Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/flSz5BC_aKgm0Ho7Md5JqngA1LE.roa
File: flSz5BC_aKgm0Ho7Md5JqngA1LE.roa (raw, json)
Hash identifier: VxEHoL+Ov1VuV75N+7ShufO5fcvdeqQqQoqz7vZ8Zow=
Subject key identifier: 7E:54:B3:E4:10:BF:68:A8:26:D0:7A:3B:31:DE:49:AA:78:00:D4:B1
Certificate issuer: /CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Certificate serial: 01856ECB60B1C5C7B6EEA6C8D9795B3428A3
Authority key identifier: F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/flSz5BC_aKgm0Ho7Md5JqngA1LE.roa
Signing time: Sun 01 Jan 2023 19:25:00 +0000
ROA not before: Sun 01 Jan 2023 19:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12551
IP address blocks: 158.47.0.0/16 maxlen: 24
146.133.0.0/16 maxlen: 24
146.133.124.0/24 maxlen: 24
146.133.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:60:b1:c5:c7:b6:ee:a6:c8:d9:79:5b:34:28:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Validity
Not Before: Jan 1 19:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e54b3e410bf68a826d07a3b31de49aa7800d4b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0b:f7:9f:ad:32:b5:91:c2:1e:23:e4:d5:51:
d0:1a:9a:1a:59:90:89:5c:44:ff:9a:0b:0a:f4:47:
54:75:0d:86:d9:54:7f:6b:56:6d:c6:d8:a0:8a:5b:
2d:e9:a5:2e:74:2d:4e:ec:a7:6e:9e:83:3c:a2:18:
ca:86:0f:db:2c:ab:20:c4:2f:b5:7c:83:cd:21:ab:
80:e7:49:20:33:06:c6:60:c7:79:ba:50:0f:65:80:
85:a9:16:52:c4:85:9b:d7:c2:92:2e:fa:27:97:34:
00:c5:54:a7:7d:5a:f4:2d:67:42:15:04:1f:43:28:
6a:96:7c:11:b3:b1:e4:7b:fa:20:68:3d:29:68:40:
28:93:1f:82:5c:2f:4e:a1:a6:9c:fd:43:35:e8:ee:
53:34:d3:fd:54:0a:6b:eb:aa:72:02:36:6e:f7:94:
61:03:cd:ab:67:4f:41:ec:b8:b1:b1:d0:9c:16:b7:
8b:d4:0e:2f:fc:e0:f6:1b:6e:4a:a5:fa:b0:0c:e9:
3e:aa:b5:00:f8:88:b5:45:8d:b8:eb:c3:c7:a9:7f:
5f:09:48:fe:85:37:83:80:d2:c3:38:23:0f:8f:f3:
7f:54:b2:49:88:fd:f2:c2:7d:96:a6:4a:92:11:56:
c4:96:10:42:e9:ca:7d:12:00:47:e0:87:e2:02:9d:
54:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:54:B3:E4:10:BF:68:A8:26:D0:7A:3B:31:DE:49:AA:78:00:D4:B1
X509v3 Authority Key Identifier:
keyid:F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/flSz5BC_aKgm0Ho7Md5JqngA1LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.133.0.0/16
158.47.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:e5:f6:e5:15:9a:cc:95:7b:ba:85:9a:7b:07:50:44:cd:9a:
a5:e1:0c:5c:4b:3b:30:21:c4:35:36:6d:b8:9f:7d:78:78:b0:
d9:d3:fb:f6:52:02:ef:0c:eb:5b:42:8a:93:99:3a:bf:12:c4:
f5:97:2e:44:f4:b6:82:81:e9:cd:9a:10:73:16:65:4e:b5:c7:
31:fb:d4:fc:dc:1c:8d:78:ad:20:9c:38:9e:50:b2:df:15:9e:
6f:0c:6f:85:94:7a:c5:a9:eb:5a:83:97:36:55:d7:14:d8:b4:
ef:2f:49:1c:55:a2:e1:1c:fb:44:81:d4:19:8d:44:ae:b7:98:
81:eb:db:5a:05:4b:34:0d:0d:e6:d4:04:da:b6:f5:c4:f8:1d:
82:5f:a5:d6:65:da:fc:f4:27:f7:a2:7a:1c:9c:be:6e:dc:1d:
29:c9:db:92:55:5f:4d:a9:4d:fd:2e:23:04:72:a2:a8:fd:04:
ef:5c:e2:7f:e0:d1:3c:4b:34:6f:c0:8c:36:9e:a6:07:07:35:
68:14:ce:aa:82:d2:1b:f8:e4:b8:85:b2:36:a4:a3:7a:a9:29:
2e:95:43:c8:ae:a9:8b:21:eb:f4:ae:6c:12:a4:e7:01:d3:1d:
05:f0:a7:f6:87:ab:82:b7:72:d6:04:9f:14:ed:a7:de:00:94:
08:5f:79:eb
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVuy2Cxxce27qbI2XlbNCijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ODIyZDQ1OTdlNTQ5M2QxNTE3OGJmYjEwZTY4NDFkZDE3
ZTU4OTcwHhcNMjMwMTAxMTkyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTU0YjNlNDEwYmY2OGE4MjZkMDdhM2IzMWRlNDlhYTc4MDBkNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQv3n60ytZHCHiPk1VHQGpoaWZCJ
XET/mgsK9EdUdQ2G2VR/a1Ztxtigilst6aUudC1O7KdunoM8ohjKhg/bLKsgxC+1
fIPNIauA50kgMwbGYMd5ulAPZYCFqRZSxIWb18KSLvonlzQAxVSnfVr0LWdCFQQf
QyhqlnwRs7Hke/ogaD0paEAokx+CXC9Ooaac/UM16O5TNNP9VApr66pyAjZu95Rh
A82rZ09B7LixsdCcFreL1A4v/OD2G25KpfqwDOk+qrUA+Ii1RY2468PHqX9fCUj+
hTeDgNLDOCMPj/N/VLJJiP3ywn2WpkqSEVbElhBC6cp9EgBH4IfiAp1UuwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFH5Us+QQv2ioJtB6OzHeSap4ANSxMB8GA1UdIwQY
MBaAFPeCLUWX5Uk9FReL+xDmhB3RfliXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYt
ODYyZTk5OTczZmMzLzEvZmxTejVCQ19hS2dtMEhvN01kNUpxbmdBMUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYtODYyZTk5OTczZmMz
LzEvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAkoUDAwCe
LzANBgkqhkiG9w0BAQsFAAOCAQEAh+X25RWazJV7uoWaewdQRM2apeEMXEs7MCHE
NTZtuJ99eHiw2dP79lIC7wzrW0KKk5k6vxLE9ZcuRPS2goHpzZoQcxZlTrXHMfvU
/NwcjXitIJw4nlCy3xWebwxvhZR6xanrWoOXNlXXFNi07y9JHFWi4Rz7RIHUGY1E
rreYgevbWgVLNA0N5tQE2rb1xPgdgl+l1mXa/PQn96J6HJy+btwdKcnbklVfTalN
/S4jBHKiqP0E71zif+DRPEs0b8CMNp6mBwc1aBTOqoLSG/jkuIWyNqSjeqkpLpVD
yK6piyHr9K5sEqTnAdMdBfCn9oergrdy1gSfFO2n3gCUCF956w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:54 2025 by rpki-client