Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/4lQOpcqPbpF12-LCUvrGwP4kgIE.roa
File: 4lQOpcqPbpF12-LCUvrGwP4kgIE.roa (raw, json)
Hash identifier: pE/a7uLccpF1xxwh/reXW6xkVmfohvLE46VfpPKzfok=
Subject key identifier: E2:54:0E:A5:CA:8F:6E:91:75:DB:E2:C2:52:FA:C6:C0:FE:24:80:81
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 055EB2E2
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/4lQOpcqPbpF12-LCUvrGwP4kgIE.roa
Signing time: Tue 22 Mar 2022 15:32:25 +0000
ROA not before: Tue 22 Mar 2022 15:32:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20803
IP address blocks: 80.66.65.0/24 maxlen: 24
80.66.70.0/24 maxlen: 24
80.66.66.0/24 maxlen: 24
80.66.77.0/24 maxlen: 24
80.66.78.0/23 maxlen: 24
80.66.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90092258 (0x55eb2e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Mar 22 15:32:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2540ea5ca8f6e9175dbe2c252fac6c0fe248081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:00:64:2e:75:6f:b2:3d:9d:05:05:00:8c:ba:
0a:df:04:6d:28:06:a4:01:5e:71:e6:b4:c2:d7:55:
ee:50:eb:14:a3:5a:78:c0:da:80:fc:b7:3e:bb:7b:
a6:6d:04:51:d3:d7:83:9e:67:87:c1:be:18:53:5a:
3c:f0:4a:73:fc:9d:74:da:b7:22:22:f6:e1:ac:f8:
53:11:68:65:01:45:fc:9a:12:df:7d:73:95:df:81:
7e:ab:18:25:cb:e7:3c:2b:7c:95:36:f4:ec:eb:c3:
2a:20:a9:59:d9:dc:40:5a:9f:29:88:b5:46:4b:88:
b3:66:9b:34:0d:f3:4e:f6:28:30:07:19:82:ed:65:
4f:c2:a0:86:6d:af:6a:0d:9f:b3:f5:33:a0:ef:f3:
fb:30:9f:bc:8e:53:a9:ea:ed:d9:95:38:f3:5b:cb:
88:24:d3:d1:71:ee:53:54:54:ab:ed:6d:7d:55:89:
bc:dd:60:35:0b:54:40:dd:09:02:17:06:6a:b6:90:
c0:46:6d:50:a1:2e:f6:69:b1:df:91:c4:43:26:cd:
06:02:f9:ad:45:61:39:71:52:52:c0:6d:49:f1:50:
92:53:d6:41:1a:89:34:56:2d:b4:0b:da:65:88:0c:
a2:e0:47:42:c2:4f:63:03:ea:d5:87:39:07:9c:7c:
ea:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:54:0E:A5:CA:8F:6E:91:75:DB:E2:C2:52:FA:C6:C0:FE:24:80:81
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/4lQOpcqPbpF12-LCUvrGwP4kgIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.65.0-80.66.66.255
80.66.70.0/24
80.66.75.0/24
80.66.77.0-80.66.79.255
Signature Algorithm: sha256WithRSAEncryption
0b:72:44:33:63:34:52:34:83:6c:01:10:99:29:ff:27:26:92:
7b:01:54:f8:b4:ab:2f:59:6b:80:3d:6a:33:cd:8d:98:1c:42:
7f:7d:e5:70:ad:2a:f5:b5:46:73:c7:88:14:9c:4e:f3:e1:04:
79:ed:9a:1d:8c:70:e3:6c:25:16:25:75:d5:52:ee:32:8c:81:
