Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/1-rArxiUqybAbRFfYbVuaNec7sLk.roa
File: 1-rArxiUqybAbRFfYbVuaNec7sLk.roa (raw, json)
Hash identifier: h/vwgF3Q3QdkOapOL662fCwWlDXDmohky9sw6oECAk8=
Subject key identifier: FA:B0:2B:C6:25:2A:C9:B0:1B:44:57:D8:6D:5B:9A:35:E7:3B:B0:B9
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 018389F0942B5928D38157602BDA8E4DC3BE
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/1-rArxiUqybAbRFfYbVuaNec7sLk.roa
Signing time: Thu 29 Sep 2022 15:49:48 +0000
ROA not before: Thu 29 Sep 2022 15:49:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39235
IP address blocks: 80.251.240.0/20 maxlen: 20
77.95.192.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:89:f0:94:2b:59:28:d3:81:57:60:2b:da:8e:4d:c3:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Sep 29 15:49:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fab02bc6252ac9b01b4457d86d5b9a35e73bb0b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:71:59:ca:88:f3:01:6a:d1:fa:6a:3b:f4:48:
9e:45:a5:0d:7a:64:47:c9:d3:31:42:0b:e1:69:1e:
8e:00:e6:97:9d:21:ef:67:fb:1f:c3:4a:6f:89:7c:
b7:b6:4b:51:da:d4:1f:fd:f5:dc:3e:c3:4f:04:58:
c0:4b:2b:fe:69:5f:da:14:82:c5:11:4c:dd:48:2d:
83:81:b3:6d:e9:a6:24:56:84:0d:bf:48:b2:3a:9d:
f5:43:1c:0b:ad:4e:f7:c5:b3:bc:9b:ac:cf:50:cc:
45:5d:7d:3c:90:9f:12:cd:a0:fb:ca:0f:d9:a8:67:
1b:7d:0d:95:6d:cc:dd:ec:af:46:10:da:28:d7:0f:
b9:12:ea:6b:17:84:ed:12:88:ad:b1:24:50:ae:68:
f7:4d:ef:d6:33:a2:ba:3f:d7:f5:d3:1b:83:d9:db:
c3:a9:0a:24:58:75:bc:44:2b:78:71:2f:2b:39:e2:
ab:37:40:62:46:9a:5e:fc:d3:a9:18:67:87:eb:f9:
d7:b6:b4:03:c9:dd:bd:47:30:d2:9a:84:2a:98:9d:
16:00:84:e3:1f:26:58:f0:06:ff:65:96:d6:7e:e0:
ca:4b:4f:0e:b8:df:28:ea:f9:58:cf:94:8a:e2:1a:
e6:03:ae:77:05:4a:38:56:bc:6c:25:6c:99:79:c1:
36:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B0:2B:C6:25:2A:C9:B0:1B:44:57:D8:6D:5B:9A:35:E7:3B:B0:B9
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/1-rArxiUqybAbRFfYbVuaNec7sLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.192.0/21
80.251.240.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:f1:eb:27:43:f8:07:05:e4:1f:a4:fa:d4:ef:bb:29:e0:c9:
50:9a:fc:29:1d:e9:bf:d1:7d:9a:16:00:d3:03:57:ff:ac:d8:
d7:35:55:c1:27:fa:d2:a5:b0:ba:35:fc:81:af:de:c7:fb:2c:
ba:73:79:05:00:02:6c:12:d2:49:2e:d7:23:80:45:be:03:34:
23:e6:b6:ab:d4:01:5a:c4:cd:ec:b8:3b:d7:31:9e:78:72:cd:
08:a7:6a:a5:58:d0:be:04:08:c5:28:cc:fb:b5:45:6e:5a:bc:
b8:df:56:64:df:2f:cf:26:6f:1e:f4:ff:61:bc:91:c6:67:f5:
1a:d9:80:3e:5a:75:50:11:20:4b:15:95:a6:3d:a6:f7:cf:9c:
1c:7d:46:40:2f:7e:7c:60:21:5c:03:cb:3d:8b:c7:ac:22:1d:
f0:98:22:ee:10:d1:cc:ce:67:01:d7:8a:11:69:a7:fc:24:09:
9e:f1:70:a0:ed:0a:d5:5e:2a:f6:f2:1a:dd:1a:81:30:73:4b:
79:33:ab:f4:1d:14:c4:f9:74:b8:d3:ff:65:da:70:b2:8c:a9:
82:96:a8:f7:67:75:c9:b6:82:3a:48:73:a0:3b:f9:b3:af:d9:
46:43:4b:02:a3:f6:80:b2:d4:f6:d1:01:b8:64:58:be:b0:68:
b9:0a:93:a8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYOJ8JQrWSjTgVdgK9qOTcO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjIwOTI5MTU0OTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWIwMmJjNjI1MmFjOWIwMWI0NDU3ZDg2ZDViOWEzNWU3M2JiMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnFZyojzAWrR+mo79EieRaUNemRH
ydMxQgvhaR6OAOaXnSHvZ/sfw0pviXy3tktR2tQf/fXcPsNPBFjASyv+aV/aFILF
EUzdSC2DgbNt6aYkVoQNv0iyOp31QxwLrU73xbO8m6zPUMxFXX08kJ8SzaD7yg/Z
qGcbfQ2Vbczd7K9GENoo1w+5EuprF4TtEoitsSRQrmj3Te/WM6K6P9f10xuD2dvD
qQokWHW8RCt4cS8rOeKrN0BiRppe/NOpGGeH6/nXtrQDyd29RzDSmoQqmJ0WAITj
HyZY8Ab/ZZbWfuDKS08OuN8o6vlYz5SK4hrmA653BUo4VrxsJWyZecE2OwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqwK8YlKsmwG0RX2G1bmjXnO7C5MB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvMS1yQXJ4aVVxeWJBYlJGZlliVnVhTmVjN3NMay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGQvYzgwOTJlLTlmOGMtNDcxOC1iNzcwLWMyOWI0NGRlNTNh
OC8xL1hUblJXOUw4eUVkeHVtcWltcVZFS0xJYzcyQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA01fwAME
BFD78DANBgkqhkiG9w0BAQsFAAOCAQEAoPHrJ0P4BwXkH6T61O+7KeDJUJr8KR3p
v9F9mhYA0wNX/6zY1zVVwSf60qWwujX8ga/ex/ssunN5BQACbBLSSS7XI4BFvgM0
I+a2q9QBWsTN7Lg71zGeeHLNCKdqpVjQvgQIxSjM+7VFblq8uN9WZN8vzyZvHvT/
YbyRxmf1GtmAPlp1UBEgSxWVpj2m98+cHH1GQC9+fGAhXAPLPYvHrCId8Jgi7hDR
zM5nAdeKEWmn/CQJnvFwoO0K1V4q9vIa3RqBMHNLeTOr9B0UxPl0uNP/Zdpwsoyp
gpao92d1ybaCOkhzoDv5s6/ZRkNLAqP2gLLU9tEBuGRYvrBouQqTqA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:23 2025 by rpki-client