Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/631521-d4b7-4f10-8c06-87aa285f807c/1/FCKeYDgCtUR2hg09obY7dhBTiSo.roa
File: FCKeYDgCtUR2hg09obY7dhBTiSo.roa (raw, json)
Hash identifier: amQJMm4OthMVrbqCFCwWYBkVbDo65wXDBn9J5rdMSlU=
Subject key identifier: 14:22:9E:60:38:02:B5:44:76:86:0D:3D:A1:B6:3B:76:10:53:89:2A
Certificate issuer: /CN=cf5ef7a870d4b148eb1d4f4fe666ed5054adeaec
Certificate serial: 018AD1C24F8F2F6EE70B59DF1DE20173C9A9
Authority key identifier: CF:5E:F7:A8:70:D4:B1:48:EB:1D:4F:4F:E6:66:ED:50:54:AD:EA:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z173qHDUsUjrHU9P5mbtUFSt6uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/631521-d4b7-4f10-8c06-87aa285f807c/1/FCKeYDgCtUR2hg09obY7dhBTiSo.roa
Signing time: Tue 26 Sep 2023 13:51:27 +0000
ROA not before: Tue 26 Sep 2023 13:51:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198485
IP address blocks: 195.22.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:c2:4f:8f:2f:6e:e7:0b:59:df:1d:e2:01:73:c9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf5ef7a870d4b148eb1d4f4fe666ed5054adeaec
Validity
Not Before: Sep 26 13:51:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14229e603802b54476860d3da1b63b761053892a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3a:9c:0c:66:89:54:99:06:2e:5c:bd:f1:18:
e2:da:44:6b:df:55:5b:26:1a:ec:1e:51:8f:dd:77:
34:52:19:0f:96:93:3c:11:76:36:27:b5:eb:12:90:
53:b8:b3:e6:ca:2c:c9:1b:65:ab:9d:b2:a5:d8:31:
e9:e9:f7:43:49:21:79:70:72:a7:2f:38:14:a1:31:
1a:66:92:19:f2:96:51:7c:ec:7e:1c:82:52:02:9b:
61:eb:de:9e:e1:21:b5:d0:92:8e:bb:01:37:e0:8d:
17:d0:2d:50:6f:80:2d:7e:e1:5c:c3:b0:c0:7f:2f:
fb:d5:9b:6e:45:0f:c3:4e:a8:0a:bb:d8:61:b0:44:
7a:da:66:75:26:c8:21:1a:5b:33:bd:14:5b:f9:25:
fa:c7:89:f1:57:38:fc:77:8d:4e:b8:cd:63:82:51:
be:25:3e:04:ec:02:f4:73:ea:03:14:b6:d1:8a:eb:
88:0e:77:61:20:e5:81:d5:fb:18:98:98:30:b1:fb:
dd:bd:8b:80:98:0c:ff:0c:0f:0f:9f:69:31:e3:26:
6f:b5:24:23:91:0c:c2:5d:af:df:34:c7:1c:e8:3d:
03:fa:d2:3b:db:4f:c1:cc:7d:46:fe:8a:b9:18:c9:
ab:bd:a9:ec:77:2f:c5:c9:db:c3:dc:5c:3c:6a:94:
80:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:22:9E:60:38:02:B5:44:76:86:0D:3D:A1:B6:3B:76:10:53:89:2A
X509v3 Authority Key Identifier:
keyid:CF:5E:F7:A8:70:D4:B1:48:EB:1D:4F:4F:E6:66:ED:50:54:AD:EA:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z173qHDUsUjrHU9P5mbtUFSt6uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/631521-d4b7-4f10-8c06-87aa285f807c/1/FCKeYDgCtUR2hg09obY7dhBTiSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/631521-d4b7-4f10-8c06-87aa285f807c/1/z173qHDUsUjrHU9P5mbtUFSt6uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.22.122.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ec:8f:b5:ce:7a:53:94:c6:ea:04:fa:39:3f:6d:62:2c:61:
