Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/045222-5ace-4e7e-95b2-a2e880fd5850/1/Fg957g6zPC1sc4cRgtSz0XUV3c8.roa
File: Fg957g6zPC1sc4cRgtSz0XUV3c8.roa (raw, json)
Hash identifier: 0kghnFi3uEW1Ejzq4i448o8+tyuOmV9j/qiBnkcvaQo=
Subject key identifier: 16:0F:79:EE:0E:B3:3C:2D:6C:73:87:11:82:D4:B3:D1:75:15:DD:CF
Certificate issuer: /CN=17ffee25052c0aabf6cb371e3f2e076f44fc1c3c
Certificate serial: 01856DD42E1BD90B696008A97D1B3C80C258
Authority key identifier: 17:FF:EE:25:05:2C:0A:AB:F6:CB:37:1E:3F:2E:07:6F:44:FC:1C:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F__uJQUsCqv2yzcePy4Hb0T8HDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/045222-5ace-4e7e-95b2-a2e880fd5850/1/Fg957g6zPC1sc4cRgtSz0XUV3c8.roa
Signing time: Sun 01 Jan 2023 14:55:00 +0000
ROA not before: Sun 01 Jan 2023 14:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199513
IP address blocks: 194.102.62.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:2e:1b:d9:0b:69:60:08:a9:7d:1b:3c:80:c2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17ffee25052c0aabf6cb371e3f2e076f44fc1c3c
Validity
Not Before: Jan 1 14:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=160f79ee0eb33c2d6c73871182d4b3d17515ddcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:50:93:51:e7:ea:01:d4:5a:4a:ab:0e:33:e3:
6f:93:07:19:cf:df:cb:50:33:1f:18:99:84:78:6a:
1d:b4:04:b1:5e:42:c3:5a:4e:45:b5:d0:a7:a4:e3:
9b:6b:1c:ad:eb:7d:63:f8:f6:4b:05:71:77:36:ff:
99:61:56:21:d5:1c:1f:0b:2b:60:62:bc:6f:10:a7:
7a:2e:6e:b6:6a:fb:54:6f:67:d6:d3:1a:c7:13:35:
74:91:59:45:5e:f1:cc:a0:d0:f1:d8:05:fd:f9:cd:
6e:37:71:7c:c1:73:d4:3c:03:8f:bf:d4:34:fc:31:
0e:eb:44:a4:39:ff:fa:f4:fb:f6:8c:47:09:af:02:
fb:8f:94:34:bd:23:45:8f:03:dd:33:97:fd:05:c1:
19:3f:ba:7f:29:f4:c1:49:f4:cf:23:49:95:89:94:
85:83:62:71:6e:56:02:45:de:b9:f9:dc:ff:e3:f7:
51:7d:c6:87:2f:07:e3:ef:18:a5:bd:ac:1b:43:98:
e1:93:08:cc:5b:28:e9:bb:43:49:f3:d8:06:ca:46:
32:bc:c3:dc:5c:98:1f:18:fd:bb:0e:a1:f6:90:a2:
67:63:26:b0:91:27:70:40:29:c6:d2:5d:fb:93:e4:
69:a6:0e:fe:be:2d:b4:86:33:4f:9f:22:5e:f2:1a:
79:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0F:79:EE:0E:B3:3C:2D:6C:73:87:11:82:D4:B3:D1:75:15:DD:CF
X509v3 Authority Key Identifier:
keyid:17:FF:EE:25:05:2C:0A:AB:F6:CB:37:1E:3F:2E:07:6F:44:FC:1C:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F__uJQUsCqv2yzcePy4Hb0T8HDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/045222-5ace-4e7e-95b2-a2e880fd5850/1/Fg957g6zPC1sc4cRgtSz0XUV3c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/045222-5ace-4e7e-95b2-a2e880fd5850/1/F__uJQUsCqv2yzcePy4Hb0T8HDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.62.0/23
