Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fTg7J5W5EThJ7U4_4eQeT3IEIU8.roa
File: fTg7J5W5EThJ7U4_4eQeT3IEIU8.roa (raw, json)
Hash identifier: ycUP1iyW7nen51FJwuiL5QH+cB1lnGMQDN2wXuCUx4U=
Subject key identifier: 7D:38:3B:27:95:B9:11:38:49:ED:4E:3F:E1:E4:1E:4F:72:04:21:4F
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41DB8BF401B4926A2A94734C2A819D
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fTg7J5W5EThJ7U4_4eQeT3IEIU8.roa
Signing time: Sun 01 Jan 2023 16:54:47 +0000
ROA not before: Sun 01 Jan 2023 16:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48874
IP address blocks: 85.204.116.0/24 maxlen: 24
89.40.73.0/24 maxlen: 24
86.104.194.0/24 maxlen: 24
86.104.10.0/24 maxlen: 24
89.32.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:db:8b:f4:01:b4:92:6a:2a:94:73:4c:2a:81:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d383b2795b9113849ed4e3fe1e41e4f7204214f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ec:8c:33:3b:5f:32:5f:6d:43:10:6c:74:57:
cc:c8:6f:82:fc:fb:5c:de:66:cf:25:52:8a:16:7b:
8c:2c:93:3c:61:74:7e:19:c5:02:63:4f:25:17:72:
d5:e3:40:d6:1c:94:cc:3b:8f:75:0f:d4:ec:82:51:
ad:5d:ec:ff:40:c2:1b:cf:58:54:62:73:9d:a4:84:
dc:37:e2:64:f1:10:cc:82:c3:b0:8b:a0:64:e8:9f:
6d:dd:22:bb:3f:76:83:ad:5a:28:07:37:9f:1d:d3:
87:f1:c8:b4:ae:e9:a6:15:7e:c1:eb:ca:0f:cc:5e:
a5:87:65:14:ee:aa:53:fa:80:6a:6d:28:1b:23:a0:
bc:6a:13:23:c7:75:ac:65:06:93:b6:45:fe:9d:87:
31:0c:36:ab:ba:ba:60:2a:15:52:42:04:4b:df:94:
fc:08:52:98:14:0a:2f:52:3b:af:8b:0a:fa:21:73:
e0:d5:ba:4e:71:c2:d1:d1:94:60:fc:fa:0d:d9:95:
f5:c5:dd:ed:3c:d6:2b:ca:df:44:94:62:57:ce:09:
33:34:6d:86:05:09:cb:c1:9a:d3:67:30:c9:29:81:
6e:85:e9:c4:52:72:a0:4b:ce:7e:d6:a0:f2:ff:56:
85:df:4c:f1:f7:d8:42:3b:e9:66:18:a2:f3:1f:fe:
fd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:38:3B:27:95:B9:11:38:49:ED:4E:3F:E1:E4:1E:4F:72:04:21:4F
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fTg7J5W5EThJ7U4_4eQeT3IEIU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.116.0/24
86.104.10.0/24
86.104.194.0/24
89.32.41.0/24
89.40.73.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:7b:22:12:11:57:a3:3f:6f:73:ea:ef:f3:5c:b9:8b:88:23:
73:d7:75:9d:bb:c9:92:f9:7a:a7:15:82:ad:c8:2b:31:d5:fe:
de:a4:23:d8:27:56:af:80:f3:c5:3c:7e:86:6a:e1:9c:c5:0f:
ed:ce:74:33:8e:95:e1:f4:bd:5e:12:0a:98:d0:36:4b:74:f6:
fd:75:5e:c2:54:0a:cb:86:50:c4:b3:0a:2c:f3:ec:a4:0b:6e:
83:d5:56:c6:b3:46:f6:31:c6:dc:c9:6c:a6:25:79:41:ad:be:
0e:fc:c4:26:e1:bc:c8:0f:99:bc:aa:c3:42:05:89:c5:6d:e9:
09:6d:22:ad:ac:8e:69:36:f1:27:4f:cc:4a:e7:54:4b:cd:ae:
d4:31:fe:43:bc:36:59:9a:52:76:b5:c1:d4:04:28:bc:ae:c4:
a4:c8:29:57:09:95:82:fa:4e:06:ca:72:fa:69:dd:e2:51:b3:
56:a2:76:26:48:5e:ac:e0:6c:b2:ef:a7:dc:f7:57:96:83:5f:
cc:de:8d:fe:ae:19:b7:fe:a5:af:ac:db:99:f2:18:02:39:fe:
2f:bd:64:eb:f4:42:6f:c4:8e:d6:7b:13:ff:cd:51:4a:4e:5e:
0b:05:a3:3e:df:6d:d3:ae:d8:a3:6d:5a:66:84:11:01:1c:ab:
64:8c:2c:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVuQduL9AG0kmoqlHNMKoGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM4M2IyNzk1YjkxMTM4NDllZDRlM2ZlMWU0MWU0ZjcyMDQyMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluyMMztfMl9tQxBsdFfMyG+C/Ptc
3mbPJVKKFnuMLJM8YXR+GcUCY08lF3LV40DWHJTMO491D9TsglGtXez/QMIbz1hU
YnOdpITcN+Jk8RDMgsOwi6Bk6J9t3SK7P3aDrVooBzefHdOH8ci0rummFX7B68oP
zF6lh2UU7qpT+oBqbSgbI6C8ahMjx3WsZQaTtkX+nYcxDDarurpgKhVSQgRL35T8
CFKYFAovUjuviwr6IXPg1bpOccLR0ZRg/PoN2ZX1xd3tPNYryt9ElGJXzgkzNG2G
BQnLwZrTZzDJKYFuhenEUnKgS85+1qDy/1aF30zx99hCO+lmGKLzH/790QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH04OyeVuRE4Se1OP+HkHk9yBCFPMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvZlRnN0o1VzVFVGhKN1U0XzRlUWVUM0lFSVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVcx0AwQA
VmgKAwQAVmjCAwQAWSApAwQAWShJMA0GCSqGSIb3DQEBCwUAA4IBAQAteyISEVej
P29z6u/zXLmLiCNz13Wdu8mS+XqnFYKtyCsx1f7epCPYJ1avgPPFPH6GauGcxQ/t
znQzjpXh9L1eEgqY0DZLdPb9dV7CVArLhlDEswos8+ykC26D1VbGs0b2McbcyWym
JXlBrb4O/MQm4bzID5m8qsNCBYnFbekJbSKtrI5pNvEnT8xK51RLza7UMf5DvDZZ
mlJ2tcHUBCi8rsSkyClXCZWC+k4GynL6ad3iUbNWonYmSF6s4Gyy76fc91eWg1/M
3o3+rhm3/qWvrNuZ8hgCOf4vvWTr9EJvxI7WexP/zVFKTl4LBaM+323TrtijbVpm
hBEBHKtkjCxH
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:51:54 2025 by rpki-client