Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1ae7be-3484-4b12-8bf4-c100a986bc5c/1/X3wCfilhAsY_mHuO4acs1ZbXl4Q.roa
File: X3wCfilhAsY_mHuO4acs1ZbXl4Q.roa (raw, json)
Hash identifier: z8kGjJTtFiS3f0vEFzMR8Cxqs32F+zfVtfbccogV+gQ=
Subject key identifier: 5F:7C:02:7E:29:61:02:C6:3F:98:7B:8E:E1:A7:2C:D5:96:D7:97:84
Certificate issuer: /CN=08fcbc341c87433d03e4dd615b7f3453164344b3
Certificate serial: 0184A45EF5F2824B5146FE687021A391EB34
Authority key identifier: 08:FC:BC:34:1C:87:43:3D:03:E4:DD:61:5B:7F:34:53:16:43:44:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPy8NByHQz0D5N1hW380UxZDRLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/1ae7be-3484-4b12-8bf4-c100a986bc5c/1/X3wCfilhAsY_mHuO4acs1ZbXl4Q.roa
Signing time: Wed 23 Nov 2022 12:03:17 +0000
ROA not before: Wed 23 Nov 2022 12:03:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39046
IP address blocks: 80.254.48.0/20 maxlen: 20
80.254.56.0/24 maxlen: 24
80.254.52.0/24 maxlen: 24
80.254.54.0/24 maxlen: 24
80.254.58.0/24 maxlen: 24
80.254.63.0/24 maxlen: 24
80.254.61.0/24 maxlen: 24
185.77.8.0/23 maxlen: 23
185.77.10.0/24 maxlen: 24
2a03:51a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:5e:f5:f2:82:4b:51:46:fe:68:70:21:a3:91:eb:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcbc341c87433d03e4dd615b7f3453164344b3
Validity
Not Before: Nov 23 12:03:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f7c027e296102c63f987b8ee1a72cd596d79784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:33:12:cb:58:ff:2d:b1:43:c0:0a:fc:cc:f0:
7f:72:6d:68:85:13:c2:7f:7d:4a:c2:f6:9b:d5:0e:
a3:64:d7:12:22:b6:cd:16:ac:de:40:b1:49:1e:48:
3e:c4:3b:33:04:3e:66:c8:21:ec:51:b9:96:e2:9c:
b0:48:70:e1:3c:4e:8e:ed:f0:2d:96:71:dd:d8:d9:
39:9e:1d:d0:13:1c:32:c6:3c:83:07:96:a4:9e:09:
64:75:c2:fe:4c:a5:93:27:01:19:e0:d7:05:22:c8:
82:4a:07:52:d6:32:6e:95:1c:37:30:3e:1f:f1:52:
de:e9:2f:80:e8:32:91:e0:c1:e2:7c:0a:db:79:ed:
64:b0:bd:46:44:96:0b:d9:4b:1b:ad:01:68:e7:30:
02:04:f8:8c:f9:56:87:43:fd:e5:0a:37:29:25:75:
46:f2:0a:96:89:3c:c4:89:cb:66:02:75:0a:b7:0e:
9a:f3:93:3c:f5:33:ae:92:d5:5a:8a:2c:b7:f5:c8:
9e:f8:86:5e:4e:46:60:19:71:d1:cd:2e:2d:84:f0:
4c:a2:f2:db:82:51:ca:5a:d0:03:66:60:9c:bd:cc:
fc:b4:d4:97:31:b9:d4:cd:ba:f1:f6:db:4d:dd:df:
85:12:4e:fd:98:cf:9b:d2:c9:9b:2f:4f:74:a1:f1:
df:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7C:02:7E:29:61:02:C6:3F:98:7B:8E:E1:A7:2C:D5:96:D7:97:84
X509v3 Authority Key Identifier:
keyid:08:FC:BC:34:1C:87:43:3D:03:E4:DD:61:5B:7F:34:53:16:43:44:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPy8NByHQz0D5N1hW380UxZDRLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1ae7be-3484-4b12-8bf4-c100a986bc5c/1/X3wCfilhAsY_mHuO4acs1ZbXl4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1ae7be-3484-4b12-8bf4-c100a986bc5c/1/CPy8NByHQz0D5N1hW380UxZDRLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.48.0/20
