Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/dJCwK3NqtuTO49U1k-Nmj15w3VU.roa
File: dJCwK3NqtuTO49U1k-Nmj15w3VU.roa (raw, json)
Hash identifier: EHeYyfPl+4StWzGKFShXS/aolch3rifmF9GU51PJWhQ=
Subject key identifier: 74:90:B0:2B:73:6A:B6:E4:CE:E3:D5:35:93:E3:66:8F:5E:70:DD:55
Certificate issuer: /CN=faf814df8575986dd904a98687583c138768a114
Certificate serial: 018988356081EA71D29728BB3270BBF53616
Authority key identifier: FA:F8:14:DF:85:75:98:6D:D9:04:A9:86:87:58:3C:13:87:68:A1:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/dJCwK3NqtuTO49U1k-Nmj15w3VU.roa
Signing time: Mon 24 Jul 2023 14:02:26 +0000
ROA not before: Mon 24 Jul 2023 14:02:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21217
IP address blocks: 185.254.152.0/22 maxlen: 22
185.254.152.0/24 maxlen: 24
185.254.154.0/24 maxlen: 24
185.247.8.0/22 maxlen: 22
185.254.155.0/24 maxlen: 24
185.254.153.0/24 maxlen: 24
80.80.224.0/21 maxlen: 21
80.80.232.0/22 maxlen: 22
80.80.238.0/24 maxlen: 24
80.80.236.0/23 maxlen: 23
185.169.92.0/22 maxlen: 22
2001:40c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:88:35:60:81:ea:71:d2:97:28:bb:32:70:bb:f5:36:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faf814df8575986dd904a98687583c138768a114
Validity
Not Before: Jul 24 14:02:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7490b02b736ab6e4cee3d53593e3668f5e70dd55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9f:26:e0:c4:5b:0b:d7:26:b9:40:6b:c2:b8:
44:fa:d4:7b:77:c7:93:90:c3:83:cd:f0:79:d1:c7:
df:d7:84:21:14:3a:db:1b:46:4f:8f:3f:48:b5:90:
54:d8:1a:d3:43:4b:ef:4d:40:3e:d1:77:35:5f:9f:
e3:7b:fb:5e:ca:a0:2b:d0:68:03:7b:f4:fe:fc:21:
47:54:3f:8a:61:7e:e0:e8:71:c2:22:7f:37:b7:e8:
ae:f5:d5:21:12:1d:ac:32:51:66:91:2a:8c:1a:8e:
13:d4:ab:c5:df:1e:07:0d:c2:62:01:be:7c:c4:4e:
b1:eb:1e:92:a8:e2:cf:ca:a4:33:a7:a4:26:1b:a6:
42:a7:fd:40:62:03:e1:d4:f5:c5:37:07:eb:8b:58:
72:1b:fb:4e:7d:76:62:11:3a:62:0c:84:26:ab:f1:
e1:9b:47:26:6c:c4:14:61:c1:b8:df:21:e9:06:62:
6f:f7:9a:18:35:ea:70:90:64:74:0e:1c:26:02:9b:
a2:25:d9:e5:82:4d:d0:4f:18:df:a2:9d:10:6b:88:
65:aa:58:50:88:b0:e9:c0:f4:b3:7e:48:e4:ec:d4:
a8:c8:e1:a0:4e:63:a3:47:08:b2:80:60:1c:ce:3d:
31:e8:4a:8d:91:46:17:5c:53:14:96:dc:1b:fa:6c:
9e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:90:B0:2B:73:6A:B6:E4:CE:E3:D5:35:93:E3:66:8F:5E:70:DD:55
X509v3 Authority Key Identifier:
keyid:FA:F8:14:DF:85:75:98:6D:D9:04:A9:86:87:58:3C:13:87:68:A1:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/dJCwK3NqtuTO49U1k-Nmj15w3VU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.80.224.0-80.80.238.255
185.169.92.0/22
185.247.8.0/22
185.254.152.0/22
IPv6:
2001:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
88:f0:3c:90:7c:78:c4:23:3f:42:5b:d4:24:68:12:de:c2:2b:
da:da:56:35:95:29:79:b2:0d:ae:f6:09:0d:da:c3:dd:93:40:
08:4f:2f:bc:3d:24:bb:72:23:ad:52:f1:58:8d:9f:cd:49:fe:
05:13:bd:fb:7f:3c:a9:8e:27:40:98:97:a1:4a:32:f9:ef:c3:
c9:dd:b5:da:4a:26:95:35:f0:18:38:5f:8c:31:3b:a0:cf:7a:
94:b5:c1:d1:4f:f2:00:35:a0:2c:69:3c:a9:9d:aa:2b:ff:5e:
a5:e3:a5:64:4d:31:6d:bd:b5:ed:32:b9:99:24:7f:f6:ba:e5:
3b:0e:c0:8f:df:44:f8:44:6a:56:e0:36:30:59:e2:e7:0b:ea:
d9:b4:d7:ae:1e:46:ae:c1:bc:33:7f:78:0b:cc:96:be:8a:be:
c3:c8:4f:65:b0:96:ef:81:cc:d1:c3:a6:c2:12:bc:b6:17:13:
80:aa:3f:15:8a:ed:5f:be:83:71:5f:a4:c5:84:ce:1d:29:ff:
12:a3:98:b8:63:c3:f2:c2:5b:87:8f:b7:08:e9:d7:49:3e:5f:
37:df:02:d1:0a:cc:4b:c4:9c:ff:ab:06:8c:cc:fd:17:ff:e6:
ab:af:25:06:1f:4c:02:30:df:29:40:90:e0:37:61:f0:8f:78:
dd:86:33:53
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYmINWCB6nHSlyi7MnC79TYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZjgxNGRmODU3NTk4NmRkOTA0YTk4Njg3NTgzYzEzODc2
OGExMTQwHhcNMjMwNzI0MTQwMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDkwYjAyYjczNmFiNmU0Y2VlM2Q1MzU5M2UzNjY4ZjVlNzBkZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ8m4MRbC9cmuUBrwrhE+tR7d8eT
kMODzfB50cff14QhFDrbG0ZPjz9ItZBU2BrTQ0vvTUA+0Xc1X5/je/teyqAr0GgD
e/T+/CFHVD+KYX7g6HHCIn83t+iu9dUhEh2sMlFmkSqMGo4T1KvF3x4HDcJiAb58
xE6x6x6SqOLPyqQzp6QmG6ZCp/1AYgPh1PXFNwfri1hyG/tOfXZiETpiDIQmq/Hh
m0cmbMQUYcG43yHpBmJv95oYNepwkGR0DhwmApuiJdnlgk3QTxjfop0Qa4hlqlhQ
iLDpwPSzfkjk7NSoyOGgTmOjRwiygGAczj0x6EqNkUYXXFMUltwb+myeWwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHSQsCtzarbkzuPVNZPjZo9ecN1VMB8GA1UdIwQY
MBaAFPr4FN+FdZht2QSphodYPBOHaKEUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS12Z1UzNFYxbUczWkJLbUdoMWc4RTRkb29SUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEvNmZiYmVkLTg3MWYtNDg1Yi1hZDFh
LTQ2MjY5ZDE3ZTlmMS8xL2RKQ3dLM05xdHVUTzQ5VTFrLU5tajE1dzNWVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWEvNmZiYmVkLTg3MWYtNDg1Yi1hZDFhLTQ2MjY5ZDE3ZTlm
MS8xLzEtdmdVMzRWMW1HM1pCS21HaDFnOEU0ZG9vUlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSgYIKwYBBQUHAQcBAf8EOzA5MCYEAgABMCAwDAMEBVBQ
4AMEAFBQ7gMEArmpXAMEArn3CAMEArn+mDAPBAIAAjAJAwcAIAFAwAAAMA0GCSqG
SIb3DQEBCwUAA4IBAQCI8DyQfHjEIz9CW9QkaBLewiva2lY1lSl5sg2u9gkN2sPd
k0AITy+8PSS7ciOtUvFYjZ/NSf4FE737fzypjidAmJehSjL578PJ3bXaSiaVNfAY
OF+MMTugz3qUtcHRT/IANaAsaTypnaor/16l46VkTTFtvbXtMrmZJH/2uuU7DsCP
30T4RGpW4DYwWeLnC+rZtNeuHkauwbwzf3gLzJa+ir7DyE9lsJbvgczRw6bCEry2
FxOAqj8Viu1fvoNxX6TFhM4dKf8So5i4Y8PywluHj7cI6ddJPl833wLRCsxLxJz/
qwaMzP0X/+arryUGH0wCMN8pQJDgN2Hwj3jdhjNT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:58 2025 by rpki-client