Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/3382cf-2cb1-475e-92c0-815f990bd431/1/1-NySoj0BSV81n3XRCwN7Dc3lQT0.roa
File: 1-NySoj0BSV81n3XRCwN7Dc3lQT0.roa (raw, json)
Hash identifier: OpPhnNW5IB3luWypiLbrm1m1fwku8UH8NrBgR+7jWcc=
Subject key identifier: F8:DC:92:A2:3D:01:49:5F:35:9F:75:D1:0B:03:7B:0D:CD:E5:41:3D
Certificate issuer: /CN=d6086ddd97ba381389357e0e56ca11e5cfe8f453
Certificate serial: 01856EAFC8C617961FC2642A3C235E507C4B
Authority key identifier: D6:08:6D:DD:97:BA:38:13:89:35:7E:0E:56:CA:11:E5:CF:E8:F4:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ght3Ze6OBOJNX4OVsoR5c_o9FM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/3382cf-2cb1-475e-92c0-815f990bd431/1/1-NySoj0BSV81n3XRCwN7Dc3lQT0.roa
Signing time: Sun 01 Jan 2023 18:54:51 +0000
ROA not before: Sun 01 Jan 2023 18:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21260
IP address blocks: 80.87.128.0/20 maxlen: 24
185.27.20.0/22 maxlen: 24
2a04:1300::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:c8:c6:17:96:1f:c2:64:2a:3c:23:5e:50:7c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6086ddd97ba381389357e0e56ca11e5cfe8f453
Validity
Not Before: Jan 1 18:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8dc92a23d01495f359f75d10b037b0dcde5413d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:06:ec:41:bc:44:f5:7e:4c:3a:7c:c2:3e:19:
06:7f:eb:1f:70:34:cd:f1:b5:ad:ae:82:ba:1b:32:
1c:9d:d5:2f:6c:e8:15:80:dc:d2:f0:3c:d2:ab:d9:
23:36:34:ee:d9:1c:0b:85:9e:09:3c:de:87:06:28:
5c:4f:72:9c:8a:4a:d2:5b:5c:b2:5d:a8:bd:39:01:
61:4c:77:a4:4c:4f:eb:a2:7f:56:1d:73:50:21:72:
d2:ad:38:7f:25:58:1e:0b:c4:4d:c4:29:32:8e:0d:
78:34:a0:6b:29:05:28:c6:55:1a:ac:24:0e:5e:41:
5b:02:92:93:f2:a9:75:98:85:5c:b6:c7:ff:e9:1b:
94:85:08:a4:8e:fd:04:5d:30:90:55:76:10:e3:25:
23:ae:3b:b3:6f:0f:7f:b9:41:df:54:64:ff:6d:29:
97:20:c6:f2:e7:65:7f:74:4c:5b:c2:2b:6e:da:5c:
47:9c:6a:de:72:16:8c:6f:f6:73:b5:bf:58:6f:92:
2c:91:a5:dc:0b:6d:27:7a:d1:79:87:c2:e2:83:94:
aa:0b:0d:c4:12:19:68:c7:63:11:a6:a8:c0:4f:88:
55:ff:66:48:aa:74:e7:97:02:18:29:13:04:31:2c:
4d:04:fb:0c:0d:b7:6e:ba:6f:94:30:31:93:0d:01:
e2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DC:92:A2:3D:01:49:5F:35:9F:75:D1:0B:03:7B:0D:CD:E5:41:3D
X509v3 Authority Key Identifier:
keyid:D6:08:6D:DD:97:BA:38:13:89:35:7E:0E:56:CA:11:E5:CF:E8:F4:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ght3Ze6OBOJNX4OVsoR5c_o9FM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3382cf-2cb1-475e-92c0-815f990bd431/1/1-NySoj0BSV81n3XRCwN7Dc3lQT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3382cf-2cb1-475e-92c0-815f990bd431/1/1ght3Ze6OBOJNX4OVsoR5c_o9FM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.87.128.0/20
