Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/Sf6xtOoigXCFjBr6gUmVONX-I1w.roa
File: Sf6xtOoigXCFjBr6gUmVONX-I1w.roa (raw, json)
Hash identifier: dX/wfRCGyjAAHdvVSSmNf6EMRuXo2wd25sfG//+YZjE=
Subject key identifier: 49:FE:B1:B4:EA:22:81:70:85:8C:1A:FA:81:49:95:38:D5:FE:23:5C
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 01856CAF0D29637668C91BE2F0002BFE2519
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/Sf6xtOoigXCFjBr6gUmVONX-I1w.roa
Signing time: Sun 01 Jan 2023 09:34:49 +0000
ROA not before: Sun 01 Jan 2023 09:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207617
IP address blocks: 212.64.213.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:0d:29:63:76:68:c9:1b:e2:f0:00:2b:fe:25:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 1 09:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49feb1b4ea228170858c1afa81499538d5fe235c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:18:7f:40:22:0e:c3:db:7a:95:ab:f9:50:15:
24:4a:8b:89:fc:46:75:cb:75:dd:71:a6:97:df:ad:
de:44:33:7b:e9:96:d6:a4:ea:01:9a:38:d7:96:33:
01:dc:aa:a3:fc:af:ef:ed:a7:09:13:da:24:48:86:
54:7f:37:2c:2e:45:20:3a:99:ce:de:3a:e3:9c:c0:
98:66:e2:a1:72:13:c2:f4:0a:be:a0:0f:13:8c:2f:
7e:c2:92:6f:03:cf:be:54:0a:13:88:71:f5:18:9f:
2e:70:32:07:6d:df:1e:25:4f:be:06:78:16:ee:16:
03:dc:65:5f:87:a8:81:a0:90:fb:06:50:cc:ae:11:
d9:9a:0b:9c:b9:be:eb:a0:a5:28:87:23:3f:3e:58:
e7:37:d8:be:ca:d4:55:89:91:b3:f6:a9:17:06:1a:
a8:6d:1c:aa:3e:8b:ca:52:17:73:90:73:7a:bd:13:
1f:5b:0a:d8:6b:9b:5c:e3:84:ff:9d:3f:0f:78:3d:
7a:c4:b4:90:80:09:09:e8:60:e9:81:c7:eb:03:f4:
fd:e6:78:3f:5c:da:ef:a3:4c:4a:5c:42:87:96:ab:
dd:4b:dc:98:72:82:fd:09:87:8a:fd:e2:31:d4:78:
7a:0b:59:c6:4b:e0:ab:c0:b0:2b:9f:6b:b2:0c:42:
58:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FE:B1:B4:EA:22:81:70:85:8C:1A:FA:81:49:95:38:D5:FE:23:5C
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/Sf6xtOoigXCFjBr6gUmVONX-I1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.213.0/24
Signature Algorithm: sha256WithRSAEncryption
62:1c:90:4c:9b:b3:f1:49:1b:ee:58:f8:13:83:69:b2:e6:94:
3a:74:34:c5:0f:37:b6:c5:28:e1:85:0e:39:f8:e6:8b:42:7a:
e8:62:8a:53:38:fd:6d:97:57:84:bc:76:60:d4:72:d5:fc:4f:
16:f3:64:31:d8:20:dc:0d:8b:51:5a:86:5e:b9:69:b1:db:cb:
cf:b4:79:a3:43:6e:ff:b7:f5:17:eb:35:1f:f2:cc:56:37:7a:
56:d3:6f:16:d3:46:86:3a:a2:91:c4:28:92:56:ad:54:93:4c:
46:3f:08:9a:fb:57:53:01:d1:d1:00:ed:45:f2:57:b4:54:b4:
90:2f:3d:3c:66:94:be:42:4e:d3:04:0f:3b:89:ce:de:1a:4e:
04:54:3e:8d:2d:2f:5d:b4:26:20:20:0f:50:19:1f:08:38:29:
fb:f8:fb:63:a5:46:84:e7:84:c0:a1:9e:7f:8e:99:92:cd:49:
e0:99:84:ea:ba:10:5a:a2:f3:0a:0d:f4:b6:ae:8b:d3:c5:92:
3c:10:20:18:b0:39:e9:d4:78:0c:4b:57:0a:2e:79:d3:49:f5:
0c:d6:3a:da:20:5f:b2:a9:66:8a:ba:f0:d5:7e:5d:04:7a:43:
d0:17:c4:94:a8:c3:69:9d:16:06:d6:28:df:b0:49:bf:4f:a3:
6a:53:e6:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrw0pY3ZoyRvi8AAr/iUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjMwMTAxMDkzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZlYjFiNGVhMjI4MTcwODU4YzFhZmE4MTQ5OTUzOGQ1ZmUyMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphh/QCIOw9t6lav5UBUkSouJ/EZ1
y3XdcaaX363eRDN76ZbWpOoBmjjXljMB3Kqj/K/v7acJE9okSIZUfzcsLkUgOpnO
3jrjnMCYZuKhchPC9Aq+oA8TjC9+wpJvA8++VAoTiHH1GJ8ucDIHbd8eJU++BngW
7hYD3GVfh6iBoJD7BlDMrhHZmgucub7roKUohyM/PljnN9i+ytRViZGz9qkXBhqo
bRyqPovKUhdzkHN6vRMfWwrYa5tc44T/nT8PeD16xLSQgAkJ6GDpgcfrA/T95ng/
XNrvo0xKXEKHlqvdS9yYcoL9CYeK/eIx1Hh6C1nGS+CrwLArn2uyDEJYwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEn+sbTqIoFwhYwa+oFJlTjV/iNcMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvU2Y2eHRPb2lnWENGakJyNmdVbVZPTlgtSTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EDVMA0G
CSqGSIb3DQEBCwUAA4IBAQBiHJBMm7PxSRvuWPgTg2my5pQ6dDTFDze2xSjhhQ45
+OaLQnroYopTOP1tl1eEvHZg1HLV/E8W82Qx2CDcDYtRWoZeuWmx28vPtHmjQ27/
t/UX6zUf8sxWN3pW028W00aGOqKRxCiSVq1Uk0xGPwia+1dTAdHRAO1F8le0VLSQ
Lz08ZpS+Qk7TBA87ic7eGk4EVD6NLS9dtCYgIA9QGR8IOCn7+PtjpUaE54TAoZ5/
jpmSzUngmYTquhBaovMKDfS2rovTxZI8ECAYsDnp1HgMS1cKLnnTSfUM1jraIF+y
qWaKuvDVfl0EekPQF8SUqMNpnRYG1ijfsEm/T6NqU+Yw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:22 2025 by rpki-client