Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7bbad4-e15a-4bfd-ab32-76e865e2c4bd/1/DCt2qnu1YwmDtK3-QChnxFYcaKY.roa
File: DCt2qnu1YwmDtK3-QChnxFYcaKY.roa (raw, json)
Hash identifier: q7LVF1erq9LirTUCKTxbWRjM2rf+NVy6IVfOdfDFyyI=
Subject key identifier: 0C:2B:76:AA:7B:B5:63:09:83:B4:AD:FE:40:28:67:C4:56:1C:68:A6
Certificate issuer: /CN=f08710e6e24e6d69bd5c44afeaf0ee9c67ed3a06
Certificate serial: 01856ECB92E221CB143921697BE4212A7D55
Authority key identifier: F0:87:10:E6:E2:4E:6D:69:BD:5C:44:AF:EA:F0:EE:9C:67:ED:3A:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8IcQ5uJObWm9XESv6vDunGftOgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7bbad4-e15a-4bfd-ab32-76e865e2c4bd/1/DCt2qnu1YwmDtK3-QChnxFYcaKY.roa
Signing time: Sun 01 Jan 2023 19:25:13 +0000
ROA not before: Sun 01 Jan 2023 19:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21231
IP address blocks: 80.92.32.0/23 maxlen: 23
80.92.34.0/23 maxlen: 23
80.92.36.0/23 maxlen: 23
80.92.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:92:e2:21:cb:14:39:21:69:7b:e4:21:2a:7d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f08710e6e24e6d69bd5c44afeaf0ee9c67ed3a06
Validity
Not Before: Jan 1 19:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c2b76aa7bb5630983b4adfe402867c4561c68a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:52:70:ad:8a:b9:38:5b:2b:01:8d:61:c4:ec:
51:ff:fe:c3:03:2a:b8:17:fc:2f:50:23:89:d3:dc:
7b:30:0e:fe:7b:c9:5e:63:8b:20:19:29:4f:55:bd:
de:45:d8:8e:5d:90:bb:87:c2:40:6a:fe:04:ed:10:
17:20:44:99:f1:b2:bf:9b:29:36:db:35:0b:71:e8:
f6:46:9e:ad:df:18:18:c4:e1:a1:32:52:4e:40:77:
70:6a:8b:8f:e9:51:ee:4a:73:4b:66:a2:77:01:40:
c1:5a:8d:b4:c7:e7:86:38:05:8b:04:d6:3e:94:cb:
a2:4b:b1:47:2b:48:a2:a5:8a:d8:43:74:1e:09:79:
91:d6:b8:4e:a7:88:63:2d:e9:6b:0a:df:28:44:4a:
74:e4:a6:78:a0:97:40:0e:b8:9a:22:43:21:28:b6:
be:22:d8:b9:9d:5f:17:c0:ee:3e:38:34:88:f3:88:
ca:7a:c5:71:02:60:a0:3a:8e:9b:0b:ff:17:4f:f2:
ab:ae:56:d0:f1:2e:5c:71:ba:16:81:e8:cd:69:7d:
43:8e:bf:b0:a0:67:8c:19:e8:cd:6b:cb:20:4f:bd:
d2:d0:20:02:bf:f5:fa:29:17:b0:25:ca:c9:fc:5e:
a5:9e:b4:07:1c:bb:cd:ab:2d:c9:9f:5a:95:99:c0:
cf:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2B:76:AA:7B:B5:63:09:83:B4:AD:FE:40:28:67:C4:56:1C:68:A6
X509v3 Authority Key Identifier:
keyid:F0:87:10:E6:E2:4E:6D:69:BD:5C:44:AF:EA:F0:EE:9C:67:ED:3A:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8IcQ5uJObWm9XESv6vDunGftOgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7bbad4-e15a-4bfd-ab32-76e865e2c4bd/1/DCt2qnu1YwmDtK3-QChnxFYcaKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7bbad4-e15a-4bfd-ab32-76e865e2c4bd/1/8IcQ5uJObWm9XESv6vDunGftOgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.32.0-80.92.37.255
