Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Fw8JHIHG53knVVJXKg9z91Ic3hc.roa
File: Fw8JHIHG53knVVJXKg9z91Ic3hc.roa (raw, json)
Hash identifier: MNvG6Qy/LEpd9gdywW7xhLaPg407ZTc9n609CnHpZGM=
Subject key identifier: 17:0F:09:1C:81:C6:E7:79:27:55:52:57:2A:0F:73:F7:52:1C:DE:17
Certificate issuer: /CN=46fe7b56722245116d4234be484a02a48a1dde1f
Certificate serial: 01890B77A3898ABA7B27400FFCA4E05E4B7B
Authority key identifier: 46:FE:7B:56:72:22:45:11:6D:42:34:BE:48:4A:02:A4:8A:1D:DE:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rv57VnIiRRFtQjS-SEoCpIod3h8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Fw8JHIHG53knVVJXKg9z91Ic3hc.roa
Signing time: Fri 30 Jun 2023 08:42:17 +0000
ROA not before: Fri 30 Jun 2023 08:42:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205029
IP address blocks: 185.79.201.0/24 maxlen: 24
185.79.200.0/23 maxlen: 23
2a03:5e20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:77:a3:89:8a:ba:7b:27:40:0f:fc:a4:e0:5e:4b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46fe7b56722245116d4234be484a02a48a1dde1f
Validity
Not Before: Jun 30 08:42:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=170f091c81c6e779275552572a0f73f7521cde17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ae:f3:1b:f4:ff:9e:39:30:98:c2:c6:ac:93:
55:6a:aa:1d:a9:8e:c4:3e:5d:f8:64:ea:23:96:2d:
c1:c8:3b:99:7e:b3:9d:d5:0a:bc:39:b5:bd:8e:14:
0c:4a:a5:3e:fc:37:a4:32:b4:d4:4a:4b:5c:61:a4:
c2:cd:f5:2c:b6:78:f4:25:53:07:68:a4:f5:84:fe:
22:9c:cb:9e:3f:f7:1e:a0:f9:5b:2a:bd:e1:2b:42:
e1:4b:6e:18:90:ff:1f:9d:4e:9c:22:70:92:44:8c:
27:b0:7b:01:cb:bc:c0:78:36:74:01:68:1c:7f:f5:
38:bd:e6:22:f6:85:3d:df:08:77:69:e3:7e:78:36:
bb:3c:d2:f0:9c:95:8d:f5:6d:c9:0a:7b:a3:f2:b7:
de:06:4d:61:6c:96:b9:51:6e:6e:70:b8:e3:af:5f:
a8:57:03:8d:82:d6:e5:ca:98:78:55:68:8b:26:1d:
af:1f:d1:03:31:98:1a:77:0a:df:58:ed:9f:49:a6:
4b:25:bc:f7:54:37:c9:50:91:ff:70:21:30:0e:a4:
7a:bd:45:8f:9c:58:98:06:34:95:9f:07:a6:eb:b5:
33:6e:3a:62:97:97:cb:92:a3:39:fa:54:d3:df:0b:
1e:21:1e:88:f2:e2:c9:49:c7:cc:9c:a7:e3:4b:bd:
95:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0F:09:1C:81:C6:E7:79:27:55:52:57:2A:0F:73:F7:52:1C:DE:17
X509v3 Authority Key Identifier:
keyid:46:FE:7B:56:72:22:45:11:6D:42:34:BE:48:4A:02:A4:8A:1D:DE:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rv57VnIiRRFtQjS-SEoCpIod3h8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Fw8JHIHG53knVVJXKg9z91Ic3hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Rv57VnIiRRFtQjS-SEoCpIod3h8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.200.0/23
IPv6:
