Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/fYzYbIukLZhZ2hFckXxoLvC8_jg.roa
File: fYzYbIukLZhZ2hFckXxoLvC8_jg.roa (raw, json)
Hash identifier: dKFgpJJZwf6EaH7TG/5nPEw3IHme9UfMOapJaVh/iAY=
Subject key identifier: 7D:8C:D8:6C:8B:A4:2D:98:59:DA:11:5C:91:7C:68:2E:F0:BC:FE:38
Certificate issuer: /CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Certificate serial: 093D4792
Authority key identifier: 4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/fYzYbIukLZhZ2hFckXxoLvC8_jg.roa
Signing time: Sat 01 Jan 2022 10:57:42 +0000
ROA not before: Sat 01 Jan 2022 10:57:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8821
IP address blocks: 82.136.64.0/18 maxlen: 18
158.181.96.0/19 maxlen: 19
185.42.244.0/22 maxlen: 22
212.4.64.0/19 maxlen: 19
62.171.0.0/17 maxlen: 17
151.248.128.0/17 maxlen: 17
2a01:8b80::/29 maxlen: 29
2a01:8b80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155010962 (0x93d4792)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Validity
Not Before: Jan 1 10:57:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d8cd86c8ba42d9859da115c917c682ef0bcfe38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:28:3a:03:d8:51:65:f3:da:2e:65:d0:86:39:
60:73:51:df:e6:e9:f7:3f:7d:e9:5e:df:a9:3d:2f:
f0:94:4c:12:94:19:bb:74:01:ef:36:dd:e3:b2:3c:
5b:64:32:0b:cd:24:33:34:fd:1e:27:43:15:dd:17:
b2:7a:9e:55:64:98:3f:12:61:e4:e4:4e:69:b7:7d:
66:94:47:c7:67:c7:3d:19:80:6c:1e:03:06:e9:9f:
f9:b1:a2:60:f7:48:92:f8:03:84:2a:6b:80:f7:2c:
25:f0:5f:bc:1a:b6:3c:9e:66:d4:0d:e7:98:64:a3:
a2:53:44:ec:2d:fe:66:d5:d7:8b:7d:5c:64:4d:2f:
3e:0a:b1:30:42:02:4a:a6:c9:d8:b1:9f:0b:65:f0:
a4:38:36:bf:c0:73:83:2a:5d:84:87:e2:b3:5c:de:
72:02:ee:77:e1:58:34:a4:50:07:e0:6f:60:ea:da:
78:08:fd:38:41:e4:ee:3a:41:53:fd:b2:76:5f:d2:
4f:9e:1c:23:2c:e3:48:c3:75:b4:8c:1e:7c:e1:cd:
e1:2f:79:93:b0:54:05:f7:83:41:ae:90:85:12:5a:
af:8b:36:fe:bd:60:8f:7e:0a:0d:3c:d9:fb:8d:5f:
da:57:37:00:8c:57:e6:3f:e1:1a:12:e5:af:02:0f:
76:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8C:D8:6C:8B:A4:2D:98:59:DA:11:5C:91:7C:68:2E:F0:BC:FE:38
X509v3 Authority Key Identifier:
keyid:4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/fYzYbIukLZhZ2hFckXxoLvC8_jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.0.0/17
82.136.64.0/18
151.248.128.0/17
158.181.96.0/19
185.42.244.0/22
212.4.64.0/19
IPv6:
2a01:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
3e:7f:a6:43:37:75:41:0b:ed:37:6b:1f:2c:08:55:4b:23:d7:
b3:ed:ce:f1:d6:4d:02:01:10:15:f4:02:ba:1a:a1:91:37:22:
6e:d0:33:bb:00:f2:57:99:da:c3:31:8d:61:51:a1:11:c6:66:
87:29:6e:5f:45:83:d3:eb:73:d1:bb:f8:7c:49:13:8e:a7:2d:
aa:b8:38:f1:23:f6:40:59:bb:4e:63:e9:4c:37:58:bb:7f:b6:
5a:c1:6a:20:8d:3c:b9:0a:f3:27:b9:16:ae:bb:68:57:f9:94:
44:cc:d9:6b:49:32:1f:f4:b5:44:15:7c:d1:b1:24:63:d6:8f:
3a:76:86:66:91:05:81:11:0f:a3:3d:72:4b:c5:9c:4f:4a:30:
cd:5e:b5:36:16:ec:3c:fd:8c:ea:71:6b:55:3d:28:ea:ee:2d:
b1:59:ba:51:20:e1:07:1d:15:7b:5d:f7:a0:83:59:60:b3:d1:
6f:bd:98:2b:cd:e2:d4:cd:f8:6b:60:69:9e:75:81:24:01:1a:
36:2f:86:fd:7a:61:16:ca:b2:fd:d8:37:18:ff:de:b8:b2:83:
a1:c1:db:4a:aa:57:7a:69:3a:ea:6b:c0:73:14:f9:13:9a:39:
15:bd:82:1c:62:47:12:ce:d2:91:d9:34:59:e7:35:2b:35:6f:
48:ac:f2:53
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIECT1HkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YWMyYmMwZTNlNTkzMzJmNGJlMmM1OGZmMjVhMTg2MWY1ZmRlODE5MB4XDTIyMDEw
MTEwNTc0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q4Y2Q4NmM4YmE0
MmQ5ODU5ZGExMTVjOTE3YzY4MmVmMGJjZmUzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8oOgPYUWXz2i5l0IY5YHNR3+bp9z996V7fqT0v8JRMEpQZ
u3QB7zbd47I8W2QyC80kMzT9HidDFd0XsnqeVWSYPxJh5OROabd9ZpRHx2fHPRmA
bB4DBumf+bGiYPdIkvgDhCprgPcsJfBfvBq2PJ5m1A3nmGSjolNE7C3+ZtXXi31c
ZE0vPgqxMEICSqbJ2LGfC2XwpDg2v8BzgypdhIfis1zecgLud+FYNKRQB+BvYOra
eAj9OEHk7jpBU/2ydl/ST54cIyzjSMN1tIwefOHN4S95k7BUBfeDQa6QhRJar4s2
/r1gj34KDTzZ+41f2lc3AIxX5j/hGhLlrwIPdqUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBR9jNhsi6QtmFnaEVyRfGgu8Lz+ODAfBgNVHSMEGDAWgBRKwrwOPlkzL0vi
xY/yWhhh9f3oGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NzSzhEajVaTXk5TDRzV1A4bG9ZWWZYOTZCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNDhhZmUwLTVhMTgtNGQ5OS05MWI2LTgwNzNkY2UwOTYyOC8x
L2ZZelliSXVrTFpoWjJoRmNrWHhvTHZDOF9qZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NDhhZmUwLTVhMTgtNGQ5OS05MWI2LTgwNzNkY2UwOTYyOC8xL1NzSzhEajVaTXk5
TDRzV1A4bG9ZWWZYOTZCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBz6rAAMEBlKIQAMEB5f4gAMEBZ61
YAMEArkq9AMEBdQEQDANBAIAAjAHAwUDKgGLgDANBgkqhkiG9w0BAQsFAAOCAQEA
Pn+mQzd1QQvtN2sfLAhVSyPXs+3O8dZNAgEQFfQCuhqhkTcibtAzuwDyV5nawzGN
YVGhEcZmhyluX0WD0+tz0bv4fEkTjqctqrg48SP2QFm7TmPpTDdYu3+2WsFqII08
uQrzJ7kWrrtoV/mURMzZa0kyH/S1RBV80bEkY9aPOnaGZpEFgREPoz1yS8WcT0ow
zV61NhbsPP2M6nFrVT0o6u4tsVm6USDhBx0Ve133oINZYLPRb72YK83i1M34a2Bp
nnWBJAEaNi+G/XphFsqy/dg3GP/euLKDocHbSqpXemk66mvAcxT5E5o5Fb2CHGJH
Es7Skdk0Wec1KzVvSKzyUw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:19 2025 by rpki-client