Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/J4IFqvPkhIM_fsoFuXSo4aDlvA4.roa
File: J4IFqvPkhIM_fsoFuXSo4aDlvA4.roa (raw, json)
Hash identifier: 9iXq8aHWW61yR6NeIlIn6kCwJK4ygLFLsVUP08EXSFw=
Subject key identifier: 27:82:05:AA:F3:E4:84:83:3F:7E:CA:05:B9:74:A8:E1:A0:E5:BC:0E
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 0185728C87759858B3F288CC1735989F58FE
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/J4IFqvPkhIM_fsoFuXSo4aDlvA4.roa
Signing time: Mon 02 Jan 2023 12:54:50 +0000
ROA not before: Mon 02 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209090
IP address blocks: 80.67.186.0/24 maxlen: 24
2001:913:5000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:87:75:98:58:b3:f2:88:cc:17:35:98:9f:58:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=278205aaf3e484833f7eca05b974a8e1a0e5bc0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:de:1b:ae:fd:0e:91:f6:cd:74:63:07:54:2b:
40:ed:cb:18:35:ff:f3:49:9f:30:88:14:3b:ff:7b:
16:3b:44:95:e2:e7:e4:73:53:cb:cd:4e:56:ee:57:
77:f1:82:35:8f:fb:0e:a4:46:5b:13:38:f6:15:43:
4d:9a:fb:aa:7c:27:dc:94:e9:77:eb:d9:1d:39:0c:
3b:4f:6f:a0:99:aa:a4:d3:d1:08:ce:34:0b:f7:03:
0a:d9:20:b0:eb:9d:33:09:21:2a:88:80:35:0d:77:
1b:25:ab:8a:4e:0c:a0:0d:db:fa:f9:59:02:1e:77:
24:e8:5a:11:82:c4:96:87:c2:78:9e:a6:da:85:39:
6d:20:35:d0:80:62:3d:7a:b3:00:55:0d:be:ec:c1:
24:e6:73:e6:d6:db:34:94:fc:b7:fd:1d:20:64:4e:
b6:d7:16:69:35:b0:54:b5:f4:07:28:eb:b5:c0:3b:
d3:b0:21:0b:ea:de:d7:02:f4:a6:94:45:38:ad:24:
4d:a3:b0:24:ff:6d:89:f6:05:26:7e:ba:84:90:f4:
26:20:64:17:67:72:8b:1f:cc:dc:94:30:fc:ee:45:
82:e9:fa:43:b5:fa:cb:3d:6a:db:60:28:6d:b2:e8:
96:56:61:76:9a:35:94:a8:2f:75:75:be:41:48:24:
24:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:82:05:AA:F3:E4:84:83:3F:7E:CA:05:B9:74:A8:E1:A0:E5:BC:0E
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/J4IFqvPkhIM_fsoFuXSo4aDlvA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.186.0/24
IPv6:
2001:913:5000::/36
Signature Algorithm: sha256WithRSAEncryption
7d:30:95:88:7d:aa:43:52:ba:af:ed:c5:29:4c:4e:2f:a2:39:
77:7d:98:5b:6c:f8:43:20:7e:65:87:9c:ef:ce:58:f5:69:83:
23:3e:a2:91:bf:a3:0f:a8:be:4a:f6:cd:22:f3:25:65:84:d3:
06:29:5a:7b:6c:08:25:30:c9:09:b5:16:11:42:aa:0f:2d:3e:
82:6e:c5:ae:e8:d3:dc:dc:02:a8:ce:50:a4:f0:2d:ee:b9:76:
85:88:b9:d9:28:46:d5:8e:cb:c6:00:57:15:a3:a2:81:7d:4a:
92:bc:1e:ca:1c:c7:0f:a2:b6:0d:9e:a9:ab:ba:31:58:4c:16:
8f:df:f6:73:12:ba:28:df:04:a4:9e:85:03:04:8c:57:8e:bc:
1c:0c:d4:45:c4:08:d5:06:39:e5:71:7d:d1:ba:85:28:9f:f6:
a9:86:d2:4f:c6:0e:d0:40:5b:b6:ad:d7:31:7e:44:b1:9d:61:
34:dd:1e:1d:8e:ac:b2:51:ed:a7:d7:22:a8:02:45:ac:a8:9f:
3f:fb:47:0f:af:d6:36:38:3d:bb:11:c1:b4:cd:22:7e:cb:29:
d1:37:19:43:58:df:98:c6:ec:16:89:16:48:b9:74:cc:21:bf:
e6:af:1b:72:f0:c5:13:52:3d:1c:cf:62:cd:49:de:3a:31:c3:
70:20:2f:8b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVyjId1mFiz8ojMFzWYn1j+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjMwMTAyMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzgyMDVhYWYzZTQ4NDgzM2Y3ZWNhMDViOTc0YThlMWEwZTViYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN4brv0OkfbNdGMHVCtA7csYNf/z
SZ8wiBQ7/3sWO0SV4ufkc1PLzU5W7ld38YI1j/sOpEZbEzj2FUNNmvuqfCfclOl3
69kdOQw7T2+gmaqk09EIzjQL9wMK2SCw650zCSEqiIA1DXcbJauKTgygDdv6+VkC
Hnck6FoRgsSWh8J4nqbahTltIDXQgGI9erMAVQ2+7MEk5nPm1ts0lPy3/R0gZE62
1xZpNbBUtfQHKOu1wDvTsCEL6t7XAvSmlEU4rSRNo7Ak/22J9gUmfrqEkPQmIGQX
Z3KLH8zclDD87kWC6fpDtfrLPWrbYChtsuiWVmF2mjWUqC91db5BSCQk6wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCeCBarz5ISDP37KBbl0qOGg5bwOMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvSjRJRnF2UGtoSU1fZnNvRnVYU280YURsdkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAUEO6MA4E
AgACMAgDBgQgAQkTUDANBgkqhkiG9w0BAQsFAAOCAQEAfTCViH2qQ1K6r+3FKUxO
L6I5d32YW2z4QyB+ZYec785Y9WmDIz6ikb+jD6i+SvbNIvMlZYTTBilae2wIJTDJ
CbUWEUKqDy0+gm7FrujT3NwCqM5QpPAt7rl2hYi52ShG1Y7LxgBXFaOigX1Kkrwe
yhzHD6K2DZ6pq7oxWEwWj9/2cxK6KN8EpJ6FAwSMV468HAzURcQI1QY55XF90bqF
KJ/2qYbST8YO0EBbtq3XMX5EsZ1hNN0eHY6sslHtp9ciqAJFrKifP/tHD6/WNjg9
uxHBtM0ifssp0TcZQ1jfmMbsFokWSLl0zCG/5q8bcvDFE1I9HM9izUneOjHDcCAv
iw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:28:14 2025 by rpki-client