Signature Algorithm: sha256WithRSAEncryption
75:e4:84:2b:1f:9c:08:7c:98:35:1e:6c:26:a1:c3:07:4c:2f:
9f:56:e1:84:39:50:03:21:11:9c:f9:29:43:8c:57:fb:ce:b4:
27:97:67:ca:3b:01:45:cc:a3:94:35:bb:94:16:01:f4:0a:5e:
b1:8d:d5:a8:11:9c:95:36:0b:26:33:8f:dc:86:0c:50:4d:8f:
97:86:68:6b:56:6f:37:27:a3:55:32:de:d1:e2:b2:c1:38:f4:
dc:9d:3c:dd:f1:74:7b:9d:1f:7e:07:24:ad:10:06:80:94:92:
4b:ac:94:24:ac:55:d0:6b:37:59:49:b0:ee:ce:12:42:a3:8d:
0a:e2:71:77:9d:0b:39:50:ec:c5:a5:55:e3:7e:ba:e1:2f:9c:
cd:44:87:9b:6c:28:af:ee:ec:be:ae:2a:53:87:d9:3f:80:48:
3f:8b:c2:f8:6a:9a:d5:30:dd:17:43:89:c5:e4:61:32:5a:f7:
bd:58:00:0d:63:79:9f:24:a7:91:9d:35:15:1b:5a:a2:d1:11:
e7:15:f1:cf:b3:ac:d7:20:37:1c:6f:72:38:11:08:41:be:ba:
15:31:7b:4c:55:fb:e7:dd:0d:54:26:e6:8d:0f:14:ea:77:2f:
22:11:52:ce:e9:b2:df:f8:72:c8:b4:6f:58:91:18:54:05:c2:
ed:87:ca:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1C4b2QtpYAipfRs8gMJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZmZlZTI1MDUyYzBhYWJmNmNiMzcxZTNmMmUwNzZmNDRm
YzFjM2MwHhcNMjMwMTAxMTQ1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjBmNzllZTBlYjMzYzJkNmM3Mzg3MTE4MmQ0YjNkMTc1MTVkZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFCTUefqAdRaSqsOM+NvkwcZz9/L
UDMfGJmEeGodtASxXkLDWk5FtdCnpOObaxyt631j+PZLBXF3Nv+ZYVYh1RwfCytg
YrxvEKd6Lm62avtUb2fW0xrHEzV0kVlFXvHMoNDx2AX9+c1uN3F8wXPUPAOPv9Q0
/DEO60SkOf/69Pv2jEcJrwL7j5Q0vSNFjwPdM5f9BcEZP7p/KfTBSfTPI0mViZSF
g2JxblYCRd65+dz/4/dRfcaHLwfj7xilvawbQ5jhkwjMWyjpu0NJ89gGykYyvMPc
XJgfGP27DqH2kKJnYyawkSdwQCnG0l37k+Rppg7+vi20hjNPnyJe8hp52wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBYPee4OszwtbHOHEYLUs9F1Fd3PMB8GA1UdIwQY
MBaAFBf/7iUFLAqr9ss3Hj8uB29E/Bw8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRl9fdUpRVXNDcXYyeXpjZVB5NEhiMFQ4SER3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8wNDUyMjItNWFjZS00ZTdlLTk1YjIt
YTJlODgwZmQ1ODUwLzEvRmc5NTdnNnpQQzFzYzRjUmd0U3owWFVWM2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8wNDUyMjItNWFjZS00ZTdlLTk1YjItYTJlODgwZmQ1ODUw
LzEvRl9fdUpRVXNDcXYyeXpjZVB5NEhiMFQ4SER3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwmY+MA0G
CSqGSIb3DQEBCwUAA4IBAQB15IQrH5wIfJg1HmwmocMHTC+fVuGEOVADIRGc+SlD
jFf7zrQnl2fKOwFFzKOUNbuUFgH0Cl6xjdWoEZyVNgsmM4/chgxQTY+XhmhrVm83
J6NVMt7R4rLBOPTcnTzd8XR7nR9+ByStEAaAlJJLrJQkrFXQazdZSbDuzhJCo40K
4nF3nQs5UOzFpVXjfrrhL5zNRIebbCiv7uy+ripTh9k/gEg/i8L4aprVMN0XQ4nF
5GEyWve9WAANY3mfJKeRnTUVG1qi0RHnFfHPs6zXIDccb3I4EQhBvroVMXtMVfvn
3Q1UJuaNDxTqdy8iEVLO6bLf+HLItG9YkRhUBcLth8r+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:18 2025 by rpki-client