Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/_AAy4WyPEhg_sLHgpouiEfws0OY.roa
File: _AAy4WyPEhg_sLHgpouiEfws0OY.roa (raw, json)
Hash identifier: zZR/FjAyWZVv0C11uOWmpaH5FHfT5wy4+6dl3UTnppg=
Subject key identifier: FC:00:32:E1:6C:8F:12:18:3F:B0:B1:E0:A6:8B:A2:11:FC:2C:D0:E6
Certificate issuer: /CN=d07dff547eacbe81dc3465598446d3b027dcb76d
Certificate serial: 018BB0AB96758FA5F4B21EC37DFB4691632F
Authority key identifier: D0:7D:FF:54:7E:AC:BE:81:DC:34:65:59:84:46:D3:B0:27:DC:B7:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H3_VH6svoHcNGVZhEbTsCfct20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/_AAy4WyPEhg_sLHgpouiEfws0OY.roa
Signing time: Wed 08 Nov 2023 20:41:57 +0000
ROA not before: Wed 08 Nov 2023 20:41:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5517
IP address blocks: 194.245.0.0/16 maxlen: 16
194.176.0.0/19 maxlen: 19
159.25.0.0/16 maxlen: 24
2a01:4fc0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:ab:96:75:8f:a5:f4:b2:1e:c3:7d:fb:46:91:63:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07dff547eacbe81dc3465598446d3b027dcb76d
Validity
Not Before: Nov 8 20:41:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc0032e16c8f12183fb0b1e0a68ba211fc2cd0e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b7:5c:c2:85:67:da:c9:6c:1f:fa:33:24:1f:
72:04:19:f2:7f:41:5f:59:d8:7a:33:71:04:a5:8a:
b8:50:40:76:1d:87:89:4c:62:d7:6e:dc:63:b2:ed:
81:f1:75:19:5f:45:ae:fb:47:99:56:58:8e:f4:2e:
bb:90:9c:b1:71:fb:35:fb:70:9c:8e:49:00:f2:80:
90:21:34:33:6d:3f:fc:08:27:12:ac:f4:1c:ef:73:
3a:9f:89:50:bb:bd:46:28:fe:ea:b3:22:3f:c2:c4:
e7:0c:28:d4:2f:fc:98:da:de:ac:93:95:14:15:18:
e3:f5:a0:1d:c6:7b:62:d6:88:19:39:43:95:10:a0:
7c:70:57:4d:7c:04:d8:5a:c2:fe:00:53:3f:b2:f8:
1c:29:0c:32:da:2c:88:ea:b7:9a:61:51:98:f1:94:
c0:1a:b6:18:6a:6e:f4:85:0b:68:03:eb:5b:53:6c:
69:5e:22:43:e3:99:42:10:12:67:be:13:3b:3c:2e:
04:76:19:5a:d4:88:7a:34:9e:ce:20:61:28:ab:b7:
d8:4e:c2:46:8b:90:56:5e:97:01:a3:e4:0d:51:78:
10:2e:42:b3:ba:54:d4:af:a1:17:43:96:fe:7b:d6:
be:57:5c:df:c0:41:c3:65:eb:7a:2f:1b:b7:00:8a:
a9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:00:32:E1:6C:8F:12:18:3F:B0:B1:E0:A6:8B:A2:11:FC:2C:D0:E6
X509v3 Authority Key Identifier:
keyid:D0:7D:FF:54:7E:AC:BE:81:DC:34:65:59:84:46:D3:B0:27:DC:B7:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H3_VH6svoHcNGVZhEbTsCfct20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/_AAy4WyPEhg_sLHgpouiEfws0OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/0H3_VH6svoHcNGVZhEbTsCfct20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.25.0.0/16
194.176.0.0/19
194.245.0.0/16
