Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/FkV6-9eodJHZnJlBuB4h6doOKSE.roa
File: FkV6-9eodJHZnJlBuB4h6doOKSE.roa (raw, json)
Hash identifier: MAqqO6GDMPhQ8Y8iv/eAUZtGHaP9YpzE41+6TCpSI+8=
Subject key identifier: 16:45:7A:FB:D7:A8:74:91:D9:9C:99:41:B8:1E:21:E9:DA:0E:29:21
Certificate issuer: /CN=90f76537ff745893e3142fa0984f449b725b8fd3
Certificate serial: 1954C847
Authority key identifier: 90:F7:65:37:FF:74:58:93:E3:14:2F:A0:98:4F:44:9B:72:5B:8F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPdlN_90WJPjFC-gmE9Em3Jbj9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/FkV6-9eodJHZnJlBuB4h6doOKSE.roa
Signing time: Sat 01 Jan 2022 07:01:54 +0000
ROA not before: Sat 01 Jan 2022 07:01:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29008
IP address blocks: 194.156.20.0/23 maxlen: 23
213.166.224.0/19 maxlen: 19
2a02:958::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 424986695 (0x1954c847)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f76537ff745893e3142fa0984f449b725b8fd3
Validity
Not Before: Jan 1 07:01:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16457afbd7a87491d99c9941b81e21e9da0e2921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:15:a5:1f:30:89:f3:9e:0b:22:50:53:48:68:
bb:57:e6:c2:18:f0:fb:67:9e:5b:c5:b8:f5:e2:1d:
23:88:0a:7e:5d:4b:3f:13:c6:2e:7f:d3:bf:8d:07:
96:f1:24:e1:f2:e8:e2:ae:4b:4e:aa:de:f0:07:5b:
62:6e:45:7a:ef:48:a3:fb:49:9a:13:ec:f5:dd:d4:
61:4b:60:24:ea:44:2a:d6:e5:d8:f9:97:d9:73:6e:
a2:a9:c3:6a:0f:f5:98:15:0b:75:74:0c:9f:c1:f3:
e2:d8:6c:80:84:e0:d5:00:f7:4a:b8:10:82:92:dc:
d0:a0:75:50:c7:af:2c:13:a6:27:03:27:3a:da:8f:
33:f4:f1:59:8d:02:d7:8e:71:e2:bd:4b:76:4b:74:
e1:ea:80:9a:05:41:cc:1f:d7:b9:ef:3b:b9:f1:e5:
5d:08:95:72:cb:93:85:ba:e0:63:bd:b6:28:9c:86:
66:6c:c7:44:f3:11:c8:99:3a:79:f2:37:d4:d2:fe:
15:28:2e:47:a6:f4:b9:a1:ef:41:1f:24:3e:a6:02:
58:4b:67:41:07:85:88:75:20:ec:88:05:1d:79:98:
a5:7d:a5:d5:fc:e4:bd:8b:5a:ec:e2:c7:3f:2a:7e:
aa:1c:16:bf:d6:b8:32:35:c9:f5:04:8f:c5:2c:dd:
85:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:45:7A:FB:D7:A8:74:91:D9:9C:99:41:B8:1E:21:E9:DA:0E:29:21
X509v3 Authority Key Identifier:
keyid:90:F7:65:37:FF:74:58:93:E3:14:2F:A0:98:4F:44:9B:72:5B:8F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPdlN_90WJPjFC-gmE9Em3Jbj9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/FkV6-9eodJHZnJlBuB4h6doOKSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/kPdlN_90WJPjFC-gmE9Em3Jbj9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.20.0/23
213.166.224.0/19
IPv6:
2a02:958::/32
