Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/FDIKj92hJ0QdBOCqH8TJQVmbSWw.roa
File: FDIKj92hJ0QdBOCqH8TJQVmbSWw.roa (raw, json)
Hash identifier: KXLvj4AEWNRMKr9RDPUqh0HjtxjZ3ByP1WPEqDlM010=
Subject key identifier: 14:32:0A:8F:DD:A1:27:44:1D:04:E0:AA:1F:C4:C9:41:59:9B:49:6C
Certificate issuer: /CN=e5a83b40b3f4d7d31fb3368dafaca1199a449892
Certificate serial: 018C97B481DBE959D79D4B748CAAC3FB98DB
Authority key identifier: E5:A8:3B:40:B3:F4:D7:D3:1F:B3:36:8D:AF:AC:A1:19:9A:44:98:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5ag7QLP019MfszaNr6yhGZpEmJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/FDIKj92hJ0QdBOCqH8TJQVmbSWw.roa
Signing time: Sat 23 Dec 2023 17:23:58 +0000
ROA not before: Sat 23 Dec 2023 17:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199624
IP address blocks: 185.166.243.0/24 maxlen: 32
91.208.171.0/24 maxlen: 32
185.8.4.0/22 maxlen: 32
185.166.240.0/22 maxlen: 32
2a0a:2100::/29 maxlen: 29
2a03:13c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:b4:81:db:e9:59:d7:9d:4b:74:8c:aa:c3:fb:98:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a83b40b3f4d7d31fb3368dafaca1199a449892
Validity
Not Before: Dec 23 17:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14320a8fdda127441d04e0aa1fc4c941599b496c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d2:a8:c6:0e:4f:58:e3:e5:24:c2:a0:70:09:
33:cd:84:03:76:78:1d:52:1b:82:a7:8b:7e:e4:ab:
d5:8b:d5:30:c9:27:e2:76:03:fe:a6:d8:65:4a:7d:
7b:a7:07:eb:d7:a5:d8:f5:e4:7f:1e:12:ea:67:48:
4e:10:bb:b7:0c:e5:a0:ae:a3:aa:02:4b:ea:7d:74:
64:de:14:2f:cb:be:cb:48:11:63:fd:74:7b:bb:6b:
d3:86:e4:e0:04:90:b8:f6:fc:a7:94:7c:97:69:5c:
d7:9c:27:96:19:b3:3c:65:f8:04:e4:b7:4e:0f:29:
a3:fe:d4:72:ce:fb:b4:00:35:fa:48:8a:8e:96:12:
f2:e1:04:7c:a9:08:b2:f3:92:3b:51:af:81:9e:15:
37:f1:70:54:6e:19:2b:cc:cd:65:b8:95:c9:45:d8:
3e:73:a1:bd:f4:a5:65:bd:2c:a2:b4:79:20:96:81:
f2:6e:5d:47:98:6e:98:89:68:b5:9b:5a:07:10:5a:
4d:78:99:62:a7:6c:9b:a3:29:74:9b:51:da:ea:b2:
70:fc:71:00:aa:8c:14:92:f8:79:ca:b3:a5:35:58:
9a:c3:4a:b6:91:f6:a4:3e:8a:99:a8:87:aa:51:58:
94:af:9a:af:da:39:ff:9d:e2:70:43:09:ce:3a:bd:
21:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:32:0A:8F:DD:A1:27:44:1D:04:E0:AA:1F:C4:C9:41:59:9B:49:6C
X509v3 Authority Key Identifier:
keyid:E5:A8:3B:40:B3:F4:D7:D3:1F:B3:36:8D:AF:AC:A1:19:9A:44:98:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5ag7QLP019MfszaNr6yhGZpEmJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/FDIKj92hJ0QdBOCqH8TJQVmbSWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/5ag7QLP019MfszaNr6yhGZpEmJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.171.0/24
185.8.4.0/22
