Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/X-U8d63nPVcaGSrpP5ITHq-J3LA.roa
File: X-U8d63nPVcaGSrpP5ITHq-J3LA.roa (raw, json)
Hash identifier: BCkSV/8U9h8/XUfUk89EcAxAeDN25PeVbLPPuLAPYnM=
Subject key identifier: 5F:E5:3C:77:AD:E7:3D:57:1A:19:2A:E9:3F:92:13:1E:AF:89:DC:B0
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAD99F33A79008CC710C54A60BE366
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/X-U8d63nPVcaGSrpP5ITHq-J3LA.roa
Signing time: Sun 01 Jan 2023 14:44:48 +0000
ROA not before: Sun 01 Jan 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25408
IP address blocks: 185.42.80.0/22 maxlen: 24
37.112.248.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:d9:9f:33:a7:90:08:cc:71:0c:54:a6:0b:e3:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fe53c77ade73d571a192ae93f92131eaf89dcb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cd:9e:e1:79:4f:13:31:ea:84:93:f0:80:1d:
e2:7d:27:29:80:f9:c9:57:6e:63:e0:88:29:cc:48:
b3:c9:f9:09:ba:62:5e:f0:f2:23:6c:95:f6:a7:f5:
74:29:4a:42:05:fe:b0:08:7f:37:1d:0b:4a:95:7a:
98:07:be:61:96:00:75:ff:ae:43:4b:83:8f:cc:40:
36:d2:fe:60:1f:09:b1:21:32:63:f0:ab:31:5f:45:
76:43:2b:bc:12:aa:1d:56:45:c2:95:7d:16:f5:8c:
e3:a3:33:81:3e:3b:c0:df:7d:bc:80:40:17:ed:ee:
7e:b8:bd:9d:73:2f:05:1b:5a:04:6e:ba:f3:9c:f3:
e8:43:2e:4b:a2:18:ad:92:fd:d2:93:7c:bf:2b:4a:
f3:5f:95:05:df:41:7f:c2:6b:37:6c:72:d8:b8:2f:
95:e5:6e:4d:ea:76:9a:fc:6c:2b:89:a4:13:d0:7d:
b1:55:ca:e8:cb:11:b6:61:5c:b3:3b:b0:e0:af:59:
9d:25:35:38:ab:87:29:db:fd:ec:88:bf:3f:7b:6d:
54:42:45:12:d3:6c:39:c8:5f:6c:a3:a0:51:32:a6:
43:34:f5:19:cc:27:12:82:e7:66:f9:a2:a9:19:73:
83:19:e5:95:40:69:49:36:a7:ce:b9:9b:a9:a1:f5:
5f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E5:3C:77:AD:E7:3D:57:1A:19:2A:E9:3F:92:13:1E:AF:89:DC:B0
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/X-U8d63nPVcaGSrpP5ITHq-J3LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.112.248.0/21
185.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:27:61:60:f8:46:9b:3e:74:df:77:f5:dd:03:dd:44:e7:c3:
a2:27:d6:db:91:59:8f:89:d9:42:9a:ed:2c:28:cf:59:0b:08:
14:00:8b:02:1c:2e:98:6b:d0:de:33:0e:84:18:8d:1d:9e:ce:
67:2d:35:f5:c4:2c:a6:91:5b:17:ef:c1:eb:65:9c:01:27:e9:
f8:99:bc:23:74:d6:e6:ef:d7:c1:d9:8f:e4:36:0f:e6:71:4f:
30:5d:09:11:22:e4:77:64:e4:20:e1:e9:8b:3a:24:6a:e8:9d:
67:24:35:7f:d2:64:12:c6:29:46:1a:39:7d:0f:ef:db:cd:18:
51:ff:27:ae:c4:96:59:d8:3f:d0:e5:bc:a0:f8:2c:b1:c7:77:
df:de:cc:a9:31:03:29:b0:a4:e5:86:e3:49:9d:5e:55:66:52:
44:25:0c:dd:9a:01:41:33:13:59:2f:3a:e5:38:26:88:36:33:
cf:88:c7:8e:2d:82:29:29:8f:ac:57:e0:a2:e8:4e:c4:9f:61:
2d:97:73:49:55:b4:c2:27:5e:d0:3c:4f:f0:bb:dc:8d:fe:3d:
fc:6e:05:be:ad:14:ad:be:31:08:e3:2a:ea:e5:4a:0b:3c:30:
13:5e:c8:5e:85:c8:3a:10:35:22:10:ae:93:9a:7e:f1:81:8c:
4f:26:4a:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtytmfM6eQCMxxDFSmC+NmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU1M2M3N2FkZTczZDU3MWExOTJhZTkzZjkyMTMxZWFmODlkY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic2e4XlPEzHqhJPwgB3ifScpgPnJ
V25j4IgpzEizyfkJumJe8PIjbJX2p/V0KUpCBf6wCH83HQtKlXqYB75hlgB1/65D
S4OPzEA20v5gHwmxITJj8KsxX0V2Qyu8EqodVkXClX0W9YzjozOBPjvA3328gEAX
7e5+uL2dcy8FG1oEbrrznPPoQy5Lohitkv3Sk3y/K0rzX5UF30F/wms3bHLYuC+V
5W5N6naa/GwriaQT0H2xVcroyxG2YVyzO7Dgr1mdJTU4q4cp2/3siL8/e21UQkUS
02w5yF9so6BRMqZDNPUZzCcSgudm+aKpGXODGeWVQGlJNqfOuZupofVf9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF/lPHet5z1XGhkq6T+SEx6vidywMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvWC1VOGQ2M25QVmNhR1NycFA1SVRIcS1KM0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJXD4AwQC
uSpQMA0GCSqGSIb3DQEBCwUAA4IBAQAsJ2Fg+EabPnTfd/XdA91E58OiJ9bbkVmP
idlCmu0sKM9ZCwgUAIsCHC6Ya9DeMw6EGI0dns5nLTX1xCymkVsX78HrZZwBJ+n4
mbwjdNbm79fB2Y/kNg/mcU8wXQkRIuR3ZOQg4emLOiRq6J1nJDV/0mQSxilGGjl9
D+/bzRhR/yeuxJZZ2D/Q5byg+Cyxx3ff3sypMQMpsKTlhuNJnV5VZlJEJQzdmgFB
MxNZLzrlOCaINjPPiMeOLYIpKY+sV+Ci6E7En2Etl3NJVbTCJ17QPE/wu9yN/j38
bgW+rRStvjEI4yrq5UoLPDATXshehcg6EDUiEK6Tmn7xgYxPJkpi
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:29 2025 by rpki-client