Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/dPc1mLKJDlyW3r-faNlnl9tdmJo.roa
File: dPc1mLKJDlyW3r-faNlnl9tdmJo.roa (raw, json)
Hash identifier: gbfukcouTc5Xui4LKAhyWdaHv8hbfNchuSc963oqvHg=
Subject key identifier: 74:F7:35:98:B2:89:0E:5C:96:DE:BF:9F:68:D9:67:97:DB:5D:98:9A
Certificate issuer: /CN=faf814df8575986dd904a98687583c138768a114
Certificate serial: 0189B02B7ADB60E6AC1E9083138BF38D4A5D
Authority key identifier: FA:F8:14:DF:85:75:98:6D:D9:04:A9:86:87:58:3C:13:87:68:A1:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/dPc1mLKJDlyW3r-faNlnl9tdmJo.roa
Signing time: Tue 01 Aug 2023 08:16:26 +0000
ROA not before: Tue 01 Aug 2023 08:16:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21217
IP address blocks: 185.254.152.0/24 maxlen: 24
185.254.152.0/22 maxlen: 24
185.254.154.0/24 maxlen: 24
185.254.155.0/24 maxlen: 24
185.247.8.0/22 maxlen: 24
185.254.153.0/24 maxlen: 24
80.80.224.0/21 maxlen: 24
80.80.232.0/22 maxlen: 24
80.80.236.0/23 maxlen: 24
80.80.238.0/24 maxlen: 24
185.169.92.0/22 maxlen: 24
2001:40c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:2b:7a:db:60:e6:ac:1e:90:83:13:8b:f3:8d:4a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faf814df8575986dd904a98687583c138768a114
Validity
Not Before: Aug 1 08:16:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74f73598b2890e5c96debf9f68d96797db5d989a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a3:fa:53:7a:22:47:b9:4a:a5:43:58:16:1e:
12:ab:09:bc:81:51:47:74:dc:70:12:4f:52:e2:cd:
02:f2:82:0f:60:c4:58:c5:83:63:be:b8:71:b0:a1:
a1:a3:40:68:52:e9:95:d1:63:33:20:3b:28:9c:27:
b4:00:a7:30:dd:a8:bb:4b:8a:a4:dc:ed:49:0a:1d:
d8:bb:c6:1d:f3:f8:be:3f:45:bb:b7:da:00:e4:86:
14:00:e5:89:90:23:cf:1c:39:df:d0:fb:61:5e:03:
bf:94:ab:0c:bf:18:51:55:c5:5e:60:d9:06:ce:38:
a1:ae:01:13:41:00:75:20:85:08:63:28:ad:b5:fb:
1b:0d:c6:9b:e2:55:c0:c7:bb:99:d3:b6:6a:7d:a3:
2c:5e:e0:6f:6c:76:d0:5b:36:f2:9c:f3:5a:1b:74:
ca:df:0c:56:c0:f4:f5:1a:56:29:3e:b1:4a:69:c9:
74:4b:88:0a:17:2d:bf:35:43:27:d9:17:a8:58:5a:
01:40:33:77:4a:77:48:2c:4c:29:b5:e4:81:5e:93:
ef:6c:2e:87:09:97:08:c5:50:5c:45:43:d7:2f:ad:
f5:33:d1:ec:89:2e:0c:15:8a:40:24:2e:c3:eb:90:
ac:fe:ee:6d:61:73:56:3a:00:a7:e9:09:83:b5:4f:
58:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F7:35:98:B2:89:0E:5C:96:DE:BF:9F:68:D9:67:97:DB:5D:98:9A
X509v3 Authority Key Identifier:
keyid:FA:F8:14:DF:85:75:98:6D:D9:04:A9:86:87:58:3C:13:87:68:A1:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/dPc1mLKJDlyW3r-faNlnl9tdmJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/6fbbed-871f-485b-ad1a-46269d17e9f1/1/1-vgU34V1mG3ZBKmGh1g8E4dooRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.80.224.0-80.80.238.255
185.169.92.0/22