IPv6:
2a01:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
5d:74:04:61:6a:f9:a3:9e:bc:73:c7:07:de:f1:24:fb:9b:6c:
c5:41:6f:00:a9:41:3f:4c:75:c7:9d:9d:55:e5:15:61:28:ce:
fe:ad:47:7b:31:1e:12:f1:59:e4:4b:8f:2c:eb:ea:dd:58:7b:
fe:39:8e:e1:ba:93:95:0c:34:69:df:40:07:13:7b:73:ff:6e:
17:95:db:ec:7c:1d:9d:37:13:8d:b2:a9:a3:20:14:5d:94:cb:
1f:3a:2d:e2:a6:d3:63:a3:a0:be:c0:c0:6a:23:9d:1c:c8:da:
35:a1:09:2a:b1:4c:a1:37:69:7b:73:01:2f:df:44:de:47:8c:
b2:d9:35:e2:ce:ff:9f:95:ec:c4:05:3b:87:93:25:50:9b:cc:
90:0d:fb:ef:18:ff:30:e5:5e:a7:cf:b4:a4:5c:8f:c4:c6:31:
31:bb:30:33:14:63:66:80:bd:9a:f8:c0:0d:ce:88:5e:2a:cb:
49:e6:f5:05:a6:13:c4:e5:55:6e:20:c0:3b:79:0b:dc:b1:8d:
b0:6e:d9:d6:07:8d:2c:2e:ec:73:25:e9:78:f9:85:70:28:dc:
cf:da:e7:60:c6:e5:47:f2:1b:92:c6:11:c2:cb:e8:a9:5e:25:
b1:b5:95:ac:b9:d9:9c:01:7a:9d:7c:0b:7e:20:f4:2d:62:9c:
71:a2:33:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYuwq5Z1j6X0sh7DfftGkWMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2RmZjU0N2VhY2JlODFkYzM0NjU1OTg0NDZkM2IwMjdk
Y2I3NmQwHhcNMjMxMTA4MjA0MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzAwMzJlMTZjOGYxMjE4M2ZiMGIxZTBhNjhiYTIxMWZjMmNkMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7dcwoVn2slsH/ozJB9yBBnyf0Ff
Wdh6M3EEpYq4UEB2HYeJTGLXbtxjsu2B8XUZX0Wu+0eZVliO9C67kJyxcfs1+3Cc
jkkA8oCQITQzbT/8CCcSrPQc73M6n4lQu71GKP7qsyI/wsTnDCjUL/yY2t6sk5UU
FRjj9aAdxnti1ogZOUOVEKB8cFdNfATYWsL+AFM/svgcKQwy2iyI6reaYVGY8ZTA
GrYYam70hQtoA+tbU2xpXiJD45lCEBJnvhM7PC4Edhla1Ih6NJ7OIGEoq7fYTsJG
i5BWXpcBo+QNUXgQLkKzulTUr6EXQ5b+e9a+V1zfwEHDZet6Lxu3AIqpPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwAMuFsjxIYP7Cx4KaLohH8LNDmMB8GA1UdIwQY
MBaAFNB9/1R+rL6B3DRlWYRG07An3LdtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgzX1ZINnN2b0hjTkdWWmhFYlRzQ2ZjdDIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lMGU4MjktMTI4NC00ZGIxLWJhNDgt
Nzg1YWMxOTFiMzFhLzEvX0FBeTRXeVBFaGdfc0xIZ3BvdWlFZndzME9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lMGU4MjktMTI4NC00ZGIxLWJhNDgtNzg1YWMxOTFiMzFh
LzEvMEgzX1ZINnN2b0hjTkdWWmhFYlRzQ2ZjdDIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAWBAIAATAQAwMAnxkDBAXC
sAADAwDC9TANBAIAAjAHAwUAKgFPwDANBgkqhkiG9w0BAQsFAAOCAQEAXXQEYWr5
o568c8cH3vEk+5tsxUFvAKlBP0x1x52dVeUVYSjO/q1HezEeEvFZ5EuPLOvq3Vh7
/jmO4bqTlQw0ad9ABxN7c/9uF5Xb7HwdnTcTjbKpoyAUXZTLHzot4qbTY6OgvsDA
aiOdHMjaNaEJKrFMoTdpe3MBL99E3keMstk14s7/n5XsxAU7h5MlUJvMkA377xj/
MOVep8+0pFyPxMYxMbswMxRjZoC9mvjADc6IXirLSeb1BaYTxOVVbiDAO3kL3LGN
sG7Z1geNLC7scyXpePmFcCjcz9rnYMblR/IbksYRwsvoqV4lsbWVrLnZnAF6nXwL
fiD0LWKccaIzzQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:57:28 2025 by rpki-client