Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dbc0e6-2555-4bf3-9ab1-9915990bcb59/1/lJcBKhpJZL2L92uU1NlFygV-1lQ.roa
File: lJcBKhpJZL2L92uU1NlFygV-1lQ.roa (raw, json)
Hash identifier: AHCuaSZkUhXzDioCAgcH1ceth0VA4AfzM7FG91D6Sck=
Subject key identifier: 94:97:01:2A:1A:49:64:BD:8B:F7:6B:94:D4:D9:45:CA:05:7E:D6:54
Certificate issuer: /CN=af4d16c335407bf0d0a51cef9b9c1c5310280f48
Certificate serial: 01856F8256291C1716FA04F272A28262D8C0
Authority key identifier: AF:4D:16:C3:35:40:7B:F0:D0:A5:1C:EF:9B:9C:1C:53:10:28:0F:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r00WwzVAe_DQpRzvm5wcUxAoD0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dbc0e6-2555-4bf3-9ab1-9915990bcb59/1/lJcBKhpJZL2L92uU1NlFygV-1lQ.roa
Signing time: Sun 01 Jan 2023 22:44:50 +0000
ROA not before: Sun 01 Jan 2023 22:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25176
IP address blocks: 185.80.208.0/22 maxlen: 22
2a03:7c80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:56:29:1c:17:16:fa:04:f2:72:a2:82:62:d8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af4d16c335407bf0d0a51cef9b9c1c5310280f48
Validity
Not Before: Jan 1 22:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9497012a1a4964bd8bf76b94d4d945ca057ed654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3a:e1:b8:70:f9:3a:15:8f:f0:40:fe:f6:f5:
00:18:17:20:04:89:2e:27:a5:cc:dd:0a:d5:2d:b0:
10:de:f3:59:ee:29:07:d6:f0:b7:90:34:59:27:96:
b4:5a:2e:89:f8:6e:39:71:71:93:0d:21:c9:23:d5:
f0:82:18:47:af:f7:5e:51:ec:db:49:18:fa:fc:c0:
2e:36:cd:c7:66:5c:92:44:ea:41:ac:23:a0:51:b9:
89:d1:13:1b:e9:bb:28:82:5c:36:7c:38:18:3c:f4:
31:85:a0:55:30:91:50:ae:59:68:ea:42:da:13:78:
e2:88:d3:79:b3:05:e7:b4:ff:b4:a1:e9:ff:46:be:
18:f1:ee:2c:6f:c0:86:ce:ae:7e:d1:22:ae:2c:7c:
29:77:57:58:00:08:1b:8f:57:3b:e6:f9:37:2b:9d:
d5:98:b2:c0:76:9a:e9:fd:d0:e3:c5:a2:e1:99:a3:
63:c3:bf:95:95:93:e8:ff:f8:6a:5a:26:e0:e7:3d:
84:36:6f:a5:00:70:e6:84:d4:a5:45:c4:10:cd:df:
46:2a:ba:92:3c:42:4b:5b:83:3c:b7:43:9b:68:42:
06:88:6d:ed:4f:96:85:74:48:21:ec:9f:47:d1:a5:
ae:52:13:f9:f0:aa:79:5b:6a:42:f5:8d:10:bd:73:
72:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:97:01:2A:1A:49:64:BD:8B:F7:6B:94:D4:D9:45:CA:05:7E:D6:54
X509v3 Authority Key Identifier:
keyid:AF:4D:16:C3:35:40:7B:F0:D0:A5:1C:EF:9B:9C:1C:53:10:28:0F:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r00WwzVAe_DQpRzvm5wcUxAoD0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dbc0e6-2555-4bf3-9ab1-9915990bcb59/1/lJcBKhpJZL2L92uU1NlFygV-1lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dbc0e6-2555-4bf3-9ab1-9915990bcb59/1/r00WwzVAe_DQpRzvm5wcUxAoD0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.208.0/22