185.247.8.0/22
185.254.152.0/22
IPv6:
2001:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
17:ca:47:de:76:42:0a:22:59:82:7c:ec:dd:83:b9:bb:f7:76:
fd:2c:c5:9b:5c:5b:f0:fa:3c:9b:00:66:1d:a8:dd:d2:d8:86:
b8:4d:f9:e2:dc:ea:9e:18:78:e7:7a:b9:ba:7c:4e:f5:a7:3c:
b7:1e:91:34:be:3e:0d:ce:aa:e3:5b:17:6b:ca:dd:5d:ca:13:
3d:88:b5:68:71:5e:10:3c:55:59:92:90:26:b7:1c:cd:0e:38:
e5:0e:e4:4f:1d:5a:82:37:64:27:cc:5b:80:3e:6c:79:63:36:
e3:20:7f:a6:a5:ed:54:db:51:9c:08:61:bf:cf:00:17:63:64:
13:68:bc:72:77:99:d1:02:74:49:59:8d:57:c3:92:d5:6a:d0:
ca:c7:55:b6:4d:57:0a:74:15:a1:02:03:7e:55:4f:ae:cd:f8:
86:12:40:6b:eb:45:88:74:96:55:bc:da:e6:e5:e3:61:af:4f:
b0:67:8a:24:88:39:8c:d8:91:35:cd:7d:9f:86:3b:69:00:1c:
36:b1:64:3d:6b:39:79:64:64:a5:b2:e7:7a:69:46:1e:f1:fa:
0c:5e:69:b1:a0:13:25:44:38:02:5a:9d:4a:c9:78:ca:ae:7c:
26:55:70:2c:49:8a:88:4e:5a:dc:25:8a:e9:c0:cb:1f:ff:3d:
ec:2f:51:14
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYmwK3rbYOasHpCDE4vzjUpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZjgxNGRmODU3NTk4NmRkOTA0YTk4Njg3NTgzYzEzODc2
OGExMTQwHhcNMjMwODAxMDgxNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY3MzU5OGIyODkwZTVjOTZkZWJmOWY2OGQ5Njc5N2RiNWQ5ODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKP6U3oiR7lKpUNYFh4Sqwm8gVFH
dNxwEk9S4s0C8oIPYMRYxYNjvrhxsKGho0BoUumV0WMzIDsonCe0AKcw3ai7S4qk
3O1JCh3Yu8Yd8/i+P0W7t9oA5IYUAOWJkCPPHDnf0PthXgO/lKsMvxhRVcVeYNkG
zjihrgETQQB1IIUIYyittfsbDcab4lXAx7uZ07ZqfaMsXuBvbHbQWzbynPNaG3TK
3wxWwPT1GlYpPrFKacl0S4gKFy2/NUMn2ReoWFoBQDN3SndILEwpteSBXpPvbC6H
CZcIxVBcRUPXL631M9HsiS4MFYpAJC7D65Cs/u5tYXNWOgCn6QmDtU9YfwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHT3NZiyiQ5clt6/n2jZZ5fbXZiaMB8GA1UdIwQY
MBaAFPr4FN+FdZht2QSphodYPBOHaKEUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS12Z1UzNFYxbUczWkJLbUdoMWc4RTRkb29SUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEvNmZiYmVkLTg3MWYtNDg1Yi1hZDFh
LTQ2MjY5ZDE3ZTlmMS8xL2RQYzFtTEtKRGx5VzNyLWZhTmxubDl0ZG1Kby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWEvNmZiYmVkLTg3MWYtNDg1Yi1hZDFhLTQ2MjY5ZDE3ZTlm
MS8xLzEtdmdVMzRWMW1HM1pCS21HaDFnOEU0ZG9vUlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSgYIKwYBBQUHAQcBAf8EOzA5MCYEAgABMCAwDAMEBVBQ
4AMEAFBQ7gMEArmpXAMEArn3CAMEArn+mDAPBAIAAjAJAwcAIAFAwAAAMA0GCSqG
SIb3DQEBCwUAA4IBAQAXykfedkIKIlmCfOzdg7m793b9LMWbXFvw+jybAGYdqN3S
2Ia4Tfni3OqeGHjnerm6fE71pzy3HpE0vj4NzqrjWxdryt1dyhM9iLVocV4QPFVZ
kpAmtxzNDjjlDuRPHVqCN2QnzFuAPmx5YzbjIH+mpe1U21GcCGG/zwAXY2QTaLxy
d5nRAnRJWY1Xw5LVatDKx1W2TVcKdBWhAgN+VU+uzfiGEkBr60WIdJZVvNrm5eNh
r0+wZ4okiDmM2JE1zX2fhjtpABw2sWQ9azl5ZGSlsud6aUYe8foMXmmxoBMlRDgC
Wp1KyXjKrnwmVXAsSYqITlrcJYrpwMsf/z3sL1EU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:03 2025 by rpki-client