Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/28a5f9-9071-4459-9829-55795c26eaca/1/sW1plBv5HAbE4yD3fAwqs7tXN9Y.roa
File: sW1plBv5HAbE4yD3fAwqs7tXN9Y.roa (raw, json)
Hash identifier: Ctz8hCy1MHTkbDXrXz4xQUMpDWs8yFRKPkcVHGEQAPY=
Subject key identifier: B1:6D:69:94:1B:F9:1C:06:C4:E3:20:F7:7C:0C:2A:B3:BB:57:37:D6
Certificate issuer: /CN=4f525c4cbac8d7d9733245876a5cabe6b35e2fe9
Certificate serial: 4717ED
Authority key identifier: 4F:52:5C:4C:BA:C8:D7:D9:73:32:45:87:6A:5C:AB:E6:B3:5E:2F:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T1JcTLrI19lzMkWHalyr5rNeL-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/28a5f9-9071-4459-9829-55795c26eaca/1/sW1plBv5HAbE4yD3fAwqs7tXN9Y.roa
Signing time: Sat 01 Jan 2022 01:58:36 +0000
ROA not before: Sat 01 Jan 2022 01:58:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43645
IP address blocks: 185.80.252.0/22 maxlen: 22
185.80.255.0/24 maxlen: 24
2a05:8380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4659181 (0x4717ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f525c4cbac8d7d9733245876a5cabe6b35e2fe9
Validity
Not Before: Jan 1 01:58:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b16d69941bf91c06c4e320f77c0c2ab3bb5737d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e5:3d:1c:7f:e4:fc:ea:fe:89:07:ab:a6:1f:
f7:05:5b:bd:c0:c1:23:ef:2e:8c:fd:19:74:e5:1c:
be:0a:07:f3:19:ff:c2:f7:af:5e:22:5c:75:29:08:
70:dc:75:3a:b7:7f:f8:9c:dc:11:22:67:18:32:07:
45:04:38:c0:06:6a:d7:2c:bd:b2:a9:7e:ef:32:32:
70:e7:59:ad:0a:ca:2a:26:bc:e4:6b:67:5c:f3:7e:
f1:4f:ad:90:6e:ce:68:fd:4d:12:32:87:38:bd:af:
c3:ab:df:47:66:6e:26:b7:db:80:12:06:84:e6:66:
7b:22:7f:c1:b1:d1:48:de:9d:00:8e:6d:82:4a:da:
2e:cd:21:39:b7:6c:c6:57:df:61:30:7d:24:b9:3c:
1b:39:64:73:39:2b:ec:f9:3c:71:e2:44:f5:f8:55:
a8:33:9b:e3:c9:f5:9e:f4:a3:a3:5e:f5:38:be:d8:
f2:b7:d3:a8:0c:aa:94:cb:82:bb:6c:90:4b:9a:6a:
21:33:77:0a:8f:53:da:b9:dd:7a:7a:f3:ba:6e:b0:
bf:fb:f8:cd:86:dd:59:8b:2f:f5:f1:b4:5f:97:12:
4e:89:70:db:b8:cb:16:30:fe:04:91:d3:c8:58:0c:
00:e8:1a:0a:6d:55:78:81:90:5e:ee:c4:e8:33:15:
92:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:6D:69:94:1B:F9:1C:06:C4:E3:20:F7:7C:0C:2A:B3:BB:57:37:D6
X509v3 Authority Key Identifier:
keyid:4F:52:5C:4C:BA:C8:D7:D9:73:32:45:87:6A:5C:AB:E6:B3:5E:2F:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T1JcTLrI19lzMkWHalyr5rNeL-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/28a5f9-9071-4459-9829-55795c26eaca/1/sW1plBv5HAbE4yD3fAwqs7tXN9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/28a5f9-9071-4459-9829-55795c26eaca/1/T1JcTLrI19lzMkWHalyr5rNeL-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.252.0/22
