Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/fyvOcKh_HtqBLYJT7aF-hNL8Azo.roa
File: fyvOcKh_HtqBLYJT7aF-hNL8Azo.roa (raw, json)
Hash identifier: +2czrzn+f/qqJVSykxpTjWUnnLeM2Y/PpX+MMj6E0gc=
Subject key identifier: 7F:2B:CE:70:A8:7F:1E:DA:81:2D:82:53:ED:A1:7E:84:D2:FC:03:3A
Certificate issuer: /CN=fdad61d8e8c1abda8596930e21f18211a517681f
Certificate serial: 01856C1CC5A299D2FBC39DF85701AAEB23AF
Authority key identifier: FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/fyvOcKh_HtqBLYJT7aF-hNL8Azo.roa
Signing time: Sun 01 Jan 2023 06:55:02 +0000
ROA not before: Sun 01 Jan 2023 06:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51178
IP address blocks: 91.219.64.0/22 maxlen: 23
5.61.14.0/23 maxlen: 24
5.61.13.0/24 maxlen: 24
188.68.184.0/22 maxlen: 23
185.218.68.0/23 maxlen: 23
92.249.4.0/24 maxlen: 24
2a00:9801::/32 maxlen: 32
2a0b:d0c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:c5:a2:99:d2:fb:c3:9d:f8:57:01:aa:eb:23:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdad61d8e8c1abda8596930e21f18211a517681f
Validity
Not Before: Jan 1 06:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f2bce70a87f1eda812d8253eda17e84d2fc033a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:43:31:ad:d2:71:e5:9f:55:8a:27:e9:15:50:
77:43:cb:06:59:8c:4d:0c:ba:f0:d2:3d:81:20:19:
4f:d7:65:d9:7b:d1:1d:49:2d:ec:43:90:ba:35:6b:
bd:7b:23:fb:15:fd:b0:c6:c0:3e:c0:13:27:57:52:
39:4c:84:d6:d2:f6:e4:38:80:e0:74:68:ab:e2:27:
d2:8a:2e:08:6a:98:82:5c:79:c7:61:11:0c:54:a4:
fe:52:2f:59:e2:ce:3b:4b:b1:8f:f4:56:82:5f:e7:
d9:42:97:52:49:fe:2f:87:5e:88:ee:e7:f1:25:5a:
98:22:60:59:b9:1a:d3:62:6e:fa:ee:32:8c:59:35:
bc:33:fd:1f:18:f8:57:a2:09:99:6f:c8:ed:33:e0:
25:5d:c2:5e:21:4a:25:a3:8b:4d:17:30:47:31:3d:
a6:7a:31:df:01:ac:ae:1a:f7:d8:8c:ea:20:78:1e:
45:e6:08:3f:b5:97:12:9a:df:50:95:1d:8b:cd:c9:
d2:cd:78:da:df:fc:89:40:08:1a:15:cf:c3:c6:03:
f1:3f:ff:d5:17:53:22:00:12:16:7e:48:9a:21:77:
53:1d:de:8b:7c:48:c6:5f:17:91:04:cf:a5:46:eb:
b9:8d:58:8c:04:af:85:4a:04:ea:42:90:00:4d:95:
99:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2B:CE:70:A8:7F:1E:DA:81:2D:82:53:ED:A1:7E:84:D2:FC:03:3A
X509v3 Authority Key Identifier:
keyid:FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/fyvOcKh_HtqBLYJT7aF-hNL8Azo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/_a1h2OjBq9qFlpMOIfGCEaUXaB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.13.0-5.61.15.255
91.219.64.0/22
92.249.4.0/24
185.218.68.0/23
188.68.184.0/22
IPv6:
