Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/F_xyspRLY_e1N3Bdq1G-AEVT9nE.roa
File: F_xyspRLY_e1N3Bdq1G-AEVT9nE.roa (raw, json)
Hash identifier: ol9gyvERGV1pCJ2b0yiFoMHCgV3pI2opb8M2pvUEj9k=
Subject key identifier: 17:FC:72:B2:94:4B:63:F7:B5:37:70:5D:AB:51:BE:00:45:53:F6:71
Certificate issuer: /CN=bd049ca42e1d82ce27b54bbfd017781d545a79b7
Certificate serial: 01892B399E89ED6C50508FCFFA3EDD21C9B8
Authority key identifier: BD:04:9C:A4:2E:1D:82:CE:27:B5:4B:BF:D0:17:78:1D:54:5A:79:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vQScpC4dgs4ntUu_0Bd4HVRaebc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/F_xyspRLY_e1N3Bdq1G-AEVT9nE.roa
Signing time: Thu 06 Jul 2023 12:42:23 +0000
ROA not before: Thu 06 Jul 2023 12:42:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203644
IP address blocks: 185.128.102.0/23 maxlen: 23
91.207.32.0/24 maxlen: 24
91.207.32.0/23 maxlen: 23
185.128.100.0/23 maxlen: 23
91.207.33.0/24 maxlen: 24
185.128.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2b:39:9e:89:ed:6c:50:50:8f:cf:fa:3e:dd:21:c9:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd049ca42e1d82ce27b54bbfd017781d545a79b7
Validity
Not Before: Jul 6 12:42:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17fc72b2944b63f7b537705dab51be004553f671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cd:40:03:67:1e:8c:9a:38:23:0d:23:04:76:
4b:c6:a6:4b:d6:e6:b7:26:78:ab:9b:ff:c3:e9:7e:
f2:1d:0c:57:72:5c:b9:b1:00:e8:7d:a1:b0:8f:4d:
60:5d:35:34:d9:c3:4c:1c:8a:e4:c0:1f:64:95:6b:
74:0b:18:23:52:a7:de:84:21:dc:fe:e2:bd:7b:e5:
58:19:44:87:60:49:c7:10:72:05:e5:3d:02:a6:9b:
45:b6:c6:ae:bf:1e:61:db:95:23:3d:76:f2:3d:f7:
a1:12:5e:d6:d8:32:12:0a:50:8f:61:ae:b2:8d:a2:
47:7f:1d:fd:7f:de:00:18:0d:8a:6f:ea:0d:ba:6c:
21:cf:3d:df:91:73:08:1e:d9:c0:14:b7:5e:f7:60:
de:ca:a6:cb:67:24:6a:98:c8:e8:64:8c:4e:e2:3e:
6c:3e:26:e8:55:60:85:dc:eb:36:68:e9:99:ce:d1:
bf:4f:08:09:7e:9a:73:94:28:89:e7:06:57:82:25:
25:dc:d6:d3:1e:8b:fa:4c:eb:de:02:fe:c5:a1:7e:
44:bc:2b:1e:d8:e2:97:39:2a:52:d4:31:89:ef:b9:
2f:2b:b6:75:ab:74:83:62:d0:6e:78:36:7b:bb:56:
25:42:70:f6:6d:a1:3f:be:b0:d1:c5:4c:be:a8:d0:
b9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FC:72:B2:94:4B:63:F7:B5:37:70:5D:AB:51:BE:00:45:53:F6:71
X509v3 Authority Key Identifier:
keyid:BD:04:9C:A4:2E:1D:82:CE:27:B5:4B:BF:D0:17:78:1D:54:5A:79:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vQScpC4dgs4ntUu_0Bd4HVRaebc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/F_xyspRLY_e1N3Bdq1G-AEVT9nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/vQScpC4dgs4ntUu_0Bd4HVRaebc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.32.0/23
