Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/FEO-UaWMwXuBhfDPMNl84nAUlmw.roa
File: FEO-UaWMwXuBhfDPMNl84nAUlmw.roa (raw, json)
Hash identifier: poNTcGx+r366igt0rwx+KPcRDmd3CQfLlD32SdRAAoA=
Subject key identifier: 14:43:BE:51:A5:8C:C1:7B:81:85:F0:CF:30:D9:7C:E2:70:14:96:6C
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 0185718325221FC2AF552AE1554DD3FA2B47
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/FEO-UaWMwXuBhfDPMNl84nAUlmw.roa
Signing time: Mon 02 Jan 2023 08:04:58 +0000
ROA not before: Mon 02 Jan 2023 08:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 5.232.0.0/13 maxlen: 13
5.233.240.0/20 maxlen: 20
5.239.0.0/16 maxlen: 16
5.239.244.0/23 maxlen: 23
46.100.44.0/24 maxlen: 24
46.100.43.0/24 maxlen: 24
89.37.144.0/23 maxlen: 23
188.215.176.0/20 maxlen: 20
185.105.102.0/23 maxlen: 23
5.238.0.0/16 maxlen: 16
185.105.100.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:25:22:1f:c2:af:55:2a:e1:55:4d:d3:fa:2b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 2 08:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1443be51a58cc17b8185f0cf30d97ce27014966c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:43:d2:b3:b0:82:42:10:29:33:2a:4e:1f:75:
f1:36:c5:bd:ac:b8:70:b6:7f:29:55:07:28:22:4c:
04:32:c6:a8:3f:cd:02:e6:6b:92:ba:94:61:1e:c5:
41:cd:d9:63:9a:a2:36:17:98:63:a3:51:20:3e:33:
71:b9:5b:6f:66:46:42:f5:2c:e8:13:52:32:67:56:
e3:4d:81:d0:84:a6:ab:92:b0:ec:15:2e:f1:7f:1b:
94:3c:6d:5f:8b:76:9c:9f:e8:fb:cc:72:ad:82:df:
81:a8:75:e7:49:30:8e:e4:14:fd:6e:8c:4a:ee:14:
8e:50:cd:ab:3f:c4:94:ed:df:a2:68:f8:04:01:ca:
6f:a9:80:5d:d1:18:75:c3:f0:ec:1a:fa:8a:2b:65:
b1:3f:66:4b:e6:b9:38:4e:fe:fa:1b:43:ec:9b:dc:
dc:72:b3:38:1f:d4:20:bc:3b:d0:ac:68:6d:5d:2e:
14:32:00:ff:6b:9d:a9:23:12:3c:a5:8f:e0:8b:1b:
31:c1:4d:a9:8f:3d:07:d0:97:07:21:1f:75:27:3d:
12:3b:bf:72:1b:8f:ee:07:bd:55:20:c4:6a:6a:55:
d9:6d:81:f0:36:35:71:48:1b:9d:a5:86:c2:77:d0:
d2:38:df:24:67:b9:b5:a6:4a:fe:00:7f:21:29:51:
0b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:43:BE:51:A5:8C:C1:7B:81:85:F0:CF:30:D9:7C:E2:70:14:96:6C
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/FEO-UaWMwXuBhfDPMNl84nAUlmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.232.0.0/13
46.100.43.0-46.100.44.255
89.37.144.0/23
185.105.100.0/22
188.215.176.0/20
Signature Algorithm: sha256WithRSAEncryption
aa:78:34:f9:c4:ac:b0:af:8a:97:72:a3:67:a4:90:b5:64:f2:
d4:93:c2:43:cd:45:d8:ab:f7:d9:d0:eb:e7:89:93:f3:2c:2f:
10:6b:a8:80:e5:a7:0d:d6:eb:18:7c:d5:53:2f:d4:38:0d:b4:
31:35:af:2e:08:5f:0e:65:21:c1:25:b5:97:66:2b:41:4d:68:
25:de:29:ae:f4:36:df:1b:84:f6:ad:b8:e0:c0:f9:a5:38:39:
19:c6:d3:5b:2f:e6:58:93:08:83:96:c6:a7:ed:12:10:5b:73:
b1:d1:ec:8c:be:9c:b2:2f:09:26:61:41:2f:58:b1:b7:53:4c:
84:21:99:97:e7:1e:3c:7b:26:29:c8:35:69:4a:66:b0:db:83:
51:bf:e0:10:8c:d3:af:d3:7f:6d:96:ab:78:1b:e3:4e:ff:88:
7a:65:a6:6e:36:31:79:f8:76:ae:98:e9:8f:b3:cf:85:bb:bb:
b7:87:25:38:0f:3b:32:d4:d4:fa:78:d3:25:72:5b:24:5d:05:
37:85:82:e0:81:b4:ce:39:d9:80:73:19:6e:78:c8:1f:fa:80:
a4:b7:12:cf:08:50:4e:00:48:3f:b0:f3:8b:41:3a:f7:d8:20:
4b:2d:4b:0e:04:d5:22:64:9e:0a:4f:08:97:18:cc:eb:19:62:
98:4e:33:f3
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVxgyUiH8KvVSrhVU3T+itHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjMwMTAyMDgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDQzYmU1MWE1OGNjMTdiODE4NWYwY2YzMGQ5N2NlMjcwMTQ5NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikPSs7CCQhApMypOH3XxNsW9rLhw
tn8pVQcoIkwEMsaoP80C5muSupRhHsVBzdljmqI2F5hjo1EgPjNxuVtvZkZC9Szo
E1IyZ1bjTYHQhKarkrDsFS7xfxuUPG1fi3acn+j7zHKtgt+BqHXnSTCO5BT9boxK
7hSOUM2rP8SU7d+iaPgEAcpvqYBd0Rh1w/DsGvqKK2WxP2ZL5rk4Tv76G0Psm9zc
crM4H9QgvDvQrGhtXS4UMgD/a52pIxI8pY/gixsxwU2pjz0H0JcHIR91Jz0SO79y
G4/uB71VIMRqalXZbYHwNjVxSBudpYbCd9DSON8kZ7m1pkr+AH8hKVELrwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFBRDvlGljMF7gYXwzzDZfOJwFJZsMB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvRkVPLVVhV013WHVCaGZEUE1ObDg0bkFVbG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwMDBegwDAME
AC5kKwMEAC5kLAMEAVklkAMEArlpZAMEBLzXsDANBgkqhkiG9w0BAQsFAAOCAQEA
qng0+cSssK+Kl3KjZ6SQtWTy1JPCQ81F2Kv32dDr54mT8ywvEGuogOWnDdbrGHzV
Uy/UOA20MTWvLghfDmUhwSW1l2YrQU1oJd4prvQ23xuE9q244MD5pTg5GcbTWy/m
WJMIg5bGp+0SEFtzsdHsjL6csi8JJmFBL1ixt1NMhCGZl+cePHsmKcg1aUpmsNuD
Ub/gEIzTr9N/bZareBvjTv+IemWmbjYxefh2rpjpj7PPhbu7t4clOA87MtTU+njT
JXJbJF0FN4WC4IG0zjnZgHMZbnjIH/qApLcSzwhQTgBIP7Dzi0E699ggSy1LDgTV
ImSeCk8IlxjM6xlimE4z8w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:16 2025 by rpki-client