Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/FzM8drpBoypdGnuD0FFVAc96KwE.roa
File: FzM8drpBoypdGnuD0FFVAc96KwE.roa (raw, json)
Hash identifier: PW00fjCvcI67cIpLHfl0wKcvv/SgpBie1qOFTgCPy98=
Subject key identifier: 17:33:3C:76:BA:41:A3:2A:5D:1A:7B:83:D0:51:55:01:CF:7A:2B:01
Certificate issuer: /CN=a634878281144a46a856003d622f6141ea4e006f
Certificate serial: 01865AE6CF736C5A501368AAE41AC76046FD
Authority key identifier: A6:34:87:82:81:14:4A:46:A8:56:00:3D:62:2F:61:41:EA:4E:00:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjSHgoEUSkaoVgA9Yi9hQepOAG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/FzM8drpBoypdGnuD0FFVAc96KwE.roa
Signing time: Thu 16 Feb 2023 15:45:21 +0000
ROA not before: Thu 16 Feb 2023 15:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44381
IP address blocks: 217.144.64.0/20 maxlen: 20
92.62.32.0/20 maxlen: 20
45.154.233.0/24 maxlen: 24
45.154.232.0/24 maxlen: 24
45.154.235.0/24 maxlen: 24
95.141.64.0/20 maxlen: 20
2a02:2c8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5a:e6:cf:73:6c:5a:50:13:68:aa:e4:1a:c7:60:46:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a634878281144a46a856003d622f6141ea4e006f
Validity
Not Before: Feb 16 15:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17333c76ba41a32a5d1a7b83d0515501cf7a2b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3a:e6:50:36:86:f9:83:fc:7b:e6:c6:ef:55:
d5:e0:98:97:9d:92:1a:3a:db:47:4f:d3:ba:2f:06:
68:17:32:c4:75:c5:99:7a:a1:4e:8d:10:a5:42:38:
ec:b2:ac:e1:3b:a6:4c:7c:21:33:36:13:48:e5:de:
e8:96:90:3b:59:4f:b1:39:c1:70:10:da:01:e5:ac:
fe:3d:34:fc:e2:52:14:46:c5:f1:86:dd:cf:6f:7b:
d8:2e:c5:2c:47:8a:55:a4:18:17:5c:6b:d2:a2:de:
a0:da:aa:d5:80:ec:01:12:16:c6:ba:bf:19:3d:52:
4d:b5:8c:a0:54:c5:74:db:a2:99:0d:f8:21:ed:5e:
40:d7:a5:d7:a9:2a:6c:7d:b0:b7:f4:4d:9c:35:09:
75:14:ea:bf:38:8d:44:7a:1d:d9:8b:d6:70:42:8d:
7f:01:c0:65:97:ad:cf:de:c3:6e:23:32:0e:94:db:
73:fa:23:61:a5:5d:07:0a:a4:17:78:76:0f:67:26:
d6:c9:fb:75:c7:c4:c7:4c:7d:85:59:4e:ec:1e:31:
8d:5b:41:54:a8:01:73:01:97:ba:f5:e2:7d:5f:0d:
81:60:f1:86:59:67:71:01:82:1c:3a:cb:1b:8f:31:
3e:c1:db:bd:7f:a3:c9:34:17:28:57:31:5e:ec:a6:
63:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:33:3C:76:BA:41:A3:2A:5D:1A:7B:83:D0:51:55:01:CF:7A:2B:01
X509v3 Authority Key Identifier:
keyid:A6:34:87:82:81:14:4A:46:A8:56:00:3D:62:2F:61:41:EA:4E:00:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjSHgoEUSkaoVgA9Yi9hQepOAG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/FzM8drpBoypdGnuD0FFVAc96KwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/pjSHgoEUSkaoVgA9Yi9hQepOAG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.232.0/23
45.154.235.0/24
