Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/800ffd-c53b-4646-b26e-6ef5c4735e8a/1/xPbUX2_9jWglPOwzEg8zM3z5-6k.roa
File: xPbUX2_9jWglPOwzEg8zM3z5-6k.roa (raw, json)
Hash identifier: 9bk+t6JseYGJG9/zQeuZfoy/Wz70zFegyJ3bJk3br/I=
Subject key identifier: C4:F6:D4:5F:6F:FD:8D:68:25:3C:EC:33:12:0F:33:33:7C:F9:FB:A9
Certificate issuer: /CN=b0afd0cb9775ff478f185f8f980d5b1d92d4be4f
Certificate serial: 01857227FDD8B61AFCFABFFB36AAFB4DFC81
Authority key identifier: B0:AF:D0:CB:97:75:FF:47:8F:18:5F:8F:98:0D:5B:1D:92:D4:BE:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sK_Qy5d1_0ePGF-PmA1bHZLUvk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/800ffd-c53b-4646-b26e-6ef5c4735e8a/1/xPbUX2_9jWglPOwzEg8zM3z5-6k.roa
Signing time: Mon 02 Jan 2023 11:05:01 +0000
ROA not before: Mon 02 Jan 2023 11:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39263
IP address blocks: 185.79.144.0/22 maxlen: 22
93.115.212.0/22 maxlen: 22
188.247.172.0/22 maxlen: 22
80.94.0.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:fd:d8:b6:1a:fc:fa:bf:fb:36:aa:fb:4d:fc:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0afd0cb9775ff478f185f8f980d5b1d92d4be4f
Validity
Not Before: Jan 2 11:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4f6d45f6ffd8d68253cec33120f33337cf9fba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:26:7c:e6:b4:a9:df:81:25:15:c7:0f:b8:d5:
69:53:4a:ab:48:b2:25:9a:d7:d8:87:38:af:dc:5c:
82:48:27:a5:1e:51:6d:6b:37:70:86:e5:58:14:a0:
bc:dc:a7:ca:b3:ed:ef:88:06:06:7e:3c:b5:00:57:
ac:dd:9f:9e:76:2d:80:b9:12:5f:b7:9c:27:11:58:
96:bc:13:72:73:98:da:5d:24:2c:c3:bb:c7:63:34:
d7:88:6c:7e:e2:c3:54:a2:88:c0:07:72:42:45:0d:
0e:a8:0d:e1:89:f3:5d:ae:7a:77:61:70:18:63:55:
a9:c0:5d:dd:87:ad:ef:63:34:eb:64:c5:f2:c1:88:
6c:e5:94:1d:73:be:32:41:56:b0:c1:d5:82:91:e2:
d3:9e:6d:3c:4e:94:6b:b0:ad:56:c7:b5:ed:17:b4:
68:88:d4:0d:9a:6b:eb:13:3a:f4:01:62:c4:2a:44:
0d:6f:1f:8d:17:87:29:dd:51:4d:b0:1e:fc:ce:81:
f3:45:f5:f7:1f:63:dc:25:0a:ee:a7:58:83:7b:13:
51:5d:3f:a3:b1:dd:39:e3:30:61:06:54:cc:1e:51:
1e:7b:92:31:7e:a3:a6:5f:45:7c:70:3f:1b:c8:32:
d3:15:9b:9e:a8:85:7d:bb:1f:82:b6:49:57:52:3e:
1a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F6:D4:5F:6F:FD:8D:68:25:3C:EC:33:12:0F:33:33:7C:F9:FB:A9
X509v3 Authority Key Identifier:
keyid:B0:AF:D0:CB:97:75:FF:47:8F:18:5F:8F:98:0D:5B:1D:92:D4:BE:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK_Qy5d1_0ePGF-PmA1bHZLUvk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/800ffd-c53b-4646-b26e-6ef5c4735e8a/1/xPbUX2_9jWglPOwzEg8zM3z5-6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/800ffd-c53b-4646-b26e-6ef5c4735e8a/1/sK_Qy5d1_0ePGF-PmA1bHZLUvk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.0.0/20
