Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/PZ8m7D67wsLNbs-g3NUh-fZnL7o.roa
File: PZ8m7D67wsLNbs-g3NUh-fZnL7o.roa (raw, json)
Hash identifier: KoKZc96rOylKSMmgzfheWkktkMQWDyRuQzQXpprva3c=
Subject key identifier: 3D:9F:26:EC:3E:BB:C2:C2:CD:6E:CF:A0:DC:D5:21:F9:F6:67:2F:BA
Certificate issuer: /CN=568ae803b9ba38855401827b3eece14505a9c0f6
Certificate serial: 01880A065CFA9A0D2F8F951377CAC98D3199
Authority key identifier: 56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/PZ8m7D67wsLNbs-g3NUh-fZnL7o.roa
Signing time: Thu 11 May 2023 08:56:09 +0000
ROA not before: Thu 11 May 2023 08:56:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20764
IP address blocks: 79.141.208.0/20 maxlen: 20
80.64.96.0/20 maxlen: 20
80.64.98.28/32 maxlen: 32
185.5.160.0/22 maxlen: 22
81.27.240.0/20 maxlen: 20
81.27.253.0/24 maxlen: 24
2a00:1c28::/29 maxlen: 29
2a00:1c28::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:06:5c:fa:9a:0d:2f:8f:95:13:77:ca:c9:8d:31:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568ae803b9ba38855401827b3eece14505a9c0f6
Validity
Not Before: May 11 08:56:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d9f26ec3ebbc2c2cd6ecfa0dcd521f9f6672fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8b:9a:1e:f6:c8:28:6e:fc:37:4a:a2:94:2e:
43:68:96:16:a5:8a:e8:c2:4c:77:8b:c6:b5:cc:e3:
ac:00:dd:ac:1e:fc:78:a3:91:04:f0:17:33:61:07:
e9:51:8e:c8:15:2a:72:d7:dc:87:f4:f9:ea:0a:23:
f3:ce:86:a8:45:80:42:7c:85:9b:87:ab:d9:20:9c:
4f:c0:79:45:8c:18:e5:a2:28:ec:45:e5:f7:52:9c:
4a:bc:a3:75:93:74:16:fc:22:54:ea:55:49:52:01:
da:df:eb:2e:3d:40:0c:9f:70:4a:15:99:7f:65:27:
94:47:4e:54:f9:39:22:75:01:67:c8:68:36:ac:f4:
ea:67:e3:4f:96:26:ce:ff:0a:1e:6d:06:5d:b8:93:
e5:a0:52:60:7a:2b:cf:45:08:3e:2e:29:cd:36:0c:
79:b8:cc:bb:54:d7:63:a3:cb:d3:2a:24:78:85:72:
14:63:3e:ac:aa:14:2f:12:a8:6b:6a:d5:9e:f6:e3:
25:99:4a:91:6e:c8:ac:6d:c3:f6:d8:56:30:88:5a:
c0:60:74:34:77:ef:b0:12:99:1c:85:1f:25:35:41:
f8:f1:6f:2d:9c:53:3f:6b:88:ca:09:42:c6:e5:1e:
96:e8:ec:48:04:1b:c7:51:1e:48:78:e9:73:68:73:
73:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9F:26:EC:3E:BB:C2:C2:CD:6E:CF:A0:DC:D5:21:F9:F6:67:2F:BA
X509v3 Authority Key Identifier:
keyid:56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/PZ8m7D67wsLNbs-g3NUh-fZnL7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.208.0/20
80.64.96.0/20
81.27.240.0/20
185.5.160.0/22
IPv6:
2a00:1c28::/29
