Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/FThTyHESTo9o1cr_BoWLiSfwpNE.roa
File: FThTyHESTo9o1cr_BoWLiSfwpNE.roa (raw, json)
Hash identifier: aG9PPwzOCKz5pjjl6f9F2RZsLZ0Bvj9TA9NIYkPNBhA=
Subject key identifier: 15:38:53:C8:71:12:4E:8F:68:D5:CA:FF:06:85:8B:89:27:F0:A4:D1
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 018C9AEF39E26F572FE866B5A4D545217423
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/FThTyHESTo9o1cr_BoWLiSfwpNE.roa
Signing time: Sun 24 Dec 2023 08:26:58 +0000
ROA not before: Sun 24 Dec 2023 08:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205800
IP address blocks: 188.72.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9a:ef:39:e2:6f:57:2f:e8:66:b5:a4:d5:45:21:74:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Dec 24 08:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=153853c871124e8f68d5caff06858b8927f0a4d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:11:ae:39:af:20:1b:b2:81:d8:3e:57:66:2d:
d6:07:f3:73:0c:58:ed:d1:cc:f2:0f:ab:74:88:ee:
5c:a8:14:ea:27:6a:01:b4:88:40:6f:1c:af:6f:4a:
c3:ad:a6:dd:e3:48:f5:a3:cd:c2:64:85:e7:3c:bf:
61:61:62:11:2a:40:93:e5:fa:07:8f:c8:c0:ba:2c:
2b:27:82:45:e1:87:45:ac:5d:55:a4:df:83:49:ec:
9e:eb:4a:1e:9a:79:fa:da:5d:15:5f:c6:2c:23:5f:
85:29:e9:4c:46:04:a2:4d:2b:14:b4:00:96:97:7c:
08:9d:c4:42:23:1a:7e:9d:1b:b6:1f:9f:25:04:90:
5c:51:94:47:08:8b:60:84:b9:ba:fa:6c:2e:55:9a:
9a:74:44:49:37:20:5c:e6:d3:9d:1d:18:a5:84:eb:
c9:23:c1:c1:2b:e0:32:0a:4a:0f:29:50:00:c2:8b:
da:d2:f9:a2:59:66:a8:0a:79:50:0b:cb:d9:fb:78:
cb:64:ab:b1:ba:35:13:0e:ac:30:d9:ee:25:a0:4b:
b0:83:c8:45:b9:37:ca:ef:d6:c8:7f:d7:85:09:0d:
be:c9:ce:3e:d0:64:97:ae:c9:59:f7:10:48:2d:cc:
8a:e5:e1:ef:7f:b2:6f:47:17:11:25:b9:79:43:e9:
f8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:38:53:C8:71:12:4E:8F:68:D5:CA:FF:06:85:8B:89:27:F0:A4:D1
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/FThTyHESTo9o1cr_BoWLiSfwpNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.41.0/24
Signature Algorithm: sha256WithRSAEncryption
52:24:7e:fe:32:6e:a4:3a:1e:f9:95:eb:0d:f1:89:3b:06:c7:
82:32:75:f5:18:68:91:f0:7b:49:40:40:08:d3:0b:b3:0c:86:
9a:25:00:03:89:b1:d1:a2:35:c4:e2:a5:e6:05:d8:fa:56:66:
69:ff:94:74:46:cf:5a:df:dc:b2:be:48:aa:d0:0e:e3:63:b5:
59:7a:af:c1:fe:f1:10:af:ad:7c:dc:84:d6:6f:a8:02:04:16:
20:03:a6:8f:2c:7d:70:01:4b:97:56:92:4d:ea:2f:ff:77:56:
00:17:35:4b:7a:f8:68:8c:66:fb:f8:01:b9:84:19:34:ba:37:
f5:de:9a:25:14:44:70:3f:58:db:41:70:d1:85:21:61:23:24:
a1:5e:5a:18:62:45:70:50:c5:bf:70:c6:25:21:bb:65:38:8a:
26:98:64:7d:1f:ab:53:c6:fd:6b:31:54:4d:5d:b7:d0:73:b2:
f4:01:1d:0b:a5:fd:c0:1f:36:32:39:23:d2:31:0e:26:11:72:
27:b7:a5:25:8b:59:b4:20:c0:9b:6c:38:f0:f3:a3:9d:78:3d:
e8:ba:f4:bb:0a:d8:44:22:e5:40:2b:30:28:74:4c:21:d7:99:
8d:fa:69:07:7c:8e:aa:51:7d:e8:c0:f8:eb:6e:89:92:20:cb:
43:84:9c:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYya7znib1cv6Ga1pNVFIXQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjMxMjI0MDgyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTM4NTNjODcxMTI0ZThmNjhkNWNhZmYwNjg1OGI4OTI3ZjBhNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRGuOa8gG7KB2D5XZi3WB/NzDFjt
0czyD6t0iO5cqBTqJ2oBtIhAbxyvb0rDrabd40j1o83CZIXnPL9hYWIRKkCT5foH
j8jAuiwrJ4JF4YdFrF1VpN+DSeye60oemnn62l0VX8YsI1+FKelMRgSiTSsUtACW
l3wIncRCIxp+nRu2H58lBJBcUZRHCItghLm6+mwuVZqadERJNyBc5tOdHRilhOvJ
I8HBK+AyCkoPKVAAwova0vmiWWaoCnlQC8vZ+3jLZKuxujUTDqww2e4loEuwg8hF
uTfK79bIf9eFCQ2+yc4+0GSXrslZ9xBILcyK5eHvf7JvRxcRJbl5Q+n4ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBU4U8hxEk6PaNXK/waFi4kn8KTRMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvRlRoVHlIRVNUbzlvMWNyX0JvV0xpU2Z3cE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEgpMA0G
CSqGSIb3DQEBCwUAA4IBAQBSJH7+Mm6kOh75lesN8Yk7BseCMnX1GGiR8HtJQEAI
0wuzDIaaJQADibHRojXE4qXmBdj6VmZp/5R0Rs9a39yyvkiq0A7jY7VZeq/B/vEQ
r6183ITWb6gCBBYgA6aPLH1wAUuXVpJN6i//d1YAFzVLevhojGb7+AG5hBk0ujf1
3polFERwP1jbQXDRhSFhIyShXloYYkVwUMW/cMYlIbtlOIommGR9H6tTxv1rMVRN
XbfQc7L0AR0Lpf3AHzYyOSPSMQ4mEXInt6Uli1m0IMCbbDjw86OdeD3ouvS7CthE
IuVAKzAodEwh15mN+mkHfI6qUX3owPjrbomSIMtDhJxu
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:10:22 2025 by rpki-client