Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/xgzVoBIDw_GloZg2XosSidtz3r0.roa
File: xgzVoBIDw_GloZg2XosSidtz3r0.roa (raw, json)
Hash identifier: ASCz0vZHanJoJGanaclWVrCx4YbonAV+6U8PcgBUbHc=
Subject key identifier: C6:0C:D5:A0:12:03:C3:F1:A5:A1:98:36:5E:8B:12:89:DB:73:DE:BD
Certificate issuer: /CN=f73cdc6751d7c59073e4b706402d3691af09086f
Certificate serial: 01856E8204DB5A9E2CC19BEFFF0C65B3A968
Authority key identifier: F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/xgzVoBIDw_GloZg2XosSidtz3r0.roa
Signing time: Sun 01 Jan 2023 18:04:52 +0000
ROA not before: Sun 01 Jan 2023 18:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21348
IP address blocks: 80.246.144.0/20 maxlen: 20
80.95.128.0/20 maxlen: 20
2a01:51a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:82:04:db:5a:9e:2c:c1:9b:ef:ff:0c:65:b3:a9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73cdc6751d7c59073e4b706402d3691af09086f
Validity
Not Before: Jan 1 18:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c60cd5a01203c3f1a5a198365e8b1289db73debd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d2:ec:4a:ed:e5:48:62:6f:5f:67:96:23:eb:
93:47:9b:f8:aa:d6:87:c7:7e:7f:10:38:7f:0b:82:
50:5f:7e:ae:11:46:70:72:23:22:59:91:5f:38:03:
d4:87:31:8f:00:46:0d:0e:f6:8c:56:38:cb:09:be:
00:94:bc:29:f0:3c:af:83:0f:c0:36:cc:77:61:d2:
ec:3c:ac:25:65:21:e3:c2:d6:14:d1:a4:a1:70:47:
76:31:43:dd:44:11:3f:d0:5f:d2:e1:10:57:fc:8a:
56:c2:6a:66:39:5c:e4:7d:18:fe:8f:78:21:2f:24:
43:6e:02:56:ec:4c:56:0e:50:5c:48:03:cd:b6:bb:
5d:f3:d7:d1:08:0e:fe:fb:e7:68:7c:d4:26:1c:6c:
7a:6e:50:2c:53:38:4e:70:d2:69:2a:a9:41:56:d7:
02:45:e1:8c:db:a4:35:87:66:d5:ac:f3:90:6c:bb:
e3:e1:18:c5:df:06:da:1b:37:c4:2f:13:ad:20:74:
68:0b:90:6a:fe:52:3d:5e:36:89:d1:0c:ad:bb:fb:
30:5f:b1:d9:0e:5e:e9:44:96:e2:42:82:17:16:ce:
6e:7b:1b:5b:6f:b3:06:c7:55:09:57:b1:2d:dc:ee:
f2:da:29:7b:2e:b1:ee:0f:3f:02:00:e6:1b:c5:36:
63:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:0C:D5:A0:12:03:C3:F1:A5:A1:98:36:5E:8B:12:89:DB:73:DE:BD
X509v3 Authority Key Identifier:
keyid:F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/xgzVoBIDw_GloZg2XosSidtz3r0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.95.128.0/20
80.246.144.0/20
IPv6:
2a01:51a0::/32
Signature Algorithm: sha256WithRSAEncryption
a4:7d:e6:d2:78:ab:63:32:d1:15:e7:92:11:a2:e5:af:03:9e:
09:24:bf:a3:7a:d8:03:9d:be:3a:da:5e:ee:9d:b2:7e:d0:cb:
33:82:91:51:37:a8:5e:b1:9c:08:82:78:8f:c0:b2:52:63:cd:
d9:d7:30:13:5b:d9:6a:bf:63:c2:13:26:ca:59:ff:00:b3:26:
67:d3:23:26:7f:c0:30:a8:13:35:84:55:20:37:90:35:28:5b:
cc:4f:dc:63:0f:01:0c:a8:e1:89:e6:75:3d:10:c0:10:0c:fc:
5e:0a:b4:45:72:cf:93:2a:68:a7:14:ce:f5:d1:8c:62:27:76:
cd:69:b7:2c:e6:4e:18:4e:bd:9b:9c:74:a7:e1:78:27:1c:11:
54:8d:08:26:78:9a:50:00:5a:7b:f1:44:87:80:64:43:5e:80:
92:c8:49:74:a2:d5:04:18:a8:b8:8d:61:90:4f:db:52:13:80:
9a:f9:bb:8a:4a:32:9c:9a:7f:97:74:6f:d7:6e:01:d5:62:9d:
63:f2:f8:f6:e6:d0:e2:08:6b:f2:f0:64:58:d8:f7:e1:88:01:
1e:e5:e9:97:28:9c:0c:41:07:b6:23:fb:66:a9:a5:78:00:b3:
c5:a2:22:ab:a9:9a:94:ea:2a:29:c3:47:3a:4a:96:4c:89:4a:
69:4c:6f:21
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuggTbWp4swZvv/wxls6loMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2NkYzY3NTFkN2M1OTA3M2U0YjcwNjQwMmQzNjkxYWYw
OTA4NmYwHhcNMjMwMTAxMTgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjBjZDVhMDEyMDNjM2YxYTVhMTk4MzY1ZThiMTI4OWRiNzNkZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtLsSu3lSGJvX2eWI+uTR5v4qtaH
x35/EDh/C4JQX36uEUZwciMiWZFfOAPUhzGPAEYNDvaMVjjLCb4AlLwp8Dyvgw/A
Nsx3YdLsPKwlZSHjwtYU0aShcEd2MUPdRBE/0F/S4RBX/IpWwmpmOVzkfRj+j3gh
LyRDbgJW7ExWDlBcSAPNtrtd89fRCA7+++dofNQmHGx6blAsUzhOcNJpKqlBVtcC
ReGM26Q1h2bVrPOQbLvj4RjF3wbaGzfELxOtIHRoC5Bq/lI9XjaJ0Qytu/swX7HZ
Dl7pRJbiQoIXFs5uextbb7MGx1UJV7Et3O7y2il7LrHuDz8CAOYbxTZjKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMYM1aASA8PxpaGYNl6LEonbc969MB8GA1UdIwQY
MBaAFPc83GdR18WQc+S3BkAtNpGvCQhvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEt
NzE4ZmQxOTVjNWViLzEveGd6Vm9CSUR3X0dsb1pnMlhvc1NpZHR6M3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEtNzE4ZmQxOTVjNWVi
LzEvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUF+AAwQE
UPaQMA0EAgACMAcDBQAqAVGgMA0GCSqGSIb3DQEBCwUAA4IBAQCkfebSeKtjMtEV
55IRouWvA54JJL+jetgDnb462l7unbJ+0MszgpFRN6hesZwIgniPwLJSY83Z1zAT
W9lqv2PCEybKWf8AsyZn0yMmf8AwqBM1hFUgN5A1KFvMT9xjDwEMqOGJ5nU9EMAQ
DPxeCrRFcs+TKminFM710YxiJ3bNabcs5k4YTr2bnHSn4XgnHBFUjQgmeJpQAFp7
8USHgGRDXoCSyEl0otUEGKi4jWGQT9tSE4Ca+buKSjKcmn+XdG/XbgHVYp1j8vj2
5tDiCGvy8GRY2PfhiAEe5emXKJwMQQe2I/tmqaV4ALPFoiKrqZqU6iopw0c6SpZM
iUppTG8h
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:47 2025 by rpki-client