d8:67:71:b9:96:bf:18:9b:af:70:fb:0f:d1:21:6c:e2:12:74:
e5:32:77:3c:86:b7:c8:a2:7a:65:1c:22:cc:db:91:17:6d:a4:
a1:06:5c:98:54:72:23:9d:a6:df:4c:35:3c:a7:4f:a4:eb:ce:
04:4a:a5:7e:74:34:db:f4:5d:1f:13:c5:0b:ed:5a:98:e2:d7:
c1:3c:28:41:8a:84:51:7a:9f:a8:b6:42:58:bf:92:4f:fb:9e:
03:1d:c2:00:3d:15:5f:58:72:bf:48:a4:31:31:f5:ea:f8:26:
8b:40:1e:6a:25:6e:a9:f5:5d:e9:31:80:9b:cb:18:4d:6f:1f:
1f:d9:9f:a2:dd:d6:ad:51:4c:72:ec:d4:18:1e:1e:bf:c2:d6:
71:69:7f:09:c9:d1:b3:0a:79:fa:c6:14:aa:1a:db:0d:11:9b:
77:0c:db:a9:bc:87:da:8d:8c:3c:08:e7:f3:62:6f:0b:04:04:
0b:b5:55:16
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBV6y4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NzNiNGMxMjQ4YzRiY2YyMmIwNTc3ZGZjYTliMTRkOTA2M2MyOGMwMB4XDTIyMDMy
MjE1MzIyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI1NDBlYTVjYThm
NmU5MTc1ZGJlMmMyNTJmYWM2YzBmZTI0ODA4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoAZC51b7I9nQUFAIy6Ct8EbSgGpAFecea0wtdV7lDrFKNa
eMDagPy3Prt7pm0EUdPXg55nh8G+GFNaPPBKc/yddNq3IiL24az4UxFoZQFF/JoS
331zld+BfqsYJcvnPCt8lTb07OvDKiCpWdncQFqfKYi1RkuIs2abNA3zTvYoMAcZ
gu1lT8Kghm2vag2fs/UzoO/z+zCfvI5Tqert2ZU481vLiCTT0XHuU1RUq+1tfVWJ
vN1gNQtUQN0JAhcGaraQwEZtUKEu9mmx35HEQybNBgL5rUVhOXFSUsBtSfFQklPW
QRqJNFYttAvaZYgMouBHQsJPYwPq1Yc5B5x86pECAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTiVA6lyo9ukXXb4sJS+sbA/iSAgTAfBgNVHSMEGDAWgBQHO0wSSMS88isF
d9/KmxTZBjwowDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0J6dE1Fa2pFdlBJckJYZmZ5cHNVMlFZOEtNQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNjNkYmU1LTVhYTMtNGYxOS04ZGE0LWE4ZDM2MWNlNjRhYS8x
LzRsUU9wY3FQYnBGMTItTENVdnJHd1A0a2dJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NjNkYmU1LTVhYTMtNGYxOS04ZGE0LWE4ZDM2MWNlNjRhYS8xL0J6dE1Fa2pFdlBJ
ckJYZmZ5cHNVMlFZOEtNQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQAUEJBAwQAUEJCAwQAUEJGAwQA
UEJLMAwDBABQQk0DBARQQkAwDQYJKoZIhvcNAQELBQADggEBAAtyRDNjNFI0g2wB
EJkp/ycmknsBVPi0qy9Za4A9ajPNjZgcQn995XCtKvW1RnPHiBScTvPhBHntmh2M
cONsJRYlddVS7jKMgdhncbmWvxibr3D7D9EhbOISdOUydzyGt8iiemUcIszbkRdt
pKEGXJhUciOdpt9MNTynT6TrzgRKpX50NNv0XR8TxQvtWpji18E8KEGKhFF6n6i2
Qli/kk/7ngMdwgA9FV9Ycr9IpDEx9er4JotAHmolbqn1XekxgJvLGE1vHx/Zn6Ld
1q1RTHLs1BgeHr/C1nFpfwnJ0bMKefrGFKoa2w0Rm3cM26m8h9qNjDwI5/NibwsE
BAu1VRY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:53 2023 by rpki-client on console-fra.rpki-client.org