185.128.100.0/22
Signature Algorithm: sha256WithRSAEncryption
01:ad:7e:cb:91:32:68:62:20:32:09:50:85:f6:43:d2:6c:29:
24:99:d7:b2:e3:49:1a:3f:4b:5c:d5:61:f2:d4:4d:e7:41:2f:
0b:fc:ca:ae:97:73:57:88:67:f3:3b:e8:f1:41:1e:56:7c:a1:
ff:6c:b5:a7:d3:9d:ec:39:e7:df:7b:db:d8:53:98:22:50:50:
52:35:f1:b2:b8:93:cb:ab:ea:f7:ec:39:a1:94:a0:a7:b9:61:
e2:28:f1:f5:be:ed:e6:0d:8f:0a:88:c3:86:3d:da:42:25:ee:
91:a2:ab:03:52:4e:d4:0d:90:ff:86:bd:c8:e1:ff:36:39:4c:
27:e2:51:ea:1a:f8:21:22:a4:60:ff:06:86:d1:76:3e:ae:e9:
e9:f3:0e:b1:8f:89:3c:83:77:72:02:73:b2:33:5b:d7:59:fa:
af:fc:c1:0e:e6:e1:14:a3:8c:51:6b:c3:17:f9:0c:f7:d2:45:
b9:77:86:f0:96:02:47:0e:5a:4f:7a:77:fb:c2:f0:4d:6a:44:
4a:08:a4:ce:4a:85:3a:d3:40:59:59:48:2e:f2:da:42:d7:3f:
e9:db:d8:f0:74:0f:46:f5:7d:7e:fc:9c:1c:b2:1b:f6:3b:05:
13:97:5a:be:0c:04:0c:98:5b:b0:b6:03:ea:d3:cb:81:00:3c:
e0:8f:5b:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkrOZ6J7WxQUI/P+j7dIcm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMDQ5Y2E0MmUxZDgyY2UyN2I1NGJiZmQwMTc3ODFkNTQ1
YTc5YjcwHhcNMjMwNzA2MTI0MjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2ZjNzJiMjk0NGI2M2Y3YjUzNzcwNWRhYjUxYmUwMDQ1NTNmNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt81AA2cejJo4Iw0jBHZLxqZL1ua3
Jnirm//D6X7yHQxXcly5sQDofaGwj01gXTU02cNMHIrkwB9klWt0CxgjUqfehCHc
/uK9e+VYGUSHYEnHEHIF5T0CpptFtsauvx5h25UjPXbyPfehEl7W2DISClCPYa6y
jaJHfx39f94AGA2Kb+oNumwhzz3fkXMIHtnAFLde92DeyqbLZyRqmMjoZIxO4j5s
PiboVWCF3Os2aOmZztG/TwgJfppzlCiJ5wZXgiUl3NbTHov6TOveAv7FoX5EvCse
2OKXOSpS1DGJ77kvK7Z1q3SDYtBueDZ7u1YlQnD2baE/vrDRxUy+qNC5XwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBf8crKUS2P3tTdwXatRvgBFU/ZxMB8GA1UdIwQY
MBaAFL0EnKQuHYLOJ7VLv9AXeB1UWnm3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlFTY3BDNGRnczRudFV1XzBCZDRIVlJhZWJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNDgyMGYtZTgxNS00NGYzLWFmNjUt
MWFhMDM0YTJhZjljLzEvRl94eXNwUkxZX2UxTjNCZHExRy1BRVZUOW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNDgyMGYtZTgxNS00NGYzLWFmNjUtMWFhMDM0YTJhZjlj
LzEvdlFTY3BDNGRnczRudFV1XzBCZDRIVlJhZWJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW88gAwQC
uYBkMA0GCSqGSIb3DQEBCwUAA4IBAQABrX7LkTJoYiAyCVCF9kPSbCkkmdey40ka
P0tc1WHy1E3nQS8L/Mqul3NXiGfzO+jxQR5WfKH/bLWn053sOeffe9vYU5giUFBS
NfGyuJPLq+r37DmhlKCnuWHiKPH1vu3mDY8KiMOGPdpCJe6RoqsDUk7UDZD/hr3I
4f82OUwn4lHqGvghIqRg/waG0XY+runp8w6xj4k8g3dyAnOyM1vXWfqv/MEO5uEU
o4xRa8MX+Qz30kW5d4bwlgJHDlpPenf7wvBNakRKCKTOSoU600BZWUgu8tpC1z/p
29jwdA9G9X1+/Jwcshv2OwUTl1q+DAQMmFuwtgPq08uBADzgj1vz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:20 2025 by rpki-client