IPv6:
2a05:8380::/29
Signature Algorithm: sha256WithRSAEncryption
60:8f:0a:78:de:f8:33:5a:b1:69:5c:6b:e7:08:a5:ba:5f:74:
78:b4:4a:96:2a:da:71:df:69:18:f5:2d:3a:75:d6:f9:c2:ea:
83:e9:3d:c8:73:99:65:d7:aa:8c:c2:1f:89:df:42:67:0e:96:
92:81:93:ad:9d:11:3a:e0:03:aa:32:da:7c:5e:94:43:a5:0e:
fe:75:70:f7:e5:33:5d:18:84:c5:a6:1b:6e:fe:93:21:cb:d5:
82:e1:78:d6:07:e9:82:d0:c7:69:f5:ce:ea:4b:6a:92:64:72:
8a:d1:38:13:e8:bb:15:5e:ef:3e:0d:6f:f2:fe:9a:d8:60:a0:
2e:98:57:c8:be:7d:39:82:83:3f:44:61:06:2a:4a:82:2b:76:
6e:93:6f:76:f3:bd:a4:ea:80:9d:10:83:48:35:5d:8d:d4:d2:
58:e6:2b:b3:6c:db:07:7b:62:be:93:e1:1f:d3:36:a7:34:56:
0c:9e:1d:fe:68:f6:a8:7a:f6:f7:78:9b:07:6d:8a:70:dc:fc:
77:e7:47:3c:c6:2b:76:fd:51:2a:10:59:34:d3:fa:ad:be:2c:
ff:0c:75:53:29:bb:6c:36:de:7a:7f:97:a2:5f:2d:d6:1a:cf:
dc:8c:76:58:cd:f3:08:00:f7:a8:1c:57:fb:f5:de:96:7d:02:
1a:e2:05:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDRxftMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
NTI1YzRjYmFjOGQ3ZDk3MzMyNDU4NzZhNWNhYmU2YjM1ZTJmZTkwHhcNMjIwMTAx
MDE1ODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiMTZkNjk5NDFiZjkx
YzA2YzRlMzIwZjc3YzBjMmFiM2JiNTczN2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAluU9HH/k/Or+iQerph/3BVu9wMEj7y6M/Rl05Ry+CgfzGf/C
969eIlx1KQhw3HU6t3/4nNwRImcYMgdFBDjABmrXLL2yqX7vMjJw51mtCsoqJrzk
a2dc837xT62Qbs5o/U0SMoc4va/Dq99HZm4mt9uAEgaE5mZ7In/BsdFI3p0Ajm2C
StouzSE5t2zGV99hMH0kuTwbOWRzOSvs+Txx4kT1+FWoM5vjyfWe9KOjXvU4vtjy
t9OoDKqUy4K7bJBLmmohM3cKj1Paud16evO6brC/+/jNht1Ziy/18bRflxJOiXDb
uMsWMP4EkdPIWAwA6BoKbVV4gZBe7sToMxWS0QIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFLFtaZQb+RwGxOMg93wMKrO7VzfWMB8GA1UdIwQYMBaAFE9SXEy6yNfZczJF
h2pcq+azXi/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VDFKY1RMckkxOWx6TWtXSGFseXI1ck5lTC1rLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNS8yOGE1ZjktOTA3MS00NDU5LTk4MjktNTU3OTVjMjZlYWNhLzEv
c1cxcGxCdjVIQWJFNHlEM2ZBd3FzN3RYTjlZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8y
OGE1ZjktOTA3MS00NDU5LTk4MjktNTU3OTVjMjZlYWNhLzEvVDFKY1RMckkxOWx6
TWtXSGFseXI1ck5lTC1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVD8MA0EAgACMAcDBQMqBYOAMA0G
CSqGSIb3DQEBCwUAA4IBAQBgjwp43vgzWrFpXGvnCKW6X3R4tEqWKtpx32kY9S06
ddb5wuqD6T3Ic5ll16qMwh+J30JnDpaSgZOtnRE64AOqMtp8XpRDpQ7+dXD35TNd
GITFphtu/pMhy9WC4XjWB+mC0Mdp9c7qS2qSZHKK0TgT6LsVXu8+DW/y/prYYKAu
mFfIvn05goM/RGEGKkqCK3Zuk292872k6oCdEININV2N1NJY5iuzbNsHe2K+k+Ef
0zanNFYMnh3+aPaoevb3eJsHbYpw3Px350c8xit2/VEqEFk00/qtviz/DHVTKbts
Nt56f5eiXy3WGs/cjHZYzfMIAPeoHFf79d6WfQIa4gXI
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:33 2025 by rpki-client