Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/cENxHsmcct4dYVs7KWZLNHBVT8Q.roa
File: cENxHsmcct4dYVs7KWZLNHBVT8Q.roa (raw, json)
Hash identifier: huqTBjjTc/Q10y6FxVw4Y2m2Yu4tnmH1coVFWLuyXlc=
Subject key identifier: 70:43:71:1E:C9:9C:72:DE:1D:61:5B:3B:29:66:4B:34:70:55:4F:C4
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 01856C6EF49753F583F8738DE1A7B5BBC47B
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/cENxHsmcct4dYVs7KWZLNHBVT8Q.roa
Signing time: Sun 01 Jan 2023 08:24:48 +0000
ROA not before: Sun 01 Jan 2023 08:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8990
IP address blocks: 212.92.0.0/19 maxlen: 19
82.150.32.0/19 maxlen: 19
91.144.64.0/18 maxlen: 24
95.171.64.0/19 maxlen: 19
45.88.204.0/22 maxlen: 22
109.199.32.0/19 maxlen: 24
109.199.46.0/24 maxlen: 24
109.199.57.0/24 maxlen: 24
91.144.121.0/24 maxlen: 24
109.199.58.0/24 maxlen: 24
109.199.62.0/24 maxlen: 24
109.199.61.0/24 maxlen: 24
2a03:9900:2::/48 maxlen: 48
2a03:9900:1::/48 maxlen: 48
2a03:9900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f4:97:53:f5:83:f8:73:8d:e1:a7:b5:bb:c4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 1 08:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7043711ec99c72de1d615b3b29664b3470554fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c4:44:33:29:cf:4b:28:1a:03:66:4a:32:e4:
8c:61:db:ae:73:25:41:f0:cd:36:91:d9:09:a2:c6:
ed:9d:05:27:af:10:6b:00:dc:e1:7e:ab:0c:08:ef:
a5:c6:7c:c1:7b:ee:07:5e:d2:9e:16:49:55:64:61:
ae:5a:19:59:18:af:35:0b:68:07:0e:67:43:9e:60:
87:64:8f:cd:6a:a8:b6:73:5b:07:4a:c1:1e:56:4f:
ad:f2:26:9d:fa:b5:33:b9:08:a1:58:92:1d:9b:56:
a1:ed:a0:15:d1:1a:31:aa:f3:c5:84:98:c3:42:94:
97:b3:c3:ea:8f:e7:bd:88:b3:b5:94:c2:7a:14:45:
5c:c8:09:92:45:54:15:7b:b7:21:c4:22:50:64:e3:
5f:69:50:bc:fc:73:f3:58:11:19:91:43:e5:1f:c0:
ae:91:a7:a6:fc:82:88:6d:b2:84:87:7d:55:03:e1:
c4:4f:2f:7a:fc:15:23:61:80:f7:74:82:2b:05:fc:
5c:3f:0a:43:8f:98:15:34:e2:9f:8a:bb:6a:53:70:
0f:2e:84:e2:89:39:72:e1:58:3c:ce:82:9d:5e:07:
5f:01:32:70:53:19:4f:97:75:69:00:0a:71:91:4e:
ee:5f:a1:c3:dd:76:51:91:55:4e:ea:39:ff:86:03:
01:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:43:71:1E:C9:9C:72:DE:1D:61:5B:3B:29:66:4B:34:70:55:4F:C4
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/cENxHsmcct4dYVs7KWZLNHBVT8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.204.0/22
82.150.32.0/19
91.144.64.0/18
95.171.64.0/19
109.199.32.0/19
212.92.0.0/19
IPv6:
