Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/F6M5clNdHzHyFFufSs-VLQjfoPo.roa
File: F6M5clNdHzHyFFufSs-VLQjfoPo.roa (raw, json)
Hash identifier: ZlscBSKmlZ2yySJo2yO1L5tjC+PFg35xWXrVtvxYWeU=
Subject key identifier: 17:A3:39:72:53:5D:1F:31:F2:14:5B:9F:4A:CF:95:2D:08:DF:A0:FA
Certificate issuer: /CN=78fb099aa43081ac8395ee0b90ccf1a8844f8d64
Certificate serial: 01856BA5934F23729D52B7FB75EC04FC7359
Authority key identifier: 78:FB:09:9A:A4:30:81:AC:83:95:EE:0B:90:CC:F1:A8:84:4F:8D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePsJmqQwgayDle4LkMzxqIRPjWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/F6M5clNdHzHyFFufSs-VLQjfoPo.roa
Signing time: Sun 01 Jan 2023 04:44:51 +0000
ROA not before: Sun 01 Jan 2023 04:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201587
IP address blocks: 85.194.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:a5:93:4f:23:72:9d:52:b7:fb:75:ec:04:fc:73:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78fb099aa43081ac8395ee0b90ccf1a8844f8d64
Validity
Not Before: Jan 1 04:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17a33972535d1f31f2145b9f4acf952d08dfa0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c0:70:60:06:9b:13:c5:11:6d:1f:65:83:8a:
1a:e1:22:3c:45:47:bf:1c:6f:b0:33:63:cd:fa:d5:
39:04:17:b0:e9:39:37:af:f8:0d:29:0b:cf:e3:b4:
2a:46:e0:b9:01:50:10:f4:32:e2:29:5f:e9:ba:57:
f7:49:c8:92:23:ff:e8:91:1a:ed:a9:8c:43:e3:f4:
3d:f9:f5:01:dd:78:ac:54:4f:03:d2:d9:b2:2c:7c:
af:a4:32:3e:fa:50:14:9f:79:41:ab:cd:a3:68:e7:
76:c7:b8:7e:a6:8d:9d:0b:df:78:27:eb:bc:8d:2a:
2c:b3:bc:27:d4:0b:6b:e8:47:e4:66:2c:b2:e1:6d:
df:40:24:c5:71:27:eb:6c:b2:54:45:da:55:3d:0d:
88:36:a4:49:e3:0a:38:ea:78:7e:1e:5b:11:27:71:
b7:85:9d:0d:8f:d6:42:8b:e8:fb:73:c9:b5:a0:5a:
59:12:c2:e9:6b:f6:cb:18:55:b5:af:18:ab:b3:60:
9d:2d:f4:34:29:25:f3:ad:ad:c2:28:d9:c9:3d:73:
bf:f8:49:45:9f:c9:44:43:ce:14:2f:a7:db:6b:99:
32:c1:77:b2:80:ba:29:94:f7:90:38:e9:cd:d6:d7:
9a:6f:c8:bd:65:9a:b9:e9:05:d7:55:1d:e7:8e:e8:
52:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A3:39:72:53:5D:1F:31:F2:14:5B:9F:4A:CF:95:2D:08:DF:A0:FA
X509v3 Authority Key Identifier:
keyid:78:FB:09:9A:A4:30:81:AC:83:95:EE:0B:90:CC:F1:A8:84:4F:8D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePsJmqQwgayDle4LkMzxqIRPjWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/F6M5clNdHzHyFFufSs-VLQjfoPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/ePsJmqQwgayDle4LkMzxqIRPjWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.224.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:5c:63:0a:c0:4d:42:c1:0f:11:79:7a:46:c7:de:09:43:62:
1e:da:cb:06:d6:aa:8b:fb:80:e2:a3:ae:db:14:26:da:09:ce:
ac:c5:47:42:39:d7:f4:ff:d8:52:66:73:5b:2b:df:c5:82:7b:
ad:1e:d4:19:14:55:8b:4b:f2:40:b7:f9:80:42:d7:d1:9c:83:
f9:af:b2:28:43:ce:af:22:1f:25:21:b3:51:97:e5:d9:33:92:
45:05:9f:a7:de:3f:70:44:54:f5:08:7d:e2:e2:89:1b:5c:a0:
85:4d:d9:98:f1:9a:d5:83:9f:5a:0a:4a:33:94:6f:ad:76:9f:
4b:93:29:c2:07:56:fa:96:11:db:9e:f5:d5:c0:41:53:dc:95:
67:8b:50:7b:39:9e:10:4d:67:56:74:95:a4:73:d1:33:ad:e1:
81:d2:90:5d:07:43:d8:fd:6a:79:3f:7b:e6:cc:31:7f:fa:4b:
e5:de:78:3c:3e:45:8c:9a:12:52:34:86:8e:21:43:e3:29:21:
6e:f7:6d:ed:c6:f4:ec:8a:c7:ad:7c:14:f4:e3:96:8f:07:52:
7c:b5:eb:42:87:ff:c8:37:98:b3:a1:c5:36:4d:be:00:c5:7a:
ff:2d:cb:8f:3c:db:2e:07:17:17:1c:9f:73:51:25:ff:3e:e1:
50:d4:fa:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrpZNPI3KdUrf7dewE/HNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZmIwOTlhYTQzMDgxYWM4Mzk1ZWUwYjkwY2NmMWE4ODQ0
ZjhkNjQwHhcNMjMwMTAxMDQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2EzMzk3MjUzNWQxZjMxZjIxNDViOWY0YWNmOTUyZDA4ZGZhMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscBwYAabE8URbR9lg4oa4SI8RUe/
HG+wM2PN+tU5BBew6Tk3r/gNKQvP47QqRuC5AVAQ9DLiKV/pulf3SciSI//okRrt
qYxD4/Q9+fUB3XisVE8D0tmyLHyvpDI++lAUn3lBq82jaOd2x7h+po2dC994J+u8
jSoss7wn1Atr6EfkZiyy4W3fQCTFcSfrbLJURdpVPQ2INqRJ4wo46nh+HlsRJ3G3
hZ0Nj9ZCi+j7c8m1oFpZEsLpa/bLGFW1rxirs2CdLfQ0KSXzra3CKNnJPXO/+ElF
n8lEQ84UL6fba5kywXeygLoplPeQOOnN1teab8i9ZZq56QXXVR3njuhSkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBejOXJTXR8x8hRbn0rPlS0I36D6MB8GA1UdIwQY
MBaAFHj7CZqkMIGsg5XuC5DM8aiET41kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVBzSm1xUXdnYXlEbGU0TGtNenhxSVJQaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9jZDE3ZmUtZTQ0YS00Yjk4LTlmMWMt
MmQ4YThkOTY2OWY4LzEvRjZNNWNsTmRIekh5RkZ1ZlNzLVZMUWpmb1BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9jZDE3ZmUtZTQ0YS00Yjk4LTlmMWMtMmQ4YThkOTY2OWY4
LzEvZVBzSm1xUXdnYXlEbGU0TGtNenhxSVJQaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVcLgMA0G
CSqGSIb3DQEBCwUAA4IBAQA8XGMKwE1CwQ8ReXpGx94JQ2Ie2ssG1qqL+4Dio67b
FCbaCc6sxUdCOdf0/9hSZnNbK9/FgnutHtQZFFWLS/JAt/mAQtfRnIP5r7IoQ86v
Ih8lIbNRl+XZM5JFBZ+n3j9wRFT1CH3i4okbXKCFTdmY8ZrVg59aCkozlG+tdp9L
kynCB1b6lhHbnvXVwEFT3JVni1B7OZ4QTWdWdJWkc9EzreGB0pBdB0PY/Wp5P3vm
zDF/+kvl3ng8PkWMmhJSNIaOIUPjKSFu923txvTsisetfBT045aPB1J8tetCh//I
N5izocU2Tb4AxXr/LcuPPNsuBxcXHJ9zUSX/PuFQ1Pqg
-----END CERTIFICATE-----
Generated at Mon Apr 28 05:33:30 2025 by rpki-client