Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/pt617Jqh56IUTVZc-L6ew-AD-EA.roa
File: pt617Jqh56IUTVZc-L6ew-AD-EA.roa (raw, json)
Hash identifier: mO0EAbdAKbE9gj6I1fGDyeB5YtdqQ9oyJZjmSqdQWo8=
Subject key identifier: A6:DE:B5:EC:9A:A1:E7:A2:14:4D:56:5C:F8:BE:9E:C3:E0:03:F8:40
Certificate issuer: /CN=0962dc6940760b7fbc2ea4367cc53bc230a64f9b
Certificate serial: 01856F3940230293CE9E4FA740F72E4B4DCF
Authority key identifier: 09:62:DC:69:40:76:0B:7F:BC:2E:A4:36:7C:C5:3B:C2:30:A6:4F:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWLcaUB2C3-8LqQ2fMU7wjCmT5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/pt617Jqh56IUTVZc-L6ew-AD-EA.roa
Signing time: Sun 01 Jan 2023 21:25:01 +0000
ROA not before: Sun 01 Jan 2023 21:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31275
IP address blocks: 83.220.64.0/19 maxlen: 19
2a04:e380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:40:23:02:93:ce:9e:4f:a7:40:f7:2e:4b:4d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0962dc6940760b7fbc2ea4367cc53bc230a64f9b
Validity
Not Before: Jan 1 21:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6deb5ec9aa1e7a2144d565cf8be9ec3e003f840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:25:26:f3:5b:cd:84:c0:f7:eb:6a:c8:18:9a:
51:51:35:dd:ef:5d:98:b3:3e:22:70:0f:5f:11:9d:
c3:af:12:a0:47:1e:c4:97:1b:8e:8d:aa:4c:fd:25:
4e:e2:7c:00:a1:a1:99:0c:40:a4:71:39:35:06:5e:
97:a6:db:06:a9:10:ac:83:d7:96:37:06:09:7d:6b:
e4:be:9e:06:d4:2b:4f:64:58:d6:bc:c6:b7:8f:4a:
ad:0a:02:83:61:24:80:71:b2:f0:c5:cd:74:9a:36:
15:9b:2f:f3:f9:db:7f:46:0e:af:bd:ca:02:91:fa:
50:3f:04:c0:44:cc:7d:3c:83:74:7f:40:01:4b:07:
4a:a2:1e:67:ec:67:33:98:8d:d9:dd:1e:60:59:a5:
86:24:36:a2:51:3d:55:62:de:49:19:b3:ac:e5:2f:
ff:fd:b4:3f:66:0c:85:98:6e:7f:36:31:7e:91:26:
a5:f5:8f:f6:0e:61:b8:ce:c7:a7:e4:05:25:c9:f5:
95:37:26:b0:b0:25:ab:8b:5f:e2:63:01:d6:3a:46:
1a:f8:c7:a0:2e:51:5a:0e:14:d0:00:88:6d:b9:3a:
33:4a:0a:9c:50:64:8b:91:f2:64:a9:de:c2:be:5a:
0b:88:9f:da:6f:fe:55:be:7f:8f:93:a2:9f:6d:c8:
57:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:DE:B5:EC:9A:A1:E7:A2:14:4D:56:5C:F8:BE:9E:C3:E0:03:F8:40
X509v3 Authority Key Identifier:
keyid:09:62:DC:69:40:76:0B:7F:BC:2E:A4:36:7C:C5:3B:C2:30:A6:4F:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWLcaUB2C3-8LqQ2fMU7wjCmT5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/pt617Jqh56IUTVZc-L6ew-AD-EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/CWLcaUB2C3-8LqQ2fMU7wjCmT5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.220.64.0/19
IPv6:
2a04:e380::/29
