Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/oc4eU5AfQyQMgvTYnM6DYmG7SUM.roa
File: oc4eU5AfQyQMgvTYnM6DYmG7SUM.roa (raw, json)
Hash identifier: vItCEEO0SLFJNwUWbzqfCY/Ne5O8UfvUpbKty10mzQY=
Subject key identifier: A1:CE:1E:53:90:1F:43:24:0C:82:F4:D8:9C:CE:83:62:61:BB:49:43
Certificate issuer: /CN=00855dd897256e86da3cbe6994e94ce2e969af26
Certificate serial: 09CDE34F
Authority key identifier: 00:85:5D:D8:97:25:6E:86:DA:3C:BE:69:94:E9:4C:E2:E9:69:AF:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AIVd2JclbobaPL5plOlM4ulpryY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/oc4eU5AfQyQMgvTYnM6DYmG7SUM.roa
Signing time: Sat 01 Jan 2022 10:01:30 +0000
ROA not before: Sat 01 Jan 2022 10:01:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49242
IP address blocks: 80.68.224.0/21 maxlen: 21
80.68.232.0/21 maxlen: 21
185.21.148.0/22 maxlen: 22
93.158.232.0/22 maxlen: 22
188.121.0.0/19 maxlen: 19
89.35.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164488015 (0x9cde34f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00855dd897256e86da3cbe6994e94ce2e969af26
Validity
Not Before: Jan 1 10:01:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1ce1e53901f43240c82f4d89cce836261bb4943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:18:fc:14:a4:fa:4a:99:c1:61:2f:a6:7f:5f:
d9:20:1d:1d:66:34:72:fe:ab:af:36:e6:40:66:7b:
91:b9:63:ef:8b:f4:bb:6a:ea:33:5d:35:dd:dc:b0:
3f:32:84:8a:73:a9:5a:f7:39:e9:5f:46:e3:87:8e:
95:15:3c:a7:75:e9:86:f6:97:cb:0c:c9:37:52:b9:
93:bd:0e:d4:fc:56:53:b6:b4:3e:25:8b:08:22:61:
08:41:5f:7b:30:6d:c5:2d:82:07:bd:46:2a:28:48:
7d:a6:87:2a:39:e8:f7:f5:52:03:82:23:5e:18:ec:
01:fc:f9:7a:d0:49:e1:3f:21:2e:16:f0:c2:58:e6:
c2:bf:fc:eb:3b:34:78:3f:f5:73:47:f7:c7:ef:93:
5e:c7:60:29:14:49:89:80:80:28:da:0a:1a:1b:3c:
ee:65:fd:2e:14:98:64:e3:20:8a:26:7e:bd:b3:1e:
4a:a9:a8:cf:e8:e4:4e:92:3b:a2:2d:4b:7c:54:20:
10:97:16:cd:b9:f9:29:b0:5e:67:be:1b:b9:cc:e7:
ff:73:16:a3:9c:8d:ca:75:00:6d:03:de:f8:ca:f7:
a5:ea:38:53:ca:03:45:21:c1:e9:5e:45:9f:b0:9a:
33:4e:cc:0d:17:26:83:55:c9:1c:82:06:2e:e8:0e:
4f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CE:1E:53:90:1F:43:24:0C:82:F4:D8:9C:CE:83:62:61:BB:49:43
X509v3 Authority Key Identifier:
keyid:00:85:5D:D8:97:25:6E:86:DA:3C:BE:69:94:E9:4C:E2:E9:69:AF:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AIVd2JclbobaPL5plOlM4ulpryY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/oc4eU5AfQyQMgvTYnM6DYmG7SUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9fc395-98bc-4aed-939e-886f66bb6ee8/1/AIVd2JclbobaPL5plOlM4ulpryY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.224.0/20
89.35.144.0/22
