Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/g_ngaHbYUJu2wOxu0Ll7CzFw7p0.roa
File: g_ngaHbYUJu2wOxu0Ll7CzFw7p0.roa (raw, json)
Hash identifier: /2V25lYvQ+ckL4oF24CUjmNVPKSw5+rrh0UWy4CEvuI=
Subject key identifier: 83:F9:E0:68:76:D8:50:9B:B6:C0:EC:6E:D0:B9:7B:0B:31:70:EE:9D
Certificate issuer: /CN=75d977aa2a4c10c7b47af2add96804487e2274a9
Certificate serial: 018978E42C781622A09E92C84EA4C0E4C7FB
Authority key identifier: 75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/g_ngaHbYUJu2wOxu0Ll7CzFw7p0.roa
Signing time: Fri 21 Jul 2023 14:39:26 +0000
ROA not before: Fri 21 Jul 2023 14:39:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201973
IP address blocks: 80.246.97.0/24 maxlen: 24
80.246.96.0/20 maxlen: 20
80.246.96.0/24 maxlen: 24
80.246.107.0/24 maxlen: 24
2a03:f8c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:e4:2c:78:16:22:a0:9e:92:c8:4e:a4:c0:e4:c7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75d977aa2a4c10c7b47af2add96804487e2274a9
Validity
Not Before: Jul 21 14:39:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83f9e06876d8509bb6c0ec6ed0b97b0b3170ee9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:00:b9:37:1b:5d:c6:92:3d:8d:8a:6e:4a:9b:
43:1b:ee:06:ec:a9:d1:75:f3:d3:2c:f9:eb:2f:65:
db:51:43:db:82:f1:5c:8e:48:fa:f8:12:f0:73:d7:
61:33:b2:ba:87:f7:62:08:24:32:3f:7f:7a:8a:01:
91:01:90:96:07:ac:5e:25:b9:6e:73:57:d2:5e:89:
ef:e8:3f:61:d7:fe:d1:39:2e:68:a6:95:6f:9d:63:
33:6c:2f:f3:63:d6:57:d1:04:7e:ee:88:d1:c5:03:
37:48:2e:ce:f4:ce:98:ce:f2:dd:f2:1f:97:17:44:
c5:73:c2:f7:c9:40:43:fc:d9:f5:28:1d:59:9c:08:
1a:95:d7:8e:c9:68:47:38:cc:3b:7b:a2:38:8f:10:
73:03:68:de:f2:8b:36:d3:21:b2:d8:13:d7:65:0e:
2c:bd:4c:47:06:4e:14:26:e7:3d:21:de:ec:73:96:
41:6d:53:4f:e7:c0:96:5e:51:2a:81:a3:d4:47:cf:
d5:a5:ab:78:cc:e9:9d:cb:df:d6:b8:f8:0c:af:b6:
c3:fb:bf:b7:00:c0:01:8c:4b:8c:a5:a4:b3:61:8f:
89:84:18:b3:5d:0a:fa:b6:97:50:40:b1:80:7a:8b:
84:a6:fd:db:8e:02:73:24:03:80:a7:4b:11:53:02:
53:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F9:E0:68:76:D8:50:9B:B6:C0:EC:6E:D0:B9:7B:0B:31:70:EE:9D
X509v3 Authority Key Identifier:
keyid:75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/g_ngaHbYUJu2wOxu0Ll7CzFw7p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.96.0/20
IPv6:
2a03:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
98:f0:06:9b:49:b5:37:57:cb:58:37:a7:45:2f:b5:c2:bd:c9:
da:a4:58:fb:4e:fc:4e:01:f4:f4:f7:3b:84:f2:19:e2:2d:c1:
e7:03:0d:5c:1a:59:59:d2:54:3f:e9:92:55:fd:94:aa:cc:b2:
5a:55:4b:f7:39:1c:f0:7e:ba:ff:92:31:f0:19:0e:fd:74:5d:
27:91:9f:de:60:dd:89:e2:80:86:ff:a3:29:d9:69:79:54:4e:
ab:46:9f:b4:cf:11:26:48:ba:b6:1d:cc:02:b8:32:40:32:83:
c4:41:8e:1d:b2:9f:3f:46:27:b5:74:e7:e2:03:4e:8f:42:32:
ff:4d:c1:70:3e:3a:3e:1a:2a:d2:c3:5f:d6:65:8c:88:86:c2:
25:08:1b:57:46:59:ef:36:aa:cc:ad:74:b7:a8:7f:4e:7a:05:
af:68:c4:2d:be:54:06:7b:d7:32:c2:81:4b:f3:b7:50:6b:5d:
69:5a:fc:9b:b4:36:29:15:d0:f2:b2:e6:f8:d0:65:27:46:43:
31:ba:0c:9d:72:e8:94:c1:f6:07:b4:61:4a:32:2e:66:b3:12:
93:a6:72:37:94:f9:44:c0:11:fb:f3:a5:5d:c3:d0:93:dc:6a:
23:bf:eb:58:44:85:0a:3e:7d:04:51:1f:5b:bb:75:58:5a:89:
86:52:34:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYl45Cx4FiKgnpLITqTA5Mf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZDk3N2FhMmE0YzEwYzdiNDdhZjJhZGQ5NjgwNDQ4N2Uy
Mjc0YTkwHhcNMjMwNzIxMTQzOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Y5ZTA2ODc2ZDg1MDliYjZjMGVjNmVkMGI5N2IwYjMxNzBlZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgC5NxtdxpI9jYpuSptDG+4G7KnR
dfPTLPnrL2XbUUPbgvFcjkj6+BLwc9dhM7K6h/diCCQyP396igGRAZCWB6xeJblu
c1fSXonv6D9h1/7ROS5oppVvnWMzbC/zY9ZX0QR+7ojRxQM3SC7O9M6YzvLd8h+X
F0TFc8L3yUBD/Nn1KB1ZnAgaldeOyWhHOMw7e6I4jxBzA2je8os20yGy2BPXZQ4s
vUxHBk4UJuc9Id7sc5ZBbVNP58CWXlEqgaPUR8/Vpat4zOmdy9/WuPgMr7bD+7+3
AMABjEuMpaSzYY+JhBizXQr6tpdQQLGAeouEpv3bjgJzJAOAp0sRUwJTlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIP54Gh22FCbtsDsbtC5ewsxcO6dMB8GA1UdIwQY
MBaAFHXZd6oqTBDHtHryrdloBEh+InSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzct
MTI2ZGY1NDQ2ZGU5LzEvZ19uZ2FIYllVSnUyd094dTBMbDdDekZ3N3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzctMTI2ZGY1NDQ2ZGU5
LzEvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUPZgMA0E
AgACMAcDBQAqA/jAMA0GCSqGSIb3DQEBCwUAA4IBAQCY8AabSbU3V8tYN6dFL7XC
vcnapFj7TvxOAfT09zuE8hniLcHnAw1cGllZ0lQ/6ZJV/ZSqzLJaVUv3ORzwfrr/
kjHwGQ79dF0nkZ/eYN2J4oCG/6Mp2Wl5VE6rRp+0zxEmSLq2HcwCuDJAMoPEQY4d
sp8/Rie1dOfiA06PQjL/TcFwPjo+GirSw1/WZYyIhsIlCBtXRlnvNqrMrXS3qH9O
egWvaMQtvlQGe9cywoFL87dQa11pWvybtDYpFdDysub40GUnRkMxugydcuiUwfYH
tGFKMi5msxKTpnI3lPlEwBH786Vdw9CT3Gojv+tYRIUKPn0EUR9bu3VYWomGUjTJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:07 2025 by rpki-client