2a03:9900::/32
Signature Algorithm: sha256WithRSAEncryption
2b:e0:15:d6:b8:ee:d1:7d:fd:dd:2c:e9:f2:07:57:a2:41:03:
86:ff:da:07:6c:fb:57:d4:cb:7c:ea:eb:d0:2e:3a:b5:24:f8:
c6:1a:ca:ef:e8:31:49:8e:5e:5b:46:20:59:08:3b:43:9c:a4:
af:a9:4f:18:60:1e:5f:69:f6:4a:3b:70:92:88:d2:f2:ee:21:
ac:bc:04:17:a9:9f:50:e5:24:99:0a:f2:2c:a0:30:ab:7c:b2:
bf:62:99:d0:5e:ee:5b:63:9c:bf:0c:1e:4d:87:27:e6:52:96:
d5:15:30:d1:cc:96:36:f9:4a:ca:0e:76:ff:8c:56:df:49:ef:
70:14:11:b3:14:a3:1e:8f:ee:0d:b5:54:58:02:c6:ea:a9:eb:
5e:d5:9e:f4:6d:e0:e5:fc:cd:d8:fc:e9:bf:41:31:84:11:90:
51:d4:29:c3:93:c9:76:1c:13:79:05:2e:e4:d2:43:5e:e9:61:
fb:d4:bd:4c:47:4b:a5:4b:14:03:73:1e:99:61:72:9c:eb:dd:
ca:83:45:0f:67:59:8a:a4:3f:97:e3:4e:cc:f2:f2:ad:04:11:
06:87:4d:4d:7f:63:e6:0b:fb:ee:6c:f1:8e:a2:f8:24:60:3d:
13:7e:b8:d2:54:f1:7e:c1:2e:2f:fc:29:88:ba:1a:ea:ca:04:
a4:8c:55:25
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVsbvSXU/WD+HON4ae1u8R7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzYxMDMzNDRmY2QzYjU3NTlmMmRiM2YzYzcwNzEzNzZm
OWUyMzMwHhcNMjMwMTAxMDgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQzNzExZWM5OWM3MmRlMWQ2MTViM2IyOTY2NGIzNDcwNTU0ZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcREMynPSygaA2ZKMuSMYduucyVB
8M02kdkJosbtnQUnrxBrANzhfqsMCO+lxnzBe+4HXtKeFklVZGGuWhlZGK81C2gH
DmdDnmCHZI/Naqi2c1sHSsEeVk+t8iad+rUzuQihWJIdm1ah7aAV0RoxqvPFhJjD
QpSXs8Pqj+e9iLO1lMJ6FEVcyAmSRVQVe7chxCJQZONfaVC8/HPzWBEZkUPlH8Cu
kaem/IKIbbKEh31VA+HETy96/BUjYYD3dIIrBfxcPwpDj5gVNOKfirtqU3APLoTi
iTly4Vg8zoKdXgdfATJwUxlPl3VpAApxkU7uX6HD3XZRkVVO6jn/hgMBewIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHBDcR7JnHLeHWFbOylmSzRwVU/EMB8GA1UdIwQY
MBaAFE82EDNE/NO1dZ8ts/PHBxN2+eIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUt
MGFjYzg5MmIxMWQyLzEvY0VOeEhzbWNjdDRkWVZzN0tXWkxOSEJWVDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUtMGFjYzg5MmIxMWQy
LzEvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLVjMAwQF
UpYgAwQGW5BAAwQFX6tAAwQFbccgAwQF1FwAMA0EAgACMAcDBQAqA5kAMA0GCSqG
SIb3DQEBCwUAA4IBAQAr4BXWuO7Rff3dLOnyB1eiQQOG/9oHbPtX1Mt86uvQLjq1
JPjGGsrv6DFJjl5bRiBZCDtDnKSvqU8YYB5fafZKO3CSiNLy7iGsvAQXqZ9Q5SSZ
CvIsoDCrfLK/YpnQXu5bY5y/DB5NhyfmUpbVFTDRzJY2+UrKDnb/jFbfSe9wFBGz
FKMej+4NtVRYAsbqqete1Z70beDl/M3Y/Om/QTGEEZBR1CnDk8l2HBN5BS7k0kNe
6WH71L1MR0ulSxQDcx6ZYXKc693Kg0UPZ1mKpD+X407M8vKtBBEGh01Nf2PmC/vu
bPGOovgkYD0TfrjSVPF+wS4v/CmIuhrqygSkjFUl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:37 2025 by rpki-client