Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/8qtKU7xjipcExl2MC9O5aKIP4Hg.roa
File: 8qtKU7xjipcExl2MC9O5aKIP4Hg.roa (raw, json)
Hash identifier: usld54eqvXn9+5UvuGWCRiLx7Xf8N1Fg2vI54Hl2268=
Subject key identifier: F2:AB:4A:53:BC:63:8A:97:04:C6:5D:8C:0B:D3:B9:68:A2:0F:E0:78
Certificate issuer: /CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Certificate serial: 01857255804C5E7B64E9A7A937EDDCFDCE45
Authority key identifier: 88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/8qtKU7xjipcExl2MC9O5aKIP4Hg.roa
Signing time: Mon 02 Jan 2023 11:54:43 +0000
ROA not before: Mon 02 Jan 2023 11:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61964
IP address blocks: 185.199.11.0/24 maxlen: 24
80.244.33.0/24 maxlen: 24
80.244.32.0/24 maxlen: 24
80.244.39.0/24 maxlen: 24
185.17.202.0/24 maxlen: 24
2a0a:9741::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:80:4c:5e:7b:64:e9:a7:a9:37:ed:dc:fd:ce:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Validity
Not Before: Jan 2 11:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2ab4a53bc638a9704c65d8c0bd3b968a20fe078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f0:a1:20:67:ec:ec:f3:a7:30:8b:b4:8c:49:
a2:2d:e6:c0:6d:1b:9a:cc:51:0c:e4:58:6d:9f:af:
cb:4f:5c:1f:00:f2:64:9b:6b:55:fd:24:d1:6a:93:
33:22:ab:0e:c1:c9:7b:ac:97:f1:ac:09:f9:da:87:
33:a9:40:32:a7:73:76:a6:0b:c9:47:97:d5:bc:d4:
7f:ce:37:5f:ce:9d:11:92:76:c7:94:94:29:29:90:
f2:3c:b2:75:f2:a2:cb:fc:4c:c4:0e:8a:74:c7:51:
54:4c:a5:9a:75:18:31:38:74:aa:c8:33:b8:5e:f9:
fb:06:d0:76:6d:a1:55:56:c3:11:20:40:56:a2:7c:
f0:02:c9:bb:3d:c0:42:b1:cf:90:1c:89:48:75:ec:
9e:91:4c:70:ac:24:9e:84:4b:33:34:22:39:f4:13:
ff:7e:f1:32:e5:54:40:4e:0f:13:e7:bc:e9:11:de:
14:09:be:b4:8f:39:69:73:b3:f2:44:24:d1:64:a9:
d6:73:5f:25:99:0c:a8:5a:d8:a8:9f:31:fa:d2:43:
de:ce:63:f8:95:29:34:88:62:93:88:35:39:b0:85:
34:bd:74:35:38:bf:47:43:34:fa:a1:dd:ac:94:5a:
32:c5:98:15:be:b4:5d:23:a2:2a:37:07:e4:5e:70:
4b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AB:4A:53:BC:63:8A:97:04:C6:5D:8C:0B:D3:B9:68:A2:0F:E0:78
X509v3 Authority Key Identifier:
keyid:88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/8qtKU7xjipcExl2MC9O5aKIP4Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.32.0/23
80.244.39.0/24
185.17.202.0/24
185.199.11.0/24
IPv6:
2a0a:9741::/32
Signature Algorithm: sha256WithRSAEncryption
a1:7a:75:1d:b0:6e:9d:56:65:89:bd:06:60:da:bc:ec:20:d0:
8e:28:84:19:d9:3a:b5:3c:e6:39:90:6b:8f:0c:fa:1e:2f:0e:
2d:1f:bb:da:43:dc:82:0f:f0:ea:a6:d9:15:7a:da:e7:4d:68:
f9:9a:a8:d2:ac:dc:0b:fb:8b:f9:5b:c9:34:65:5b:96:1d:13:
2b:b6:d8:18:c6:41:22:21:c5:5b:73:d0:ac:75:57:76:01:c7:
94:d0:e7:3d:10:94:c7:ea:36:92:40:cb:e0:8c:c6:29:79:91:
96:d4:0d:de:02:91:17:c9:13:84:9d:57:72:2c:65:8d:b2:7f:
6a:4b:e5:b0:ee:87:bd:b4:44:d1:2b:84:e9:88:97:13:6f:06:
ec:3c:80:f8:d4:5d:74:19:c9:04:b0:94:2f:e7:44:1b:6e:91:
13:6c:40:f4:ae:7e:f1:2f:c4:d8:4b:ee:a5:dc:f3:98:23:58:
1b:75:30:6b:b4:42:0d:bb:ad:2f:94:55:81:3f:46:e4:7e:af:
02:78:c3:df:c3:cb:18:b2:fb:33:3a:1d:98:8d:7e:40:fb:11:
eb:45:75:e4:e1:fa:f0:79:5b:07:57:3f:48:ee:c9:e8:c4:a7:
68:0d:70:c1:88:e7:2d:8a:c7:f1:be:e5:5c:4b:75:be:91:67:
37:55:4c:77
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyVYBMXntk6aepN+3c/c5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MmZhMDE5MDJmNGU4YzM0N2YyMTE2ZTQ2NDVkYTFhNmI0
ZTA5NjIwHhcNMjMwMTAyMTE1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFiNGE1M2JjNjM4YTk3MDRjNjVkOGMwYmQzYjk2OGEyMGZlMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPChIGfs7POnMIu0jEmiLebAbRua
zFEM5Fhtn6/LT1wfAPJkm2tV/STRapMzIqsOwcl7rJfxrAn52oczqUAyp3N2pgvJ
R5fVvNR/zjdfzp0RknbHlJQpKZDyPLJ18qLL/EzEDop0x1FUTKWadRgxOHSqyDO4
Xvn7BtB2baFVVsMRIEBWonzwAsm7PcBCsc+QHIlIdeyekUxwrCSehEszNCI59BP/
fvEy5VRATg8T57zpEd4UCb60jzlpc7PyRCTRZKnWc18lmQyoWtionzH60kPezmP4
lSk0iGKTiDU5sIU0vXQ1OL9HQzT6od2slFoyxZgVvrRdI6IqNwfkXnBLfwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPKrSlO8Y4qXBMZdjAvTuWiiD+B4MB8GA1UdIwQY
MBaAFIgvoBkC9OjDR/IRbkZF2hprTgliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAt
NWMyZDI2NTcwNWUwLzEvOHF0S1U3eGppcGNFeGwyTUM5TzVhS0lQNEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAtNWMyZDI2NTcwNWUw
LzEvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBUPQgAwQA
UPQnAwQAuRHKAwQAuccLMA0EAgACMAcDBQAqCpdBMA0GCSqGSIb3DQEBCwUAA4IB
AQChenUdsG6dVmWJvQZg2rzsINCOKIQZ2Tq1POY5kGuPDPoeLw4tH7vaQ9yCD/Dq
ptkVetrnTWj5mqjSrNwL+4v5W8k0ZVuWHRMrttgYxkEiIcVbc9CsdVd2AceU0Oc9
EJTH6jaSQMvgjMYpeZGW1A3eApEXyROEnVdyLGWNsn9qS+Ww7oe9tETRK4TpiJcT
bwbsPID41F10GckEsJQv50QbbpETbED0rn7xL8TYS+6l3POYI1gbdTBrtEINu60v
lFWBP0bkfq8CeMPfw8sYsvszOh2YjX5A+xHrRXXk4frweVsHVz9I7snoxKdoDXDB
iOctisfxvuVcS3W+kWc3VUx3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:52 2025 by rpki-client