Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/aFedIZ6XLOgJ8uExKsJ7fkYG7rI.roa
File: aFedIZ6XLOgJ8uExKsJ7fkYG7rI.roa (raw, json)
Hash identifier: eoPI+/7WXFPQUJ2EQI9MTdywD9Lvn+isDwLI2hS3s5Q=
Subject key identifier: 68:57:9D:21:9E:97:2C:E8:09:F2:E1:31:2A:C2:7B:7E:46:06:EE:B2
Certificate issuer: /CN=2e1620890f700f012b0ba60172314e3c85919513
Certificate serial: 01856D662D1233421DA5422A69CF9D5F8E68
Authority key identifier: 2E:16:20:89:0F:70:0F:01:2B:0B:A6:01:72:31:4E:3C:85:91:95:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/aFedIZ6XLOgJ8uExKsJ7fkYG7rI.roa
Signing time: Sun 01 Jan 2023 12:54:50 +0000
ROA not before: Sun 01 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24634
IP address blocks: 212.28.224.0/19 maxlen: 24
80.81.144.0/20 maxlen: 24
195.112.192.0/19 maxlen: 24
92.62.160.0/20 maxlen: 24
141.105.80.0/20 maxlen: 24
185.3.20.0/22 maxlen: 24
2a00:16e8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:2d:12:33:42:1d:a5:42:2a:69:cf:9d:5f:8e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1620890f700f012b0ba60172314e3c85919513
Validity
Not Before: Jan 1 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68579d219e972ce809f2e1312ac27b7e4606eeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:28:15:c3:33:f8:ec:34:97:79:61:ec:45:6d:
39:59:cc:04:6e:c0:11:e1:ff:2c:81:80:23:c6:54:
d6:13:88:6c:77:25:9d:79:db:7e:2e:86:f4:71:19:
bf:34:d1:f8:e8:15:08:2b:32:c2:ed:7b:ba:31:c4:
61:fc:04:c9:bc:83:3b:4f:b7:d4:c9:87:40:10:92:
bc:4a:4b:6b:68:41:75:7e:ed:ae:31:30:8d:bb:ba:
eb:ec:50:8a:78:2d:fb:74:f8:bd:b0:78:2e:c6:0a:
37:a8:90:79:d6:36:2c:19:92:22:9e:ca:8c:97:36:
84:35:11:44:81:93:49:67:eb:4d:7e:46:db:c0:32:
f8:64:30:b5:37:0c:ec:9c:a6:2b:db:be:72:3d:4c:
23:70:3c:87:17:89:83:ee:22:75:6f:eb:15:91:9b:
52:ad:1d:9f:af:32:b1:44:07:00:dd:be:cf:64:27:
be:a8:5a:bc:c2:fe:24:2f:2e:f5:31:d5:88:b5:b7:
72:4b:53:c3:2a:04:8f:be:44:84:36:1a:79:f7:68:
d7:3c:b2:e1:ca:96:71:99:7d:c4:64:e2:35:51:cd:
e9:99:89:cc:cb:c6:1a:2d:78:fe:fa:f1:48:b9:79:
bc:7d:46:e4:52:92:87:91:df:6c:de:6a:2a:67:62:
b4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:57:9D:21:9E:97:2C:E8:09:F2:E1:31:2A:C2:7B:7E:46:06:EE:B2
X509v3 Authority Key Identifier:
keyid:2E:16:20:89:0F:70:0F:01:2B:0B:A6:01:72:31:4E:3C:85:91:95:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/aFedIZ6XLOgJ8uExKsJ7fkYG7rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/LhYgiQ9wDwErC6YBcjFOPIWRlRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.144.0/20
92.62.160.0/20
141.105.80.0/20
185.3.20.0/22
195.112.192.0/19
212.28.224.0/19
IPv6:
2a00:16e8::/32
