Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/dCxnsdnHgMDj5Hgbsvk3iesJBFY.roa
File: dCxnsdnHgMDj5Hgbsvk3iesJBFY.roa (raw, json)
Hash identifier: 588I2DCMjGma0MK5/oROnespEYdbWGsmk7woj0yHY6Y=
Subject key identifier: 74:2C:67:B1:D9:C7:80:C0:E3:E4:78:1B:B2:F9:37:89:EB:09:04:56
Certificate issuer: /CN=75d977aa2a4c10c7b47af2add96804487e2274a9
Certificate serial: 01856DDD55BE5AB3169F5FFE0FC823953C5C
Authority key identifier: 75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/dCxnsdnHgMDj5Hgbsvk3iesJBFY.roa
Signing time: Sun 01 Jan 2023 15:05:00 +0000
ROA not before: Sun 01 Jan 2023 15:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201973
IP address blocks: 80.246.96.0/20 maxlen: 20
2a03:f8c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:55:be:5a:b3:16:9f:5f:fe:0f:c8:23:95:3c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75d977aa2a4c10c7b47af2add96804487e2274a9
Validity
Not Before: Jan 1 15:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=742c67b1d9c780c0e3e4781bb2f93789eb090456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d6:33:39:b3:ff:cc:6d:46:7c:0f:37:7b:d6:
27:13:5e:a9:7a:1b:00:09:5e:c2:94:e7:20:2d:10:
cd:7e:11:82:a5:79:e0:bf:05:eb:76:69:b8:94:74:
8c:06:24:ae:48:6c:98:90:d9:00:a1:bf:86:e5:9e:
8d:59:4b:a4:b7:6d:6b:05:64:ac:2c:09:57:4d:00:
c1:c7:57:4d:d7:29:ae:4b:bf:3e:e1:f0:49:a6:9a:
b7:60:12:d7:2b:ae:67:f8:9b:67:dc:a8:4d:c4:04:
9d:b4:2a:44:89:6f:f6:4d:93:99:b1:17:2a:5c:75:
ea:fb:64:e0:00:a4:8e:82:a6:a5:43:cf:c1:e3:b4:
9b:ef:c1:94:bf:de:1a:83:f3:63:3a:7b:76:49:d8:
02:09:df:56:6f:c2:cd:6e:3b:ae:91:21:63:0c:7a:
93:7e:0e:19:9a:5a:bd:9f:6d:bc:02:44:2e:13:f5:
06:a7:03:f7:3f:71:00:61:f8:f2:d2:10:80:a5:b8:
72:79:a6:06:2e:87:01:93:b0:02:4a:17:8d:6d:01:
7e:7e:ef:b6:81:75:f3:8a:d8:ad:13:11:56:16:b2:
96:37:40:2d:7f:7f:07:a1:b9:d8:b9:43:46:fa:75:
88:ec:be:94:ae:5c:82:f4:78:ad:37:21:79:61:0c:
bf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:2C:67:B1:D9:C7:80:C0:E3:E4:78:1B:B2:F9:37:89:EB:09:04:56
X509v3 Authority Key Identifier:
keyid:75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/dCxnsdnHgMDj5Hgbsvk3iesJBFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.96.0/20
IPv6:
2a03:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
ad:6a:f5:f6:1e:f8:70:cb:28:b5:3d:ce:f0:05:5e:d3:84:86:
72:e1:ae:cb:20:d1:1e:7f:e6:c8:44:d5:7c:ef:d3:72:78:64:
8a:44:68:3d:51:d2:94:d6:ef:39:48:e9:2b:9e:51:67:cf:9b:
3b:9e:c3:fb:cd:d7:88:ae:51:b9:ba:57:91:a3:f2:63:8e:cb:
c8:24:ac:a6:05:6f:7a:b9:e1:b4:4d:43:80:e8:59:e7:e1:f0:
40:65:ce:dc:e8:4a:74:83:bd:29:23:e1:36:31:db:3d:85:c5:
66:23:48:62:4b:52:21:b6:a9:cc:a4:84:c8:d1:50:a4:ae:75:
4d:5d:59:09:9d:f4:64:43:4f:91:53:56:ea:a5:a6:bf:ff:7f:
82:52:ce:a2:53:08:e3:74:f0:ae:ae:9d:50:05:9e:28:3c:76:
f2:e1:22:7d:75:15:94:06:53:4f:0c:cf:7d:a2:4a:60:30:7c:
25:31:e5:ba:ff:f8:42:c5:e8:5a:06:13:ae:60:33:4c:df:34:
3a:73:00:68:fe:45:af:5b:4e:98:8a:4d:15:25:0c:f0:08:6b:
26:6f:ec:af:5d:9c:82:22:69:73:85:25:76:ff:e3:9b:c4:dd:
82:9a:bc:2b:ba:14:42:01:42:b8:7d:18:15:9f:0f:fa:8a:1c:
a4:fc:06:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt3VW+WrMWn1/+D8gjlTxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZDk3N2FhMmE0YzEwYzdiNDdhZjJhZGQ5NjgwNDQ4N2Uy
Mjc0YTkwHhcNMjMwMTAxMTUwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDJjNjdiMWQ5Yzc4MGMwZTNlNDc4MWJiMmY5Mzc4OWViMDkwNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69YzObP/zG1GfA83e9YnE16pehsA
CV7ClOcgLRDNfhGCpXngvwXrdmm4lHSMBiSuSGyYkNkAob+G5Z6NWUukt21rBWSs
LAlXTQDBx1dN1ymuS78+4fBJppq3YBLXK65n+Jtn3KhNxASdtCpEiW/2TZOZsRcq
XHXq+2TgAKSOgqalQ8/B47Sb78GUv94ag/NjOnt2SdgCCd9Wb8LNbjuukSFjDHqT
fg4Zmlq9n228AkQuE/UGpwP3P3EAYfjy0hCApbhyeaYGLocBk7ACSheNbQF+fu+2
gXXzititExFWFrKWN0Atf38HobnYuUNG+nWI7L6UrlyC9HitNyF5YQy/dwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHQsZ7HZx4DA4+R4G7L5N4nrCQRWMB8GA1UdIwQY
MBaAFHXZd6oqTBDHtHryrdloBEh+InSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzct
MTI2ZGY1NDQ2ZGU5LzEvZEN4bnNkbkhnTURqNUhnYnN2azNpZXNKQkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzctMTI2ZGY1NDQ2ZGU5
LzEvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUPZgMA0E
AgACMAcDBQAqA/jAMA0GCSqGSIb3DQEBCwUAA4IBAQCtavX2Hvhwyyi1Pc7wBV7T
hIZy4a7LINEef+bIRNV879NyeGSKRGg9UdKU1u85SOkrnlFnz5s7nsP7zdeIrlG5
uleRo/JjjsvIJKymBW96ueG0TUOA6Fnn4fBAZc7c6Ep0g70pI+E2Mds9hcVmI0hi
S1IhtqnMpITI0VCkrnVNXVkJnfRkQ0+RU1bqpaa//3+CUs6iUwjjdPCurp1QBZ4o
PHby4SJ9dRWUBlNPDM99okpgMHwlMeW6//hCxehaBhOuYDNM3zQ6cwBo/kWvW06Y
ik0VJQzwCGsmb+yvXZyCImlzhSV2/+ObxN2CmrwruhRCAUK4fRgVnw/6ihyk/AYS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:52 2025 by rpki-client