4:a0:7c:ba:7b:86:
88:9f:45:6e:6a:e4:ec:44:d5:54:c4:b7:15:b0:87:
19:d2:b9:24:da:7f:42:b1:c3:e8:6f:19:8b:96:70:
04:da:bd:67:89:38:d5:54:14:61:d5:30:a9:26:95:
de:1d:70:88:c1:f8:b3:dd:7b:e7:7e:a4:5f:66:cf:
fc:94:f2:08:7a:94:b9:9d:83:76:33:f6:a0:ae:63:
6c:65:e0:ea:cb:0d:95:35:0b:56:a2:fc:54:bf:62:
93:e4:f3:34:71:a3:97:cf:dc:b8:bf:36:f8:f4:66:
f8:6c:00:10:ed:db:c2:98:a5:20:85:2d:3c:32:d9:
fa:38:c5:ee:01:74:71:3a:3e:52:92:55:95:69:57:
27:f6:5b:a8:91:83:23:e0:a8:2d:79:dd:d4:14:dd:
50:47:1b:56:20:01:fd:23:47:14:56:29:e2:90:bf:
43:ed:21:2a:c6:52:50:b8:51:d9:d4:95:52:a4:45:
75:c2:47:3a:6f:cf:d5:06:fc:28:e6:da:00:ee:f2:
8b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C4:04:14:8F:82:1C:E6:D5:D2:A7:10:4F:0C:DE:E3:A4:C5:6C:21
X509v3 Authority Key Identifier:
keyid:57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/fcQEFI-CHObV0qcQTwze46TFbCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/V42FS9K-4kKoL7g5ItFJvM8Z7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.201.0-5.57.207.255
185.164.153.0-185.164.155.255
Signature Algorithm: sha256WithRSAEncryption
69:30:a2:3e:cf:81:62:57:7d:6e:b6:24:63:4b:96:b1:e9:c9:
f3:f2:d0:f9:5c:85:5e:1a:88:5c:b9:95:4b:44:f3:54:51:c2:
d3:6b:94:0c:7e:72:ff:3f:f7:5e:c2:c6:0e:c1:95:66:3c:d0:
5f:89:d4:55:f3:f7:4e:10:c9:96:ea:08:8c:45:02:7f:ed:f4:
6b:93:fe:38:7f:71:56:65:7e:a8:8b:95:34:36:57:94:bb:11:
78:04:77:f8:56:d7:fc:c7:4b:dd:0c:f3:4a:47:44:a5:7f:ee:
09:60:fb:3a:1c:a5:98:d5:0e:15:fb:e2:e2:2b:c3:47:1a:a6:
23:91:e3:dd:49:c9:ff:3f:0c:7f:e4:4e:8f:c6:71:b2:94:82:
0a:47:02:1f:01:38:09:1a:6d:70:d7:ac:b2:1d:65:d9:cf:91:
b5:9d:ec:81:f0:db:aa:0d:07:5e:74:51:21:b4:56:f6:78:cc:
cd:3e:76:8f:ae:26:91:97:dd:f0:58:13:b4:fa:ae:4a:f8:d1:
40:64:c0:23:c3:61:08:99:ad:8e:26:85:96:55:00:d5:ff:3a:
36:da:24:3b:50:3b:3a:86:8c:80:fb:bc:1f:43:7f:d9:a8:8e:
71:7d:3d:14:14:12:32:62:8b:e0:af:5f:c2:be:c2:64:6f:ee:
31:01:7b:ed
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVsZeo1xli96ZjqLWQ38RQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OGQ4NTRiZDJiZWUyNDJhODJmYjgzOTIyZDE0OWJjY2Yx
OWVkMDIwHhcNMjMwMTAxMDgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM0MDQxNDhmODIxY2U2ZDVkMmE3MTA0ZjBjZGVlM2E0YzU2YzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbjKSW4XK1ULVY26A82SwHRGLTPY
3+IvetZUW0P8+3fdCoBbn6EGGag7fegsdW7j9dvFuGK0oHy6e4aIn0VuauTsRNVU
xLcVsIcZ0rkk2n9CscPobxmLlnAE2r1niTjVVBRh1TCpJpXeHXCIwfiz3XvnfqRf
Zs/8lPIIepS5nYN2M/agrmNsZeDqyw2VNQtWovxUv2KT5PM0caOXz9y4vzb49Gb4
bAAQ7dvCmKUghS08Mtn6OMXuAXRxOj5SklWVaVcn9luokYMj4Kgted3UFN1QRxtW
IAH9I0cUVinikL9D7SEqxlJQuFHZ1JVSpEV1wkc6b8/VBvwo5toA7vKLdwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFH3EBBSPghzm1dKnEE8M3uOkxWwhMB8GA1UdIwQY
MBaAFFeNhUvSvuJCqC+4OSLRSbzPGe0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEt
MWFiNWY1Mzk5ZDNhLzEvZmNRRUZJLUNIT2JWMHFjUVR3emU0NlRGYkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEtMWFiNWY1Mzk5ZDNh
LzEvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAFOckD
BAQFOcAwDAMEALmkmQMEArmkmDANBgkqhkiG9w0BAQsFAAOCAQEAaTCiPs+BYld9
brYkY0uWsenJ8/LQ+VyFXhqIXLmVS0TzVFHC02uUDH5y/z/3XsLGDsGVZjzQX4nU
VfP3ThDJluoIjEUCf+30a5P+OH9xVmV+qIuVNDZXlLsReAR3+FbX/MdL3QzzSkdE
pX/uCWD7OhylmNUOFfvi4ivDRxqmI5Hj3UnJ/z8Mf+ROj8ZxspSCCkcCHwE4CRpt
cNessh1l2c+RtZ3sgfDbqg0HXnRRIbRW9njMzT52j64mkZfd8FgTtPquSvjRQGTA
I8NhCJmtjiaFllUA1f86NtokO1A7OoaMgPu8H0N/2aiOcX09FBQSMmKL4K9fwr7C
ZG/uMQF77Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:58 2025 by rpki-client