Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/210211-ffea-47ee-89ba-6cccba9974ec/1/_AJxvWNT6h0bN3Q-DaOaVnoscUI.roa
File: _AJxvWNT6h0bN3Q-DaOaVnoscUI.roa (raw, json)
Hash identifier: e1z5/RZz3NaubR5LMZw0ob1gdY72dpQ8rY8G5WiiEHI=
Subject key identifier: FC:02:71:BD:63:53:EA:1D:1B:37:74:3E:0D:A3:9A:56:7A:2C:71:42
Certificate issuer: /CN=c3fb00b220ea784a04683054fcbf4e4b489eb420
Certificate serial: 0186127C1E0138597CA40AA451C5FCB0254F
Authority key identifier: C3:FB:00:B2:20:EA:78:4A:04:68:30:54:FC:BF:4E:4B:48:9E:B4:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w_sAsiDqeEoEaDBU_L9OS0ietCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/210211-ffea-47ee-89ba-6cccba9974ec/1/_AJxvWNT6h0bN3Q-DaOaVnoscUI.roa
Signing time: Thu 02 Feb 2023 14:16:09 +0000
ROA not before: Thu 02 Feb 2023 14:16:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201636
IP address blocks: 185.198.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:7c:1e:01:38:59:7c:a4:0a:a4:51:c5:fc:b0:25:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3fb00b220ea784a04683054fcbf4e4b489eb420
Validity
Not Before: Feb 2 14:16:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc0271bd6353ea1d1b37743e0da39a567a2c7142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b4:7d:2b:80:93:7c:17:be:ca:0d:36:ba:38:
9c:40:ef:82:f1:54:52:97:48:b7:0f:04:76:49:6a:
cf:b7:ed:46:56:4d:17:c9:b3:de:b5:70:f7:e2:9f:
0a:4a:b7:55:17:8a:84:fb:33:af:2a:3f:a0:9e:f7:
0a:91:a1:4a:c3:b7:12:ee:0e:6d:66:3d:d8:a6:26:
7a:f8:76:e4:25:dd:f2:e2:78:08:32:33:20:bb:60:
c8:1c:b6:21:87:6e:d4:af:3f:73:5d:61:81:ca:f1:
27:89:7f:dd:5f:51:ad:d9:e9:f8:f1:e4:69:ae:ff:
e3:ff:d3:8f:60:ea:ca:3f:ef:e5:dd:7a:e5:7b:e5:
40:2b:16:cd:93:6e:a6:1f:23:a7:e0:c0:e1:bc:37:
f3:c9:5f:47:12:e3:33:60:47:35:22:95:c1:fc:01:
52:e0:53:54:c9:66:07:1b:55:71:91:ed:ab:6b:0b:
e7:7d:82:19:df:e5:c6:5e:f0:2b:a1:c7:c6:aa:6a:
0f:34:8d:25:77:4b:52:20:63:d6:bc:ce:31:ef:8d:
16:0b:d6:e0:c6:1c:cc:8b:62:dd:91:bc:a5:e0:74:
3f:b3:58:0d:b0:aa:11:70:81:b0:67:98:81:be:23:
53:a3:12:92:0b:88:04:dd:96:2a:0f:9b:fc:b7:0b:
a8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:02:71:BD:63:53:EA:1D:1B:37:74:3E:0D:A3:9A:56:7A:2C:71:42
X509v3 Authority Key Identifier:
keyid:C3:FB:00:B2:20:EA:78:4A:04:68:30:54:FC:BF:4E:4B:48:9E:B4:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w_sAsiDqeEoEaDBU_L9OS0ietCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/210211-ffea-47ee-89ba-6cccba9974ec/1/_AJxvWNT6h0bN3Q-DaOaVnoscUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/210211-ffea-47ee-89ba-6cccba9974ec/1/w_sAsiDqeEoEaDBU_L9OS0ietCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.154.0/24
