Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/8_AY-z-I_ZOCjOJXvbU_77fMwuQ.roa
File: 8_AY-z-I_ZOCjOJXvbU_77fMwuQ.roa (raw, json)
Hash identifier: ZUumfetVw0ccPMcAGZG3fTsX0C+Hwt/2AEhCgxtzrww=
Subject key identifier: F3:F0:18:FB:3F:88:FD:93:82:8C:E2:57:BD:B5:3F:EF:B7:CC:C2:E4
Certificate issuer: /CN=48f47a31172fb549c696132880c6824fb0777b55
Certificate serial: 01856E1448D462EDF9312AFF9AE4C7B90C63
Authority key identifier: 48:F4:7A:31:17:2F:B5:49:C6:96:13:28:80:C6:82:4F:B0:77:7B:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SPR6MRcvtUnGlhMogMaCT7B3e1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/8_AY-z-I_ZOCjOJXvbU_77fMwuQ.roa
Signing time: Sun 01 Jan 2023 16:05:01 +0000
ROA not before: Sun 01 Jan 2023 16:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49509
IP address blocks: 185.79.80.0/23 maxlen: 24
2a02:23e9::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:48:d4:62:ed:f9:31:2a:ff:9a:e4:c7:b9:0c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48f47a31172fb549c696132880c6824fb0777b55
Validity
Not Before: Jan 1 16:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3f018fb3f88fd93828ce257bdb53fefb7ccc2e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:01:cf:1f:27:f1:22:09:22:12:f8:02:87:2d:
c6:c2:0f:1d:95:79:ff:b3:90:0b:70:76:46:c6:34:
a7:ef:04:b6:70:b4:10:d6:1c:61:0d:af:9d:d6:01:
40:4a:b8:85:a9:d8:21:4a:b8:90:1c:b3:17:ff:4b:
8f:78:23:15:dc:5e:fb:f3:06:dd:0d:54:f0:d2:ba:
d8:18:a9:50:5d:3b:59:48:39:f3:80:b6:7b:3d:cb:
b6:7b:41:1e:b3:a0:5e:d7:54:97:44:5b:26:75:33:
d0:d5:5b:c9:e0:f1:0a:02:20:52:d5:d9:6f:0f:99:
13:d4:96:d9:49:f9:f9:31:b4:73:e1:1d:fe:d4:e8:
0e:bc:06:29:87:89:dd:a6:ef:c4:88:3e:d9:12:9a:
00:80:a0:27:0b:48:8a:c5:97:b3:9a:bb:7b:be:4d:
16:08:2b:72:32:f1:6f:6b:eb:0b:68:73:c9:66:7f:
ba:24:cb:ca:8c:a0:20:7a:48:72:e2:4a:c6:6d:07:
1a:da:7f:15:a8:29:20:a1:65:ec:92:d5:b2:36:4d:
f8:dd:ae:2e:65:05:84:b6:a3:8f:c8:e2:09:d2:35:
1e:27:18:f1:b6:52:68:12:56:79:ee:91:c9:86:6a:
14:ac:67:86:87:55:82:51:26:92:10:f0:3a:55:ac:
a5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F0:18:FB:3F:88:FD:93:82:8C:E2:57:BD:B5:3F:EF:B7:CC:C2:E4
X509v3 Authority Key Identifier:
keyid:48:F4:7A:31:17:2F:B5:49:C6:96:13:28:80:C6:82:4F:B0:77:7B:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SPR6MRcvtUnGlhMogMaCT7B3e1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/8_AY-z-I_ZOCjOJXvbU_77fMwuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/SPR6MRcvtUnGlhMogMaCT7B3e1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.80.0/23
IPv6:
2a02:23e9::/32