Signature Algorithm: sha256WithRSAEncryption
6d:d7:96:e6:0c:11:df:3b:67:04:48:6a:80:4e:e8:e6:99:43:
0b:f7:04:cc:06:6c:c7:06:40:9c:3d:56:2f:28:9a:b2:36:6f:
2a:1a:e4:ed:04:bd:7a:c9:46:ee:89:18:c8:d0:20:5e:8b:d0:
b2:e2:9e:26:71:3c:32:b8:97:15:af:3f:36:77:bf:a7:e1:85:
ca:cc:a5:d5:f8:94:28:77:12:65:42:68:dd:d1:f7:62:84:d1:
ab:66:b3:fb:8b:09:bc:28:75:c4:4d:9a:67:9e:ba:eb:04:23:
b1:c1:1e:af:b4:8c:15:20:28:a6:91:02:14:ff:a7:d1:2f:a4:
98:2b:e3:91:a3:59:d5:4f:ff:f2:20:84:28:a6:2b:09:19:28:
ed:04:e1:e7:de:df:e8:dd:ab:2c:a1:d3:04:e2:d2:2a:76:41:
f5:b6:25:df:37:9b:2a:4b:76:fd:c0:bb:a0:af:5e:e8:a1:ad:
92:1a:3a:d0:f6:8a:da:87:02:f1:39:24:55:4d:b3:bc:bb:51:
91:f8:4b:fe:51:58:39:36:bd:c4:dc:2e:a1:5f:7d:1b:9c:ef:
be:dd:a6:3d:5c:7c:21:00:78:6b:77:6f:60:3b:db:b5:da:86:
f2:78:13:9f:28:62:c7:6d:df:62:9b:00:bd:b9:eb:13:77:3c:
06:48:43:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvOUAjApPOnk+nQPcuS03PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjJkYzY5NDA3NjBiN2ZiYzJlYTQzNjdjYzUzYmMyMzBh
NjRmOWIwHhcNMjMwMTAxMjEyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmRlYjVlYzlhYTFlN2EyMTQ0ZDU2NWNmOGJlOWVjM2UwMDNmODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliUm81vNhMD362rIGJpRUTXd712Y
sz4icA9fEZ3DrxKgRx7ElxuOjapM/SVO4nwAoaGZDECkcTk1Bl6XptsGqRCsg9eW
NwYJfWvkvp4G1CtPZFjWvMa3j0qtCgKDYSSAcbLwxc10mjYVmy/z+dt/Rg6vvcoC
kfpQPwTARMx9PIN0f0ABSwdKoh5n7GczmI3Z3R5gWaWGJDaiUT1VYt5JGbOs5S//
/bQ/ZgyFmG5/NjF+kSal9Y/2DmG4zsen5AUlyfWVNyawsCWri1/iYwHWOkYa+Meg
LlFaDhTQAIhtuTozSgqcUGSLkfJkqd7CvloLiJ/ab/5Vvn+Pk6KfbchXQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKbeteyaoeeiFE1WXPi+nsPgA/hAMB8GA1UdIwQY
MBaAFAli3GlAdgt/vC6kNnzFO8Iwpk+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dMY2FVQjJDMy04THFRMmZNVTd3akNtVDVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yMGZmMGYtNjE4Zi00Y2I2LWJjN2Yt
NjU0MTk3N2Y2NWY5LzEvcHQ2MTdKcWg1NklVVFZaYy1MNmV3LUFELUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yMGZmMGYtNjE4Zi00Y2I2LWJjN2YtNjU0MTk3N2Y2NWY5
LzEvQ1dMY2FVQjJDMy04THFRMmZNVTd3akNtVDVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFU9xAMA0E
AgACMAcDBQMqBOOAMA0GCSqGSIb3DQEBCwUAA4IBAQBt15bmDBHfO2cESGqATujm
mUML9wTMBmzHBkCcPVYvKJqyNm8qGuTtBL16yUbuiRjI0CBei9Cy4p4mcTwyuJcV
rz82d7+n4YXKzKXV+JQodxJlQmjd0fdihNGrZrP7iwm8KHXETZpnnrrrBCOxwR6v
tIwVICimkQIU/6fRL6SYK+ORo1nVT//yIIQopisJGSjtBOHn3t/o3assodME4tIq
dkH1tiXfN5sqS3b9wLugr17ooa2SGjrQ9orahwLxOSRVTbO8u1GR+Ev+UVg5Nr3E
3C6hX30bnO++3aY9XHwhAHhrd29gO9u12obyeBOfKGLHbd9imwC9uesTdzwGSEMH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:07 2025 by rpki-client