Signature Algorithm: sha256WithRSAEncryption
81:47:b6:dc:a9:23:36:d4:39:e7:79:2c:35:fc:41:37:e0:dd:
df:da:5f:34:c4:be:9b:d1:91:6d:df:0f:2f:af:ed:68:1b:3e:
f9:68:54:8b:06:e6:ba:4a:f9:c8:7d:e1:60:7a:4b:37:55:30:
4c:ef:6b:34:8a:d5:c1:d6:0f:6a:ae:9d:29:0c:03:f6:fa:bb:
48:19:16:be:de:66:81:b9:98:60:b1:24:3f:cf:28:55:7a:9f:
7c:20:9e:63:0f:11:9a:20:01:d1:c1:2c:79:ef:65:2e:2d:32:
41:74:fc:c4:2f:ce:0b:b7:a8:b8:84:6a:82:94:9c:60:8d:f9:
58:10:e3:93:6f:2b:fa:07:4f:76:09:1f:f4:fb:ea:c8:1a:3d:
06:d8:68:76:90:be:bf:c0:6d:01:d0:63:ef:01:a3:15:3f:3e:
fe:e8:25:c2:31:7f:63:94:8e:aa:2f:83:c0:4c:de:1d:c5:b0:
dc:f8:ec:5f:29:bd:05:30:a0:c0:48:21:2a:c0:62:32:76:a9:
8f:fe:14:a6:2b:79:59:31:c0:c9:20:42:25:e8:2e:63:9f:64:
4e:39:a7:cc:13:18:df:2f:7a:74:d8:65:66:37:dc:16:04:47:
c5:25:d8:16:2e:b2:6f:d9:3c:da:14:71:fd:7e:c2:69:8d:d6:
f6:7e:7a:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYSfB4BOFl8pAqkUcX8sCVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZmIwMGIyMjBlYTc4NGEwNDY4MzA1NGZjYmY0ZTRiNDg5
ZWI0MjAwHhcNMjMwMjAyMTQxNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzAyNzFiZDYzNTNlYTFkMWIzNzc0M2UwZGEzOWE1NjdhMmM3MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7R9K4CTfBe+yg02ujicQO+C8VRS
l0i3DwR2SWrPt+1GVk0XybPetXD34p8KSrdVF4qE+zOvKj+gnvcKkaFKw7cS7g5t
Zj3YpiZ6+HbkJd3y4ngIMjMgu2DIHLYhh27Urz9zXWGByvEniX/dX1Gt2en48eRp
rv/j/9OPYOrKP+/l3Xrle+VAKxbNk26mHyOn4MDhvDfzyV9HEuMzYEc1IpXB/AFS
4FNUyWYHG1Vxke2rawvnfYIZ3+XGXvArocfGqmoPNI0ld0tSIGPWvM4x740WC9bg
xhzMi2Ldkbyl4HQ/s1gNsKoRcIGwZ5iBviNToxKSC4gE3ZYqD5v8twuo6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPwCcb1jU+odGzd0Pg2jmlZ6LHFCMB8GA1UdIwQY
MBaAFMP7ALIg6nhKBGgwVPy/TktInrQgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd19zQXNpRHFlRW9FYURCVV9MOU9TMGlldENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8yMTAyMTEtZmZlYS00N2VlLTg5YmEt
NmNjY2JhOTk3NGVjLzEvX0FKeHZXTlQ2aDBiTjNRLURhT2FWbm9zY1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8yMTAyMTEtZmZlYS00N2VlLTg5YmEtNmNjY2JhOTk3NGVj
LzEvd19zQXNpRHFlRW9FYURCVV9MOU9TMGlldENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucaaMA0G
CSqGSIb3DQEBCwUAA4IBAQCBR7bcqSM21DnneSw1/EE34N3f2l80xL6b0ZFt3w8v
r+1oGz75aFSLBua6SvnIfeFgeks3VTBM72s0itXB1g9qrp0pDAP2+rtIGRa+3maB
uZhgsSQ/zyhVep98IJ5jDxGaIAHRwSx572UuLTJBdPzEL84Lt6i4hGqClJxgjflY
EOOTbyv6B092CR/0++rIGj0G2Gh2kL6/wG0B0GPvAaMVPz7+6CXCMX9jlI6qL4PA
TN4dxbDc+OxfKb0FMKDASCEqwGIydqmP/hSmK3lZMcDJIEIl6C5jn2ROOafMExjf
L3p02GVmN9wWBEfFJdgWLrJv2TzaFHH9fsJpjdb2fnqp
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:36:19 2025 by rpki-client