Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/m1W1ihdogLvuhj1ZLLdfZXA6eFc.roa
File: m1W1ihdogLvuhj1ZLLdfZXA6eFc.roa (raw, json)
Hash identifier: V8G4lAz1t0oFnRo4+CgIBEIolAe7NWa1bPIYZ9BgBfk=
Subject key identifier: 9B:55:B5:8A:17:68:80:BB:EE:86:3D:59:2C:B7:5F:65:70:3A:78:57
Certificate issuer: /CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Certificate serial: 018573683D838DB53A5A60191FDAB68C7DD0
Authority key identifier: 3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/m1W1ihdogLvuhj1ZLLdfZXA6eFc.roa
Signing time: Mon 02 Jan 2023 16:54:49 +0000
ROA not before: Mon 02 Jan 2023 16:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2860
IP address blocks: 81.20.240.0/20 maxlen: 20
185.218.12.0/22 maxlen: 22
78.29.128.0/18 maxlen: 18
128.65.224.0/19 maxlen: 19
2a0b:c1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:3d:83:8d:b5:3a:5a:60:19:1f:da:b6:8c:7d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Validity
Not Before: Jan 2 16:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b55b58a176880bbee863d592cb75f65703a7857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:39:64:c4:48:5e:0b:be:f6:23:eb:27:dd:9b:
18:b7:77:e6:3f:ee:95:48:4d:05:41:54:99:1b:05:
18:54:d7:7b:51:42:53:49:92:64:98:7c:a2:9f:5b:
12:2f:f5:3e:80:e3:41:ff:a5:39:ce:e3:d9:42:da:
30:10:22:f7:90:22:40:5f:9c:c0:b6:fa:a2:09:9e:
fe:b0:d5:f7:27:de:f2:6e:41:51:12:16:e1:fe:91:
ee:07:27:3c:f9:0c:74:ae:77:7e:b7:86:9b:5e:25:
40:fd:07:75:80:9f:ba:49:88:41:d8:fd:b6:fb:e8:
3e:aa:84:54:60:b7:e2:20:96:c2:8c:e7:85:dd:8e:
44:08:ab:3a:54:e1:75:40:ca:71:2a:01:1d:d3:0f:
9a:c7:3a:02:60:dd:52:5f:42:6f:8b:36:1e:5b:3f:
99:99:82:c4:92:70:16:63:43:1b:81:85:a6:8a:c1:
24:ee:4e:f0:82:30:0d:0f:8d:0a:aa:75:98:5f:4c:
44:ed:49:06:62:99:66:81:03:c0:89:ab:c9:ce:17:
bc:1b:4c:08:f7:81:08:23:8a:55:b2:43:5e:bb:a8:
a7:d4:54:82:dc:f9:a6:52:a7:4d:9d:a9:8c:b9:f2:
e4:81:cf:3b:43:e4:4e:af:ca:52:1b:4e:62:5e:c9:
68:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:55:B5:8A:17:68:80:BB:EE:86:3D:59:2C:B7:5F:65:70:3A:78:57
X509v3 Authority Key Identifier:
keyid:3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/m1W1ihdogLvuhj1ZLLdfZXA6eFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ou655pK6npPYuVpkiNXIdWCdSuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.29.128.0/18
81.20.240.0/20
128.65.224.0/19
185.218.12.0/22
IPv6:
2a0b:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:49:7f:a4:57:56:d1:97:b0:2b:59:a0:82:6d:a4:fa:74:73:
66:4e:98:bb:a2:be:a7:36:27:7d:b9:df:11:91:ae:fd:2d:6b:
6a:d3:74:ec:95:2b:92:eb:6e:8f:12:d0:f1:cc:b1:8a:4f:15:
54:a4:87:e2:31:e6:4d:89:6d:de:b2:a6:82:7e:75:21:eb:1e:
11:07:07:fa:1e:40:69:5d:98:15:d5:d3:80:bf:71:23:88:b8:
ab:29:f0:e5:c8:87:8c:e5:f0:f4:9c:20:f4:3c:7e:cf:9f:fb:
2b:53:cb:b9:a9:f1:fd:a1:59:07:7e:6a:e6:5e:67:84:21:76:
f1:92:b5:6e:77:b3:d3:d5:65:ff:6c:2f:a8:aa:4c:2d:53:12:
8b:2e:78:41:14:18:1a:3e:d2:ae:a3:f5:a5:1d:f2:b9:08:ca:
27:27:2b:80:81:ed:fe:95:3e:0e:66:d2:f2:db:26:1a:c4:7b:
05:9e:4c:fe:e0:09:ff:fc:1e:79:4d:eb:76:95:18:d2:69:46:
e1:00:d8:05:6c:ec:66:2c:94:6c:81:36:9e:65:e2:79:d1:78:
d9:f4:a2:8e:a1:dc:48:6b:44:9b:0a:1f:b5:ce:ec:63:f2:92:
50:6d:52:30:1a:61:ed:93:1e:36:53:ff:01:9a:95:2c:56:73:
7b:19:ff:89
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzaD2DjbU6WmAZH9q2jH3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWViOWU2OTJiYTllOTNkOGI5NWE2NDg4ZDVjODc1NjA5
ZDRhZWMwHhcNMjMwMTAyMTY1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjU1YjU4YTE3Njg4MGJiZWU4NjNkNTkyY2I3NWY2NTcwM2E3ODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjlkxEheC772I+sn3ZsYt3fmP+6V
SE0FQVSZGwUYVNd7UUJTSZJkmHyin1sSL/U+gONB/6U5zuPZQtowECL3kCJAX5zA
tvqiCZ7+sNX3J97ybkFREhbh/pHuByc8+Qx0rnd+t4abXiVA/Qd1gJ+6SYhB2P22
++g+qoRUYLfiIJbCjOeF3Y5ECKs6VOF1QMpxKgEd0w+axzoCYN1SX0JvizYeWz+Z
mYLEknAWY0MbgYWmisEk7k7wgjAND40KqnWYX0xE7UkGYplmgQPAiavJzhe8G0wI
94EII4pVskNeu6in1FSC3PmmUqdNnamMufLkgc87Q+ROr8pSG05iXslozwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJtVtYoXaIC77oY9WSy3X2VwOnhXMB8GA1UdIwQY
MBaAFDruueaSup6T2LlaZIjVyHVgnUrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTkt
NTAzM2Y4ZDc5YmU3LzEvbTFXMWloZG9nTHZ1aGoxWkxMZGZaWEE2ZUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTktNTAzM2Y4ZDc5YmU3
LzEvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGTh2AAwQE
URTwAwQFgEHgAwQCudoMMA0EAgACMAcDBQMqC8HAMA0GCSqGSIb3DQEBCwUAA4IB
AQBeSX+kV1bRl7ArWaCCbaT6dHNmTpi7or6nNid9ud8Rka79LWtq03TslSuS626P
EtDxzLGKTxVUpIfiMeZNiW3esqaCfnUh6x4RBwf6HkBpXZgV1dOAv3EjiLirKfDl
yIeM5fD0nCD0PH7Pn/srU8u5qfH9oVkHfmrmXmeEIXbxkrVud7PT1WX/bC+oqkwt
UxKLLnhBFBgaPtKuo/WlHfK5CMonJyuAge3+lT4OZtLy2yYaxHsFnkz+4An//B55
Tet2lRjSaUbhANgFbOxmLJRsgTaeZeJ50XjZ9KKOodxIa0SbCh+1zuxj8pJQbVIw
GmHtkx42U/8BmpUsVnN7Gf+J
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:22 2025 by rpki-client