Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/0Yn6UK_lQGlTZDTD0Hdo5wv1Xow.roa
File: 0Yn6UK_lQGlTZDTD0Hdo5wv1Xow.roa (raw, json)
Hash identifier: vfF/hk0zksgMKf48g9VEQ66uh5kOPacDA5AflaYldcc=
Subject key identifier: D1:89:FA:50:AF:E5:40:69:53:64:34:C3:D0:77:68:E7:0B:F5:5E:8C
Certificate issuer: /CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b
Certificate serial: 01888AD98873BCF7A1ABB6E0405B4C12F355
Authority key identifier: EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/0Yn6UK_lQGlTZDTD0Hdo5wv1Xow.roa
Signing time: Mon 05 Jun 2023 09:18:12 +0000
ROA not before: Mon 05 Jun 2023 09:18:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208549
IP address blocks: 80.64.221.0/24 maxlen: 24
80.64.220.0/24 maxlen: 24
80.64.222.0/23 maxlen: 23
80.64.223.0/24 maxlen: 24
80.64.222.0/24 maxlen: 24
2a0d:1cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:d9:88:73:bc:f7:a1:ab:b6:e0:40:5b:4c:12:f3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b
Validity
Not Before: Jun 5 09:18:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d189fa50afe54069536434c3d07768e70bf55e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3e:11:0e:6d:a9:ca:a8:01:40:5b:e1:46:d7:
ca:a3:52:70:34:ee:26:d6:61:3b:34:8b:29:0c:e4:
05:67:39:30:3e:76:8c:1d:2c:f6:5a:d7:bd:70:e6:
4f:3b:fd:77:39:92:77:53:59:ac:10:30:be:65:b6:
3e:05:3c:e0:f8:1c:55:51:2a:04:fc:ff:47:07:2c:
2d:02:54:df:9c:5d:71:bb:b6:93:c0:d4:5d:a1:0e:
d0:5d:f3:be:70:c5:35:70:a1:b8:af:bb:e7:44:95:
0b:e0:71:74:15:01:fe:64:08:65:84:b9:18:80:68:
c6:47:1b:cc:cb:00:42:a1:69:bb:42:94:e8:0a:c4:
34:29:0e:f2:e0:d1:f6:0a:5d:f4:25:aa:19:75:6a:
83:7a:1f:e3:a1:46:4c:39:13:84:93:27:7f:f2:03:
9d:4c:14:d7:d9:28:a0:25:a1:e9:af:6c:13:f6:95:
25:f4:e2:8e:9b:bc:99:94:84:a9:df:89:f1:c8:b5:
16:53:1c:f6:f8:8d:d3:38:d9:6b:cb:23:79:a9:0d:
8d:26:22:de:40:7b:54:9a:5a:59:c9:53:5e:22:9c:
b5:84:9e:61:a6:cd:98:85:b5:82:bb:d6:3e:07:b8:
b8:1e:67:e2:18:63:2c:00:8d:4e:23:85:b4:65:07:
77:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:89:FA:50:AF:E5:40:69:53:64:34:C3:D0:77:68:E7:0B:F5:5E:8C
X509v3 Authority Key Identifier:
keyid:EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/0Yn6UK_lQGlTZDTD0Hdo5wv1Xow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.220.0/22
IPv6:
2a0d:1cc0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:3b:94:10:8f:e8:5b:ba:18:69:70:c7:da:a5:52:8d:38:e3:
e9:93:a2:f9:32:a0:45:70:a0:28:b6:fd:a3:16:39:91:ec:73:
a2:ee:06:c7:bd:85:b7:b3:d1:43:2f:0d:d2:9c:ad:e4:60:d6:
a6:a5:89:8c:a2:de:da:5a:33:48:9c:3d:7d:f2:0e:b8:0d:a9:
59:e2:e4:6c:79:5e:87:af:b6:8c:86:96:d2:99:8e:e0:a6:6d:
ce:f6:8b:98:34:30:16:c3:b1:bc:72:50:f0:35:9c:8b:17:f3:
b9:10:a0:14:97:14:bc:d7:fe:62:51:22:6b:a8:49:f1:ba:c6:
5c:bd:4b:fb:12:2f:11:aa:48:e8:8b:4b:39:52:09:a7:b1:b8:
79:17:ad:42:13:a2:53:37:ad:ab:67:27:74:d5:ec:f9:07:c9:
38:9b:84:ae:d3:cf:46:6d:e7:7e:3b:f7:62:10:f9:1b:ba:30:
6c:29:9b:4f:41:09:57:a8:77:b1:97:e7:39:1e:2b:aa:6e:1a:
99:b6:d0:4b:65:d0:41:96:9c:e2:fa:7e:cd:97:eb:50:c3:cb:
5e:0a:e1:79:0e:6a:e9:0b:75:1c:a7:3d:b8:71:9b:ae:cd:d7:
60:ee:98:5b:c7:99:75:57:f9:4c:78:b4:94:20:2a:a4:7b:9a:
a9:c8:d2:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYiK2YhzvPehq7bgQFtMEvNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2YzMWJkNmQ5ODVlNDUyOTljMzFkMDUyY2E0YThlYmVm
NTU3OGIwHhcNMjMwNjA1MDkxODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg5ZmE1MGFmZTU0MDY5NTM2NDM0YzNkMDc3NjhlNzBiZjU1ZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgT4RDm2pyqgBQFvhRtfKo1JwNO4m
1mE7NIspDOQFZzkwPnaMHSz2Wte9cOZPO/13OZJ3U1msEDC+ZbY+BTzg+BxVUSoE
/P9HBywtAlTfnF1xu7aTwNRdoQ7QXfO+cMU1cKG4r7vnRJUL4HF0FQH+ZAhlhLkY
gGjGRxvMywBCoWm7QpToCsQ0KQ7y4NH2Cl30JaoZdWqDeh/joUZMOROEkyd/8gOd
TBTX2SigJaHpr2wT9pUl9OKOm7yZlISp34nxyLUWUxz2+I3TONlryyN5qQ2NJiLe
QHtUmlpZyVNeIpy1hJ5hps2YhbWCu9Y+B7i4HmfiGGMsAI1OI4W0ZQd3kwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNGJ+lCv5UBpU2Q0w9B3aOcL9V6MMB8GA1UdIwQY
MBaAFO9/Mb1tmF5FKZwx0FLKSo6+9VeLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQt
YTc2M2RmM2FlZTZkLzEvMFluNlVLX2xRR2xUWkRURDBIZG81d3YxWG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQtYTc2M2RmM2FlZTZk
LzEvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCUEDcMA0E
AgACMAcDBQMqDRzAMA0GCSqGSIb3DQEBCwUAA4IBAQBcO5QQj+hbuhhpcMfapVKN
OOPpk6L5MqBFcKAotv2jFjmR7HOi7gbHvYW3s9FDLw3SnK3kYNampYmMot7aWjNI
nD198g64DalZ4uRseV6Hr7aMhpbSmY7gpm3O9ouYNDAWw7G8clDwNZyLF/O5EKAU
lxS81/5iUSJrqEnxusZcvUv7Ei8Rqkjoi0s5Ugmnsbh5F61CE6JTN62rZyd01ez5
B8k4m4Su089Gbed+O/diEPkbujBsKZtPQQlXqHexl+c5HiuqbhqZttBLZdBBlpzi
+n7Nl+tQw8teCuF5DmrpC3Ucpz24cZuuzddg7phbx5l1V/lMeLSUICqke5qpyNJo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:48 2025 by rpki-client