2a00:9801::/32
2a0b:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
08:c1:a8:b4:1f:dd:e0:b0:d8:96:43:7a:9b:d1:63:1d:34:ca:
b3:61:8b:22:1a:85:84:f5:46:a0:d8:70:59:21:89:10:65:d1:
a9:16:62:10:ab:e6:79:71:36:a1:37:e6:40:59:ec:00:4d:63:
a6:d2:49:5a:18:6c:1c:7b:d6:bb:2d:c9:24:5a:5e:bf:0e:b3:
b3:47:95:e8:c9:8f:7e:75:a8:29:f4:8f:da:d8:b2:ec:16:3b:
f7:9d:27:04:57:81:7e:93:93:7f:db:8a:99:47:76:a8:f7:1f:
b4:f4:0c:92:99:e3:c3:46:7c:c9:75:aa:d9:1c:e9:7a:c0:80:
42:8a:38:d2:8f:99:78:fb:80:67:47:0d:53:c1:99:41:d8:d9:
5e:39:9c:24:15:af:6b:b4:de:27:7c:0f:3b:07:39:74:16:1c:
fc:ca:84:9a:24:a9:45:39:4f:d2:7c:68:5d:ea:55:dc:15:d9:
df:8b:eb:3f:3c:30:13:8c:d4:0f:db:4f:8f:f7:9e:db:41:2a:
88:fa:ad:fe:30:00:4e:26:2b:ad:92:91:fc:ec:8f:61:dc:57:
6d:f6:e5:6b:11:32:fb:e4:35:2c:da:90:4d:0b:e1:64:25:d9:
83:ee:48:12:3a:d3:ad:75:aa:76:03:d0:de:ba:75:d9:15:48:
da:df:3c:6c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVsHMWimdL7w534VwGq6yOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYWQ2MWQ4ZThjMWFiZGE4NTk2OTMwZTIxZjE4MjExYTUx
NzY4MWYwHhcNMjMwMTAxMDY1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjJiY2U3MGE4N2YxZWRhODEyZDgyNTNlZGExN2U4NGQyZmMwMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkMxrdJx5Z9ViifpFVB3Q8sGWYxN
DLrw0j2BIBlP12XZe9EdSS3sQ5C6NWu9eyP7Ff2wxsA+wBMnV1I5TITW0vbkOIDg
dGir4ifSii4IapiCXHnHYREMVKT+Ui9Z4s47S7GP9FaCX+fZQpdSSf4vh16I7ufx
JVqYImBZuRrTYm767jKMWTW8M/0fGPhXogmZb8jtM+AlXcJeIUolo4tNFzBHMT2m
ejHfAayuGvfYjOogeB5F5gg/tZcSmt9QlR2LzcnSzXja3/yJQAgaFc/DxgPxP//V
F1MiABIWfkiaIXdTHd6LfEjGXxeRBM+lRuu5jViMBK+FSgTqQpAATZWZRQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFH8rznCofx7agS2CU+2hfoTS/AM6MB8GA1UdIwQY
MBaAFP2tYdjowavahZaTDiHxghGlF2gfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2Et
ODRlZTIyYTNlZTViLzEvZnl2T2NLaF9IdHFCTFlKVDdhRi1oTkw4QXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2EtODRlZTIyYTNlZTVi
LzEvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmMAwDBAAFPQ0D
BAQFPQADBAJb20ADBABc+QQDBAG52kQDBAK8RLgwFAQCAAIwDgMFACoAmAEDBQMq
C9DAMA0GCSqGSIb3DQEBCwUAA4IBAQAIwai0H93gsNiWQ3qb0WMdNMqzYYsiGoWE
9Uag2HBZIYkQZdGpFmIQq+Z5cTahN+ZAWewATWOm0klaGGwce9a7LckkWl6/DrOz
R5XoyY9+dagp9I/a2LLsFjv3nScEV4F+k5N/24qZR3ao9x+09AySmePDRnzJdarZ
HOl6wIBCijjSj5l4+4BnRw1TwZlB2NleOZwkFa9rtN4nfA87Bzl0Fhz8yoSaJKlF
OU/SfGhd6lXcFdnfi+s/PDATjNQP20+P957bQSqI+q3+MABOJiutkpH87I9h3Fdt
9uVrETL75DUs2pBNC+FkJdmD7kgSOtOtdap2A9DeunXZFUja3zxs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:05 2025 by rpki-client