Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/_FTxQMeo-3tplN4W4XZQyZ9f80I.roa
File: _FTxQMeo-3tplN4W4XZQyZ9f80I.roa (raw, json)
Hash identifier: pKPxY09Ftq2H1dFGOUW2Sz3vKTlBGE6yp3hFw1fHyWo=
Subject key identifier: FC:54:F1:40:C7:A8:FB:7B:69:94:DE:16:E1:76:50:C9:9F:5F:F3:42
Certificate issuer: /CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Certificate serial: 01857227F218B36B5991C4934D7F86C38F31
Authority key identifier: 5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/_FTxQMeo-3tplN4W4XZQyZ9f80I.roa
Signing time: Mon 02 Jan 2023 11:04:58 +0000
ROA not before: Mon 02 Jan 2023 11:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8820
IP address blocks: 46.41.14.0/24 maxlen: 24
188.246.17.0/24 maxlen: 24
188.246.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:f2:18:b3:6b:59:91:c4:93:4d:7f:86:c3:8f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Validity
Not Before: Jan 2 11:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc54f140c7a8fb7b6994de16e17650c99f5ff342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a7:f6:70:0a:5d:85:c8:04:da:4b:7b:10:42:
a0:15:8f:7e:84:29:56:d8:c2:63:76:3a:a3:11:1e:
f9:8c:42:90:dd:0f:32:c2:ca:7f:63:5c:61:94:42:
56:c9:5d:42:bd:9c:a8:cc:ad:be:15:ee:f4:d6:77:
85:71:f7:09:da:39:c3:ca:df:ed:57:74:4f:e1:f0:
9b:47:39:06:db:82:d3:98:68:2c:3c:b8:bf:a9:18:
e6:33:9c:50:21:82:9d:dc:d8:92:0a:6d:7f:71:7f:
3e:a4:ed:03:7f:cc:39:b5:97:39:cd:69:e1:3f:21:
45:4f:4b:31:5e:e6:6f:61:cd:24:62:85:b9:1b:1f:
8f:23:86:bd:2c:28:58:d8:6e:0e:cb:76:d2:bb:f3:
56:31:d5:73:53:cc:b0:9b:c3:91:77:fb:0d:39:a4:
60:a0:28:cf:a6:07:e9:b0:b3:cc:a3:60:8e:9e:fd:
d8:8e:4e:5c:ae:ad:78:2d:81:8e:ce:24:1f:ea:d9:
84:86:e2:12:eb:09:c5:b2:b3:9b:2a:45:a0:9f:68:
92:41:04:f5:2a:7a:c4:88:31:7b:3a:5c:8b:59:83:
64:91:f7:e2:01:82:a2:2c:07:e5:0d:4f:06:51:04:
56:44:1f:81:8c:e1:88:54:42:5b:2d:b7:fb:9b:40:
a5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:54:F1:40:C7:A8:FB:7B:69:94:DE:16:E1:76:50:C9:9F:5F:F3:42
X509v3 Authority Key Identifier:
keyid:5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/_FTxQMeo-3tplN4W4XZQyZ9f80I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.14.0/24
188.246.17.0/24
188.246.23.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:b4:b3:09:67:07:e5:07:4d:49:99:0c:bd:c2:a9:41:8d:00:
c7:51:8d:2f:e0:ca:22:78:21:c9:1f:18:7d:0b:11:9b:64:ee:
0d:5a:63:53:79:03:9c:c1:30:c8:ab:66:fd:49:a5:59:f9:b7:
d7:33:9f:27:57:6a:b6:1a:a0:65:db:6c:43:27:a9:07:85:cf:
3d:62:2e:94:fc:73:46:0c:41:cb:0d:db:cf:bf:ae:c8:a4:07:
3a:80:56:4c:3d:a8:5d:e3:dd:fe:58:5f:f3:d0:57:02:94:43:
6b:b0:e8:be:fc:08:46:ef:6f:ba:5a:8f:b4:6a:2e:b7:65:11:
85:79:82:21:c2:98:4e:3b:32:81:17:b8:06:63:bf:9a:fc:15:
ef:d6:eb:50:a0:6b:42:b7:45:65:8a:a4:75:e5:64:65:12:c5:
d8:7f:bc:82:a7:9f:c0:e3:8c:1c:07:57:d1:b1:69:8c:0f:d0:
bd:74:df:97:b0:b8:64:ab:2d:fe:78:db:64:84:8d:32:22:de:
e2:7a:4f:96:e0:66:52:80:3f:0e:f7:f6:68:68:df:03:f6:a3:
f5:b4:09:dd:2f:1a:d6:03:ae:fe:3e:ea:85:86:f0:36:09:23:
96:b3:68:76:57:62:21:1f:3c:e0:b4:d0:d2:fd:f2:97:42:d3:
54:80:11:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyJ/IYs2tZkcSTTX+Gw48xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZWRkNmIwZTM2ZjRiZDhmMWQ1N2UyNmNjMWMyZDE4YzY5
OTNjMDQwHhcNMjMwMTAyMTEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzU0ZjE0MGM3YThmYjdiNjk5NGRlMTZlMTc2NTBjOTlmNWZmMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqf2cApdhcgE2kt7EEKgFY9+hClW
2MJjdjqjER75jEKQ3Q8ywsp/Y1xhlEJWyV1CvZyozK2+Fe701neFcfcJ2jnDyt/t
V3RP4fCbRzkG24LTmGgsPLi/qRjmM5xQIYKd3NiSCm1/cX8+pO0Df8w5tZc5zWnh
PyFFT0sxXuZvYc0kYoW5Gx+PI4a9LChY2G4Oy3bSu/NWMdVzU8ywm8ORd/sNOaRg
oCjPpgfpsLPMo2COnv3Yjk5crq14LYGOziQf6tmEhuIS6wnFsrObKkWgn2iSQQT1
KnrEiDF7OlyLWYNkkffiAYKiLAflDU8GUQRWRB+BjOGIVEJbLbf7m0CltQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPxU8UDHqPt7aZTeFuF2UMmfX/NCMB8GA1UdIwQY
MBaAFF3t1rDjb0vY8dV+JswcLRjGmTwEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODkt
YzY5ODcxZjVkMzA1LzEvX0ZUeFFNZW8tM3RwbE40VzRYWlF5WjlmODBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODktYzY5ODcxZjVkMzA1
LzEvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALikOAwQA
vPYRAwQAvPYXMA0GCSqGSIb3DQEBCwUAA4IBAQCgtLMJZwflB01JmQy9wqlBjQDH
UY0v4MoieCHJHxh9CxGbZO4NWmNTeQOcwTDIq2b9SaVZ+bfXM58nV2q2GqBl22xD
J6kHhc89Yi6U/HNGDEHLDdvPv67IpAc6gFZMPahd493+WF/z0FcClENrsOi+/AhG
72+6Wo+0ai63ZRGFeYIhwphOOzKBF7gGY7+a/BXv1utQoGtCt0VliqR15WRlEsXY
f7yCp5/A44wcB1fRsWmMD9C9dN+XsLhkqy3+eNtkhI0yIt7iek+W4GZSgD8O9/Zo
aN8D9qP1tAndLxrWA67+PuqFhvA2CSOWs2h2V2IhHzzgtNDS/fKXQtNUgBEg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:55 2025 by rpki-client