185.27.20.0/22
IPv6:
2a04:1300::/29
Signature Algorithm: sha256WithRSAEncryption
61:df:7f:e2:db:25:17:29:e1:6b:8f:6d:b4:a5:a6:ff:d4:55:
51:f6:ea:ae:50:ae:ab:79:6e:80:ac:92:6e:28:c8:06:b5:68:
ae:23:e4:89:c6:5b:4c:59:71:79:25:03:f2:4d:13:40:da:60:
cb:c1:9e:7c:2c:2c:5a:42:a9:0a:88:56:8b:4c:45:aa:07:5f:
ff:96:57:06:39:8b:44:05:5e:34:28:19:aa:0e:26:30:8d:47:
79:8b:88:2f:b4:40:19:ac:f3:7e:7c:17:49:58:83:06:4e:79:
13:3e:6a:b5:29:6f:d2:17:fc:07:1b:cd:b5:d0:2f:49:77:31:
00:8f:01:ba:21:44:44:26:8d:8e:b4:ed:5e:42:f9:fc:9a:41:
aa:89:31:3f:5d:96:98:81:01:f7:d4:38:12:24:ab:a5:c0:81:
73:7b:d4:0b:a0:04:31:01:84:a7:b5:a9:c7:3e:c6:f2:17:c7:
6f:73:5e:04:28:60:bd:c5:31:df:95:5c:1d:5e:74:53:ab:0b:
6d:a9:cf:e4:23:c5:d3:d2:47:2c:9b:3c:fb:0d:6f:0e:15:b3:
7d:04:fc:c9:15:81:33:ae:fb:1f:65:c6:84:37:0e:b4:01:cf:
fa:7e:14:9f:dc:99:1b:bf:23:fb:65:8f:91:71:13:c9:3f:0b:
93:05:1d:0d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVur8jGF5YfwmQqPCNeUHxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDg2ZGRkOTdiYTM4MTM4OTM1N2UwZTU2Y2ExMWU1Y2Zl
OGY0NTMwHhcNMjMwMTAxMTg1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGRjOTJhMjNkMDE0OTVmMzU5Zjc1ZDEwYjAzN2IwZGNkZTU0MTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwbsQbxE9X5MOnzCPhkGf+sfcDTN
8bWtroK6GzIcndUvbOgVgNzS8DzSq9kjNjTu2RwLhZ4JPN6HBihcT3KcikrSW1yy
Xai9OQFhTHekTE/ron9WHXNQIXLSrTh/JVgeC8RNxCkyjg14NKBrKQUoxlUarCQO
XkFbApKT8ql1mIVctsf/6RuUhQikjv0EXTCQVXYQ4yUjrjuzbw9/uUHfVGT/bSmX
IMby52V/dExbwitu2lxHnGrechaMb/Zztb9Yb5IskaXcC20netF5h8Lig5SqCw3E
Ehlox2MRpqjAT4hV/2ZIqnTnlwIYKRMEMSxNBPsMDbduum+UMDGTDQHieQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPjckqI9AUlfNZ910QsDew3N5UE9MB8GA1UdIwQY
MBaAFNYIbd2XujgTiTV+DlbKEeXP6PRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdodDNaZTZPQk9KTlg0T1Zzb1I1Y19vOUZNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMzgyY2YtMmNiMS00NzVlLTkyYzAt
ODE1Zjk5MGJkNDMxLzEvMS1OeVNvajBCU1Y4MW4zWFJDd043RGMzbFFUMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2EvMzM4MmNmLTJjYjEtNDc1ZS05MmMwLTgxNWY5OTBiZDQz
MS8xLzFnaHQzWmU2T0JPSk5YNE9Wc29SNWNfbzlGTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFBXgAME
ArkbFDANBAIAAjAHAwUDKgQTADANBgkqhkiG9w0BAQsFAAOCAQEAYd9/4tslFynh
a49ttKWm/9RVUfbqrlCuq3lugKySbijIBrVoriPkicZbTFlxeSUD8k0TQNpgy8Ge
fCwsWkKpCohWi0xFqgdf/5ZXBjmLRAVeNCgZqg4mMI1HeYuIL7RAGazzfnwXSViD
Bk55Ez5qtSlv0hf8BxvNtdAvSXcxAI8BuiFERCaNjrTtXkL5/JpBqokxP12WmIEB
99Q4EiSrpcCBc3vUC6AEMQGEp7Wpxz7G8hfHb3NeBChgvcUx35VcHV50U6sLbanP
5CPF09JHLJs8+w1vDhWzfQT8yRWBM677H2XGhDcOtAHP+n4Un9yZG78j+2WPkXET
yT8LkwUdDQ==
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:36:44 2025 by rpki-client