Signature Algorithm: sha256WithRSAEncryption
60:33:f0:b3:8e:ed:fe:a5:b6:6b:1a:f6:1d:33:1b:2e:12:f3:
a1:37:9e:a3:6c:4e:6f:b6:92:74:95:f0:f8:8f:4b:5d:31:7d:
33:5c:fe:23:09:96:94:e7:13:6c:6c:15:52:12:81:8d:6e:35:
b1:95:e8:b2:26:e3:88:85:99:db:1f:af:a4:ff:ff:0c:e9:21:
30:e5:1c:02:e9:70:a5:f8:b0:ca:7d:20:fa:fb:f5:19:7c:5f:
e5:62:39:a9:3d:f2:ac:85:c7:6f:e5:20:6c:b8:f2:a4:fd:5f:
b7:af:dd:31:91:e4:e7:62:16:35:9b:e3:af:72:27:3b:49:2a:
93:ab:87:47:97:f0:a9:06:a0:b8:5e:e1:c5:65:9d:dd:3c:45:
f9:c0:0b:69:55:2a:f7:ff:74:6e:da:85:a7:8e:3f:42:3a:3f:
a6:26:10:c7:66:61:24:0e:95:b2:4c:6f:e7:ea:d7:3e:25:49:
55:e4:31:dc:40:ee:d8:7d:6c:44:df:d3:d2:3a:67:a8:7f:bf:
03:c2:35:43:f6:0a:24:c1:19:bd:f5:5e:f5:2e:3c:6f:43:3a:
e1:17:1a:d2:3f:a0:7d:72:03:33:99:97:f0:ff:b7:5d:a6:c5:
bf:00:de:83:25:f5:43:73:4d:46:19:3e:33:5c:fb:02:73:82:
d4:5f:51:a7
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGVTIRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGY3NjUzN2ZmNzQ1ODkzZTMxNDJmYTA5ODRmNDQ5YjcyNWI4ZmQzMB4XDTIyMDEw
MTA3MDE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTY0NTdhZmJkN2E4
NzQ5MWQ5OWM5OTQxYjgxZTIxZTlkYTBlMjkyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAP0VpR8wifOeCyJQU0hou1fmwhjw+2eeW8W49eIdI4gKfl1L
PxPGLn/Tv40HlvEk4fLo4q5LTqre8AdbYm5Feu9Io/tJmhPs9d3UYUtgJOpEKtbl
2PmX2XNuoqnDag/1mBULdXQMn8Hz4thsgITg1QD3SrgQgpLc0KB1UMevLBOmJwMn
OtqPM/TxWY0C145x4r1Ldkt04eqAmgVBzB/Xue87ufHlXQiVcsuThbrgY722KJyG
ZmzHRPMRyJk6efI31NL+FSguR6b0uaHvQR8kPqYCWEtnQQeFiHUg7IgFHXmYpX2l
1fzkvYta7OLHPyp+qhwWv9a4MjXJ9QSPxSzdhesCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQWRXr716h0kdmcmUG4HiHp2g4pITAfBgNVHSMEGDAWgBSQ92U3/3RYk+MU
L6CYT0SbcluP0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tQZGxOXzkwV0pQakZDLWdtRTlFbTNKYmo5TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvNGY3NjgwLTgxYWItNGMxZi1hMDdiLTdjNjJkNWMzMTViZi8x
L0ZrVjYtOWVvZEpIWm5KbEJ1QjRoNmRvT0tTRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
NGY3NjgwLTgxYWItNGMxZi1hMDdiLTdjNjJkNWMzMTViZi8xL2tQZGxOXzkwV0pQ
akZDLWdtRTlFbTNKYmo5TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAcKcFAMEBdWm4DANBAIAAjAHAwUA
KgIJWDANBgkqhkiG9w0BAQsFAAOCAQEAYDPws47t/qW2axr2HTMbLhLzoTeeo2xO
b7aSdJXw+I9LXTF9M1z+IwmWlOcTbGwVUhKBjW41sZXosibjiIWZ2x+vpP//DOkh
MOUcAulwpfiwyn0g+vv1GXxf5WI5qT3yrIXHb+UgbLjypP1ft6/dMZHk52IWNZvj
r3InO0kqk6uHR5fwqQaguF7hxWWd3TxF+cALaVUq9/90btqFp44/Qjo/piYQx2Zh
JA6Vskxv5+rXPiVJVeQx3EDu2H1sRN/T0jpnqH+/A8I1Q/YKJMEZvfVe9S48b0M6
4Rca0j+gfXIDM5mX8P+3XabFvwDegyX1Q3NNRhk+M1z7AnOC1F9Rpw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:31 2025 by rpki-client