Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/REo8eSZUkiEesQezq5lUa4juGig.roa
File: REo8eSZUkiEesQezq5lUa4juGig.roa (raw, json)
Hash identifier: YCdb+SgjreEgRK2cFjFmA745CF2WtgxiNlXxqs+rZI0=
Subject key identifier: 44:4A:3C:79:26:54:92:21:1E:B1:07:B3:AB:99:54:6B:88:EE:1A:28
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 0184F0FCF4DF8BA4FA7D27302AD87E841DCA
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/REo8eSZUkiEesQezq5lUa4juGig.roa
Signing time: Thu 08 Dec 2022 09:07:00 +0000
ROA not before: Thu 08 Dec 2022 09:07:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42695
IP address blocks: 80.254.228.0/23 maxlen: 23
80.254.230.0/23 maxlen: 23
2a13:5243::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f0:fc:f4:df:8b:a4:fa:7d:27:30:2a:d8:7e:84:1d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Dec 8 09:07:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=444a3c79265492211eb107b3ab99546b88ee1a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c2:ac:ad:af:98:d8:80:41:e9:f8:60:4e:09:
82:2c:c4:0b:aa:42:a7:74:cd:70:ed:6a:55:6d:a0:
8c:c6:53:0e:c3:af:4e:b7:c4:16:e0:01:71:31:82:
a4:36:49:62:0d:22:6d:41:8e:11:af:1b:9d:cc:ae:
72:22:9d:fc:7c:82:e9:b8:00:f8:bb:78:17:d9:38:
02:68:65:22:89:77:69:58:38:fa:99:22:5b:0e:d6:
4b:bf:13:ac:b8:ef:ce:3d:de:cc:6d:71:f4:2f:91:
d8:eb:7f:0b:04:e4:ce:ff:87:83:24:e0:48:bc:82:
11:13:f0:e8:af:bd:68:e7:48:22:ff:a8:ec:2b:e6:
7b:84:56:c3:ad:b8:78:b8:47:3a:d2:e3:b5:3d:6f:
3c:27:45:f6:ce:75:e3:ae:90:42:03:0d:be:9d:c6:
9f:08:c0:8e:35:e6:4e:0e:42:61:d1:31:72:4e:57:
29:d1:59:c8:89:14:86:29:e1:13:69:dc:66:f4:fd:
98:c6:6e:08:db:dc:ab:56:ae:0d:78:44:12:1c:a1:
e1:d8:00:46:55:bf:1a:27:d4:f1:ba:35:54:bf:ca:
fc:21:86:5d:f9:bf:ee:17:d2:05:d1:49:4e:83:4e:
f9:1a:6e:81:69:07:cb:51:3b:a4:6f:11:9e:7f:f4:
5b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:4A:3C:79:26:54:92:21:1E:B1:07:B3:AB:99:54:6B:88:EE:1A:28
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/REo8eSZUkiEesQezq5lUa4juGig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.228.0/22
IPv6:
2a13:5243::/32
Signature Algorithm: sha256WithRSAEncryption
c3:7d:c0:37:7b:a8:0d:91:44:be:7f:a8:7e:db:50:38:d7:ae:
ef:54:c6:09:b0:53:15:6f:5f:a3:50:dc:49:56:55:44:9e:b6:
b3:26:2f:4d:13:a2:95:75:68:62:47:35:5c:92:25:9e:33:2d:
5c:aa:61:b5:b6:6b:09:db:03:45:42:de:08:51:23:e9:ba:95:
4b:69:62:34:c8:4a:d8:29:1c:0c:c6:b9:e2:00:1a:63:c5:17:
e8:ea:27:b2:f3:eb:f0:9c:d2:55:c2:fb:9d:1c:fd:6c:de:7a:
38:83:e4:14:f9:d9:e7:d0:bb:ca:3b:7a:86:56:01:44:09:ac:
5e:ea:75:ee:de:53:a5:22:db:5e:63:91:fd:06:a5:1e:53:c9:
4e:61:4c:a7:7e:8a:6f:15:6c:41:b5:82:eb:5c:b4:44:9f:ec:
e0:3f:81:3f:db:d9:be:a2:58:09:54:c6:c9:5b:54:17:69:0e:
50:9b:45:17:62:fa:5c:57:e5:96:08:b3:5d:e1:fa:74:4d:c6:
2a:38:33:87:5e:3e:c4:88:1c:4f:1f:5d:38:7c:02:75:a4:3d:
1c:a5:5d:12:4a:45:c3:91:5d:ef:dc:09:d1:63:b8:25:f2:2e:
da:68:2e:45:fe:cf:eb:7d:bf:f0:70:1f:98:a5:2f:fc:36:53:
c7:ce:a6:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTw/PTfi6T6fScwKth+hB3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjIxMjA4MDkwNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDRhM2M3OTI2NTQ5MjIxMWViMTA3YjNhYjk5NTQ2Yjg4ZWUxYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48Ksra+Y2IBB6fhgTgmCLMQLqkKn
dM1w7WpVbaCMxlMOw69Ot8QW4AFxMYKkNkliDSJtQY4RrxudzK5yIp38fILpuAD4
u3gX2TgCaGUiiXdpWDj6mSJbDtZLvxOsuO/OPd7MbXH0L5HY638LBOTO/4eDJOBI
vIIRE/Dor71o50gi/6jsK+Z7hFbDrbh4uEc60uO1PW88J0X2znXjrpBCAw2+ncaf
CMCONeZODkJh0TFyTlcp0VnIiRSGKeETadxm9P2Yxm4I29yrVq4NeEQSHKHh2ABG
Vb8aJ9TxujVUv8r8IYZd+b/uF9IF0UlOg075Gm6BaQfLUTukbxGef/RbgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFERKPHkmVJIhHrEHs6uZVGuI7hooMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvUkVvOGVTWlVraUVlc1FlenE1bFVhNGp1R2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCUP7kMA0E
AgACMAcDBQAqE1JDMA0GCSqGSIb3DQEBCwUAA4IBAQDDfcA3e6gNkUS+f6h+21A4
167vVMYJsFMVb1+jUNxJVlVEnrazJi9NE6KVdWhiRzVckiWeMy1cqmG1tmsJ2wNF
Qt4IUSPpupVLaWI0yErYKRwMxrniABpjxRfo6iey8+vwnNJVwvudHP1s3no4g+QU
+dnn0LvKO3qGVgFECaxe6nXu3lOlItteY5H9BqUeU8lOYUynfopvFWxBtYLrXLRE
n+zgP4E/29m+olgJVMbJW1QXaQ5Qm0UXYvpcV+WWCLNd4fp0TcYqODOHXj7EiBxP
H104fAJ1pD0cpV0SSkXDkV3v3AnRY7gl8i7aaC5F/s/rfb/wcB+YpS/8NlPHzqaR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:34 2024 by rpki-client on console-fra.rpki-client.org