Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/778ce0-2cc2-490b-a6e2-6020e8a56556/1/foPB-O7N5XykGD6pP6pHJI3fktM.roa
File: foPB-O7N5XykGD6pP6pHJI3fktM.roa (raw, json)
Hash identifier: j2+QIeoARWN0qho4/37MIWVeju7++54KC2Y6qgA+zJ0=
Subject key identifier: 7E:83:C1:F8:EE:CD:E5:7C:A4:18:3E:A9:3F:AA:47:24:8D:DF:92:D3
Certificate issuer: /CN=8dac679b480a78ead797f2e0b7779e58f2271f24
Certificate serial: 018571D7A615E67C8C7D4082F9F16B12A683
Authority key identifier: 8D:AC:67:9B:48:0A:78:EA:D7:97:F2:E0:B7:77:9E:58:F2:27:1F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaxnm0gKeOrXl_Lgt3eeWPInHyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/778ce0-2cc2-490b-a6e2-6020e8a56556/1/foPB-O7N5XykGD6pP6pHJI3fktM.roa
Signing time: Mon 02 Jan 2023 09:37:16 +0000
ROA not before: Mon 02 Jan 2023 09:37:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31549
IP address blocks: 185.110.245.0/24 maxlen: 24
185.110.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:a6:15:e6:7c:8c:7d:40:82:f9:f1:6b:12:a6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dac679b480a78ead797f2e0b7779e58f2271f24
Validity
Not Before: Jan 2 09:37:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e83c1f8eecde57ca4183ea93faa47248ddf92d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:88:ea:5c:55:ff:11:91:9b:74:8c:c1:4c:
4a:60:a7:96:cb:a3:2f:35:d4:0f:71:ba:cf:28:49:
bc:4b:ae:8b:04:4f:98:b7:37:c5:bc:19:87:3c:13:
c0:21:4d:cb:4f:56:75:03:90:71:db:5f:55:42:d8:
3b:f4:56:9b:1e:77:eb:00:23:3f:e8:12:91:5f:c6:
4f:ca:d7:ea:a4:6f:af:eb:1c:7c:69:39:70:db:80:
66:70:73:ba:28:39:8c:fc:03:8e:54:b8:89:37:ed:
67:e8:9a:06:d7:81:1c:ce:59:42:3c:25:7b:24:09:
a2:33:1f:33:5b:2b:28:bf:16:27:de:10:ec:90:c6:
46:0c:8f:54:de:8f:ba:dc:6d:bf:94:ee:72:4c:0a:
c6:a8:c2:7c:30:1a:f8:5d:40:30:53:4b:77:47:6d:
75:88:c1:e1:db:44:2d:2d:1e:eb:e3:c2:cd:f3:9a:
c3:54:da:6b:cc:df:76:62:8d:c1:8b:20:72:57:76:
71:f0:a4:e1:13:ae:0a:c0:bb:13:f7:49:2b:b3:15:
24:72:b4:56:9c:73:6a:05:42:f8:b7:22:79:5a:6e:
ce:ce:26:31:c8:41:5d:9f:cd:e4:4a:b4:c0:46:b5:
af:81:b3:9d:80:7f:36:10:06:37:77:aa:5e:20:be:
b2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:83:C1:F8:EE:CD:E5:7C:A4:18:3E:A9:3F:AA:47:24:8D:DF:92:D3
X509v3 Authority Key Identifier:
keyid:8D:AC:67:9B:48:0A:78:EA:D7:97:F2:E0:B7:77:9E:58:F2:27:1F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaxnm0gKeOrXl_Lgt3eeWPInHyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/778ce0-2cc2-490b-a6e2-6020e8a56556/1/foPB-O7N5XykGD6pP6pHJI3fktM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/778ce0-2cc2-490b-a6e2-6020e8a56556/1/jaxnm0gKeOrXl_Lgt3eeWPInHyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.244.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:30:18:4d:3f:3a:a2:8c:3c:85:ba:3a:6a:cc:96:4f:08:be:
3b:d2:5d:6b:db:3c:8b:8d:12:77:14:00:76:c8:1f:34:fb:43:
71:c0:de:da:57:64:23:c0:25:1c:7f:55:a9:1a:80:01:fb:84:
11:7f:8e:c3:5e:50:ab:83:54:1a:a9:40:3b:3b:20:6c:d7:11:
f5:a7:f0:cd:0b:cf:18:1e:05:d7:b4:7b:b5:40:f6:ce:d5:db:
18:fb:a0:6d:f7:e7:2e:29:4b:42:86:ef:16:f9:bb:7c:50:29:
4c:2b:b8:59:db:a8:64:80:a2:ed:28:34:42:93:ae:a4:92:f6:
9e:8f:66:74:ba:35:81:b7:71:e9:da:0a:93:ec:5b:83:15:c2:
ad:b0:bc:d9:f3:1e:63:52:dc:9e:e8:da:98:b6:89:21:66:3a:
b6:48:d0:06:39:d8:8e:8d:6d:5c:f0:7e:a5:24:44:a6:0e:7d:
63:f3:ea:ac:bc:78:f1:98:42:7e:a1:2a:fd:5a:15:22:08:51:
c3:ee:b3:b9:74:2e:33:cd:d2:fb:45:d3:2b:1e:fd:4c:48:4b:
b3:d9:af:5e:d9:00:b6:27:f8:53:02:13:25:02:7e:70:a5:69:
25:ae:f8:a7:6c:15:67:69:20:dd:dd:9b:a6:a2:94:6f:2b:42:
cc:ae:d0:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx16YV5nyMfUCC+fFrEqaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYWM2NzliNDgwYTc4ZWFkNzk3ZjJlMGI3Nzc5ZTU4ZjIy
NzFmMjQwHhcNMjMwMTAyMDkzNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTgzYzFmOGVlY2RlNTdjYTQxODNlYTkzZmFhNDcyNDhkZGY5MmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+aI6lxV/xGRm3SMwUxKYKeWy6Mv
NdQPcbrPKEm8S66LBE+YtzfFvBmHPBPAIU3LT1Z1A5Bx219VQtg79FabHnfrACM/
6BKRX8ZPytfqpG+v6xx8aTlw24BmcHO6KDmM/AOOVLiJN+1n6JoG14EczllCPCV7
JAmiMx8zWysovxYn3hDskMZGDI9U3o+63G2/lO5yTArGqMJ8MBr4XUAwU0t3R211
iMHh20QtLR7r48LN85rDVNprzN92Yo3BiyByV3Zx8KThE64KwLsT90krsxUkcrRW
nHNqBUL4tyJ5Wm7OziYxyEFdn83kSrTARrWvgbOdgH82EAY3d6peIL6yiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH6DwfjuzeV8pBg+qT+qRySN35LTMB8GA1UdIwQY
MBaAFI2sZ5tICnjq15fy4Ld3nljyJx8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamF4bm0wZ0tlT3JYbF9MZ3QzZWVXUEluSHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83NzhjZTAtMmNjMi00OTBiLWE2ZTIt
NjAyMGU4YTU2NTU2LzEvZm9QQi1PN041WHlrR0Q2cFA2cEhKSTNma3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83NzhjZTAtMmNjMi00OTBiLWE2ZTItNjAyMGU4YTU2NTU2
LzEvamF4bm0wZ0tlT3JYbF9MZ3QzZWVXUEluSHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuW70MA0G
CSqGSIb3DQEBCwUAA4IBAQDCMBhNPzqijDyFujpqzJZPCL470l1r2zyLjRJ3FAB2
yB80+0NxwN7aV2QjwCUcf1WpGoAB+4QRf47DXlCrg1QaqUA7OyBs1xH1p/DNC88Y
HgXXtHu1QPbO1dsY+6Bt9+cuKUtChu8W+bt8UClMK7hZ26hkgKLtKDRCk66kkvae
j2Z0ujWBt3Hp2gqT7FuDFcKtsLzZ8x5jUtye6NqYtokhZjq2SNAGOdiOjW1c8H6l
JESmDn1j8+qsvHjxmEJ+oSr9WhUiCFHD7rO5dC4zzdL7RdMrHv1MSEuz2a9e2QC2
J/hTAhMlAn5wpWklrvinbBVnaSDd3ZumopRvK0LMrtB8
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:01:30 2025 by rpki-client