Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/80nv4Qs_Nd-aIpQEcJtb81-cTXo.roa
File: 80nv4Qs_Nd-aIpQEcJtb81-cTXo.roa (raw, json)
Hash identifier: 8vJLPEOwRgq12AL1rvmNNVzT7lahrU3XaYfPCSNoW7I=
Subject key identifier: F3:49:EF:E1:0B:3F:35:DF:9A:22:94:04:70:9B:5B:F3:5F:9C:4D:7A
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 0186EAE95D33CC3BDF39162D40F196D06789
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/80nv4Qs_Nd-aIpQEcJtb81-cTXo.roa
Signing time: Thu 16 Mar 2023 14:53:27 +0000
ROA not before: Thu 16 Mar 2023 14:53:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207050
IP address blocks: 185.59.50.0/24 maxlen: 24
185.59.48.0/22 maxlen: 22
193.160.84.0/24 maxlen: 24
193.160.84.0/22 maxlen: 22
92.119.20.0/24 maxlen: 24
92.119.21.0/24 maxlen: 24
79.143.132.0/24 maxlen: 24
79.143.132.0/22 maxlen: 22
92.119.22.0/24 maxlen: 24
79.143.135.0/24 maxlen: 24
185.124.104.0/24 maxlen: 24
185.124.104.0/22 maxlen: 22
185.124.105.0/24 maxlen: 24
2a04:e2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ea:e9:5d:33:cc:3b:df:39:16:2d:40:f1:96:d0:67:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Mar 16 14:53:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f349efe10b3f35df9a229404709b5bf35f9c4d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:19:cc:bf:f1:84:0c:27:e2:be:1b:c3:5e:93:
a6:21:d2:df:cd:b2:8d:ce:74:dc:e8:b1:f7:1d:43:
f5:9d:68:a8:0a:21:c2:4d:76:c8:27:95:bc:0c:eb:
20:3a:ca:78:c8:8e:f9:6c:8a:25:00:70:f6:e1:3b:
77:29:d7:45:2e:51:97:75:e5:31:c3:c2:20:69:79:
72:54:8a:fd:35:07:fc:90:66:cd:9b:98:88:35:c6:
d8:37:12:1c:b2:5b:9d:0d:db:5e:9c:77:54:69:83:
56:e7:ce:cf:b7:e7:49:2b:ef:16:22:6f:9d:10:5c:
80:20:5e:f6:e9:72:3f:ee:ad:76:fd:1a:ec:23:04:
3f:2c:ea:4d:e7:52:65:79:40:ae:59:c0:f9:5b:d7:
3a:88:25:ad:10:6e:79:32:0a:4e:e6:06:43:09:07:
a0:b9:92:1e:5c:5c:12:03:75:23:d5:cd:d9:69:3b:
35:e6:8a:8f:c8:fa:6c:73:b5:76:df:a1:c5:d9:e2:
ca:10:94:4a:57:9a:d6:f8:9a:eb:fb:a8:64:66:fa:
33:96:e7:67:57:b8:8b:6e:1b:61:83:c1:a2:b8:71:
46:46:77:df:6e:77:4a:1d:ae:25:5d:71:e5:50:39:
ad:f3:5a:57:db:50:9e:b5:0f:fb:c2:bc:17:ee:98:
27:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:49:EF:E1:0B:3F:35:DF:9A:22:94:04:70:9B:5B:F3:5F:9C:4D:7A
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/80nv4Qs_Nd-aIpQEcJtb81-cTXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.132.0/22
92.119.20.0-92.119.22.255
185.59.48.0/22
185.124.104.0/22
193.160.84.0/22
IPv6:
2a04:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
04:91:d3:cf:7e:c5:32:e0:0d:16:fd:8e:2a:af:ae:0c:d7:1e:
f4:fc:7a:45:c3:4e:45:a0:f8:cc:88:a0:58:ad:7d:17:8e:fd:
8f:f3:d9:49:5d:fd:52:88:ad:97:38:0f:c3:8b:ac:53:eb:22:
23:c1:0c:4c:6a:60:23:d8:a0:8a:7d:2f:89:90:61:73:bc:9d:
de:82:5b:9c:ee:48:9e:e4:4d:e9:24:e2:53:e6:56:a4:ba:01:
73:65:19:77:94:2d:c6:31:f6:d1:da:90:7f:ac:85:64:ac:41:
96:81:41:a1:d1:64:b5:3c:e8:87:2c:ed:6f:80:9f:01:08:20:
41:b8:04:82:36:d0:33:88:f6:4d:1d:c5:99:22:c7:23:92:03:
32:81:b0:7b:1a:05:b4:40:36:45:9c:9f:c0:56:7b:03:f9:85:
76:30:37:a9:95:69:b9:1d:47:c6:3b:66:89:15:a4:98:c6:25:
cf:00:f2:d6:51:09:a1:6d:cc:fb:6f:cd:1f:7b:86:d7:53:32:
58:94:57:15:5f:f6:5e:bf:59:47:3a:dc:cb:8e:ae:18:42:bd:
2f:bf:d1:a4:a5:a7:55:20:ab:1a:77:a6:64:04:f9:c1:f5:92:
d2:5a:78:e4:8b:ea:16:c2:b5:78:25:ef:a5:43:d4:d3:db:1d:
2b:25:5f:a2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYbq6V0zzDvfORYtQPGW0GeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjMwMzE2MTQ1MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzQ5ZWZlMTBiM2YzNWRmOWEyMjk0MDQ3MDliNWJmMzVmOWM0ZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRnMv/GEDCfivhvDXpOmIdLfzbKN
znTc6LH3HUP1nWioCiHCTXbIJ5W8DOsgOsp4yI75bIolAHD24Tt3KddFLlGXdeUx
w8IgaXlyVIr9NQf8kGbNm5iINcbYNxIcsludDdtenHdUaYNW587Pt+dJK+8WIm+d
EFyAIF726XI/7q12/RrsIwQ/LOpN51JleUCuWcD5W9c6iCWtEG55MgpO5gZDCQeg
uZIeXFwSA3Uj1c3ZaTs15oqPyPpsc7V236HF2eLKEJRKV5rW+Jrr+6hkZvozludn
V7iLbhthg8GiuHFGRnffbndKHa4lXXHlUDmt81pX21CetQ/7wrwX7pgnUQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPNJ7+ELPzXfmiKUBHCbW/NfnE16MB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvODBudjRRc19OZC1hSXBRRWNKdGI4MS1jVFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCT4+EMAwD
BAJcdxQDBABcdxYDBAK5OzADBAK5fGgDBALBoFQwDQQCAAIwBwMFAyoE4sAwDQYJ
KoZIhvcNAQELBQADggEBAASR089+xTLgDRb9jiqvrgzXHvT8ekXDTkWg+MyIoFit
fReO/Y/z2Uld/VKIrZc4D8OLrFPrIiPBDExqYCPYoIp9L4mQYXO8nd6CW5zuSJ7k
Tekk4lPmVqS6AXNlGXeULcYx9tHakH+shWSsQZaBQaHRZLU86Ics7W+AnwEIIEG4
BII20DOI9k0dxZkixyOSAzKBsHsaBbRANkWcn8BWewP5hXYwN6mVabkdR8Y7ZokV
pJjGJc8A8tZRCaFtzPtvzR97htdTMliUVxVf9l6/WUc63MuOrhhCvS+/0aSlp1Ug
qxp3pmQE+cH1ktJaeOSL6hbCtXgl76VD1NPbHSslX6I=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:41:35 2025 by rpki-client