Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fRDY-suqk_icIDIXaFfb1Y3iZaA.roa
File: fRDY-suqk_icIDIXaFfb1Y3iZaA.roa (raw, json)
Hash identifier: 5thgupLYwMSqwqqTjpWYcAynFeIDh95yX3Jh45HOFYA=
Subject key identifier: 7D:10:D8:FA:CB:AA:93:F8:9C:20:32:17:68:57:DB:D5:8D:E2:65:A0
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0184C8313CCDA4A18D47E85ECAF37F8F18BA
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fRDY-suqk_icIDIXaFfb1Y3iZaA.roa
Signing time: Wed 30 Nov 2022 10:59:40 +0000
ROA not before: Wed 30 Nov 2022 10:59:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208046
IP address blocks: 46.23.110.0/24 maxlen: 24
109.205.211.0/24 maxlen: 24
109.205.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:31:3c:cd:a4:a1:8d:47:e8:5e:ca:f3:7f:8f:18:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 30 10:59:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d10d8facbaa93f89c2032176857dbd58de265a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b7:9b:07:c7:32:85:07:7b:b9:24:f2:45:4f:
1c:cf:98:55:86:16:1c:2c:b0:c8:e0:b4:96:4d:61:
3f:a5:1f:2c:c2:8d:0c:96:39:30:2c:db:ca:0a:96:
de:03:d3:93:57:85:ac:85:44:d2:52:ab:e8:59:79:
8e:42:f1:ec:46:37:79:88:d6:39:89:92:2c:0d:60:
7b:5c:76:ef:f1:76:17:c1:74:f8:f3:49:9b:4e:4b:
e9:b9:11:0e:21:67:00:26:a4:49:55:e7:18:e7:f1:
91:32:fd:b2:10:bd:e6:0f:a8:5f:38:7e:a9:aa:04:
2c:bb:8f:e6:49:55:05:6d:c1:88:69:56:3c:7e:24:
9c:96:b6:f8:f3:ce:86:54:57:0a:bf:51:6c:b0:b5:
d2:72:f1:de:a9:87:04:1d:b9:76:02:0a:ca:c3:80:
8f:45:21:06:7d:52:e2:1c:e4:e2:02:75:fa:c2:88:
c6:95:8d:a5:e3:18:16:5e:75:24:4c:7b:48:f4:d5:
35:c4:ba:5d:cd:5c:ae:91:21:45:a6:af:45:6c:1a:
f2:26:5a:8c:db:5f:1f:65:a5:db:d6:80:5e:5b:dc:
7d:d1:5a:50:70:b6:b2:57:73:5e:f8:f7:5f:1d:b8:
51:7b:a1:d8:70:f1:e0:0c:29:6d:99:23:12:bd:4a:
0a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:10:D8:FA:CB:AA:93:F8:9C:20:32:17:68:57:DB:D5:8D:E2:65:A0
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fRDY-suqk_icIDIXaFfb1Y3iZaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.110.0/24
109.205.211.0/24
109.205.214.0/24
Signature Algorithm: sha256WithRSAEncryption
23:27:06:42:c0:40:ed:6c:be:90:41:d9:e9:6d:11:6b:82:10:
81:f3:2b:93:47:f4:06:a1:7d:2e:ef:de:b4:0a:ba:6f:9c:22:
2b:14:af:7c:98:dc:cb:8e:4d:b6:1f:59:95:22:f9:35:dc:a4:
9b:45:cc:d4:15:f6:b3:03:9a:6f:93:53:e1:82:38:ce:f9:21:
25:0e:c5:af:8e:68:11:aa:b9:5a:b0:2a:f4:db:57:2a:7e:ec:
76:56:10:0a:3f:22:83:66:bb:26:52:78:7a:c7:19:27:bc:9a:
64:0c:96:7c:06:ac:d2:0a:30:52:41:b4:ef:1d:04:da:2d:99:
ef:fe:fb:d4:ca:c4:2b:0d:66:54:7d:29:b2:a9:17:1b:0d:39:
d8:ea:66:33:1c:e8:d8:7c:4d:b1:07:d5:2f:51:6e:3c:33:8e:
c8:d0:1a:2b:7c:ed:09:8b:6a:6a:55:10:42:5c:89:fc:88:9e:
6b:69:b8:12:64:4f:17:a9:8f:04:d5:5e:a8:75:47:ba:98:87:
74:ca:0b:a6:cd:13:a7:7c:7e:31:de:e0:f4:d7:69:83:bf:aa:
3a:21:94:9a:60:e0:4e:91:32:4f:58:ab:95:56:95:91:d0:50:
8f:93:6d:e4:38:0a:e5:6b:38:75:15:f9:ef:b3:d5:a3:31:e4:
b6:dc:78:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTIMTzNpKGNR+heyvN/jxi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTMwMTA1OTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDEwZDhmYWNiYWE5M2Y4OWMyMDMyMTc2ODU3ZGJkNThkZTI2NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrebB8cyhQd7uSTyRU8cz5hVhhYc
LLDI4LSWTWE/pR8swo0MljkwLNvKCpbeA9OTV4WshUTSUqvoWXmOQvHsRjd5iNY5
iZIsDWB7XHbv8XYXwXT480mbTkvpuREOIWcAJqRJVecY5/GRMv2yEL3mD6hfOH6p
qgQsu4/mSVUFbcGIaVY8fiSclrb4886GVFcKv1FssLXScvHeqYcEHbl2AgrKw4CP
RSEGfVLiHOTiAnX6wojGlY2l4xgWXnUkTHtI9NU1xLpdzVyukSFFpq9FbBryJlqM
218fZaXb1oBeW9x90VpQcLayV3Ne+PdfHbhRe6HYcPHgDCltmSMSvUoK2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH0Q2PrLqpP4nCAyF2hX29WN4mWgMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvZlJEWS1zdXFrX2ljSURJWGFGZmIxWTNpWmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALhduAwQA
bc3TAwQAbc3WMA0GCSqGSIb3DQEBCwUAA4IBAQAjJwZCwEDtbL6QQdnpbRFrghCB
8yuTR/QGoX0u7960CrpvnCIrFK98mNzLjk22H1mVIvk13KSbRczUFfazA5pvk1Ph
gjjO+SElDsWvjmgRqrlasCr021cqfux2VhAKPyKDZrsmUnh6xxknvJpkDJZ8BqzS
CjBSQbTvHQTaLZnv/vvUysQrDWZUfSmyqRcbDTnY6mYzHOjYfE2xB9UvUW48M47I
0BorfO0Ji2pqVRBCXIn8iJ5rabgSZE8XqY8E1V6odUe6mId0ygumzROnfH4x3uD0
12mDv6o6IZSaYOBOkTJPWKuVVpWR0FCPk23kOArlazh1Ffnvs9WjMeS23Hi/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:45 2025 by rpki-client