Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/c1W-BorNmyk77Buld8d5-BkCZe4.roa
File: c1W-BorNmyk77Buld8d5-BkCZe4.roa (raw, json)
Hash identifier: /s2kxbWVNsqq1PpxMV2wyE8J3MMHKJdaBZjGbSit3AI=
Subject key identifier: 73:55:BE:06:8A:CD:9B:29:3B:EC:1B:A5:77:C7:79:F8:19:02:65:EE
Certificate issuer: /CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Certificate serial: 018AEC34382ACD687C5E6446D47C55932F51
Authority key identifier: 88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/c1W-BorNmyk77Buld8d5-BkCZe4.roa
Signing time: Sun 01 Oct 2023 17:05:59 +0000
ROA not before: Sun 01 Oct 2023 17:05:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206011
IP address blocks: 185.199.10.0/24 maxlen: 24
185.199.8.0/24 maxlen: 24
185.199.9.0/24 maxlen: 24
80.244.44.0/22 maxlen: 23
80.244.40.0/21 maxlen: 23
80.244.40.0/22 maxlen: 23
2a0a:9740::/32 maxlen: 32
2a0a:9740:d000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ec:34:38:2a:cd:68:7c:5e:64:46:d4:7c:55:93:2f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Validity
Not Before: Oct 1 17:05:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7355be068acd9b293bec1ba577c779f8190265ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a8:63:e0:54:6c:df:94:dc:2b:d2:d2:5e:1e:
f5:b0:d2:0e:a3:02:fa:fd:a9:7f:99:02:cd:ed:b0:
9d:bd:80:2d:bc:31:e8:b6:19:1b:e6:8d:fe:45:c8:
85:59:ad:07:51:2b:ec:4e:22:72:30:bb:f3:c9:da:
68:15:4c:fa:b1:e8:42:62:08:d2:32:e5:34:a8:39:
9b:25:3b:5d:92:82:83:65:20:b3:67:70:a7:7b:06:
69:b4:0e:a3:df:1e:81:b7:e6:23:4c:d2:39:a9:f1:
15:b2:14:86:b3:1a:d3:e9:21:35:67:3e:3e:20:a6:
6d:1a:2e:8f:3f:56:a8:a7:ab:00:fa:cd:66:bc:fb:
dc:3a:e3:46:9d:ec:f7:ab:a3:89:52:d7:7a:d4:e1:
fb:93:5b:80:23:a3:04:5e:36:a2:f3:cb:de:d1:2e:
c3:02:6c:05:cc:bd:ef:07:46:5d:7e:1e:19:24:99:
dc:30:2e:64:90:dc:1c:47:8a:a3:38:97:10:8f:12:
32:97:86:31:18:88:5e:fc:1f:2f:70:0c:8a:f5:6a:
d1:e4:9d:e8:20:a8:0c:7f:ec:5a:e2:3e:a7:2f:2a:
3c:70:53:8c:ff:cc:6d:f9:1b:ec:e2:b3:b6:fa:e8:
98:de:51:89:b4:7e:71:42:00:b2:b9:2f:90:a3:e4:
6c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:55:BE:06:8A:CD:9B:29:3B:EC:1B:A5:77:C7:79:F8:19:02:65:EE
X509v3 Authority Key Identifier:
keyid:88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/c1W-BorNmyk77Buld8d5-BkCZe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.40.0/21
185.199.8.0-185.199.10.255
IPv6:
2a0a:9740::/32
Signature Algorithm: sha256WithRSAEncryption