Signature Algorithm: sha256WithRSAEncryption
00:30:4a:4c:30:da:5c:0d:79:e4:9f:b2:84:9f:d7:de:4d:db:
47:b4:b3:38:0a:81:41:d4:6f:b3:27:a5:9e:20:1e:35:5d:90:
d7:a3:75:35:94:95:15:35:5d:45:af:0e:e6:19:7b:98:a0:d7:
0e:ad:1f:3c:37:63:ef:aa:43:e0:6f:13:4d:c0:11:12:c5:8a:
1c:c2:85:21:17:ae:3b:b4:51:03:1a:78:c8:4d:91:5a:9c:55:
d3:29:ec:0a:1e:40:a5:bc:c1:7f:1b:75:52:cd:e7:b6:43:d7:
c4:21:cb:e2:57:e4:25:bb:0f:14:06:a3:2f:89:98:da:13:16:
2a:f6:8a:f0:0a:e2:ea:85:30:bb:ec:3d:a3:4e:02:46:02:5e:
db:a4:02:e7:57:52:fd:ef:0f:b7:9c:72:ee:28:a3:25:12:0f:
55:81:68:4e:bc:54:b9:79:02:38:b9:e9:8e:24:9d:77:0e:f1:
1d:5b:a1:9e:30:17:27:fb:de:df:b7:1c:5c:82:2f:3e:5c:6f:
f4:5c:02:0b:84:ac:a3:98:19:39:ba:2a:dd:68:0c:9e:f8:a4:
b3:d2:e5:01:64:61:cf:0c:01:26:c5:e1:15:ec:6f:e1:49:2c:
eb:22:b0:14:31:2a:8e:71:ff:60:af:a7:98:ad:ba:ac:3d:1d:
11:43:7b:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuFEjUYu35MSr/muTHuQxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZjQ3YTMxMTcyZmI1NDljNjk2MTMyODgwYzY4MjRmYjA3
NzdiNTUwHhcNMjMwMTAxMTYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2YwMThmYjNmODhmZDkzODI4Y2UyNTdiZGI1M2ZlZmI3Y2NjMmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwHPHyfxIgkiEvgChy3Gwg8dlXn/
s5ALcHZGxjSn7wS2cLQQ1hxhDa+d1gFASriFqdghSriQHLMX/0uPeCMV3F778wbd
DVTw0rrYGKlQXTtZSDnzgLZ7Pcu2e0Ees6Be11SXRFsmdTPQ1VvJ4PEKAiBS1dlv
D5kT1JbZSfn5MbRz4R3+1OgOvAYph4ndpu/EiD7ZEpoAgKAnC0iKxZezmrt7vk0W
CCtyMvFva+sLaHPJZn+6JMvKjKAgekhy4krGbQca2n8VqCkgoWXsktWyNk343a4u
ZQWEtqOPyOIJ0jUeJxjxtlJoElZ57pHJhmoUrGeGh1WCUSaSEPA6VayllwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPPwGPs/iP2TgoziV721P++3zMLkMB8GA1UdIwQY
MBaAFEj0ejEXL7VJxpYTKIDGgk+wd3tVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1BSNk1SY3Z0VW5HbGhNb2dNYUNUN0IzZTFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTA2MzgtOGE5OS00MDYzLTkzYTAt
NmU5OTM4OTcyNzA4LzEvOF9BWS16LUlfWk9Dak9KWHZiVV83N2ZNd3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTA2MzgtOGE5OS00MDYzLTkzYTAtNmU5OTM4OTcyNzA4
LzEvU1BSNk1SY3Z0VW5HbGhNb2dNYUNUN0IzZTFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuU9QMA0E
AgACMAcDBQAqAiPpMA0GCSqGSIb3DQEBCwUAA4IBAQAAMEpMMNpcDXnkn7KEn9fe
TdtHtLM4CoFB1G+zJ6WeIB41XZDXo3U1lJUVNV1Frw7mGXuYoNcOrR88N2PvqkPg
bxNNwBESxYocwoUhF647tFEDGnjITZFanFXTKewKHkClvMF/G3VSzee2Q9fEIcvi
V+Qluw8UBqMviZjaExYq9orwCuLqhTC77D2jTgJGAl7bpALnV1L97w+3nHLuKKMl
Eg9VgWhOvFS5eQI4uemOJJ13DvEdW6GeMBcn+97ftxxcgi8+XG/0XAILhKyjmBk5
uirdaAye+KSz0uUBZGHPDAEmxeEV7G/hSSzrIrAUMSqOcf9gr6eYrbqsPR0RQ3sj
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:22 2025 by rpki-client