Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/xndXyISzor1uoDV0tqUXt7zYb1k.roa
File: xndXyISzor1uoDV0tqUXt7zYb1k.roa (raw, json)
Hash identifier: jo5akmXoO10QlSwO86SB+YyL5UJ09jWY/FEhUXDemrk=
Subject key identifier: C6:77:57:C8:84:B3:A2:BD:6E:A0:35:74:B6:A5:17:B7:BC:D8:6F:59
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 0DE85BCD
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/xndXyISzor1uoDV0tqUXt7zYb1k.roa
Signing time: Sat 01 Jan 2022 08:00:51 +0000
ROA not before: Sat 01 Jan 2022 08:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51083
IP address blocks: 80.67.185.0/24 maxlen: 24
80.67.183.0/24 maxlen: 24
80.67.180.0/24 maxlen: 24
80.67.189.0/24 maxlen: 24
2001:912:4000::/36 maxlen: 36
2001:912:1000::/36 maxlen: 36
2001:912::/36 maxlen: 36
2001:912:3000::/36 maxlen: 36
2001:912:2000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233331661 (0xde85bcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 1 08:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c67757c884b3a2bd6ea03574b6a517b7bcd86f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:63:81:0a:b3:b2:ca:42:0c:3b:db:ba:e5:09:
ac:7d:e0:61:14:42:35:ed:9e:33:9a:76:d8:cd:be:
e3:69:46:d9:25:e2:fd:01:54:67:12:b7:ce:aa:fe:
79:b0:02:5d:27:06:72:e1:6d:ec:d3:30:9d:43:14:
cd:30:d1:c3:88:90:86:4c:32:bb:d1:01:72:58:0d:
29:18:fc:64:9f:09:1f:f5:65:8f:a8:86:0c:ff:72:
d0:85:aa:8c:11:8b:c3:37:4e:3a:e0:92:07:88:d9:
21:9d:ca:52:98:6f:6d:7a:0e:63:0b:9f:41:1d:2c:
ce:72:19:30:95:3b:e2:f7:ee:55:9d:fd:b1:dc:13:
91:b9:3b:4d:d8:70:01:0c:b3:34:b7:81:62:93:0c:
1a:c8:93:96:fc:8c:7d:fa:99:55:4c:ab:d1:54:d1:
8c:af:e9:6b:a3:2f:8c:0f:a4:0f:2c:92:fb:63:e4:
67:51:93:6f:07:80:eb:16:fb:58:4e:e9:18:9e:35:
e1:29:5e:bb:e1:27:f7:b2:34:e4:b3:8d:16:20:81:
d3:dc:01:5e:d2:08:14:b6:29:82:07:1a:5d:05:ab:
67:2d:a4:51:78:f5:19:91:55:9a:93:7f:3a:e4:c1:
1d:8a:1c:e4:d4:8f:2f:55:a3:7c:e7:33:23:e2:c2:
4e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:77:57:C8:84:B3:A2:BD:6E:A0:35:74:B6:A5:17:B7:BC:D8:6F:59
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/xndXyISzor1uoDV0tqUXt7zYb1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.180.0/24
80.67.183.0/24
80.67.185.0/24
80.67.189.0/24
IPv6:
2001:912::-2001:912:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
82:94:f8:c6:2a:3b:ba:7a:6c:42:6d:34:43:1d:44:da:e2:27:
35:83:f9:7e:57:ff:dc:7a:e7:fd:03:fc:86:e7:59:d0:6f:25:
be:41:2b:a3:13:4c:fa:03:4c:9d:01:26:48:66:5e:f3:aa:59:
c8:a9:95:7e:c7:43:7c:53:7b:2a:d7:30:b1:14:b1:95:2a:9e:
b6:8a:aa:6c:a1:c2:fd:f4:f7:a2:f4:78:58:38:a2:2b:51:bd:
7a:70:84:36:f8:a9:bb:6c:8e:64:31:4d:19:75:fa:20:f2:9b:
f8:9a:a0:d2:ac:5f:e5:75:39:1e:4b:30:fc:ee:6a:67:f4:ab:
7c:3c:d4:bf:e6:52:ce:ec:49:ea:26:79:45:40:cc:ac:76:b5:
e6:42:a2:38:ec:14:51:a3:7f:0a:ad:0f:d4:03:8f:aa:c2:66:
cf:cf:71:18:55:87:21:b6:75:ff:c9:d5:6c:ac:19:a5:40:3a:
83:87:72:d1:8f:1b:e2:6a:96:d7:8a:a2:2c:8f:67:39:a6:a9:
c8:6b:c0:4b:b7:f1:b2:62:31:09:18:5a:ab:83:52:28:eb:31:
47:bb:45:93:9e:f8:65:2e:ca:a5:0a:63:4a:54:f1:08:df:63:
83:78:b7:ef:6b:27:b1:70:6f:c7:15:63:86:a5:5d:dc:c7:fe:
1f:58:ec:88
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEDehbzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmVkMmZiYjcyMTNmYmYzMmFkNGMwODdmOGIwYjIyY2VjZWY0ZmVhMB4XDTIyMDEw
MTA4MDA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY3NzU3Yzg4NGIz
YTJiZDZlYTAzNTc0YjZhNTE3YjdiY2Q4NmY1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOxjgQqzsspCDDvbuuUJrH3gYRRCNe2eM5p22M2+42lG2SXi
/QFUZxK3zqr+ebACXScGcuFt7NMwnUMUzTDRw4iQhkwyu9EBclgNKRj8ZJ8JH/Vl
j6iGDP9y0IWqjBGLwzdOOuCSB4jZIZ3KUphvbXoOYwufQR0sznIZMJU74vfuVZ39
sdwTkbk7TdhwAQyzNLeBYpMMGsiTlvyMffqZVUyr0VTRjK/pa6MvjA+kDyyS+2Pk
Z1GTbweA6xb7WE7pGJ414Sleu+En97I05LONFiCB09wBXtIIFLYpggcaXQWrZy2k
UXj1GZFVmpN/OuTBHYoc5NSPL1WjfOczI+LCTn0CAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBTGd1fIhLOivW6gNXS2pRe3vNhvWTAfBgNVHSMEGDAWgBRy7S+7chP78yrU
wIf4sLIs7O9P6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2N1MHZ1M0lULV9NcTFNQ0gtTEN5TE96dlQtby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvZTVhODkyLTIzZjUtNDlmYS1iNmE5LWE2NTIzM2IzZTk3NS8x
L3huZFh5SVN6b3IxdW9EVjB0cVVYdDd6WWIxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ZTVhODkyLTIzZjUtNDlmYS1iNmE5LWE2NTIzM2IzZTk3NS8xL2N1MHZ1M0lULV9N
cTFNQ0gtTEN5TE96dlQtby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwHgQCAAEwGAMEAFBDtAMEAFBDtwMEAFBDuQMEAFBD
vTAXBAIAAjARMA8DBQEgAQkSAwYEIAEJEkAwDQYJKoZIhvcNAQELBQADggEBAIKU
+MYqO7p6bEJtNEMdRNriJzWD+X5X/9x65/0D/IbnWdBvJb5BK6MTTPoDTJ0BJkhm
XvOqWciplX7HQ3xTeyrXMLEUsZUqnraKqmyhwv3096L0eFg4oitRvXpwhDb4qbts
jmQxTRl1+iDym/iaoNKsX+V1OR5LMPzuamf0q3w81L/mUs7sSeomeUVAzKx2teZC
ojjsFFGjfwqtD9QDj6rCZs/PcRhVhyG2df/J1WysGaVAOoOHctGPG+JqlteKoiyP
ZzmmqchrwEu38bJiMQkYWquDUijrMUe7RZOe+GUuyqUKY0pU8QjfY4N4t+9rJ7Fw
b8cVY4alXdzH/h9Y7Ig=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:45:16 2025 by rpki-client