Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/cdFk2bZG4lDvGsW1TddNyk-wyGI.roa
File: cdFk2bZG4lDvGsW1TddNyk-wyGI.roa (raw, json)
Hash identifier: dbPOuPKCTrAdf6KcR/TNOR0vhn95DUvy/KrwZ1XUtm4=
Subject key identifier: 71:D1:64:D9:B6:46:E2:50:EF:1A:C5:B5:4D:D7:4D:CA:4F:B0:C8:62
Certificate issuer: /CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Certificate serial: 0185A5522F4EDBAA4DC7EB49938095FDCF69
Authority key identifier: C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/cdFk2bZG4lDvGsW1TddNyk-wyGI.roa
Signing time: Thu 12 Jan 2023 09:31:44 +0000
ROA not before: Thu 12 Jan 2023 09:31:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 213.191.224.0/19 maxlen: 24
95.83.192.0/18 maxlen: 24
95.83.196.0/22 maxlen: 24
95.83.196.0/23 maxlen: 24
89.204.160.0/19 maxlen: 24
31.200.128.0/18 maxlen: 24
95.83.229.0/24 maxlen: 24
62.40.32.0/19 maxlen: 24
89.204.192.0/18 maxlen: 24
92.251.240.0/21 maxlen: 24
80.233.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:52:2f:4e:db:aa:4d:c7:eb:49:93:80:95:fd:cf:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Validity
Not Before: Jan 12 09:31:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71d164d9b646e250ef1ac5b54dd74dca4fb0c862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:78:97:92:c3:41:c0:5b:2f:77:93:1b:cb:e7:
f2:0c:94:28:7e:58:42:13:19:fc:20:72:89:bd:97:
6f:13:ba:a6:6a:3b:05:1e:e0:18:66:cc:e2:ae:dc:
9c:41:51:a2:ea:ef:09:35:c9:f2:6c:7e:33:c0:45:
81:92:3d:51:28:c0:57:72:ca:62:45:ef:65:9c:73:
da:75:f9:42:37:ee:ce:e4:06:62:53:e0:30:fb:93:
20:5a:d4:c1:84:01:1b:16:94:eb:68:ee:da:8e:8d:
91:8d:e6:34:51:f8:39:ac:53:3f:45:ea:e0:ae:b7:
f2:5f:86:ac:64:f7:b4:a5:68:64:c5:18:55:5c:b9:
ff:47:80:4f:16:22:a1:ca:51:0f:ac:8a:66:d1:7e:
b2:ae:04:45:be:db:ba:2c:2e:66:c5:48:f2:d3:a3:
72:64:5b:8c:51:22:45:11:db:2c:d6:ad:49:be:d8:
57:03:a0:da:2a:e4:b8:5a:96:0f:81:26:8d:19:19:
20:9c:9c:5a:88:9c:7e:7b:f2:f8:4d:6f:9d:85:82:
46:99:6a:d3:ad:e8:fa:e6:f4:16:81:32:7a:48:56:
ac:a2:65:42:81:fb:ab:f7:3e:5e:85:78:2e:a5:74:
10:2f:40:46:d0:fc:c6:c5:f4:e3:0d:17:e1:44:9d:
c7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D1:64:D9:B6:46:E2:50:EF:1A:C5:B5:4D:D7:4D:CA:4F:B0:C8:62
X509v3 Authority Key Identifier:
keyid:C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/cdFk2bZG4lDvGsW1TddNyk-wyGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.128.0/18
62.40.32.0/19
80.233.0.0/17
89.204.160.0-89.204.255.255
92.251.240.0/21
95.83.192.0/18
