Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/i9-gU9LzVwBDprq9cpsw1nPbI90.roa
File: i9-gU9LzVwBDprq9cpsw1nPbI90.roa (raw, json)
Hash identifier: 1yZGYfski+zw2/COGTifJesPaeIXXhiRLF4597YdyFg=
Subject key identifier: 8B:DF:A0:53:D2:F3:57:00:43:A6:BA:BD:72:9B:30:D6:73:DB:23:DD
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 03CED7FF
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/i9-gU9LzVwBDprq9cpsw1nPbI90.roa
Signing time: Sat 01 Jan 2022 13:03:58 +0000
ROA not before: Sat 01 Jan 2022 13:03:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31479
IP address blocks: 80.66.112.0/20 maxlen: 20
185.28.48.0/23 maxlen: 23
185.28.49.0/24 maxlen: 24
2a04:3a40::/32 maxlen: 32
2001:4030::/32 maxlen: 32
2001:4030:16::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63887359 (0x3ced7ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 13:03:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bdfa053d2f3570043a6babd729b30d673db23dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fc:d1:c4:40:ed:15:08:2b:70:2a:90:13:e8:
5b:4e:a5:09:54:12:e4:39:eb:61:6a:22:ad:fc:c4:
7b:01:7a:5c:da:93:10:18:97:20:65:1a:19:93:c7:
bd:48:45:6f:fe:c4:dc:fd:6a:62:7d:91:e6:25:33:
f7:0b:f3:1e:1e:83:61:06:c1:f7:17:ec:29:df:40:
c3:ed:15:95:b7:fe:40:ca:2b:70:29:d1:e9:f9:ad:
29:18:ff:2a:bb:57:69:3d:55:e5:a1:32:d8:2d:b8:
88:cb:dc:c5:17:ea:26:99:ab:b5:80:a7:01:65:78:
26:35:f9:04:ad:33:8d:71:78:b4:a6:10:40:4d:87:
9a:f4:b9:a3:f5:01:aa:56:5f:b7:1f:fb:1e:d7:af:
c3:1a:30:4e:fe:82:1c:7f:c1:a6:3d:d3:bb:4d:69:
56:e2:e2:d6:30:6a:27:9b:95:99:8e:84:6e:35:60:
23:03:46:34:cf:ed:3a:ac:53:6d:21:53:e2:5a:98:
40:ad:93:63:db:f6:c7:30:1c:8e:90:14:cb:59:de:
07:2e:7c:5e:55:2d:50:5a:e7:b9:bd:04:12:ac:33:
46:0d:f6:7a:53:22:07:31:ad:cb:7e:ec:fb:72:5e:
23:06:c8:06:b5:b1:58:c3:31:75:bd:c6:d6:e8:b8:
08:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DF:A0:53:D2:F3:57:00:43:A6:BA:BD:72:9B:30:D6:73:DB:23:DD
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/i9-gU9LzVwBDprq9cpsw1nPbI90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.112.0/20
185.28.48.0/23
IPv6:
2001:4030::/32
2a04:3a40::/32
Signature Algorithm: sha256WithRSAEncryption
33:d6:05:ee:10:89:2c:3c:13:02:92:5a:d5:a0:6e:25:2e:36:
85:9c:86:a8:4c:e5:77:d5:9e:bf:58:4a:7b:77:f7:23:90:3e:
81:7d:83:99:be:84:b0:02:a5:12:57:ff:b7:93:0e:e1:0a:c0:
9a:bc:22:fc:53:34:80:46:f0:ac:5c:b6:09:eb:52:0c:90:a2:
26:bf:79:ff:56:ce:a5:1f:4b:ee:eb:31:c5:2f:95:75:4b:b5:
7a:bc:40:a3:49:74:80:2b:f6:38:db:0a:85:7f:62:93:2c:74:
00:78:72:e2:4d:38:93:9a:3d:81:0e:d3:83:3f:60:32:f5:93:
0f:5a:e2:a8:11:dc:36:b8:c2:da:a3:94:be:15:05:b2:de:63:
3f:cd:6c:4f:03:fb:f8:2b:20:01:67:65:c5:4a:56:be:58:87:
02:5d:09:77:e1:a8:84:12:44:16:b3:29:83:70:9b:53:43:db:
6f:02:fe:a4:b7:4c:49:02:8a:cb:6c:ae:fd:ac:76:db:e8:c1:
55:6a:61:6c:e9:dd:14:84:13:63:51:db:4a:5a:c3:2c:85:b9:
7d:46:26:ee:15:9d:cc:1d:26:df:93:73:bd:cb:19:7b:72:4d:
42:d1:83:64:4a:4d:3a:7c:78:71:34:47:6e:73:cc:a8:f6:9b:
d4:85:ad:53
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEA87X/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDEw
MTEzMDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJkZmEwNTNkMmYz
NTcwMDQzYTZiYWJkNzI5YjMwZDY3M2RiMjNkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANX80cRA7RUIK3AqkBPoW06lCVQS5DnrYWoirfzEewF6XNqT
EBiXIGUaGZPHvUhFb/7E3P1qYn2R5iUz9wvzHh6DYQbB9xfsKd9Aw+0Vlbf+QMor
cCnR6fmtKRj/KrtXaT1V5aEy2C24iMvcxRfqJpmrtYCnAWV4JjX5BK0zjXF4tKYQ
QE2HmvS5o/UBqlZftx/7HtevwxowTv6CHH/Bpj3Tu01pVuLi1jBqJ5uVmY6EbjVg
IwNGNM/tOqxTbSFT4lqYQK2TY9v2xzAcjpAUy1neBy58XlUtUFrnub0EEqwzRg32
elMiBzGty37s+3JeIwbIBrWxWMMxdb3G1ui4CB8CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSL36BT0vNXAEOmur1ymzDWc9sj3TAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
L2k5LWdVOUx6VndCRHBycTljcHN3MW5QYkk5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8xL0JUVEVuOC1vcEZC
QjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEBFBCcAMEAbkcMDAUBAIAAjAOAwUA
IAFAMAMFACoEOkAwDQYJKoZIhvcNAQELBQADggEBADPWBe4QiSw8EwKSWtWgbiUu
NoWchqhM5XfVnr9YSnt39yOQPoF9g5m+hLACpRJX/7eTDuEKwJq8IvxTNIBG8Kxc
tgnrUgyQoia/ef9WzqUfS+7rMcUvlXVLtXq8QKNJdIAr9jjbCoV/YpMsdAB4cuJN
OJOaPYEO04M/YDL1kw9a4qgR3Da4wtqjlL4VBbLeYz/NbE8D+/grIAFnZcVKVr5Y
hwJdCXfhqIQSRBazKYNwm1ND228C/qS3TEkCistsrv2sdtvowVVqYWzp3RSEE2NR
20pawyyFuX1GJu4VncwdJt+Tc73LGXtyTULRg2RKTTp8eHE0R25zzKj2m9SFrVM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org