Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/4mUICw8n4nI-TfAXgr8nydTRuMw.roa
File: 4mUICw8n4nI-TfAXgr8nydTRuMw.roa (raw, json)
Hash identifier: 68EmFXVuGMjWDfbLXzfsx1BtSTtvxF592S9wDz1WbX8=
Subject key identifier: E2:65:08:0B:0F:27:E2:72:3E:4D:F0:17:82:BF:27:C9:D4:D1:B8:CC
Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Certificate serial: 018572F12A8E1AD713244E29ADB5A82227D2
Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/4mUICw8n4nI-TfAXgr8nydTRuMw.roa
Signing time: Mon 02 Jan 2023 14:44:45 +0000
ROA not before: Mon 02 Jan 2023 14:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8469
IP address blocks: 195.82.80.0/24 maxlen: 24
5.61.80.0/21 maxlen: 24
195.94.64.0/19 maxlen: 24
195.135.128.0/18 maxlen: 24
62.40.0.0/19 maxlen: 24
80.87.160.0/20 maxlen: 24
195.227.0.0/16 maxlen: 24
195.82.64.0/19 maxlen: 24
185.32.32.0/22 maxlen: 24
212.237.160.0/21 maxlen: 24
2a00:5f40::/29 maxlen: 29
2001:1440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:f1:2a:8e:1a:d7:13:24:4e:29:ad:b5:a8:22:27:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Validity
Not Before: Jan 2 14:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e265080b0f27e2723e4df01782bf27c9d4d1b8cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7f:b2:a3:35:37:87:8a:fa:9b:5d:08:95:d8:
f0:6d:f8:cd:c5:6a:bd:18:de:e8:46:38:87:87:2c:
21:88:68:11:79:37:0c:ee:cd:b5:8b:93:03:b5:06:
59:95:a5:51:68:2f:17:6f:fa:bf:33:77:6e:92:86:
a2:9d:e2:68:02:bd:56:0b:9c:e4:73:e4:56:0e:56:
39:e9:1e:ce:51:a3:b6:a4:f5:49:80:24:7c:1a:cc:
0b:3d:25:dd:47:4a:69:22:4d:50:a0:f9:de:23:65:
bf:42:63:1b:17:e0:3b:a8:fc:67:4b:1c:1d:35:ca:
cd:66:d7:04:af:39:a3:83:5c:51:12:f5:1d:8c:92:
34:24:93:bd:63:dc:2a:30:62:d0:33:a8:c8:6b:f0:
95:c8:d9:c5:53:54:1a:31:e1:81:95:b2:8e:f0:0c:
0e:31:53:37:7f:19:5e:3b:2e:c5:0a:31:7c:54:86:
a3:9d:32:6a:bd:59:2e:4c:4b:6a:18:41:aa:e2:5e:
f4:5c:09:33:c6:76:74:f1:f8:22:89:9c:4d:c9:91:
9f:22:76:7a:54:36:df:67:dc:a4:b1:ab:35:85:09:
6b:63:0d:b0:b0:4a:50:58:67:94:60:4f:23:59:5c:
90:ba:3c:de:08:36:12:79:42:f7:1b:e1:f6:54:b3:
ce:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:65:08:0B:0F:27:E2:72:3E:4D:F0:17:82:BF:27:C9:D4:D1:B8:CC
X509v3 Authority Key Identifier:
keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/4mUICw8n4nI-TfAXgr8nydTRuMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.80.0/21
62.40.0.0/19
80.87.160.0/20
185.32.32.0/22
195.82.64.0/19
195.94.64.0/19
195.135.128.0/18
195.227.0.0/16
212.237.160.0/21
IPv6:
2001:1440::/32