213.191.224.0/19
Signature Algorithm: sha256WithRSAEncryption
54:3d:92:56:cf:71:2b:a6:b3:ed:92:3a:d6:19:c6:3d:1e:64:
c2:5d:57:d1:af:7f:77:49:e5:2a:29:b1:d8:fe:35:70:82:ba:
06:1a:ef:b5:24:37:9b:af:bc:b1:3e:b9:70:26:bc:8c:e4:98:
64:6a:a1:20:37:9a:25:60:0f:89:00:93:a0:15:36:83:82:fb:
58:14:cc:91:d6:9d:94:19:54:2c:0c:e4:c7:2d:31:90:30:ec:
49:4f:d2:41:c1:69:9b:69:9f:ca:c3:d0:5a:ed:bc:b8:b6:e7:
ef:4f:d8:e2:3a:46:fb:fa:e7:94:a0:df:72:3b:22:17:90:a6:
ab:d9:bc:13:b6:51:9b:d6:8b:ad:f8:9d:8e:15:45:66:e7:b1:
7b:1a:21:05:b5:91:63:d4:bc:43:4e:c2:da:8c:d6:3d:c7:94:
0b:10:4a:00:d9:ee:20:6c:2b:e0:c8:58:b0:d4:4c:78:94:bf:
4a:d8:38:4d:20:d9:75:82:5b:f9:3a:e2:8f:b6:1c:6e:f5:15:
9b:4e:c8:9c:4a:b8:ce:fa:a2:e2:1b:cd:fc:ee:7a:45:8a:b7:
24:3d:46:63:10:a3:75:eb:8e:05:2e:b1:6c:05:ca:94:ff:f1:
18:e0:05:59:6e:93:ed:da:60:43:77:4c:b8:52:11:48:75:a3:
be:cd:01:48
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYWlUi9O26pNx+tJk4CV/c9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWNmMjYwZDIzMjYzYTdjNmJiNmM1OWMxOWVlYmM2NzU5
YjYwYmUwHhcNMjMwMTEyMDkzMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQxNjRkOWI2NDZlMjUwZWYxYWM1YjU0ZGQ3NGRjYTRmYjBjODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApniXksNBwFsvd5Mby+fyDJQoflhC
Exn8IHKJvZdvE7qmajsFHuAYZszirtycQVGi6u8JNcnybH4zwEWBkj1RKMBXcspi
Re9lnHPadflCN+7O5AZiU+Aw+5MgWtTBhAEbFpTraO7ajo2RjeY0Ufg5rFM/Rerg
rrfyX4asZPe0pWhkxRhVXLn/R4BPFiKhylEPrIpm0X6yrgRFvtu6LC5mxUjy06Ny
ZFuMUSJFEdss1q1JvthXA6DaKuS4WpYPgSaNGRkgnJxaiJx+e/L4TW+dhYJGmWrT
rej65vQWgTJ6SFasomVCgfur9z5ehXgupXQQL0BG0PzGxfTjDRfhRJ3H3QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFHHRZNm2RuJQ7xrFtU3XTcpPsMhiMB8GA1UdIwQY
MBaAFMGs8mDSMmOnxrtsWcGe68Z1m2C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEt
ZmZkNjQ2ZDA1ZjY3LzEvY2RGazJiWkc0bER2R3NXMVRkZE55ay13eUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEtZmZkNjQ2ZDA1ZjY3
LzEvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAATAxAwQGH8iAAwQF
PiggAwQHUOkAMAsDBAVZzKADAwBZzAMEA1z78AMEBl9TwAMEBdW/4DANBgkqhkiG
9w0BAQsFAAOCAQEAVD2SVs9xK6az7ZI61hnGPR5kwl1X0a9/d0nlKimx2P41cIK6
BhrvtSQ3m6+8sT65cCa8jOSYZGqhIDeaJWAPiQCToBU2g4L7WBTMkdadlBlULAzk
xy0xkDDsSU/SQcFpm2mfysPQWu28uLbn70/Y4jpG+/rnlKDfcjsiF5Cmq9m8E7ZR
m9aLrfidjhVFZuexexohBbWRY9S8Q07C2ozWPceUCxBKANnuIGwr4MhYsNRMeJS/
Stg4TSDZdYJb+Trij7YcbvUVm07InEq4zvqi4hvN/O56RYq3JD1GYxCjdeuOBS6x
bAXKlP/xGOAFWW6T7dpgQ3dMuFIRSHWjvs0BSA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:35:49 2025 by rpki-client