Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/FO4mA0XK6aq91gVNDuQ91a2uDyk.roa
File: FO4mA0XK6aq91gVNDuQ91a2uDyk.roa (raw, json)
Hash identifier: RR16aX2jwIFd1k4ZvQLqBtkMByU0uXHxPTNTPSoFfCs=
Subject key identifier: 14:EE:26:03:45:CA:E9:AA:BD:D6:05:4D:0E:E4:3D:D5:AD:AE:0F:29
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 3942BC5E
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/FO4mA0XK6aq91gVNDuQ91a2uDyk.roa
Signing time: Sat 01 Jan 2022 03:53:01 +0000
ROA not before: Sat 01 Jan 2022 03:53:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12402
IP address blocks: 83.212.236.0/22 maxlen: 22
83.212.28.0/22 maxlen: 22
195.251.224.0/21 maxlen: 21
195.251.236.0/23 maxlen: 23
2001:648:24a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960674910 (0x3942bc5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 03:53:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14ee260345cae9aabdd6054d0ee43dd5adae0f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f0:19:60:a4:db:e1:01:63:8c:b8:9b:96:dd:
45:7f:8e:1a:39:77:38:08:1e:c8:97:61:2d:09:18:
9e:8c:75:62:6d:e3:c7:1c:7c:f3:b9:bf:25:70:cc:
07:d3:d9:b3:6e:a2:f6:2e:a6:cb:7a:39:0c:8d:26:
1d:a7:2a:96:8a:17:52:f8:e0:12:68:02:5e:6f:d3:
3b:72:e1:09:ed:3d:da:c5:f1:27:6a:55:bb:78:c3:
29:dd:a0:30:9b:8a:5a:5c:17:a9:f2:ec:27:16:bc:
3d:d5:cd:86:f1:b1:71:af:90:bf:f8:0b:39:fc:59:
dd:10:2b:b6:d9:1c:ea:bf:f1:18:e5:06:8b:05:14:
20:33:7d:58:0a:ba:fb:8a:46:09:f6:9a:2e:a1:a9:
d0:a0:d8:41:ae:98:81:41:05:f5:d9:44:0a:3c:8d:
b0:c2:45:47:32:ac:1d:ca:2c:c9:f7:79:08:4b:45:
c5:80:44:90:11:ba:0e:4b:29:70:8b:be:c0:34:da:
55:3d:80:aa:c2:b8:89:c0:a1:01:c7:93:d1:7f:d8:
28:1b:60:18:57:2f:2f:fa:95:11:54:b9:f0:fc:2f:
d3:4e:ca:41:85:94:f4:d0:9e:9e:66:d6:1b:59:e4:
87:5a:8e:94:5d:3b:c6:79:48:bc:df:f5:91:f3:50:
6f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EE:26:03:45:CA:E9:AA:BD:D6:05:4D:0E:E4:3D:D5:AD:AE:0F:29
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/FO4mA0XK6aq91gVNDuQ91a2uDyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.212.28.0/22
83.212.236.0/22
195.251.224.0/21
195.251.236.0/23
IPv6:
2001:648:24a0::/48
Signature Algorithm: sha256WithRSAEncryption
a2:e1:0e:3d:27:f5:47:d2:54:41:e9:63:9f:31:2c:6f:c9:c4:
76:bb:91:02:55:29:02:cf:14:ce:f5:aa:62:ad:5d:e5:4f:9b:
a9:d4:da:78:9f:05:09:ca:3b:38:f1:15:cb:09:dd:18:af:06:
99:61:0f:b2:e8:4b:25:3a:b5:a6:ae:a4:01:2e:04:88:b5:1f:
61:11:d5:3d:54:70:08:dc:a9:53:12:b4:9e:d1:be:9a:83:a8:
37:cc:d9:35:27:bb:3f:58:44:e9:62:88:6e:1d:6d:2b:82:88:
3a:5e:4f:5f:18:c0:ae:bd:d3:51:1a:89:0e:cd:bd:b4:79:58:
21:c6:26:9c:82:16:95:c9:05:40:c0:c7:9b:30:1e:c9:f4:cb:
54:63:f9:7c:96:86:35:e0:c2:f9:df:ee:57:cb:a4:08:28:f7:
fb:5b:80:fe:0f:f2:be:b3:a5:f2:fc:6e:27:d0:f4:c4:7b:fb:
63:bc:90:3e:0a:0f:cb:6f:1d:28:fd:e7:f4:dc:e2:39:21:28:
9a:9a:e6:60:08:1a:c1:2e:18:51:d8:4f:04:74:93:66:0b:69:
25:33:ff:ad:9a:33:08:30:11:2f:76:74:a8:ab:b9:dc:ae:7c:
cd:b4:ae:a3:96:fe:b8:1b:74:f6:10:22:61:98:6a:86:c9:37:
d7:4c:10:62
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEOUK8XjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTZmOTI5NTUyMWRmMzBhMTU4ZjUwNmJhN2NiODczYWI5NTI5ZGMzMB4XDTIyMDEw
MTAzNTMwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRlZTI2MDM0NWNh
ZTlhYWJkZDYwNTRkMGVlNDNkZDVhZGFlMGYyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODwGWCk2+EBY4y4m5bdRX+OGjl3OAgeyJdhLQkYnox1Ym3j
xxx887m/JXDMB9PZs26i9i6my3o5DI0mHacqlooXUvjgEmgCXm/TO3LhCe092sXx
J2pVu3jDKd2gMJuKWlwXqfLsJxa8PdXNhvGxca+Qv/gLOfxZ3RArttkc6r/xGOUG
iwUUIDN9WAq6+4pGCfaaLqGp0KDYQa6YgUEF9dlECjyNsMJFRzKsHcosyfd5CEtF
xYBEkBG6DkspcIu+wDTaVT2AqsK4icChAceT0X/YKBtgGFcvL/qVEVS58Pwv007K
QYWU9NCenmbWG1nkh1qOlF07xnlIvN/1kfNQbycCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQU7iYDRcrpqr3WBU0O5D3Vra4PKTAfBgNVHSMEGDAWgBRab5KVUh3zChWP
UGuny4c6uVKdwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtLVNsVklkOHdvVmoxQnJwOHVIT3JsU25jTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8x
L0ZPNG1BMFhLNmFxOTFnVk5EdVE5MWEydUR5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8xL1dtLVNsVklkOHdv
VmoxQnJwOHVIT3JsU25jTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAlPUHAMEAlPU7AMEA8P74AMEAcP7
7DAPBAIAAjAJAwcAIAEGSCSgMA0GCSqGSIb3DQEBCwUAA4IBAQCi4Q49J/VH0lRB
6WOfMSxvycR2u5ECVSkCzxTO9apirV3lT5up1Np4nwUJyjs48RXLCd0YrwaZYQ+y
6EslOrWmrqQBLgSItR9hEdU9VHAI3KlTErSe0b6ag6g3zNk1J7s/WETpYohuHW0r
gog6Xk9fGMCuvdNRGokOzb20eVghxiacghaVyQVAwMebMB7J9MtUY/l8loY14ML5
3+5Xy6QIKPf7W4D+D/K+s6Xy/G4n0PTEe/tjvJA+Cg/Lbx0o/ef03OI5ISiamuZg
CBrBLhhR2E8EdJNmC2klM/+tmjMIMBEvdnSoq7ncrnzNtK6jlv64G3T2ECJhmGqG
yTfXTBBi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:04 2025 by rpki-client