93.158.232.0/22
185.21.148.0/22
188.121.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a5:af:f9:5c:0c:42:d4:a6:b7:a0:7d:84:c8:ab:be:91:a0:01:
be:d0:66:26:bc:65:bf:d1:74:07:78:c5:b9:68:9f:bf:61:e1:
aa:72:0d:84:47:05:cc:92:83:42:fc:b7:d4:85:07:a2:ba:4b:
41:23:09:62:62:43:85:67:fd:97:b2:9a:98:e5:da:2d:a2:ca:
88:5b:1a:4f:33:00:de:e7:bd:c8:42:2d:99:f7:ae:d9:83:ea:
6c:fd:e8:19:27:de:53:18:62:73:95:25:2b:8e:3a:f5:6d:c7:
8b:1d:3d:72:53:2e:8c:b9:64:b4:a6:48:e3:e2:d7:f8:af:29:
7c:7a:33:20:35:87:fe:b2:fb:59:0c:18:06:98:7b:8c:6a:30:
83:ed:e8:2a:80:d4:5d:0e:a8:1e:28:0a:f7:24:73:84:fd:34:
00:94:6d:2d:18:01:5c:3f:85:af:81:c6:aa:80:d9:a4:43:86:
a7:4e:65:dd:fa:67:5d:3a:3f:d0:f9:8b:ef:d3:5c:ce:2d:9e:
89:81:08:12:21:a8:d0:1c:d1:0b:ab:2f:23:4a:7c:b9:e1:b4:
0f:a1:a8:d0:fc:45:e6:fb:de:00:c0:fa:c6:c3:1c:16:38:c6:
34:b4:72:0e:93:c4:f6:ce:81:d8:d7:a7:f6:7c:1b:e6:f5:ca:
b6:10:a3:fa
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECc3jTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDg1NWRkODk3MjU2ZTg2ZGEzY2JlNjk5NGU5NGNlMmU5NjlhZjI2MB4XDTIyMDEw
MTEwMDEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFjZTFlNTM5MDFm
NDMyNDBjODJmNGQ4OWNjZTgzNjI2MWJiNDk0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI8Y/BSk+kqZwWEvpn9f2SAdHWY0cv6rrzbmQGZ7kblj74v0
u2rqM1013dywPzKEinOpWvc56V9G44eOlRU8p3XphvaXywzJN1K5k70O1PxWU7a0
PiWLCCJhCEFfezBtxS2CB71GKihIfaaHKjno9/VSA4IjXhjsAfz5etBJ4T8hLhbw
wljmwr/86zs0eD/1c0f3x++TXsdgKRRJiYCAKNoKGhs87mX9LhSYZOMgiiZ+vbMe
Sqmoz+jkTpI7oi1LfFQgEJcWzbn5KbBeZ74buczn/3MWo5yNynUAbQPe+Mr3peo4
U8oDRSHB6V5Fn7CaM07MDRcmg1XJHIIGLugOTy8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBShzh5TkB9DJAyC9NiczoNiYbtJQzAfBgNVHSMEGDAWgBQAhV3YlyVuhto8
vmmU6Uzi6WmvJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FJVmQySmNsYm9iYVBMNXBsT2xNNHVscHJ5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvOWZjMzk1LTk4YmMtNGFlZC05MzllLTg4NmY2NmJiNmVlOC8x
L29jNGVVNUFmUXlRTWd2VFluTTZEWW1HN1NVTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
OWZjMzk1LTk4YmMtNGFlZC05MzllLTg4NmY2NmJiNmVlOC8xL0FJVmQySmNsYm9i
YVBMNXBsT2xNNHVscHJ5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEBFBE4AMEAlkjkAMEAl2e6AMEArkV
lAMEBbx5ADANBgkqhkiG9w0BAQsFAAOCAQEApa/5XAxC1Ka3oH2EyKu+kaABvtBm
Jrxlv9F0B3jFuWifv2HhqnINhEcFzJKDQvy31IUHorpLQSMJYmJDhWf9l7KamOXa
LaLKiFsaTzMA3ue9yEItmfeu2YPqbP3oGSfeUxhic5UlK4469W3Hix09clMujLlk
tKZI4+LX+K8pfHozIDWH/rL7WQwYBph7jGowg+3oKoDUXQ6oHigK9yRzhP00AJRt
LRgBXD+Fr4HGqoDZpEOGp05l3fpnXTo/0PmL79Nczi2eiYEIEiGo0BzRC6svI0p8
ueG0D6Go0PxF5vveAMD6xsMcFjjGNLRyDpPE9s6B2Nen9nwb5vXKthCj+g==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:39:42 2025 by rpki-client