Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/NcdE5ddG2F2Ca8BKbwTTnqratp4.roa
File: NcdE5ddG2F2Ca8BKbwTTnqratp4.roa (raw, json)
Hash identifier: 9ygtlZ7uSessLUTWVbzNL9gdV++fpPWhLR/lPHWEGtc=
Subject key identifier: 35:C7:44:E5:D7:46:D8:5D:82:6B:C0:4A:6F:04:D3:9E:AA:DA:B6:9E
Certificate issuer: /CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Certificate serial: 12063691
Authority key identifier: C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/NcdE5ddG2F2Ca8BKbwTTnqratp4.roa
Signing time: Thu 12 May 2022 07:38:12 +0000
ROA not before: Thu 12 May 2022 07:38:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15659
IP address blocks: 213.187.160.0/19 maxlen: 19
80.202.0.0/16 maxlen: 16
89.10.0.0/16 maxlen: 16
217.13.0.0/19 maxlen: 19
213.187.190.0/24 maxlen: 24
213.145.160.0/19 maxlen: 19
84.48.0.0/17 maxlen: 17
89.11.0.0/17 maxlen: 17
84.49.101.0/24 maxlen: 24
84.49.0.0/16 maxlen: 16
2a04:980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302397073 (0x12063691)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Validity
Not Before: May 12 07:38:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35c744e5d746d85d826bc04a6f04d39eaadab69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:de:80:8e:54:2d:4f:d4:cc:17:54:d7:61:ed:
85:69:1f:55:4d:33:a6:90:95:74:5d:a0:13:b7:b3:
8d:98:10:4e:33:bc:0e:9e:f8:c0:61:eb:16:c0:42:
ca:56:d8:d8:b4:65:08:54:91:96:2e:ec:bc:5e:09:
04:9d:df:cb:0d:5f:09:77:cc:fa:6f:ff:b4:90:1c:
82:11:04:10:01:8e:dc:43:7e:c7:4b:6c:65:4f:11:
6c:60:90:60:ab:b8:a0:f9:6d:e9:96:9c:cf:95:f8:
04:df:7e:49:e1:b4:9c:1f:c5:f4:0f:9a:d8:e9:6f:
93:ef:1e:a5:ff:86:de:ef:1d:dc:d4:0b:ea:cf:07:
d2:04:e7:ce:8d:c0:8f:a9:f1:4b:38:73:29:03:25:
eb:15:cf:bd:11:8b:10:25:48:9b:1c:c1:70:d3:00:
fe:5f:bc:f2:d8:9c:50:aa:0e:0f:79:70:d9:b9:87:
94:19:2f:4d:75:f1:b7:60:ed:7f:77:08:34:d5:1e:
3f:4e:fc:6f:0f:2e:ce:59:67:ab:ca:ec:6f:c6:c4:
30:72:d1:29:dd:4d:08:4c:8e:d6:5a:c8:8c:2a:0c:
c4:d3:38:96:8b:38:9b:2f:e6:8f:dc:ce:b1:17:55:
2f:34:e1:75:53:2e:b6:e4:af:51:a5:5b:7d:71:41:
94:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C7:44:E5:D7:46:D8:5D:82:6B:C0:4A:6F:04:D3:9E:AA:DA:B6:9E
X509v3 Authority Key Identifier:
keyid:C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/NcdE5ddG2F2Ca8BKbwTTnqratp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/xlg_WMcRCtTMYJ9P-3yrL4DINYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.202.0.0/16
84.48.0.0/17
84.49.0.0/16
89.10.0.0-89.11.127.255
213.145.160.0/19
213.187.160.0/19
217.13.0.0/19
IPv6:
2a04:980::/29
Signature Algorithm: sha256WithRSAEncryption