93.115.212.0/22
185.79.144.0/22
188.247.172.0/22
Signature Algorithm: sha256WithRSAEncryption
28:31:36:35:07:19:ce:eb:f4:fb:78:6a:04:4f:3c:72:c9:5e:
cb:2b:52:cb:eb:f7:96:6c:6d:68:63:bb:2c:b1:6b:8e:bf:55:
53:da:c5:24:d8:46:d7:81:c9:ef:9e:79:22:f1:2e:1b:69:69:
c5:30:db:9c:f1:d2:b5:71:33:11:dc:12:2a:eb:fb:08:ee:f6:
02:af:ff:7a:6f:b3:e1:4c:cd:43:40:4b:c0:ec:b8:c0:20:71:
32:3d:28:c4:59:17:54:db:40:43:6b:a4:80:a4:b4:d3:ca:88:
b1:c4:75:f1:2d:76:64:f4:ff:60:8b:a0:ba:c6:11:d1:98:46:
38:0e:4d:49:1c:9b:32:a2:0b:6a:94:aa:be:68:eb:ea:8a:b2:
ea:31:6b:55:16:5c:8d:b7:4d:05:fc:75:5e:cc:d4:1d:50:d5:
51:7e:7f:d9:61:71:05:2b:9f:52:cc:de:39:a5:7b:6d:b4:81:
39:68:f8:86:52:5a:6e:b4:29:3c:a1:b8:38:da:a0:9d:dd:a9:
94:28:60:a2:7f:1a:5d:21:84:c5:35:09:b6:3f:3e:40:77:cd:
3e:a5:94:6e:69:13:f3:eb:7e:93:02:41:bc:21:87:e3:07:a9:
8b:b9:54:32:f7:1b:75:d0:ce:c2:d0:c7:1e:ef:cc:0b:79:21:
db:97:63:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyJ/3Ythr8+r/7Nqr7TfyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWZkMGNiOTc3NWZmNDc4ZjE4NWY4Zjk4MGQ1YjFkOTJk
NGJlNGYwHhcNMjMwMTAyMTEwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGY2ZDQ1ZjZmZmQ4ZDY4MjUzY2VjMzMxMjBmMzMzMzdjZjlmYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSZ85rSp34ElFccPuNVpU0qrSLIl
mtfYhziv3FyCSCelHlFtazdwhuVYFKC83KfKs+3viAYGfjy1AFes3Z+edi2AuRJf
t5wnEViWvBNyc5jaXSQsw7vHYzTXiGx+4sNUoojAB3JCRQ0OqA3hifNdrnp3YXAY
Y1WpwF3dh63vYzTrZMXywYhs5ZQdc74yQVawwdWCkeLTnm08TpRrsK1Wx7XtF7Ro
iNQNmmvrEzr0AWLEKkQNbx+NF4cp3VFNsB78zoHzRfX3H2PcJQrup1iDexNRXT+j
sd054zBhBlTMHlEee5IxfqOmX0V8cD8byDLTFZueqIV9ux+CtklXUj4aCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMT21F9v/Y1oJTzsMxIPMzN8+fupMB8GA1UdIwQY
MBaAFLCv0MuXdf9Hjxhfj5gNWx2S1L5PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tfUXk1ZDFfMGVQR0YtUG1BMWJIWkxVdms4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84MDBmZmQtYzUzYi00NjQ2LWIyNmUt
NmVmNWM0NzM1ZThhLzEveFBiVVgyXzlqV2dsUE93ekVnOHpNM3o1LTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84MDBmZmQtYzUzYi00NjQ2LWIyNmUtNmVmNWM0NzM1ZThh
LzEvc0tfUXk1ZDFfMGVQR0YtUG1BMWJIWkxVdms4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUF4AAwQC
XXPUAwQCuU+QAwQCvPesMA0GCSqGSIb3DQEBCwUAA4IBAQAoMTY1BxnO6/T7eGoE
TzxyyV7LK1LL6/eWbG1oY7sssWuOv1VT2sUk2EbXgcnvnnki8S4baWnFMNuc8dK1
cTMR3BIq6/sI7vYCr/96b7PhTM1DQEvA7LjAIHEyPSjEWRdU20BDa6SApLTTyoix
xHXxLXZk9P9gi6C6xhHRmEY4Dk1JHJsyogtqlKq+aOvqirLqMWtVFlyNt00F/HVe
zNQdUNVRfn/ZYXEFK59SzN45pXtttIE5aPiGUlputCk8obg42qCd3amUKGCifxpd
IYTFNQm2Pz5Ad80+pZRuaRPz636TAkG8IYfjB6mLuVQy9xt10M7C0Mce78wLeSHb
l2O7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:53 2025 by rpki-client