Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/_gKuHJ17Hz0lu9TpvZINtoJAnSY.roa
File: _gKuHJ17Hz0lu9TpvZINtoJAnSY.roa (raw, json)
Hash identifier: koGXhLp3jSWXBTrRW9LZ7uUOFHqFsdZL23Gzkg9rWys=
Subject key identifier: FE:02:AE:1C:9D:7B:1F:3D:25:BB:D4:E9:BD:92:0D:B6:82:40:9D:26
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D663F14447163C41B9E93299C4875E9
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/_gKuHJ17Hz0lu9TpvZINtoJAnSY.roa
Signing time: Sun 01 Jan 2023 12:54:55 +0000
ROA not before: Sun 01 Jan 2023 12:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15702
IP address blocks: 80.252.32.0/20 maxlen: 24
185.99.80.0/22 maxlen: 24
195.74.65.0/24 maxlen: 24
217.19.32.0/20 maxlen: 24
2001:1618::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:3f:14:44:71:63:c4:1b:9e:93:29:9c:48:75:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe02ae1c9d7b1f3d25bbd4e9bd920db682409d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d7:cc:35:d2:8f:65:c6:c9:f5:8b:91:d7:bb:
f1:5e:d8:39:72:89:0c:c8:79:ec:84:65:37:5f:ba:
d0:e5:1f:e9:7b:01:6d:1a:c3:52:6c:55:f1:78:40:
5b:91:26:dd:fa:f8:69:ff:f3:d2:0e:da:ec:ac:4c:
bd:af:56:e4:c0:c1:94:9d:39:a1:3b:ae:bd:27:fe:
ff:0c:22:77:d4:fc:fe:1a:b3:45:8f:1b:4a:39:6c:
12:80:14:21:35:f7:91:50:23:6a:7d:04:2d:c1:ef:
d9:98:64:e9:92:de:30:0f:e7:e1:9b:58:2b:4e:c9:
62:17:b4:fc:3e:d8:40:ed:53:fd:c1:a1:5b:59:7e:
33:d6:75:e5:59:9c:b7:55:dd:af:02:26:75:3a:be:
9c:e2:fb:f5:73:d6:0e:16:c0:64:42:7a:20:31:24:
5f:c7:86:34:bb:9d:64:61:86:a3:a8:e6:ee:2d:47:
1f:8a:69:49:0c:94:79:9a:0f:09:e3:d0:47:75:94:
eb:f5:bb:cb:00:04:05:af:b6:43:4b:12:06:16:33:
05:c3:b1:46:68:33:dc:b6:38:b1:43:72:55:5f:3f:
8f:fc:2f:26:e0:c1:51:93:7d:2c:13:cc:de:b9:3d:
f6:d0:ae:4e:e9:3d:d6:e4:bd:76:37:67:a0:81:26:
cf:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:02:AE:1C:9D:7B:1F:3D:25:BB:D4:E9:BD:92:0D:B6:82:40:9D:26
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/_gKuHJ17Hz0lu9TpvZINtoJAnSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.32.0/20
185.99.80.0/22
195.74.65.0/24
217.19.32.0/20
IPv6:
2001:1618::/29
Signature Algorithm: sha256WithRSAEncryption
7e:6d:83:0d:90:e2:3a:98:0b:8e:dc:e3:f6:5c:18:a8:af:1f:
f0:a0:f4:fc:79:5b:8b:6d:2d:df:5e:0a:1d:94:57:93:28:cd:
92:a5:72:e2:17:70:36:47:ea:eb:e9:28:1b:dd:4e:98:04:bb:
b0:93:76:85:e4:2d:31:1b:10:a8:32:34:07:25:e8:61:49:f9:
e3:b8:de:3a:f3:d4:83:89:82:81:c6:7f:06:70:17:c8:e2:d4:
6a:5d:b6:0f:b5:6a:cf:10:04:4d:b2:16:97:06:32:b5:d5:b1:
c2:c3:55:a4:a0:3b:1a:b8:2e:47:e7:56:1b:14:8e:ba:71:29:
94:59:2c:aa:24:da:43:92:e6:48:b5:50:49:37:45:ab:55:6e:
07:00:d1:fb:53:53:f7:2a:76:10:92:65:2e:b7:d6:8e:b2:4a:
7b:b0:2b:36:c5:8a:a4:44:32:d4:45:99:d4:41:c8:29:97:73:
45:b8:f9:36:f5:20:f8:57:87:8f:0b:10:b8:f5:f4:36:e0:f5:
a3:79:de:f5:12:08:66:7b:94:ae:6a:ee:71:1f:a8:b2:ff:22:
d9:0d:95:31:09:05:27:27:e7:26:a2:f5:18:4b:55:28:fd:23:
b0:00:22:1d:8c:10:34:af:f7:f5:cc:a9:6e:c7:f7:90:79:48:
e0:33:42:23
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtZj8URHFjxBuekymcSHXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTAyYWUxYzlkN2IxZjNkMjViYmQ0ZTliZDkyMGRiNjgyNDA5ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdfMNdKPZcbJ9YuR17vxXtg5cokM
yHnshGU3X7rQ5R/pewFtGsNSbFXxeEBbkSbd+vhp//PSDtrsrEy9r1bkwMGUnTmh
O669J/7/DCJ31Pz+GrNFjxtKOWwSgBQhNfeRUCNqfQQtwe/ZmGTpkt4wD+fhm1gr
TsliF7T8PthA7VP9waFbWX4z1nXlWZy3Vd2vAiZ1Or6c4vv1c9YOFsBkQnogMSRf
x4Y0u51kYYajqObuLUcfimlJDJR5mg8J49BHdZTr9bvLAAQFr7ZDSxIGFjMFw7FG
aDPctjixQ3JVXz+P/C8m4MFRk30sE8zeuT320K5O6T3W5L12N2eggSbPuQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFP4Crhydex89JbvU6b2SDbaCQJ0mMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvX2dLdUhKMTdIejBsdTlUcHZaSU50b0pBblNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPwgAwQC
uWNQAwQAw0pBAwQE2RMgMA0EAgACMAcDBQMgARYYMA0GCSqGSIb3DQEBCwUAA4IB
AQB+bYMNkOI6mAuO3OP2XBiorx/woPT8eVuLbS3fXgodlFeTKM2SpXLiF3A2R+rr
6Sgb3U6YBLuwk3aF5C0xGxCoMjQHJehhSfnjuN4689SDiYKBxn8GcBfI4tRqXbYP
tWrPEARNshaXBjK11bHCw1WkoDsauC5H51YbFI66cSmUWSyqJNpDkuZItVBJN0Wr
VW4HANH7U1P3KnYQkmUut9aOskp7sCs2xYqkRDLURZnUQcgpl3NFuPk29SD4V4eP
CxC49fQ24PWjed71Eghme5Suau5xH6iy/yLZDZUxCQUnJ+cmovUYS1Uo/SOwACId
jBA0r/f1zKlux/eQeUjgM0Ij
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:48:33 2025 by rpki-client