1a:5e:0e:ff:4f:d5:11:40:34:a8:9e:2c:e7:02:77:23:91:30:
61:5b:4e:7a:3f:92:d9:8e:90:10:c4:16:09:c8:3b:7d:28:2e:
38:f3:65:62:ee:ab:62:53:db:39:4c:ec:83:4a:f9:28:4f:ce:
ed:7d:50:83:d8:8f:e3:69:a2:6d:ed:b6:23:ed:28:bf:c2:9c:
ab:48:24:1a:d7:64:f8:fd:35:b9:d8:87:eb:35:9e:10:1d:fe:
44:72:9d:c0:83:f6:3e:48:49:34:56:17:03:94:35:f5:1d:a8:
95:02:7c:78:26:11:95:29:fe:8d:51:96:88:c0:7e:42:7e:fd:
e0:8a:9b:1f:7b:eb:37:80:81:59:ff:5e:a8:60:be:c9:c7:5b:
cf:fd:b5:97:fa:cd:73:9b:59:57:d0:f2:06:0c:0c:07:e8:f8:
88:50:7b:84:e2:49:f6:e0:be:db:9b:07:22:6a:67:ce:40:c3:
80:f5:a7:43:45:71:7e:99:ae:fd:2d:6a:d7:17:4e:ee:55:ea:
7c:30:0f:a7:0b:57:0d:54:f9:55:08:f0:24:a2:be:27:39:1c:
08:bd:e9:e0:5f:39:28:76:87:ee:64:35:5d:3c:c2:b4:d3:c6:
1d:df:39:e0:ae:78:b3:ec:d5:2e:f8:fd:70:67:51:73:8e:37:
48:41:a8:ed
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYrsNDgqzWh8XmRG1HxVky9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MmZhMDE5MDJmNGU4YzM0N2YyMTE2ZTQ2NDVkYTFhNmI0
ZTA5NjIwHhcNMjMxMDAxMTcwNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzU1YmUwNjhhY2Q5YjI5M2JlYzFiYTU3N2M3NzlmODE5MDI2NWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKhj4FRs35TcK9LSXh71sNIOowL6
/al/mQLN7bCdvYAtvDHothkb5o3+RciFWa0HUSvsTiJyMLvzydpoFUz6sehCYgjS
MuU0qDmbJTtdkoKDZSCzZ3CnewZptA6j3x6Bt+YjTNI5qfEVshSGsxrT6SE1Zz4+
IKZtGi6PP1aop6sA+s1mvPvcOuNGnez3q6OJUtd61OH7k1uAI6MEXjai88ve0S7D
AmwFzL3vB0Zdfh4ZJJncMC5kkNwcR4qjOJcQjxIyl4YxGIhe/B8vcAyK9WrR5J3o
IKgMf+xa4j6nLyo8cFOM/8xt+Rvs4rO2+uiY3lGJtH5xQgCyuS+Qo+RsywIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHNVvgaKzZspO+wbpXfHefgZAmXuMB8GA1UdIwQY
MBaAFIgvoBkC9OjDR/IRbkZF2hprTgliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAt
NWMyZDI2NTcwNWUwLzEvYzFXLUJvck5teWs3N0J1bGQ4ZDUtQmtDWmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAtNWMyZDI2NTcwNWUw
LzEvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDUPQoMAwD
BAO5xwgDBAC5xwowDQQCAAIwBwMFACoKl0AwDQYJKoZIhvcNAQELBQADggEBABpe
Dv9P1RFANKieLOcCdyORMGFbTno/ktmOkBDEFgnIO30oLjjzZWLuq2JT2zlM7INK
+ShPzu19UIPYj+Npom3ttiPtKL/CnKtIJBrXZPj9NbnYh+s1nhAd/kRyncCD9j5I
STRWFwOUNfUdqJUCfHgmEZUp/o1RlojAfkJ+/eCKmx976zeAgVn/XqhgvsnHW8/9
tZf6zXObWVfQ8gYMDAfo+IhQe4TiSfbgvtubByJqZ85Aw4D1p0NFcX6Zrv0tatcX
Tu5V6nwwD6cLVw1U+VUI8CSivic5HAi96eBfOSh2h+5kNV08wrTTxh3fOeCueLPs
1S74/XBnUXOON0hBqO0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:47 2025 by rpki-client