92.62.32.0/20
95.141.64.0/20
217.144.64.0/20
IPv6:
2a02:2c8::/32
Signature Algorithm: sha256WithRSAEncryption
2a:60:9a:cd:45:79:64:2f:ed:65:1e:d6:89:de:b4:1f:f3:9c:
54:14:1a:14:9c:fe:81:c6:f9:95:6b:f7:fd:11:df:65:f6:51:
ef:c3:86:79:21:9e:00:b9:4c:e6:51:38:d4:1a:e9:b4:7f:6f:
d2:e1:5a:71:38:47:10:ff:e5:24:4d:01:6b:22:20:2a:89:9b:
f1:cf:d8:29:2b:ac:9f:f7:2d:5b:f7:ec:2a:82:66:fc:89:83:
d4:3a:ab:d6:d7:9d:45:51:2e:9a:3a:a8:a4:d2:d3:4e:9e:02:
1c:02:ee:5b:92:1c:c7:f8:75:9d:fa:76:7e:60:27:b1:aa:f3:
c5:0e:b6:3c:57:86:74:6d:0a:70:64:97:76:95:c4:d4:be:6b:
64:6c:fd:29:0d:24:48:be:68:f9:1b:f0:53:ee:95:3f:b1:f4:
e2:8f:5d:40:0a:15:83:b6:d8:8d:3b:e1:b8:09:e4:7e:54:df:
c5:3b:42:13:ac:e1:cf:a8:8a:9c:ba:ba:5c:29:ad:8d:80:f3:
a8:8c:71:bd:3f:8e:ce:25:e8:2a:85:84:d0:55:1b:fb:4b:b3:
94:1f:28:ad:94:04:d5:2c:e8:ba:bd:b0:a0:ca:08:f3:4f:3f:
cb:7c:b4:a8:54:b6:9c:30:6d:8f:07:af:36:e5:94:41:68:1b:
50:fa:63:23
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYZa5s9zbFpQE2iq5BrHYEb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MzQ4NzgyODExNDRhNDZhODU2MDAzZDYyMmY2MTQxZWE0
ZTAwNmYwHhcNMjMwMjE2MTU0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzMzM2M3NmJhNDFhMzJhNWQxYTdiODNkMDUxNTUwMWNmN2EyYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTrmUDaG+YP8e+bG71XV4JiXnZIa
OttHT9O6LwZoFzLEdcWZeqFOjRClQjjssqzhO6ZMfCEzNhNI5d7olpA7WU+xOcFw
ENoB5az+PTT84lIURsXxht3Pb3vYLsUsR4pVpBgXXGvSot6g2qrVgOwBEhbGur8Z
PVJNtYygVMV026KZDfgh7V5A16XXqSpsfbC39E2cNQl1FOq/OI1Eeh3Zi9ZwQo1/
AcBll63P3sNuIzIOlNtz+iNhpV0HCqQXeHYPZybWyft1x8THTH2FWU7sHjGNW0FU
qAFzAZe69eJ9Xw2BYPGGWWdxAYIcOssbjzE+wdu9f6PJNBcoVzFe7KZjrQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBczPHa6QaMqXRp7g9BRVQHPeisBMB8GA1UdIwQY
MBaAFKY0h4KBFEpGqFYAPWIvYUHqTgBvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGpTSGdvRVVTa2FvVmdBOVlpOWhRZXBPQUc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jMzQ1ZjMtYjUzYS00MWJmLTk5NmIt
MzRiOGQ5ZGU5NmNhLzEvRnpNOGRycEJveXBkR251RDBGRlZBYzk2S3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jMzQ1ZjMtYjUzYS00MWJmLTk5NmItMzRiOGQ5ZGU5NmNh
LzEvcGpTSGdvRVVTa2FvVmdBOVlpOWhRZXBPQUc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBLZroAwQA
LZrrAwQEXD4gAwQEX41AAwQE2ZBAMA0EAgACMAcDBQAqAgLIMA0GCSqGSIb3DQEB
CwUAA4IBAQAqYJrNRXlkL+1lHtaJ3rQf85xUFBoUnP6BxvmVa/f9Ed9l9lHvw4Z5
IZ4AuUzmUTjUGum0f2/S4VpxOEcQ/+UkTQFrIiAqiZvxz9gpK6yf9y1b9+wqgmb8
iYPUOqvW151FUS6aOqik0tNOngIcAu5bkhzH+HWd+nZ+YCexqvPFDrY8V4Z0bQpw
ZJd2lcTUvmtkbP0pDSRIvmj5G/BT7pU/sfTij11AChWDttiNO+G4CeR+VN/FO0IT
rOHPqIqcurpcKa2NgPOojHG9P47OJegqhYTQVRv7S7OUHyitlATVLOi6vbCgygjz
Tz/LfLSoVLacMG2PB6825ZRBaBtQ+mMj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:01 2025 by rpki-client