Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/T_AeVyp7iboremu9ocr97bk9fFE.roa
File: T_AeVyp7iboremu9ocr97bk9fFE.roa (raw, json)
Hash identifier: cfrP4DOjx/RJBiUu58zXgIOrFGaNGwTcC8AVIyUoyU8=
Subject key identifier: 4F:F0:1E:57:2A:7B:89:BA:2B:7A:6B:BD:A1:CA:FD:ED:B9:3D:7C:51
Certificate issuer: /CN=42f9a96952777f1074338303ecb65025c4e2b8b5
Certificate serial: 018A5FD519E4E033BF4C3EA77ABEDAF73AE3
Authority key identifier: 42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/T_AeVyp7iboremu9ocr97bk9fFE.roa
Signing time: Mon 04 Sep 2023 10:55:15 +0000
ROA not before: Mon 04 Sep 2023 10:55:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206260
IP address blocks: 83.223.208.0/20 maxlen: 20
185.13.124.0/22 maxlen: 22
143.110.96.0/19 maxlen: 19
141.0.128.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:d5:19:e4:e0:33:bf:4c:3e:a7:7a:be:da:f7:3a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f9a96952777f1074338303ecb65025c4e2b8b5
Validity
Not Before: Sep 4 10:55:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ff01e572a7b89ba2b7a6bbda1cafdedb93d7c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bc:c0:9c:f8:d1:62:9e:83:cb:ed:eb:1c:ed:
db:07:6e:ed:a4:e7:34:ea:5b:89:53:bd:31:0c:e1:
75:c6:d3:54:30:17:20:c6:7a:85:12:f1:37:fa:4c:
e4:a8:b1:09:82:e2:9b:25:61:99:b9:56:90:56:74:
a3:4a:65:69:af:23:d0:c1:20:ed:cc:15:f7:f8:31:
1e:4c:f9:2d:a6:71:9e:2c:8d:c4:51:cc:d4:cf:c0:
fb:b9:36:e8:1a:1a:9e:86:34:05:1b:1f:4b:e2:1b:
fc:9f:81:fa:64:af:84:a9:b2:9f:87:ed:5f:e0:7a:
a7:85:41:75:2c:1f:df:36:b6:9a:43:e8:dd:14:12:
79:94:92:ba:98:da:bd:e4:db:8b:cb:51:9d:62:6b:
3b:2e:30:bf:6a:73:c2:a8:a0:af:81:cd:76:38:67:
bb:7e:ec:fd:f6:fb:00:e8:2a:17:61:59:81:af:74:
37:f1:56:f7:8f:c9:55:47:4c:43:02:35:81:f0:a1:
02:f9:43:57:23:80:46:e4:b9:cc:df:47:3a:f0:ed:
50:62:2d:fb:67:9d:85:4e:50:34:2f:cd:21:59:cb:
ba:29:c1:cd:16:ef:73:38:f1:f1:0a:a5:d4:54:16:
e3:ab:63:61:b8:47:34:53:7d:32:3a:1e:92:fa:e5:
8c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F0:1E:57:2A:7B:89:BA:2B:7A:6B:BD:A1:CA:FD:ED:B9:3D:7C:51
X509v3 Authority Key Identifier:
keyid:42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/T_AeVyp7iboremu9ocr97bk9fFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.223.208.0/20
141.0.128.0/20
143.110.96.0/19
185.13.124.0/22
Signature Algorithm: sha256WithRSAEncryption
94:5f:1c:bb:fb:cc:3d:ae:8a:62:56:4e:96:eb:f6:7f:83:31:
be:46:e5:8a:6d:55:51:7a:a7:7c:4f:da:5b:ff:11:4c:5c:32:
fb:14:f9:d8:1f:08:2b:5f:d9:44:32:49:5a:af:93:e5:8f:fd:
25:9b:be:83:8b:02:ba:e7:b8:c8:cd:19:94:e4:d4:89:b0:24:
b4:33:ca:ce:63:2d:fc:1e:34:1e:42:38:01:82:46:3d:c1:6f:
b9:ac:72:aa:aa:b7:b2:14:ea:07:1f:e3:50:ef:5d:17:b4:da:
8a:66:f5:75:3f:8c:73:a7:93:74:bb:79:22:61:35:b9:c6:70:
dc:fe:a9:5c:06:47:31:da:a8:90:11:f9:e1:b4:7a:f4:8c:f1:
84:8b:46:51:1f:47:95:fa:82:e3:38:f8:19:9a:cc:01:57:34:
ed:06:62:b7:3f:54:3e:44:f5:61:64:20:05:f9:0a:4e:82:56:
81:e1:74:99:9f:0f:65:18:95:83:e4:15:78:7b:b0:1c:0b:63:
9f:1a:3a:c4:23:36:26:93:6b:57:6a:a8:17:fe:1b:bf:41:47:
ea:66:ff:dd:b1:1a:57:0f:86:3c:01:13:2d:ca:bb:d3:5b:12:
09:71:62:72:d2:4c:2e:d9:70:24:b4:e2:d1:78:7e:10:f7:5b:
ae:c9:3f:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpf1Rnk4DO/TD6ner7a9zrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjlhOTY5NTI3NzdmMTA3NDMzODMwM2VjYjY1MDI1YzRl
MmI4YjUwHhcNMjMwOTA0MTA1NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmYwMWU1NzJhN2I4OWJhMmI3YTZiYmRhMWNhZmRlZGI5M2Q3YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirzAnPjRYp6Dy+3rHO3bB27tpOc0
6luJU70xDOF1xtNUMBcgxnqFEvE3+kzkqLEJguKbJWGZuVaQVnSjSmVpryPQwSDt
zBX3+DEeTPktpnGeLI3EUczUz8D7uTboGhqehjQFGx9L4hv8n4H6ZK+EqbKfh+1f
4HqnhUF1LB/fNraaQ+jdFBJ5lJK6mNq95NuLy1GdYms7LjC/anPCqKCvgc12OGe7
fuz99vsA6CoXYVmBr3Q38Vb3j8lVR0xDAjWB8KEC+UNXI4BG5LnM30c68O1QYi37
Z52FTlA0L80hWcu6KcHNFu9zOPHxCqXUVBbjq2NhuEc0U30yOh6S+uWMKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE/wHlcqe4m6K3prvaHK/e25PXxRMB8GA1UdIwQY
MBaAFEL5qWlSd38QdDODA+y2UCXE4ri1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUt
NzdmYTI5MTI5OTRkLzEvVF9BZVZ5cDdpYm9yZW11OW9jcjk3Yms5ZkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUtNzdmYTI5MTI5OTRk
LzEvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEU9/QAwQE
jQCAAwQFj25gAwQCuQ18MA0GCSqGSIb3DQEBCwUAA4IBAQCUXxy7+8w9ropiVk6W
6/Z/gzG+RuWKbVVReqd8T9pb/xFMXDL7FPnYHwgrX9lEMklar5Plj/0lm76DiwK6
57jIzRmU5NSJsCS0M8rOYy38HjQeQjgBgkY9wW+5rHKqqreyFOoHH+NQ710XtNqK
ZvV1P4xzp5N0u3kiYTW5xnDc/qlcBkcx2qiQEfnhtHr0jPGEi0ZRH0eV+oLjOPgZ
mswBVzTtBmK3P1Q+RPVhZCAF+QpOglaB4XSZnw9lGJWD5BV4e7AcC2OfGjrEIzYm
k2tXaqgX/hu/QUfqZv/dsRpXD4Y8ARMtyrvTWxIJcWJy0kwu2XAktOLReH4Q91uu
yT9Z
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:33 2025 by rpki-client