Signature Algorithm: sha256WithRSAEncryption
75:ee:b4:82:81:e3:3b:59:05:52:b3:fc:39:c4:92:71:0b:94:
04:a4:46:d8:ae:f6:9e:d9:6b:b0:d4:98:c3:f3:e3:68:9c:65:
fc:fa:c0:5c:68:89:0f:dc:c6:d2:1d:ff:bb:18:15:c0:53:fd:
e4:64:3f:a0:20:a7:d9:51:dd:b3:1f:2c:ed:91:27:af:11:b6:
4d:3b:89:77:77:be:f2:66:27:b6:2f:77:aa:a1:4e:9c:96:9a:
16:de:5f:51:2b:0a:17:dd:0e:57:0f:99:e5:dd:2f:8b:fc:0d:
e4:8a:81:45:ea:73:e7:15:a6:72:de:f0:d5:ee:6d:12:73:2e:
40:2e:d9:d8:17:0f:e1:e1:56:50:8e:42:17:69:8b:c1:d0:6f:
b1:a0:4e:cb:a0:ba:f8:e5:46:83:cc:e6:f8:7d:54:9f:54:fe:
5d:da:43:b4:1f:98:d0:96:6c:0c:cb:7f:d3:95:8b:98:d1:5e:
4f:0d:2c:ab:60:ee:b5:58:b1:88:c4:41:ef:21:5d:a3:4e:40:
80:1c:1b:d6:e9:2c:c6:12:3a:07:46:fa:d2:83:91:a5:2b:95:
6f:3c:da:5b:cc:46:21:69:73:a3:11:07:70:fc:4f:82:a2:b9:
ca:5c:92:db:8d:f9:05:5c:6b:a2:2a:54:23:cd:8b:2d:37:f7:
77:7e:47:ca
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYgKBlz6mg0vj5UTd8rJjTGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGFlODAzYjliYTM4ODU1NDAxODI3YjNlZWNlMTQ1MDVh
OWMwZjYwHhcNMjMwNTExMDg1NjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDlmMjZlYzNlYmJjMmMyY2Q2ZWNmYTBkY2Q1MjFmOWY2NjcyZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIuaHvbIKG78N0qilC5DaJYWpYro
wkx3i8a1zOOsAN2sHvx4o5EE8BczYQfpUY7IFSpy19yH9PnqCiPzzoaoRYBCfIWb
h6vZIJxPwHlFjBjloijsReX3UpxKvKN1k3QW/CJU6lVJUgHa3+suPUAMn3BKFZl/
ZSeUR05U+TkidQFnyGg2rPTqZ+NPlibO/woebQZduJPloFJgeivPRQg+LinNNgx5
uMy7VNdjo8vTKiR4hXIUYz6sqhQvEqhratWe9uMlmUqRbsisbcP22FYwiFrAYHQ0
d++wEpkchR8lNUH48W8tnFM/a4jKCULG5R6W6OxIBBvHUR5IeOlzaHNzNQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFD2fJuw+u8LCzW7PoNzVIfn2Zy+6MB8GA1UdIwQY
MBaAFFaK6AO5ujiFVAGCez7s4UUFqcD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAt
OGVhZThiNzVlOWNhLzEvUFo4bTdENjd3c0xOYnMtZzNOVWgtZlpuTDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAtOGVhZThiNzVlOWNh
LzEvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQET43QAwQE
UEBgAwQEURvwAwQCuQWgMA0EAgACMAcDBQMqABwoMA0GCSqGSIb3DQEBCwUAA4IB
AQB17rSCgeM7WQVSs/w5xJJxC5QEpEbYrvae2Wuw1JjD8+NonGX8+sBcaIkP3MbS
Hf+7GBXAU/3kZD+gIKfZUd2zHyztkSevEbZNO4l3d77yZie2L3eqoU6clpoW3l9R
KwoX3Q5XD5nl3S+L/A3kioFF6nPnFaZy3vDV7m0Scy5ALtnYFw/h4VZQjkIXaYvB
0G+xoE7LoLr45UaDzOb4fVSfVP5d2kO0H5jQlmwMy3/TlYuY0V5PDSyrYO61WLGI
xEHvIV2jTkCAHBvW6SzGEjoHRvrSg5GlK5VvPNpbzEYhaXOjEQdw/E+CornKXJLb
jfkFXGuiKlQjzYstN/d3fkfK
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:41:58 2025 by rpki-client