185.166.240.0/22
IPv6:
2a03:13c0::/32
2a0a:2100::/29
Signature Algorithm: sha256WithRSAEncryption
7f:85:5d:b1:67:e1:ec:db:89:af:7b:9d:fc:10:31:1c:6e:5c:
aa:48:a9:cd:f0:53:24:1f:e8:e8:c4:d2:a9:e5:35:31:62:cf:
58:a2:4f:77:3b:6c:d0:30:9f:24:57:78:1d:08:94:c7:99:55:
69:c9:e2:9e:00:5c:ce:fd:b0:20:ca:df:31:01:6f:30:13:56:
89:8b:95:af:56:f8:07:88:74:cc:52:bd:08:8c:40:0f:34:14:
ea:0c:7c:a1:74:94:43:1a:51:fb:7e:25:80:e9:54:8b:75:e5:
15:aa:6f:02:da:c4:5f:04:33:5a:da:e9:ab:c0:52:f3:b1:f8:
ae:7f:2b:fa:07:99:b3:5e:de:95:7b:1d:95:66:71:32:c4:ae:
05:cb:4f:a1:6c:15:07:b5:46:3f:b0:98:54:45:9e:9f:e3:b7:
64:c3:6d:f7:b8:1d:7a:eb:44:80:01:eb:53:18:5d:60:84:6a:
65:5b:00:97:d7:9e:04:63:2e:ec:3f:a8:45:54:e9:c1:ce:31:
e3:f7:e5:b6:06:8f:b7:d0:80:2c:f2:f7:c6:43:1d:d3:a8:3f:
87:7e:28:93:38:c0:b9:df:4e:bb:cf:22:ff:51:f3:5b:ab:cf:
bf:83:99:e3:15:21:6e:b8:3e:21:03:8b:50:d9:86:4a:7f:d2:
98:22:fe:29
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYyXtIHb6VnXnUt0jKrD+5jbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTgzYjQwYjNmNGQ3ZDMxZmIzMzY4ZGFmYWNhMTE5OWE0
NDk4OTIwHhcNMjMxMjIzMTcyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDMyMGE4ZmRkYTEyNzQ0MWQwNGUwYWExZmM0Yzk0MTU5OWI0OTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9Koxg5PWOPlJMKgcAkzzYQDdngd
UhuCp4t+5KvVi9UwySfidgP+pthlSn17pwfr16XY9eR/HhLqZ0hOELu3DOWgrqOq
AkvqfXRk3hQvy77LSBFj/XR7u2vThuTgBJC49vynlHyXaVzXnCeWGbM8ZfgE5LdO
Dymj/tRyzvu0ADX6SIqOlhLy4QR8qQiy85I7Ua+BnhU38XBUbhkrzM1luJXJRdg+
c6G99KVlvSyitHkgloHybl1HmG6YiWi1m1oHEFpNeJlip2yboyl0m1Ha6rJw/HEA
qowUkvh5yrOlNViaw0q2kfakPoqZqIeqUViUr5qv2jn/neJwQwnOOr0hWwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBQyCo/doSdEHQTgqh/EyUFZm0lsMB8GA1UdIwQY
MBaAFOWoO0Cz9NfTH7M2ja+soRmaRJiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFnN1FMUDAxOU1mc3phTnI2eWhHWnBFbUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yNGNhYjQtMDEyNS00MzgzLTg1ZmEt
M2QzODg2MDZkYTEyLzEvRkRJS2o5MmhKMFFkQk9DcUg4VEpRVm1iU1d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yNGNhYjQtMDEyNS00MzgzLTg1ZmEtM2QzODg2MDZkYTEy
LzEvNWFnN1FMUDAxOU1mc3phTnI2eWhHWnBFbUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW9CrAwQC
uQgEAwQCuabwMBQEAgACMA4DBQAqAxPAAwUDKgohADANBgkqhkiG9w0BAQsFAAOC
AQEAf4VdsWfh7NuJr3ud/BAxHG5cqkipzfBTJB/o6MTSqeU1MWLPWKJPdzts0DCf
JFd4HQiUx5lVacningBczv2wIMrfMQFvMBNWiYuVr1b4B4h0zFK9CIxADzQU6gx8
oXSUQxpR+34lgOlUi3XlFapvAtrEXwQzWtrpq8BS87H4rn8r+geZs17elXsdlWZx
MsSuBctPoWwVB7VGP7CYVEWen+O3ZMNt97gdeutEgAHrUxhdYIRqZVsAl9eeBGMu
7D+oRVTpwc4x4/fltgaPt9CALPL3xkMd06g/h34okzjAud9Ou88i/1HzW6vPv4OZ
4xUhbrg+IQOLUNmGSn/SmCL+KQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:56 2025 by rpki-client