Signature Algorithm: sha256WithRSAEncryption
15:ac:24:6a:99:0e:3e:e0:4e:4f:04:fa:97:1e:fe:95:1e:0f:
50:6a:17:eb:d1:3c:39:a8:71:07:5d:15:a6:48:5c:e9:d7:a7:
5f:08:2d:93:59:d6:6e:0e:93:b5:bd:95:87:0e:f5:73:a5:34:
9e:1a:cb:d2:82:fd:6e:76:e3:a9:cb:d3:a5:3b:92:c9:12:a2:
52:57:30:85:68:94:97:b2:d0:74:bb:a7:db:38:08:48:c4:7f:
22:d7:3a:b4:7e:5b:48:0a:25:0a:d4:f0:d5:70:de:53:26:ff:
cd:4d:2d:bc:e0:c8:84:0c:15:5e:1d:c4:0f:ae:97:36:b4:16:
9f:30:f2:ee:c9:fe:4a:a8:0d:63:60:01:bf:4c:b3:a5:3c:27:
01:4f:2a:67:4f:a7:7e:cb:88:ed:d9:cc:68:8c:ba:d8:5a:1c:
d2:3c:72:56:5b:7e:29:6d:ae:55:0a:f1:29:9a:b8:c5:9c:46:
ca:46:94:22:d4:c9:49:c1:e3:e7:df:0c:ef:6a:ca:77:23:8e:
02:c0:de:5e:aa:be:6a:aa:f9:bb:ff:83:1d:dc:02:59:24:73:
85:04:fc:4c:2d:ac:45:b2:4a:ae:14:21:64:19:6e:ad:a6:b5:
66:3b:ad:9f:3c:55:9b:9b:4c:df:c5:be:18:99:0f:04:13:5e:
e6:5a:4f:35
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtZi0SM0IdpUIqac+dX45oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTYyMDg5MGY3MDBmMDEyYjBiYTYwMTcyMzE0ZTNjODU5
MTk1MTMwHhcNMjMwMTAxMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODU3OWQyMTllOTcyY2U4MDlmMmUxMzEyYWMyN2I3ZTQ2MDZlZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCgVwzP47DSXeWHsRW05WcwEbsAR
4f8sgYAjxlTWE4hsdyWdedt+Lob0cRm/NNH46BUIKzLC7Xu6McRh/ATJvIM7T7fU
yYdAEJK8SktraEF1fu2uMTCNu7rr7FCKeC37dPi9sHguxgo3qJB51jYsGZIinsqM
lzaENRFEgZNJZ+tNfkbbwDL4ZDC1NwzsnKYr275yPUwjcDyHF4mD7iJ1b+sVkZtS
rR2frzKxRAcA3b7PZCe+qFq8wv4kLy71MdWItbdyS1PDKgSPvkSENhp592jXPLLh
ypZxmX3EZOI1Uc3pmYnMy8YaLXj++vFIuXm8fUbkUpKHkd9s3moqZ2K00QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGhXnSGelyzoCfLhMSrCe35GBu6yMB8GA1UdIwQY
MBaAFC4WIIkPcA8BKwumAXIxTjyFkZUTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhZZ2lROXdEd0VyQzZZQmNqRk9QSVdSbFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy84MjExNTItOWYxMy00YzA5LTlkY2Qt
NDViYmIyM2ExNWQ4LzEvYUZlZElaNlhMT2dKOHVFeEtzSjdma1lHN3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy84MjExNTItOWYxMy00YzA5LTlkY2QtNDViYmIyM2ExNWQ4
LzEvTGhZZ2lROXdEd0VyQzZZQmNqRk9QSVdSbFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUFGQAwQE
XD6gAwQEjWlQAwQCuQMUAwQFw3DAAwQF1BzgMA0EAgACMAcDBQAqABboMA0GCSqG
SIb3DQEBCwUAA4IBAQAVrCRqmQ4+4E5PBPqXHv6VHg9Qahfr0Tw5qHEHXRWmSFzp
16dfCC2TWdZuDpO1vZWHDvVzpTSeGsvSgv1uduOpy9OlO5LJEqJSVzCFaJSXstB0
u6fbOAhIxH8i1zq0fltICiUK1PDVcN5TJv/NTS284MiEDBVeHcQPrpc2tBafMPLu
yf5KqA1jYAG/TLOlPCcBTypnT6d+y4jt2cxojLrYWhzSPHJWW34pba5VCvEpmrjF
nEbKRpQi1MlJwePn3wzvasp3I44CwN5eqr5qqvm7/4Md3AJZJHOFBPxMLaxFskqu
FCFkGW6tprVmO62fPFWbm0zfxb4YmQ8EE17mWk81
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:17 2025 by rpki-client