IPv6:
2a03:7c80::/32
Signature Algorithm: sha256WithRSAEncryption
4b:1d:88:64:2b:b7:6f:69:55:98:56:2b:35:17:c0:32:38:20:
91:9a:b7:4e:ce:89:10:a2:33:34:eb:75:40:65:25:8c:23:1a:
8c:51:fc:6b:80:3c:51:7f:d6:83:11:fc:e1:54:c9:6a:b2:3d:
9b:ae:a8:c3:18:91:ff:52:9f:38:4c:2f:89:6c:22:54:d0:e8:
0f:3f:25:1b:3e:f6:d0:1f:e4:a2:07:f0:09:67:45:ec:e8:5f:
ca:6f:db:59:10:48:9c:89:0a:38:6c:b1:64:37:36:d1:7e:56:
42:fb:ca:d6:0e:de:b5:1b:5c:c1:ed:6d:f4:5b:6f:fd:80:bf:
4f:86:d6:14:fe:7d:0a:e6:2b:09:7c:fa:86:4e:21:8f:e6:4a:
eb:de:32:a7:0e:f3:7a:38:db:f0:7c:9c:65:7c:12:5a:62:1c:
99:4c:9e:78:37:00:ee:1d:f8:a2:d2:5f:e3:f4:40:b2:72:d5:
c0:c5:0b:85:2d:75:94:54:aa:73:b5:4d:98:81:82:69:29:0f:
55:fd:fc:58:7a:b8:d5:e2:30:b2:2d:92:b1:08:4a:c1:99:9b:
ef:88:12:e1:ac:f6:aa:1f:38:cd:46:ea:69:d9:60:34:a5:dc:
08:6d:81:4e:2b:73:78:8d:16:af:1c:a1:18:22:a9:18:91:bd:
a0:66:1b:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvglYpHBcW+gTycqKCYtjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNGQxNmMzMzU0MDdiZjBkMGE1MWNlZjliOWMxYzUzMTAy
ODBmNDgwHhcNMjMwMTAxMjI0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk3MDEyYTFhNDk2NGJkOGJmNzZiOTRkNGQ5NDVjYTA1N2VkNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTrhuHD5OhWP8ED+9vUAGBcgBIku
J6XM3QrVLbAQ3vNZ7ikH1vC3kDRZJ5a0Wi6J+G45cXGTDSHJI9XwghhHr/deUezb
SRj6/MAuNs3HZlySROpBrCOgUbmJ0RMb6bsoglw2fDgYPPQxhaBVMJFQrllo6kLa
E3jiiNN5swXntP+0oen/Rr4Y8e4sb8CGzq5+0SKuLHwpd1dYAAgbj1c75vk3K53V
mLLAdprp/dDjxaLhmaNjw7+VlZPo//hqWibg5z2ENm+lAHDmhNSlRcQQzd9GKrqS
PEJLW4M8t0ObaEIGiG3tT5aFdEgh7J9H0aWuUhP58Kp5W2pC9Y0QvXNyTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJSXASoaSWS9i/drlNTZRcoFftZUMB8GA1UdIwQY
MBaAFK9NFsM1QHvw0KUc75ucHFMQKA9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjAwV3d6VkFlX0RRcFJ6dm01d2NVeEFvRDBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kYmMwZTYtMjU1NS00YmYzLTlhYjEt
OTkxNTk5MGJjYjU5LzEvbEpjQktocEpaTDJMOTJ1VTFObEZ5Z1YtMWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kYmMwZTYtMjU1NS00YmYzLTlhYjEtOTkxNTk5MGJjYjU5
LzEvcjAwV3d6VkFlX0RRcFJ6dm01d2NVeEFvRDBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVDQMA0E
AgACMAcDBQAqA3yAMA0GCSqGSIb3DQEBCwUAA4IBAQBLHYhkK7dvaVWYVis1F8Ay
OCCRmrdOzokQojM063VAZSWMIxqMUfxrgDxRf9aDEfzhVMlqsj2brqjDGJH/Up84
TC+JbCJU0OgPPyUbPvbQH+SiB/AJZ0Xs6F/Kb9tZEEiciQo4bLFkNzbRflZC+8rW
Dt61G1zB7W30W2/9gL9PhtYU/n0K5isJfPqGTiGP5krr3jKnDvN6ONvwfJxlfBJa
YhyZTJ54NwDuHfii0l/j9ECyctXAxQuFLXWUVKpztU2YgYJpKQ9V/fxYerjV4jCy
LZKxCErBmZvviBLhrPaqHzjNRupp2WA0pdwIbYFOK3N4jRavHKEYIqkYkb2gZht6
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:40:23 2025 by rpki-client