80.92.39.0/24
Signature Algorithm: sha256WithRSAEncryption
77:0d:64:c0:85:02:6a:8f:2a:1a:75:eb:5d:dc:e2:56:6a:57:
2a:51:ca:79:5c:4f:7a:ed:a2:8d:b0:61:45:b0:1e:b5:76:c8:
77:66:43:06:d3:50:c6:68:e9:9b:1d:71:03:10:8b:03:78:6e:
d6:5b:50:6a:06:26:7b:19:b9:0c:42:07:2a:8e:29:53:c8:9b:
27:f0:81:b1:0c:2e:05:94:03:5c:08:16:a7:44:37:8c:d7:13:
7b:e4:3f:ff:5b:92:9e:75:76:d5:ca:fd:5f:cd:38:6b:9f:70:
a0:4d:9e:7c:4c:3f:56:66:37:07:99:fb:5e:82:88:b1:56:52:
46:19:27:30:73:b0:ad:38:cc:9b:18:22:d8:04:cf:a5:b2:ac:
ad:02:ad:1f:9d:98:b5:b0:83:16:0a:12:72:b6:c6:5c:7f:22:
4c:62:09:75:ec:fc:de:74:ef:6f:3a:f3:5f:cf:bd:c2:9f:e3:
c0:93:7b:e0:04:bd:ec:cf:96:14:1e:f7:69:55:a1:53:18:54:
ef:88:48:23:9e:52:c3:34:b0:70:4a:da:de:ed:d2:c3:da:1e:
30:c6:0a:37:24:93:06:4d:14:ab:8b:d1:db:5f:15:d3:e6:ef:
e1:10:88:39:79:63:53:d8:7e:92:45:39:fd:2d:42:4d:cf:db:
5a:44:1a:77
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVuy5LiIcsUOSFpe+QhKn1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwODcxMGU2ZTI0ZTZkNjliZDVjNDRhZmVhZjBlZTljNjdl
ZDNhMDYwHhcNMjMwMTAxMTkyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJiNzZhYTdiYjU2MzA5ODNiNGFkZmU0MDI4NjdjNDU2MWM2OGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlJwrYq5OFsrAY1hxOxR//7DAyq4
F/wvUCOJ09x7MA7+e8leY4sgGSlPVb3eRdiOXZC7h8JAav4E7RAXIESZ8bK/myk2
2zULcej2Rp6t3xgYxOGhMlJOQHdwaouP6VHuSnNLZqJ3AUDBWo20x+eGOAWLBNY+
lMuiS7FHK0iipYrYQ3QeCXmR1rhOp4hjLelrCt8oREp05KZ4oJdADriaIkMhKLa+
Iti5nV8XwO4+ODSI84jKesVxAmCgOo6bC/8XT/KrrlbQ8S5ccboWgejNaX1Djr+w
oGeMGejNa8sgT73S0CACv/X6KRewJcrJ/F6lnrQHHLvNqy3Jn1qVmcDPGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAwrdqp7tWMJg7St/kAoZ8RWHGimMB8GA1UdIwQY
MBaAFPCHEObiTm1pvVxEr+rw7pxn7ToGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEljUTV1Sk9iV205WEVTdjZ2RHVuR2Z0T2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi83YmJhZDQtZTE1YS00YmZkLWFiMzIt
NzZlODY1ZTJjNGJkLzEvREN0MnFudTFZd21EdEszLVFDaG54RlljYUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi83YmJhZDQtZTE1YS00YmZkLWFiMzItNzZlODY1ZTJjNGJk
LzEvOEljUTV1Sk9iV205WEVTdjZ2RHVuR2Z0T2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVQXCAD
BAFQXCQDBABQXCcwDQYJKoZIhvcNAQELBQADggEBAHcNZMCFAmqPKhp1613c4lZq
VypRynlcT3rtoo2wYUWwHrV2yHdmQwbTUMZo6ZsdcQMQiwN4btZbUGoGJnsZuQxC
ByqOKVPImyfwgbEMLgWUA1wIFqdEN4zXE3vkP/9bkp51dtXK/V/NOGufcKBNnnxM
P1ZmNweZ+16CiLFWUkYZJzBzsK04zJsYItgEz6WyrK0CrR+dmLWwgxYKEnK2xlx/
IkxiCXXs/N50728681/PvcKf48CTe+AEvezPlhQe92lVoVMYVO+ISCOeUsM0sHBK
2t7t0sPaHjDGCjckkwZNFKuL0dtfFdPm7+EQiDl5Y1PYfpJFOf0tQk3P21pEGnc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:08 2025 by rpki-client