Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/811108-e8f7-47af-bc8b-a5b7831a8ce1/1/d6W8OKLF6_SA_rXp-aZbD4M3rIM.roa
File: d6W8OKLF6_SA_rXp-aZbD4M3rIM.roa (raw, json)
Hash identifier: MJKenXxdK8bAiscB+Id5WCLf4p+w3Y6oYXONO7FOmS4=
Subject key identifier: 77:A5:BC:38:A2:C5:EB:F4:80:FE:B5:E9:F9:A6:5B:0F:83:37:AC:83
Certificate issuer: /CN=2e0e338d73e758468456632f5bcaae07af0d8731
Certificate serial: 01857079AC6027A7C9DCDA0670B32AE5254B
Authority key identifier: 2E:0E:33:8D:73:E7:58:46:84:56:63:2F:5B:CA:AE:07:AF:0D:87:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lg4zjXPnWEaEVmMvW8quB68NhzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/811108-e8f7-47af-bc8b-a5b7831a8ce1/1/d6W8OKLF6_SA_rXp-aZbD4M3rIM.roa
Signing time: Mon 02 Jan 2023 03:15:00 +0000
ROA not before: Mon 02 Jan 2023 03:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13136
IP address blocks: 80.85.128.0/21 maxlen: 21
2a02:13d0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:ac:60:27:a7:c9:dc:da:06:70:b3:2a:e5:25:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0e338d73e758468456632f5bcaae07af0d8731
Validity
Not Before: Jan 2 03:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77a5bc38a2c5ebf480feb5e9f9a65b0f8337ac83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e9:d9:c2:c5:1d:88:8c:99:b3:dc:a3:bf:7e:
30:43:75:ad:2d:14:2b:aa:18:8d:c5:6a:cb:4b:81:
8d:3c:12:93:e2:63:47:74:b6:ed:17:3f:08:c6:f2:
9b:38:45:50:13:59:dc:cf:fb:f9:5f:d3:7a:d7:23:
3b:63:a4:10:ad:f0:5e:e6:17:73:38:ad:a4:aa:e7:
11:59:6d:3b:01:7f:4f:51:9a:e9:45:80:18:84:b2:
a9:af:ff:2c:eb:fb:d3:d8:44:d7:bf:a1:40:d1:ec:
d3:5a:79:47:6a:b2:39:91:93:c9:af:9f:51:54:59:
b2:64:d8:fe:14:d0:e9:c3:b2:59:d7:88:2e:bc:5a:
f2:c4:02:1a:ae:11:56:ae:a5:92:90:60:bf:c5:98:
97:3c:1f:69:aa:af:29:7e:ef:2b:14:9b:23:2f:51:
15:b4:00:64:08:94:67:79:0c:fc:c0:69:a9:a7:91:
74:a2:66:73:44:91:f3:f0:f6:8d:85:35:8b:8a:5a:
07:66:8a:64:b9:9b:a9:77:7a:d1:15:4d:3c:43:fa:
f8:33:93:86:26:af:62:ee:99:08:8d:ea:e2:6b:a8:
d6:55:11:d8:64:85:be:45:ce:bc:8e:57:fb:1f:4f:
c7:5e:70:37:98:dc:4e:88:fa:0f:2c:9e:4f:45:a4:
0c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A5:BC:38:A2:C5:EB:F4:80:FE:B5:E9:F9:A6:5B:0F:83:37:AC:83
X509v3 Authority Key Identifier:
keyid:2E:0E:33:8D:73:E7:58:46:84:56:63:2F:5B:CA:AE:07:AF:0D:87:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lg4zjXPnWEaEVmMvW8quB68NhzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/811108-e8f7-47af-bc8b-a5b7831a8ce1/1/d6W8OKLF6_SA_rXp-aZbD4M3rIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/811108-e8f7-47af-bc8b-a5b7831a8ce1/1/Lg4zjXPnWEaEVmMvW8quB68NhzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.128.0/21