2a03:5e20::/32
Signature Algorithm: sha256WithRSAEncryption
20:92:4f:50:65:d0:c6:f9:66:4d:2a:8b:45:8e:b6:17:3a:27:
f2:fb:12:dc:6d:c7:f6:ff:e9:4c:48:6c:56:30:81:de:35:b2:
00:83:6e:be:0d:86:25:f0:02:3b:c0:d2:26:2d:c2:a2:32:9a:
60:8f:2f:50:98:22:dd:17:cb:5b:de:85:86:cd:5d:0f:d3:fb:
03:de:0e:11:ad:2e:22:01:68:7f:29:45:b6:91:df:8a:b6:c8:
f9:27:31:51:44:5b:ed:3e:dc:f5:19:aa:3f:0a:9e:0e:4e:34:
a7:0e:35:35:4e:af:bb:6a:10:26:6e:67:20:69:7f:d0:dc:be:
07:b6:8b:0e:69:f5:a4:15:b3:03:64:05:0b:f6:d1:a0:51:03:
c2:5a:4f:27:9c:83:18:35:c3:ca:20:c5:46:4e:ff:e3:ee:4e:
97:17:77:72:fe:e7:dd:74:46:e7:db:f9:c2:fd:d3:2b:bb:1c:
61:e7:5d:0e:73:ee:5f:7c:2b:13:3a:e9:f0:11:5c:7d:7a:d8:
03:9b:72:81:46:2b:eb:aa:96:c5:33:78:af:cd:3c:51:3e:e2:
db:19:95:28:cf:5d:ab:93:a1:98:41:42:c4:43:e2:2e:b5:eb:
00:38:da:cf:c9:61:2e:d2:4b:0d:93:50:d5:f7:24:10:67:44:
10:c0:09:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkLd6OJirp7J0AP/KTgXkt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZmU3YjU2NzIyMjQ1MTE2ZDQyMzRiZTQ4NGEwMmE0OGEx
ZGRlMWYwHhcNMjMwNjMwMDg0MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzBmMDkxYzgxYzZlNzc5Mjc1NTUyNTcyYTBmNzNmNzUyMWNkZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK7zG/T/njkwmMLGrJNVaqodqY7E
Pl34ZOojli3ByDuZfrOd1Qq8ObW9jhQMSqU+/DekMrTUSktcYaTCzfUstnj0JVMH
aKT1hP4inMueP/ceoPlbKr3hK0LhS24YkP8fnU6cInCSRIwnsHsBy7zAeDZ0AWgc
f/U4veYi9oU93wh3aeN+eDa7PNLwnJWN9W3JCnuj8rfeBk1hbJa5UW5ucLjjr1+o
VwONgtblyph4VWiLJh2vH9EDMZgadwrfWO2fSaZLJbz3VDfJUJH/cCEwDqR6vUWP
nFiYBjSVnwem67Uzbjpil5fLkqM5+lTT3wseIR6I8uLJScfMnKfjS72V+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBcPCRyBxud5J1VSVyoPc/dSHN4XMB8GA1UdIwQY
MBaAFEb+e1ZyIkURbUI0vkhKAqSKHd4fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnY1N1ZuSWlSUkZ0UWpTLVNFb0NwSW9kM2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85MDgxNDMtZjkxNi00NzE4LThmOTct
NGJkMzM5MmQ1NWQxLzEvRnc4SkhJSEc1M2tuVlZKWEtnOXo5MUljM2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85MDgxNDMtZjkxNi00NzE4LThmOTctNGJkMzM5MmQ1NWQx
LzEvUnY1N1ZuSWlSUkZ0UWpTLVNFb0NwSW9kM2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuU/IMA0E
AgACMAcDBQAqA14gMA0GCSqGSIb3DQEBCwUAA4IBAQAgkk9QZdDG+WZNKotFjrYX
Oify+xLcbcf2/+lMSGxWMIHeNbIAg26+DYYl8AI7wNImLcKiMppgjy9QmCLdF8tb
3oWGzV0P0/sD3g4RrS4iAWh/KUW2kd+Ktsj5JzFRRFvtPtz1Gao/Cp4OTjSnDjU1
Tq+7ahAmbmcgaX/Q3L4HtosOafWkFbMDZAUL9tGgUQPCWk8nnIMYNcPKIMVGTv/j
7k6XF3dy/ufddEbn2/nC/dMruxxh510Oc+5ffCsTOunwEVx9etgDm3KBRivrqpbF
M3ivzTxRPuLbGZUoz12rk6GYQULEQ+IutesAONrPyWEu0ksNk1DV9yQQZ0QQwAkk
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:47:03 2025 by rpki-client