Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/__MX1GkdPlE9NeWIYagP7loapy0.roa
File: __MX1GkdPlE9NeWIYagP7loapy0.roa (raw, json)
Hash identifier: kqPkNs0y7yFbleoYEif8bG++x7uYP6R30Z7XVwLUsl8=
Subject key identifier: FF:F3:17:D4:69:1D:3E:51:3D:35:E5:88:61:A8:0F:EE:5A:1A:A7:2D
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 140C1BB8
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/__MX1GkdPlE9NeWIYagP7loapy0.roa
Signing time: Tue 08 Mar 2022 08:05:31 +0000
ROA not before: Tue 08 Mar 2022 08:05:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15702
IP address blocks: 80.252.32.0/20 maxlen: 24
185.99.80.0/22 maxlen: 24
195.74.65.0/24 maxlen: 24
217.19.32.0/20 maxlen: 24
2001:1618::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 336337848 (0x140c1bb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Mar 8 08:05:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fff317d4691d3e513d35e58861a80fee5a1aa72d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:85:93:87:7a:57:26:d0:be:36:6f:a9:1c:14:
93:b4:cc:7d:de:51:fa:bc:f6:ae:5c:72:09:00:1d:
6a:ea:28:8c:40:56:75:fd:29:da:c2:4d:cf:07:05:
02:ca:d1:41:58:77:ff:b9:a1:0b:f4:a2:54:8d:de:
5e:68:e0:f0:32:7c:50:bf:15:4a:ed:7f:5e:0b:b7:
94:4a:5d:29:a3:4a:70:b0:1c:db:f7:be:40:4e:81:
89:27:d5:59:91:cb:a6:0a:71:b2:95:7c:eb:88:d0:
65:87:1d:91:b8:07:3c:8c:63:78:fd:87:1b:be:2a:
6a:ca:fb:98:3c:9b:c8:f7:c6:0d:94:c2:75:28:e0:
84:dc:fb:40:a3:a9:be:bf:d8:70:c4:96:58:1e:9f:
8e:a7:c4:4d:9c:45:2c:fc:13:10:3e:35:08:38:20:
bd:90:21:b2:b7:ec:87:f4:f3:bf:59:ce:92:78:5e:
28:ab:46:87:eb:f9:02:3c:69:a7:ee:60:08:b7:7c:
06:21:88:82:17:c3:7a:35:75:6f:b5:ba:d3:1a:7c:
36:44:82:66:1c:55:09:78:90:f0:04:ea:88:62:2f:
68:24:fc:13:cf:0b:d5:d7:17:64:f4:58:39:00:34:
34:e8:67:6b:54:00:ba:97:ba:c4:30:92:62:26:9d:
af:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F3:17:D4:69:1D:3E:51:3D:35:E5:88:61:A8:0F:EE:5A:1A:A7:2D
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/__MX1GkdPlE9NeWIYagP7loapy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.32.0/20
185.99.80.0/22
195.74.65.0/24
217.19.32.0/20
IPv6:
2001:1618::/29
Signature Algorithm: sha256WithRSAEncryption
28:c2:a5:fe:32:c8:cf:22:5e:b3:64:99:19:4d:92:df:71:99:
82:f9:5f:c2:ae:5c:aa:48:59:0c:48:ef:40:e2:bc:93:4c:8c:
f3:8c:34:85:66:53:67:a0:1c:a6:4b:e8:69:af:4c:e2:60:4b:
64:d7:ef:68:89:cd:ea:21:64:8a:eb:6b:02:c7:13:4a:6a:ed:
a9:21:fd:a8:9e:0a:c4:25:1e:2a:2a:86:ec:9d:44:d3:56:6f:
04:34:73:86:23:69:45:51:86:33:40:f8:fd:a2:b8:22:ba:54:
53:61:e7:94:67:b0:e5:c9:ee:f7:74:ce:d2:bd:af:06:f2:ee:
b9:d2:64:91:d0:3d:61:3f:9a:3b:48:67:a8:8f:04:05:12:97:
89:67:b6:11:c1:b4:4f:5e:d7:fd:b1:dc:60:c8:96:b6:88:7f:
68:75:a4:ef:c7:e6:09:e8:31:9f:ae:60:a6:0f:9c:c5:4e:fa:
6f:23:1c:8a:d2:d3:c3:51:f0:4e:65:6a:39:d2:b6:94:96:84:
9c:77:77:5d:93:72:1a:20:e0:76:40:be:11:e5:a0:66:d3:b4:
b6:7c:fc:b8:05:25:e7:0c:9b:67:b2:5f:f3:fd:c4:88:9a:b5:
da:55:33:ec:fa:aa:a7:54:80:94:b2:93:7d:e3:9e:76:8d:d2:
2e:a6:11:6a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEFAwbuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmU5MGZkZTk3ODRhOTFkOTNhN2EyYWY1OWQ0ZDA0M2YxMTcxZmJhMB4XDTIyMDMw
ODA4MDUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZmMzE3ZDQ2OTFk
M2U1MTNkMzVlNTg4NjFhODBmZWU1YTFhYTcyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmFk4d6VybQvjZvqRwUk7TMfd5R+rz2rlxyCQAdauoojEBW
df0p2sJNzwcFAsrRQVh3/7mhC/SiVI3eXmjg8DJ8UL8VSu1/Xgu3lEpdKaNKcLAc
2/e+QE6BiSfVWZHLpgpxspV864jQZYcdkbgHPIxjeP2HG74qasr7mDybyPfGDZTC
dSjghNz7QKOpvr/YcMSWWB6fjqfETZxFLPwTED41CDggvZAhsrfsh/Tzv1nOknhe
KKtGh+v5Ajxpp+5gCLd8BiGIghfDejV1b7W60xp8NkSCZhxVCXiQ8ATqiGIvaCT8
E88L1dcXZPRYOQA0NOhna1QAupe6xDCSYiadrwcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBT/8xfUaR0+UT015YhhqA/uWhqnLTAfBgNVHSMEGDAWgBQf6Q/el4SpHZOn
oq9Z1NBD8RcfujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gta1AzcGVFcVIyVHA2S3ZXZFRRUV9FWEg3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvYTk0NWY3LTUzYjMtNGRiNS1hZTA0LTIzNzcyZTdmOTJlMy8x
L19fTVgxR2tkUGxFOU5lV0lZYWdQN2xvYXB5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
YTk0NWY3LTUzYjMtNGRiNS1hZTA0LTIzNzcyZTdmOTJlMy8xL0gta1AzcGVFcVIy
VHA2S3ZXZFRRUV9FWEg3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFD8IAMEArljUAMEAMNKQQMEBNkT
IDANBAIAAjAHAwUDIAEWGDANBgkqhkiG9w0BAQsFAAOCAQEAKMKl/jLIzyJes2SZ
GU2S33GZgvlfwq5cqkhZDEjvQOK8k0yM84w0hWZTZ6Acpkvoaa9M4mBLZNfvaInN
6iFkiutrAscTSmrtqSH9qJ4KxCUeKiqG7J1E01ZvBDRzhiNpRVGGM0D4/aK4IrpU
U2HnlGew5cnu93TO0r2vBvLuudJkkdA9YT+aO0hnqI8EBRKXiWe2EcG0T17X/bHc
YMiWtoh/aHWk78fmCegxn65gpg+cxU76byMcitLTw1HwTmVqOdK2lJaEnHd3XZNy
GiDgdkC+EeWgZtO0tnz8uAUl5wybZ7Jf8/3EiJq12lUz7Pqqp1SAlLKTfeOedo3S
LqYRag==
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:41:27 2025 by rpki-client