Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/pWUJ3anIJ4QJlKIkflHcE9Ku0aE.roa
File: pWUJ3anIJ4QJlKIkflHcE9Ku0aE.roa (raw, json)
Hash identifier: rE8jFDPCA0RN/j2DUcdi4N2f/+CXj2SQcRvIi79TFxA=
Subject key identifier: A5:65:09:DD:A9:C8:27:84:09:94:A2:24:7E:51:DC:13:D2:AE:D1:A1
Certificate issuer: /CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Certificate serial: 01856D4186D740AF0D05208DB7D137D5A2BC
Authority key identifier: A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/pWUJ3anIJ4QJlKIkflHcE9Ku0aE.roa
Signing time: Sun 01 Jan 2023 12:14:48 +0000
ROA not before: Sun 01 Jan 2023 12:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199493
IP address blocks: 80.243.232.0/22 maxlen: 22
80.243.233.0/24 maxlen: 24
80.243.232.0/24 maxlen: 24
80.243.235.0/24 maxlen: 24
80.243.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:86:d7:40:af:0d:05:20:8d:b7:d1:37:d5:a2:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Validity
Not Before: Jan 1 12:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a56509dda9c827840994a2247e51dc13d2aed1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:67:a3:aa:d7:8e:35:a4:b7:77:1d:09:a7:cf:
65:4a:25:7c:8f:4b:92:c8:a8:61:b9:a3:05:ab:97:
2e:6c:f8:24:75:3d:c8:5c:22:f7:f6:a3:ec:f9:73:
05:c6:e7:49:aa:1d:e5:ee:8a:dd:41:83:dc:8b:a8:
85:ae:c7:d5:47:a9:bf:eb:7c:9c:37:41:bb:1e:d5:
94:17:f0:e1:0b:e9:98:53:58:fc:53:91:d4:db:01:
25:64:16:95:ec:d2:39:49:eb:13:f7:b1:4c:2c:97:
0a:35:54:01:44:b0:f4:97:32:cb:85:83:a2:48:c7:
54:4d:a1:e3:3d:b9:89:f4:11:43:e5:94:3a:45:da:
a9:99:91:03:bd:ee:46:8f:d4:c9:e3:ea:bb:e9:64:
24:f1:20:8a:fa:34:c6:70:42:95:01:13:76:44:51:
f5:e1:fa:41:4f:cf:00:75:93:8d:2f:6f:cb:80:14:
c7:38:62:78:a1:af:e6:87:2e:51:ec:cc:ab:3e:14:
9c:dd:c6:df:0d:41:02:7c:ca:ec:d4:12:d4:e6:b0:
20:21:53:84:d9:4c:d6:f8:e0:d1:20:f2:88:7c:9a:
08:15:8a:ad:84:9e:b8:2a:92:25:b4:ce:bb:d2:5e:
b2:3d:f4:55:0b:ae:99:6f:2b:b3:35:ba:2f:a0:a9:
80:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:65:09:DD:A9:C8:27:84:09:94:A2:24:7E:51:DC:13:D2:AE:D1:A1
X509v3 Authority Key Identifier:
keyid:A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/pWUJ3anIJ4QJlKIkflHcE9Ku0aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.232.0/22
Signature Algorithm: sha256WithRSAEncryption
06:1f:e8:e6:e2:4f:8f:78:6c:36:6f:8a:5d:ae:fa:57:28:8a:
17:1f:35:86:f3:7c:1e:bb:4d:2d:ce:6e:2e:c9:55:8e:92:66:
9d:01:72:67:60:d1:f4:49:94:03:aa:43:09:85:ec:b2:7d:1c:
7c:b2:fc:48:3e:85:b2:bd:fd:e8:13:c5:77:b1:fa:5b:2f:4c:
66:a9:5b:e4:a9:5c:1b:28:9e:97:bd:e1:1c:85:0a:b9:0d:c7:
6e:74:77:f3:d2:52:49:84:74:77:84:8f:af:cc:a9:c1:3c:37:
a8:e0:ec:43:23:26:3c:79:ce:d7:7a:93:5d:ea:51:76:c1:00:
32:bf:60:03:ba:c7:36:bb:2f:34:22:a4:76:92:42:55:a7:79:
dd:c4:d5:b3:97:88:33:4c:5d:99:85:80:75:f3:71:b7:56:60:
12:fa:fe:85:63:95:58:da:9e:eb:a4:ee:a7:53:8e:90:a8:e9:
ec:20:25:09:a6:64:e2:44:db:9c:02:e2:d0:e0:f0:6e:1c:dc:
08:58:4c:7d:ab:0f:38:71:b1:5f:06:64:80:11:80:2a:1b:40:
51:90:24:d3:ce:a6:c9:18:03:21:5f:94:e9:19:10:16:79:2c:
ac:26:05:7a:cc:c3:ed:d4:cf:98:ac:2a:e6:74:9f:ce:6f:46:
21:5a:d4:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQYbXQK8NBSCNt9E31aK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzIyNGM1MDE3ZDM0ZWNkYzI4ZDBjZjM2NDQyZDY1YmVm
OWUwYTAwHhcNMjMwMTAxMTIxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTY1MDlkZGE5YzgyNzg0MDk5NGEyMjQ3ZTUxZGMxM2QyYWVkMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2ejqteONaS3dx0Jp89lSiV8j0uS
yKhhuaMFq5cubPgkdT3IXCL39qPs+XMFxudJqh3l7ordQYPci6iFrsfVR6m/63yc
N0G7HtWUF/DhC+mYU1j8U5HU2wElZBaV7NI5SesT97FMLJcKNVQBRLD0lzLLhYOi
SMdUTaHjPbmJ9BFD5ZQ6RdqpmZEDve5Gj9TJ4+q76WQk8SCK+jTGcEKVARN2RFH1
4fpBT88AdZONL2/LgBTHOGJ4oa/mhy5R7MyrPhSc3cbfDUECfMrs1BLU5rAgIVOE
2UzW+ODRIPKIfJoIFYqthJ64KpIltM670l6yPfRVC66ZbyuzNbovoKmAnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKVlCd2pyCeECZSiJH5R3BPSrtGhMB8GA1UdIwQY
MBaAFKIyJMUBfTTs3CjQzzZELWW++eCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTkt
ZmVjOGE4MGVkMjMzLzEvcFdVSjNhbklKNFFKbEtJa2ZsSGNFOUt1MGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTktZmVjOGE4MGVkMjMz
LzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUPPoMA0G
CSqGSIb3DQEBCwUAA4IBAQAGH+jm4k+PeGw2b4pdrvpXKIoXHzWG83weu00tzm4u
yVWOkmadAXJnYNH0SZQDqkMJheyyfRx8svxIPoWyvf3oE8V3sfpbL0xmqVvkqVwb
KJ6XveEchQq5DcdudHfz0lJJhHR3hI+vzKnBPDeo4OxDIyY8ec7XepNd6lF2wQAy
v2ADusc2uy80IqR2kkJVp3ndxNWzl4gzTF2ZhYB183G3VmAS+v6FY5VY2p7rpO6n
U46QqOnsICUJpmTiRNucAuLQ4PBuHNwIWEx9qw84cbFfBmSAEYAqG0BRkCTTzqbJ
GAMhX5TpGRAWeSysJgV6zMPt1M+YrCrmdJ/Ob0YhWtS7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:47 2025 by rpki-client