Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/fufUONXLF6KmmZxsY4VILga7YPo.roa
File: fufUONXLF6KmmZxsY4VILga7YPo.roa (raw, json)
Hash identifier: v51ACvUxr51BgrJoANWjytkkFZH62NdmUid5IYd2JPE=
Subject key identifier: 7E:E7:D4:38:D5:CB:17:A2:A6:99:9C:6C:63:85:48:2E:06:BB:60:FA
Certificate issuer: /CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a
Certificate serial: 01856BB7FD48D17BFD6B055247C2675B5F44
Authority key identifier: F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/fufUONXLF6KmmZxsY4VILga7YPo.roa
Signing time: Sun 01 Jan 2023 05:04:58 +0000
ROA not before: Sun 01 Jan 2023 05:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51561
IP address blocks: 185.152.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:fd:48:d1:7b:fd:6b:05:52:47:c2:67:5b:5f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a
Validity
Not Before: Jan 1 05:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ee7d438d5cb17a2a6999c6c6385482e06bb60fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8e:1a:6c:24:13:0b:2d:1a:50:24:ce:41:73:
e1:b7:f8:bf:85:7a:c5:8b:64:0b:60:8f:89:73:a6:
fe:99:3d:c6:df:15:2c:07:11:30:d8:d4:d2:c3:7c:
5b:93:a7:7d:dc:55:c2:2e:5a:0b:da:62:bd:b2:99:
8c:6c:31:0a:65:5b:da:6c:04:6c:78:08:3d:ce:7e:
f2:4b:29:14:36:bb:83:95:50:f0:83:83:31:d1:86:
e2:89:17:5f:00:ba:94:29:fd:f5:8b:d1:7a:e3:50:
93:7b:82:d7:a1:d1:d1:50:a7:58:98:1d:65:7e:b2:
1c:22:e0:df:fa:19:1f:0c:90:48:ff:5c:42:14:0f:
22:ef:38:c0:d8:28:c6:01:23:f9:e3:74:5b:14:2b:
61:6e:55:52:75:a7:56:91:cc:c9:9f:da:3c:95:55:
30:03:dc:a5:c6:7b:b6:2a:90:a2:b3:af:7b:92:f8:
dd:99:c9:25:bc:d6:0a:20:de:19:1d:b2:ca:b7:6b:
27:5f:8a:af:4e:f4:4d:bb:2d:20:e4:37:da:08:3b:
46:7c:eb:13:1f:d5:f6:1b:fb:9e:98:72:3d:92:fa:
48:fa:fb:28:42:9c:53:2e:a9:5f:39:5b:da:cb:1b:
3d:9c:be:c4:b5:e6:39:48:93:1a:cb:19:75:2a:23:
53:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E7:D4:38:D5:CB:17:A2:A6:99:9C:6C:63:85:48:2E:06:BB:60:FA
X509v3 Authority Key Identifier:
keyid:F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/fufUONXLF6KmmZxsY4VILga7YPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/8M9JYzV925hV-brEx9mVrciaNyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.2.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:1b:f8:78:ea:43:b9:8c:51:52:95:67:9d:22:67:7b:91:21:
36:c5:39:a7:1f:0b:4e:f7:f4:fb:e1:07:76:96:8a:9a:f5:81:
90:60:8d:e6:fe:9d:90:f5:7d:3f:b4:7e:b6:c7:3b:4c:f7:89:
31:8d:72:69:33:3b:c7:81:35:d9:4a:d1:e8:4f:1c:2b:fa:54:
f5:48:5b:ea:0a:87:17:aa:eb:62:f1:75:20:0f:54:de:b3:51:
d8:20:e3:f1:4e:3e:82:04:15:68:18:ff:eb:09:92:01:cf:90:
03:56:25:0b:c0:da:18:48:d2:7b:45:78:c2:e1:20:ca:4d:a6:
ca:99:c5:9d:2e:4f:56:d3:5a:33:92:7a:4b:8d:a2:24:74:54:
57:17:3c:af:73:2c:db:ea:e7:62:b6:30:61:74:9d:fc:0d:66:
89:a5:41:12:19:d2:d7:2e:4f:27:dc:dc:28:3b:0c:b9:f2:9c:
73:fb:70:19:56:ed:61:b9:49:b6:c2:27:d1:b5:98:f2:7c:7f:
70:59:30:07:e7:01:e1:33:65:43:4b:11:6d:42:23:d9:79:68:
8a:0d:61:39:f0:d4:12:b6:b5:18:ea:95:76:6c:8a:22:be:5a:
27:14:bb:a2:13:2b:a7:11:b7:c9:95:e9:a0:f9:4d:33:c4:46:
a0:55:b1:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrt/1I0Xv9awVSR8JnW19EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2Y0OTYzMzU3ZGRiOTg1NWY5YmFjNGM3ZDk5NWFkYzg5
YTM3MmEwHhcNMjMwMTAxMDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWU3ZDQzOGQ1Y2IxN2EyYTY5OTljNmM2Mzg1NDgyZTA2YmI2MGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY4abCQTCy0aUCTOQXPht/i/hXrF
i2QLYI+Jc6b+mT3G3xUsBxEw2NTSw3xbk6d93FXCLloL2mK9spmMbDEKZVvabARs
eAg9zn7ySykUNruDlVDwg4Mx0YbiiRdfALqUKf31i9F641CTe4LXodHRUKdYmB1l
frIcIuDf+hkfDJBI/1xCFA8i7zjA2CjGASP543RbFCthblVSdadWkczJn9o8lVUw
A9ylxnu2KpCis697kvjdmcklvNYKIN4ZHbLKt2snX4qvTvRNuy0g5DfaCDtGfOsT
H9X2G/uemHI9kvpI+vsoQpxTLqlfOVvayxs9nL7EteY5SJMayxl1KiNT8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH7n1DjVyxeippmcbGOFSC4Gu2D6MB8GA1UdIwQY
MBaAFPDPSWM1fduYVfm6xMfZla3ImjcqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE05Sll6VjkyNWhWLWJyRXg5bVZyY2lhTnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NzU5MTItZmQwYy00MzE4LWIwYjAt
NmUwNTZiNjE3ZDJhLzEvZnVmVU9OWExGNkttbVp4c1k0VklMZ2E3WVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85NzU5MTItZmQwYy00MzE4LWIwYjAtNmUwNTZiNjE3ZDJh
LzEvOE05Sll6VjkyNWhWLWJyRXg5bVZyY2lhTnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZgCMA0G
CSqGSIb3DQEBCwUAA4IBAQClG/h46kO5jFFSlWedImd7kSE2xTmnHwtO9/T74Qd2
loqa9YGQYI3m/p2Q9X0/tH62xztM94kxjXJpMzvHgTXZStHoTxwr+lT1SFvqCocX
quti8XUgD1Tes1HYIOPxTj6CBBVoGP/rCZIBz5ADViULwNoYSNJ7RXjC4SDKTabK
mcWdLk9W01ozknpLjaIkdFRXFzyvcyzb6uditjBhdJ38DWaJpUESGdLXLk8n3Nwo
Owy58pxz+3AZVu1huUm2wifRtZjyfH9wWTAH5wHhM2VDSxFtQiPZeWiKDWE58NQS
trUY6pV2bIoivlonFLuiEyunEbfJlemg+U0zxEagVbEa
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:40:18 2025 by rpki-client