79:9e:65:ff:7c:85:3e:2d:f3:11:68:e3:82:aa:0f:ed:fe:4b:
0e:59:e0:9b:ce:6a:69:60:40:3a:9a:17:92:49:c4:db:9a:54:
01:54:a5:87:b6:c2:24:67:86:4b:6c:3c:7c:95:71:a8:49:ae:
41:a5:c4:a7:99:c0:e7:2e:dc:f1:46:00:cc:ff:1e:96:58:6c:
7a:4a:27:24:29:71:d4:45:d9:40:0c:3d:e7:8e:a5:fe:dc:96:
5b:e3:23:a2:99:0b:a0:c2:f6:e9:b1:bb:02:d3:0c:80:ae:04:
08:14:ee:4b:c6:c7:ff:88:cb:12:58:7e:fe:54:eb:e2:98:c5:
3e:dd:1e:60:5a:97:01:cb:77:e1:c2:61:f4:23:08:bc:cc:ab:
43:50:d5:67:74:85:23:c7:4d:a8:67:ce:c6:96:21:cc:12:dd:
84:69:c2:56:fe:f3:a6:a4:6d:8d:33:c6:19:f1:47:a7:12:a3:
8a:0a:3b:cf:f2:b9:35:1c:02:f5:f4:cc:a0:07:b5:07:98:0c:
55:48:e4:ee:e7:19:76:f2:75:3b:f0:42:ca:91:9d:47:1a:73:
22:36:89:81:88:51:09:f8:25:d0:54:ed:f1:25:59:a0:25:fb:
e2:b2:69:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrRwk+PL27nC1nfHeIBc8mpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNWVmN2E4NzBkNGIxNDhlYjFkNGY0ZmU2NjZlZDUwNTRh
ZGVhZWMwHhcNMjMwOTI2MTM1MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDIyOWU2MDM4MDJiNTQ0NzY4NjBkM2RhMWI2M2I3NjEwNTM4OTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszqcDGaJVJkGLly98Rji2kRr31Vb
JhrsHlGP3Xc0UhkPlpM8EXY2J7XrEpBTuLPmyizJG2WrnbKl2DHp6fdDSSF5cHKn
LzgUoTEaZpIZ8pZRfOx+HIJSApth696e4SG10JKOuwE34I0X0C1Qb4AtfuFcw7DA
fy/71ZtuRQ/DTqgKu9hhsER62mZ1JsghGlszvRRb+SX6x4nxVzj8d41OuM1jglG+
JT4E7AL0c+oDFLbRiuuIDndhIOWB1fsYmJgwsfvdvYuAmAz/DA8Pn2kx4yZvtSQj
kQzCXa/fNMcc6D0D+tI720/BzH1G/oq5GMmrvansdy/FydvD3Fw8apSAaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBQinmA4ArVEdoYNPaG2O3YQU4kqMB8GA1UdIwQY
MBaAFM9e96hw1LFI6x1PT+Zm7VBUrersMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejE3M3FIRFVzVWpySFU5UDVtYnRVRlN0NnV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82MzE1MjEtZDRiNy00ZjEwLThjMDYt
ODdhYTI4NWY4MDdjLzEvRkNLZVlEZ0N0VVIyaGcwOW9iWTdkaEJUaVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82MzE1MjEtZDRiNy00ZjEwLThjMDYtODdhYTI4NWY4MDdj
LzEvejE3M3FIRFVzVWpySFU5UDVtYnRVRlN0NnV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxZ6MA0G
CSqGSIb3DQEBCwUAA4IBAQCN7I+1znpTlMbqBPo5P21iLGF5nmX/fIU+LfMRaOOC
qg/t/ksOWeCbzmppYEA6mheSScTbmlQBVKWHtsIkZ4ZLbDx8lXGoSa5BpcSnmcDn
LtzxRgDM/x6WWGx6SickKXHURdlADD3njqX+3JZb4yOimQugwvbpsbsC0wyArgQI
FO5Lxsf/iMsSWH7+VOvimMU+3R5gWpcBy3fhwmH0Iwi8zKtDUNVndIUjx02oZ87G
liHMEt2EacJW/vOmpG2NM8YZ8UenEqOKCjvP8rk1HAL19MygB7UHmAxVSOTu5xl2
8nU78ELKkZ1HGnMiNomBiFEJ+CXQVO3xJVmgJfvismns
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:54 2025 by rpki-client