Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/1-aYRPTVJ9Gdc7Dxaaef8qinC8uA.roa
File: 1-aYRPTVJ9Gdc7Dxaaef8qinC8uA.roa (raw, json)
Hash identifier: Uxdi4DRcjCj7BPjJe1fBw1z2dgoQ9Uv1l/JNE962R+g=
Subject key identifier: F9:A6:11:3D:35:49:F4:67:5C:EC:3C:5A:69:E7:FC:AA:29:C2:F2:E0
Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Certificate serial: 16A2ACC4
Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/1-aYRPTVJ9Gdc7Dxaaef8qinC8uA.roa
Signing time: Sat 01 Jan 2022 07:03:49 +0000
ROA not before: Sat 01 Jan 2022 07:03:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24582
IP address blocks: 5.61.80.0/21 maxlen: 24
80.87.160.0/20 maxlen: 24
185.32.32.0/22 maxlen: 24
212.237.160.0/21 maxlen: 24
2a00:5f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 379759812 (0x16a2acc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Validity
Not Before: Jan 1 07:03:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9a6113d3549f4675cec3c5a69e7fcaa29c2f2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:1b:a6:44:ba:8c:0e:5f:b7:fe:dd:92:38:b1:
5f:11:12:01:55:93:b4:c7:6b:5e:e2:3b:51:71:c4:
b4:04:5d:61:56:60:48:8e:0b:db:76:26:a6:99:13:
ca:02:87:09:f8:dd:04:4c:e1:d9:f6:30:68:c7:52:
d9:34:b7:00:98:1a:73:05:df:0c:0c:4c:c8:03:ee:
38:b3:20:1c:f1:81:82:04:a1:7a:72:39:be:be:9c:
39:22:7a:c6:0a:9f:fa:1c:92:21:de:fd:89:e6:eb:
c8:ef:fa:81:eb:28:93:06:8d:dd:a0:1c:32:54:88:
d9:7d:97:57:d6:19:e7:b4:37:62:2c:2b:94:57:c4:
f7:dd:dd:28:88:7f:6a:94:8e:9f:bc:06:a5:95:23:
a3:b8:a0:90:1f:6a:94:10:c4:73:fb:5d:53:7f:41:
57:bb:ff:11:3f:d9:48:c2:d2:b0:fd:4e:5f:0a:94:
fa:ef:b7:a1:f3:c9:7d:d7:b3:e3:57:29:51:d9:b2:
d4:c7:e1:c4:20:94:7a:ac:54:c5:4d:a4:42:cc:96:
36:81:35:20:f7:79:86:25:63:4a:7b:d9:eb:f3:4f:
14:b4:b2:52:07:1f:f6:78:ac:12:b3:31:4e:0b:29:
23:ea:aa:3d:44:ec:3a:bd:0a:27:38:28:e0:1b:e8:
60:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A6:11:3D:35:49:F4:67:5C:EC:3C:5A:69:E7:FC:AA:29:C2:F2:E0
X509v3 Authority Key Identifier:
keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/1-aYRPTVJ9Gdc7Dxaaef8qinC8uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.80.0/21
80.87.160.0/20
185.32.32.0/22
212.237.160.0/21
IPv6:
2a00:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
41:04:cd:9c:a9:b9:c6:24:c8:b2:eb:c5:ef:19:f4:b3:f2:80:
7a:30:75:60:fa:2b:58:c0:bc:26:6b:d2:fb:50:42:30:39:19:
9e:81:6f:77:fc:aa:09:27:54:1a:50:b7:f2:cb:43:8a:c9:33:
bb:ed:a4:29:eb:4d:97:3d:c2:b2:49:82:e4:58:63:04:f0:d1:
07:33:4e:c4:ba:10:25:50:40:85:0a:88:08:42:93:eb:0f:52:
75:45:32:cb:dd:90:e5:4c:c8:55:dc:a3:67:85:53:c3:aa:92:
a1:8a:1b:bc:3a:bb:bf:43:18:41:26:6a:23:04:5c:60:01:10:
40:69:ab:e6:68:f8:99:f6:53:29:3a:c5:5a:b0:cf:51:75:77:
84:d9:1d:e8:1d:98:29:a7:0a:fe:94:3c:ce:a7:21:b3:c6:43:
c8:a1:2a:84:97:b7:36:dd:ff:2a:2c:e8:d9:d7:d6:38:ca:35:
33:cb:d8:47:fa:d4:da:a0:ac:74:75:4d:38:a5:a1:28:af:8f:
65:73:50:5e:e5:c7:34:cb:26:b7:e7:4b:13:28:e8:9f:04:3b:
e3:47:18:ff:c4:e0:92:ff:20:54:aa:44:50:36:8a:99:f1:29:
57:03:f2:c1:3c:2a:76:36:8a:37:75:c1:a8:07:bd:95:78:ba:
b6:e2:16:0e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEFqKsxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzEzZjdmYTIzN2Y4OWQwMTEyMzNiYWM3MzI4YzIyMTliYTdkNjJjMB4XDTIyMDEw
MTA3MDM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlhNjExM2QzNTQ5
ZjQ2NzVjZWMzYzVhNjllN2ZjYWEyOWMyZjJlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO8bpkS6jA5ft/7dkjixXxESAVWTtMdrXuI7UXHEtARdYVZg
SI4L23YmppkTygKHCfjdBEzh2fYwaMdS2TS3AJgacwXfDAxMyAPuOLMgHPGBggSh
enI5vr6cOSJ6xgqf+hySId79iebryO/6gesokwaN3aAcMlSI2X2XV9YZ57Q3Yiwr
lFfE993dKIh/apSOn7wGpZUjo7igkB9qlBDEc/tdU39BV7v/ET/ZSMLSsP1OXwqU
+u+3ofPJfdez41cpUdmy1MfhxCCUeqxUxU2kQsyWNoE1IPd5hiVjSnvZ6/NPFLSy
Ugcf9nisErMxTgspI+qqPUTsOr0KJzgo4BvoYIECAwEAAaOCAiswggInMB0GA1Ud
DgQWBBT5phE9NUn0Z1zsPFpp5/yqKcLy4DAfBgNVHSMEGDAWgBT8E/f6I3+J0BEj
O6xzKMIhm6fWLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19CUDMtaU5faWRBUkl6dXNjeWpDSVp1bjFpdy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMDlhZjJiLTY0ZjctNGMxZC1hYmQ0LWQwNzQ2NGI5YjM3OC8x
LzEtYVlSUFRWSjlHZGM3RHhhYWVmOHFpbkM4dUEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBm
LzA5YWYyYi02NGY3LTRjMWQtYWJkNC1kMDc0NjRiOWIzNzgvMS9fQlAzLWlOX2lk
QVJJenVzY3lqQ0ladW4xaXcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
QAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAMFPVADBARQV6ADBAK5ICADBAPU
7aAwDQQCAAIwBwMFAyoAX0AwDQYJKoZIhvcNAQELBQADggEBAEEEzZypucYkyLLr
xe8Z9LPygHowdWD6K1jAvCZr0vtQQjA5GZ6Bb3f8qgknVBpQt/LLQ4rJM7vtpCnr
TZc9wrJJguRYYwTw0QczTsS6ECVQQIUKiAhCk+sPUnVFMsvdkOVMyFXco2eFU8Oq
kqGKG7w6u79DGEEmaiMEXGABEEBpq+Zo+Jn2Uyk6xVqwz1F1d4TZHegdmCmnCv6U
PM6nIbPGQ8ihKoSXtzbd/yos6NnX1jjKNTPL2Ef61NqgrHR1TTiloSivj2VzUF7l
xzTLJrfnSxMo6J8EO+NHGP/E4JL/IFSqRFA2ipnxKVcD8sE8KnY2ijd1wagHvZV4
urbiFg4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:34 2025 by rpki-client