IPv6:
2a02:13d0::/29
Signature Algorithm: sha256WithRSAEncryption
31:11:c2:3d:3d:e2:2b:bd:0c:61:b8:3d:23:9d:d1:88:4c:70:
33:fa:04:cd:ff:02:4c:1b:5d:c7:a9:f3:23:8a:a7:db:89:87:
d7:a1:a4:51:26:bd:bf:ac:5a:94:b0:88:9d:78:b9:22:88:23:
0c:c9:d0:ac:70:3c:7d:46:22:30:4b:db:74:ad:b9:b6:25:2e:
a1:76:84:a6:10:de:37:0a:b3:9a:1c:8a:b3:aa:c3:35:88:50:
e6:a1:46:17:9e:2c:34:2d:b2:0f:b6:a9:15:21:dc:f8:34:b4:
aa:b9:f8:73:fa:63:b9:b1:c4:07:3f:98:8f:fc:ab:8a:5d:c0:
9b:8d:8e:3b:c8:97:60:7a:86:e1:a7:27:ff:00:14:1a:54:98:
0e:cb:b9:b0:90:0d:21:d9:18:2f:59:54:30:b4:70:8e:5a:ce:
ba:40:4f:74:be:89:63:a1:54:df:bd:23:96:b7:5d:00:bb:f7:
e8:8f:c9:eb:f7:c0:95:11:13:0c:18:e6:49:bd:0b:0a:88:25:
5a:4c:d0:1c:20:98:3c:3f:a3:c6:c0:3c:2a:d5:57:f8:33:4a:
09:7d:49:ca:0d:ff:4c:0f:28:a2:06:28:bb:30:61:d1:92:a6:
5f:54:29:12:a8:77:85:f0:17:82:a9:b2:ee:40:3d:b5:d0:f8:
6e:ac:44:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweaxgJ6fJ3NoGcLMq5SVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGUzMzhkNzNlNzU4NDY4NDU2NjMyZjViY2FhZTA3YWYw
ZDg3MzEwHhcNMjMwMTAyMDMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E1YmMzOGEyYzVlYmY0ODBmZWI1ZTlmOWE2NWIwZjgzMzdhYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOnZwsUdiIyZs9yjv34wQ3WtLRQr
qhiNxWrLS4GNPBKT4mNHdLbtFz8IxvKbOEVQE1ncz/v5X9N61yM7Y6QQrfBe5hdz
OK2kqucRWW07AX9PUZrpRYAYhLKpr/8s6/vT2ETXv6FA0ezTWnlHarI5kZPJr59R
VFmyZNj+FNDpw7JZ14guvFryxAIarhFWrqWSkGC/xZiXPB9pqq8pfu8rFJsjL1EV
tABkCJRneQz8wGmpp5F0omZzRJHz8PaNhTWLiloHZopkuZupd3rRFU08Q/r4M5OG
Jq9i7pkIjeria6jWVRHYZIW+Rc68jlf7H0/HXnA3mNxOiPoPLJ5PRaQMZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHelvDiixev0gP616fmmWw+DN6yDMB8GA1UdIwQY
MBaAFC4OM41z51hGhFZjL1vKrgevDYcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGc0empYUG5XRWFFVm1Ndlc4cXVCNjhOaHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy84MTExMDgtZThmNy00N2FmLWJjOGIt
YTViNzgzMWE4Y2UxLzEvZDZXOE9LTEY2X1NBX3JYcC1hWmJENE0zcklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy84MTExMDgtZThmNy00N2FmLWJjOGItYTViNzgzMWE4Y2Ux
LzEvTGc0empYUG5XRWFFVm1Ndlc4cXVCNjhOaHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDUFWAMA0E
AgACMAcDBQMqAhPQMA0GCSqGSIb3DQEBCwUAA4IBAQAxEcI9PeIrvQxhuD0jndGI
THAz+gTN/wJMG13HqfMjiqfbiYfXoaRRJr2/rFqUsIideLkiiCMMydCscDx9RiIw
S9t0rbm2JS6hdoSmEN43CrOaHIqzqsM1iFDmoUYXniw0LbIPtqkVIdz4NLSqufhz
+mO5scQHP5iP/KuKXcCbjY47yJdgeobhpyf/ABQaVJgOy7mwkA0h2RgvWVQwtHCO
Ws66QE90voljoVTfvSOWt10Au/foj8nr98CVERMMGOZJvQsKiCVaTNAcIJg8P6PG
wDwq1Vf4M0oJfUnKDf9MDyiiBii7MGHRkqZfVCkSqHeF8BeCqbLuQD210PhurEQD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:42 2025 by rpki-client