2a00:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
00:2e:ad:00:1a:29:9c:2b:16:83:d4:c4:c9:3e:56:0e:c0:28:
a6:46:f3:fb:4e:32:f6:ae:dd:27:2d:a3:93:c8:a1:0d:fe:0b:
17:4d:0f:29:25:24:02:4e:85:5d:fe:d8:d8:5f:82:48:22:57:
20:34:a6:c3:fc:8b:35:92:7d:b0:ae:86:3d:ae:4b:b6:01:0f:
c5:ae:0b:30:cf:8a:e7:87:46:7f:c9:c4:63:bb:20:dc:78:a6:
5c:1f:71:a4:89:8e:f2:be:77:16:dd:34:84:1c:be:6f:07:b5:
6f:7a:25:58:77:44:31:64:79:d0:a3:d8:77:53:3d:11:83:90:
94:3a:6e:94:90:20:ce:3e:35:7d:2c:71:0f:c3:64:ec:0e:db:
e0:22:35:10:d9:55:0e:f3:5f:02:8f:f4:a0:6b:62:74:74:24:
0b:ac:5d:a7:e3:ad:e0:a1:26:fe:3f:f4:90:55:c8:6a:df:39:
09:13:7e:d2:3a:4f:66:f6:10:ec:44:79:df:ed:ae:db:d2:80:
e2:11:b9:e7:b3:5a:5c:ec:3c:e6:19:e1:93:50:75:f7:87:a7:
6d:06:a2:7a:2b:41:4a:11:88:6a:e8:c3:b4:2d:d6:18:be:d6:
52:0f:67:cc:ea:5a:e9:76:c5:e3:25:7e:bc:93:ea:e8:4e:5a:
43:5a:b5:a9
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVy8SqOGtcTJE4prbWoIifSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTNmN2ZhMjM3Zjg5ZDAxMTIzM2JhYzczMjhjMjIxOWJh
N2Q2MmMwHhcNMjMwMTAyMTQ0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjY1MDgwYjBmMjdlMjcyM2U0ZGYwMTc4MmJmMjdjOWQ0ZDFiOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03+yozU3h4r6m10IldjwbfjNxWq9
GN7oRjiHhywhiGgReTcM7s21i5MDtQZZlaVRaC8Xb/q/M3dukoaineJoAr1WC5zk
c+RWDlY56R7OUaO2pPVJgCR8GswLPSXdR0ppIk1QoPneI2W/QmMbF+A7qPxnSxwd
NcrNZtcErzmjg1xREvUdjJI0JJO9Y9wqMGLQM6jIa/CVyNnFU1QaMeGBlbKO8AwO
MVM3fxleOy7FCjF8VIajnTJqvVkuTEtqGEGq4l70XAkzxnZ08fgiiZxNyZGfInZ6
VDbfZ9yksas1hQlrYw2wsEpQWGeUYE8jWVyQujzeCDYSeUL3G+H2VLPO2wIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFOJlCAsPJ+JyPk3wF4K/J8nU0bjMMB8GA1UdIwQY
MBaAFPwT9/ojf4nQESM7rHMowiGbp9YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQt
ZDA3NDY0YjliMzc4LzEvNG1VSUN3OG40bkktVGZBWGdyOG55ZFRSdU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQtZDA3NDY0YjliMzc4
LzEvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzA7BAIAATA1AwQDBT1QAwQF
PigAAwQEUFegAwQCuSAgAwQFw1JAAwQFw15AAwQGw4eAAwMAw+MDBAPU7aAwFAQC
AAIwDgMFACABFEADBQMqAF9AMA0GCSqGSIb3DQEBCwUAA4IBAQAALq0AGimcKxaD
1MTJPlYOwCimRvP7TjL2rt0nLaOTyKEN/gsXTQ8pJSQCToVd/tjYX4JIIlcgNKbD
/Is1kn2wroY9rku2AQ/Frgswz4rnh0Z/ycRjuyDceKZcH3GkiY7yvncW3TSEHL5v
B7VveiVYd0QxZHnQo9h3Uz0Rg5CUOm6UkCDOPjV9LHEPw2TsDtvgIjUQ2VUO818C
j/Sga2J0dCQLrF2n463goSb+P/SQVchq3zkJE37SOk9m9hDsRHnf7a7b0oDiEbnn
s1pc7DzmGeGTUHX3h6dtBqJ6K0FKEYhq6MO0LdYYvtZSD2fM6lrpdsXjJX68k+ro
TlpDWrWp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:58 2025 by rpki-client