Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/94ryVNubQzIPv5s8D8shu4fYnQ0.roa
File: 94ryVNubQzIPv5s8D8shu4fYnQ0.roa (raw, json)
Hash identifier: wtCKd+7s09jn6R4r0YMerOonyUR4ktHRrqmYSCV69DY=
Subject key identifier: F7:8A:F2:54:DB:9B:43:32:0F:BF:9B:3C:0F:CB:21:BB:87:D8:9D:0D
Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Certificate serial: 01843DBF7C6BBF6472A8E79D73B7AB1FB6FD
Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/94ryVNubQzIPv5s8D8shu4fYnQ0.roa
Signing time: Thu 03 Nov 2022 13:47:50 +0000
ROA not before: Thu 03 Nov 2022 13:47:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42622
IP address blocks: 80.72.0.0/20 maxlen: 20
185.84.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:bf:7c:6b:bf:64:72:a8:e7:9d:73:b7:ab:1f:b6:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Validity
Not Before: Nov 3 13:47:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f78af254db9b43320fbf9b3c0fcb21bb87d89d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0a:28:95:b1:ba:cc:42:b4:db:3f:da:c6:a8:
fc:9e:48:ba:19:df:ba:7c:32:d5:62:ec:2a:7d:bf:
f5:d5:07:3b:a2:27:a0:8f:8d:38:87:31:5e:4c:2c:
38:3c:24:06:52:c3:6d:aa:06:53:e6:48:af:a6:0a:
0e:d6:65:9e:2d:2d:48:f4:61:a8:09:dc:4b:b5:d6:
52:15:1d:26:a3:d8:2b:a5:d9:85:33:79:85:12:21:
85:78:01:fe:73:69:a8:83:ef:9b:a2:be:64:de:fe:
aa:9a:0c:6f:3b:dc:bd:6f:c8:1d:1a:18:f9:16:bf:
a1:f0:5f:b6:fc:54:fb:19:e4:d4:cf:ba:b3:c4:07:
3b:59:cd:18:df:67:0b:6d:94:13:bc:9f:83:4d:2d:
56:a4:e5:b1:99:75:b9:4a:49:78:5f:f9:43:b4:b3:
08:dd:7f:ac:df:23:98:d8:5a:e4:19:96:ff:b9:f4:
4f:22:ca:11:9d:e1:9d:b2:e5:aa:b9:42:3b:b8:56:
2e:3c:d5:3c:60:e9:0d:7a:54:b2:eb:5f:f0:8d:77:
03:b8:67:48:ca:50:12:27:a8:5b:66:ea:91:b0:cb:
7e:3b:a1:8b:fd:9f:ba:67:e2:54:78:13:5b:de:ff:
61:3d:a5:b8:4a:80:58:8d:00:da:3f:6d:e4:ec:81:
62:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8A:F2:54:DB:9B:43:32:0F:BF:9B:3C:0F:CB:21:BB:87:D8:9D:0D
X509v3 Authority Key Identifier:
keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/94ryVNubQzIPv5s8D8shu4fYnQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.0.0/20
185.84.212.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:6f:f7:bc:50:53:bf:67:1b:74:a4:7f:4f:57:b0:41:6a:fd:
c1:67:da:0e:1c:a7:81:79:d1:25:38:87:75:46:cf:e6:90:24:
99:90:fc:b8:8f:1d:4c:e4:e3:54:52:72:b2:a8:b6:48:70:75:
04:9d:f7:a3:67:87:46:34:18:8c:98:34:a4:36:8d:3c:1a:1b:
b9:86:30:ec:e3:f6:fb:15:50:12:ca:de:5c:18:6c:39:b4:97:
bb:57:02:77:71:f7:68:2b:ab:43:6d:e9:f1:6d:d6:ce:1e:1f:
47:80:a7:d6:9a:8f:11:a7:45:36:e1:95:cf:47:75:c5:7a:29:
66:19:74:2b:f0:06:8d:7d:a8:57:b8:6a:2b:bc:eb:6a:e5:3f:
f2:f6:f7:6b:89:dd:8e:c7:95:55:be:06:16:17:3e:dd:2b:f0:
48:00:1b:b6:54:88:3e:95:9a:47:79:54:7b:d7:b9:c1:e9:8c:
56:25:e2:36:ae:0f:e9:3c:a7:b8:c6:18:70:17:89:02:2c:bd:
70:b2:5d:c3:d3:60:80:e0:0d:60:75:2c:37:54:6d:53:77:05:
cb:a8:20:40:9b:6a:bb:f8:7b:02:70:e1:e0:b3:ec:e9:1c:72:
47:30:94:2f:03:6e:b7:3e:72:3b:e8:af:c8:d5:cb:dd:c4:40:
10:38:55:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQ9v3xrv2RyqOedc7erH7b9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy
M2E0NGYwHhcNMjIxMTAzMTM0NzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzhhZjI1NGRiOWI0MzMyMGZiZjliM2MwZmNiMjFiYjg3ZDg5ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQoolbG6zEK02z/axqj8nki6Gd+6
fDLVYuwqfb/11Qc7oiegj404hzFeTCw4PCQGUsNtqgZT5kivpgoO1mWeLS1I9GGo
CdxLtdZSFR0mo9grpdmFM3mFEiGFeAH+c2mog++bor5k3v6qmgxvO9y9b8gdGhj5
Fr+h8F+2/FT7GeTUz7qzxAc7Wc0Y32cLbZQTvJ+DTS1WpOWxmXW5Skl4X/lDtLMI
3X+s3yOY2FrkGZb/ufRPIsoRneGdsuWquUI7uFYuPNU8YOkNelSy61/wjXcDuGdI
ylASJ6hbZuqRsMt+O6GL/Z+6Z+JUeBNb3v9hPaW4SoBYjQDaP23k7IFiCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPeK8lTbm0MyD7+bPA/LIbuH2J0NMB8GA1UdIwQY
MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt
MmU2MzlmY2E0NjQwLzEvOTRyeVZOdWJReklQdjVzOEQ4c2h1NGZZblEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw
LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUEgAAwQC
uVTUMA0GCSqGSIb3DQEBCwUAA4IBAQB+b/e8UFO/Zxt0pH9PV7BBav3BZ9oOHKeB
edElOId1Rs/mkCSZkPy4jx1M5ONUUnKyqLZIcHUEnfejZ4dGNBiMmDSkNo08Ghu5
hjDs4/b7FVASyt5cGGw5tJe7VwJ3cfdoK6tDbenxbdbOHh9HgKfWmo8Rp0U24ZXP
R3XFeilmGXQr8AaNfahXuGorvOtq5T/y9vdrid2Ox5VVvgYWFz7dK/BIABu2VIg+
lZpHeVR717nB6YxWJeI2rg/pPKe4xhhwF4kCLL1wsl3D02CA4A1gdSw3VG1TdwXL
qCBAm2q7+HsCcOHgs+zpHHJHMJQvA263PnI76K/I1cvdxEAQOFXr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:38 2024 by rpki-client on console-ams.rpki-client.org