185.77.8.0-185.77.10.255
IPv6:
2a03:51a0::/32
Signature Algorithm: sha256WithRSAEncryption
66:f9:95:0a:79:fa:96:bd:92:42:bd:8b:6e:73:25:fa:e5:53:
e3:e6:80:aa:f2:eb:4f:9d:9c:b0:81:f2:2d:f9:55:62:68:3f:
4f:e7:31:87:52:95:fe:4e:90:2a:09:b6:3c:b7:2e:92:5b:8b:
cc:3b:55:7f:85:7e:88:43:2f:d2:c3:3f:12:59:4b:41:ab:6a:
b4:a8:50:62:82:f8:db:5f:23:34:92:60:08:5a:49:da:7b:be:
5e:84:a6:ad:7e:2c:47:bd:62:b4:61:9b:bc:7e:7b:a1:b0:87:
04:79:34:04:bc:99:f2:77:8d:f4:07:24:a2:5e:75:fb:a2:1b:
23:56:72:fd:e5:c2:5f:80:36:3a:1b:87:01:3b:ef:b8:60:92:
c5:15:2b:96:96:a5:19:a5:ef:c2:c8:9d:1d:52:83:28:7d:be:
b9:f5:0a:26:3c:97:6f:77:a6:52:d5:aa:96:d2:1a:c9:a9:50:
b4:ff:07:70:3c:f2:d4:39:c3:56:6a:6f:ae:6b:69:a0:60:11:
93:1d:3f:b8:aa:a4:4d:2c:2d:8c:3b:44:8d:00:89:cc:10:20:
3a:bd:13:b3:5c:a5:64:0a:31:19:94:ad:97:fc:03:4e:6e:94:
a9:3e:2b:3e:85:38:d5:a1:e6:6c:63:ab:aa:9a:78:ef:dc:4c:
e2:81:5a:e7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYSkXvXygktRRv5ocCGjkes0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNiYzM0MWM4NzQzM2QwM2U0ZGQ2MTViN2YzNDUzMTY0
MzQ0YjMwHhcNMjIxMTIzMTIwMzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjdjMDI3ZTI5NjEwMmM2M2Y5ODdiOGVlMWE3MmNkNTk2ZDc5Nzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDMSy1j/LbFDwAr8zPB/cm1ohRPC
f31Kwvab1Q6jZNcSIrbNFqzeQLFJHkg+xDszBD5myCHsUbmW4pywSHDhPE6O7fAt
lnHd2Nk5nh3QExwyxjyDB5aknglkdcL+TKWTJwEZ4NcFIsiCSgdS1jJulRw3MD4f
8VLe6S+A6DKR4MHifArbee1ksL1GRJYL2UsbrQFo5zACBPiM+VaHQ/3lCjcpJXVG
8gqWiTzEictmAnUKtw6a85M89TOuktVaiiy39cie+IZeTkZgGXHRzS4thPBMovLb
glHKWtADZmCcvcz8tNSXMbnUzbrx9ttN3d+FEk79mM+b0smbL090ofHfqQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFF98An4pYQLGP5h7juGnLNWW15eEMB8GA1UdIwQY
MBaAFAj8vDQch0M9A+TdYVt/NFMWQ0SzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5OE5CeUhRejBENU4xaFczODBVeFpEUkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xYWU3YmUtMzQ4NC00YjEyLThiZjQt
YzEwMGE5ODZiYzVjLzEvWDN3Q2ZpbGhBc1lfbUh1TzRhY3MxWmJYbDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xYWU3YmUtMzQ4NC00YjEyLThiZjQtYzEwMGE5ODZiYzVj
LzEvQ1B5OE5CeUhRejBENU4xaFczODBVeFpEUkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQEUP4wMAwD
BAO5TQgDBAC5TQowDQQCAAIwBwMFACoDUaAwDQYJKoZIhvcNAQELBQADggEBAGb5
lQp5+pa9kkK9i25zJfrlU+PmgKry60+dnLCB8i35VWJoP0/nMYdSlf5OkCoJtjy3
LpJbi8w7VX+FfohDL9LDPxJZS0GrarSoUGKC+NtfIzSSYAhaSdp7vl6Epq1+LEe9
YrRhm7x+e6GwhwR5NAS8mfJ3jfQHJKJedfuiGyNWcv3lwl+ANjobhwE777hgksUV
K5aWpRml78LInR1Sgyh9vrn1CiY8l293plLVqpbSGsmpULT/B3A88tQ5w1Zqb65r
aaBgEZMdP7iqpE0sLYw7RI0AicwQIDq9E7NcpWQKMRmUrZf8A05ulKk+Kz6FONWh
5mxjq6qaeO/cTOKBWuc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:53 2023 by rpki-client on console-fra.rpki-client.org