5b:c1:90:86:2b:f5:53:e1:83:6f:f4:e4:30:a3:9d:60:db:49:
9e:fb:9a:9f:b1:f4:77:9f:04:3d:e9:37:65:03:f6:72:61:0a:
18:ab:4a:87:96:2b:f2:a0:1a:f1:e4:89:7f:ae:8f:66:50:a9:
18:02:89:32:a3:94:0e:73:6c:00:e1:a5:92:f4:c1:9b:16:56:
ee:15:37:da:f7:6a:2f:41:28:07:eb:c4:39:ac:93:1f:28:35:
04:93:03:f9:78:11:15:dc:a5:c8:3e:90:fe:eb:8f:b2:9f:17:
6b:c6:31:3e:7c:62:0f:f9:9d:ef:17:49:5d:ff:51:b2:7d:0f:
24:7f:8c:91:8f:ea:0f:47:82:9e:46:95:bb:fa:29:0f:7b:4f:
ab:e9:a4:c1:2c:ca:b5:49:65:53:6a:da:c5:9c:09:11:ee:f0:
c9:bb:ba:52:e7:11:82:52:a4:f5:fc:fd:66:e1:86:c7:f8:22:
cf:73:7b:f6:46:75:30:21:a1:02:ea:93:7d:6b:37:51:69:b7:
ad:3d:b2:55:97:03:4c:1f:3d:c3:cd:6a:e7:50:a0:70:48:14:
cf:8c:3b:fa:aa:0c:52:86:eb:eb:3a:f4:02:4e:ef:ee:33:e1:
e2:a9:19:d1:1e:f7:80:51:93:de:19:55:09:e8:93:f1:db:25:
34:c0:07:cf
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIEEgY2kTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjU4M2Y1OGM3MTEwYWQ0Y2M2MDlmNGZmYjdjYWIyZjgwYzgzNTgxMB4XDTIyMDUx
MjA3MzgxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzVjNzQ0ZTVkNzQ2
ZDg1ZDgyNmJjMDRhNmYwNGQzOWVhYWRhYjY5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbegI5ULU/UzBdU12HthWkfVU0zppCVdF2gE7ezjZgQTjO8
Dp74wGHrFsBCylbY2LRlCFSRli7svF4JBJ3fyw1fCXfM+m//tJAcghEEEAGO3EN+
x0tsZU8RbGCQYKu4oPlt6Zacz5X4BN9+SeG0nB/F9A+a2Olvk+8epf+G3u8d3NQL
6s8H0gTnzo3Aj6nxSzhzKQMl6xXPvRGLECVImxzBcNMA/l+88ticUKoOD3lw2bmH
lBkvTXXxt2Dtf3cINNUeP078bw8uzllnq8rsb8bEMHLRKd1NCEyO1lrIjCoMxNM4
los4my/mj9zOsRdVLzThdVMutuSvUaVbfXFBlDkCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBQ1x0Tl10bYXYJrwEpvBNOeqtq2njAfBgNVHSMEGDAWgBTGWD9YxxEK1Mxg
n0/7fKsvgMg1gTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hsZ19XTWNSQ3RUTVlKOVAtM3lyTDRESU5ZRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvOGQwY2FlLWVjMTMtNDVmYi05YWZjLTNkNTkzZWJlNTIyMC8x
L05jZEU1ZGRHMkYyQ2E4Qktid1RUbnFyYXRwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
OGQwY2FlLWVjMTMtNDVmYi05YWZjLTNkNTkzZWJlNTIyMC8xL3hsZ19XTWNSQ3RU
TVlKOVAtM3lyTDRESU5ZRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwNQQCAAEwLwMDAFDKAwQHVDAAAwMAVDEwCwMDAVkK
AwQHWQsAAwQF1ZGgAwQF1bugAwQF2Q0AMA0EAgACMAcDBQMqBAmAMA0GCSqGSIb3
DQEBCwUAA4IBAQBbwZCGK/VT4YNv9OQwo51g20me+5qfsfR3nwQ96TdlA/ZyYQoY
q0qHlivyoBrx5Il/ro9mUKkYAokyo5QOc2wA4aWS9MGbFlbuFTfa92ovQSgH68Q5
rJMfKDUEkwP5eBEV3KXIPpD+64+ynxdrxjE+fGIP+Z3vF0ld/1GyfQ8kf4yRj+oP
R4KeRpW7+ikPe0+r6aTBLMq1SWVTatrFnAkR7vDJu7pS5xGCUqT1/P1m4YbH+CLP
c3v2RnUwIaEC6pN9azdRabetPbJVlwNMHz3DzWrnUKBwSBTPjDv6qgxShuvrOvQC
Tu/uM+HiqRnRHveAUZPeGVUJ6JPx2yU0wAfP
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:10 2025 by rpki-client