Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/W2WdySk_4vnJqOnP_-xfNLsYJEA.roa
File: W2WdySk_4vnJqOnP_-xfNLsYJEA.roa (raw, json)
Hash identifier: s6AQ/rR46thSVUNVmhYBwXp1UC0S2yLFpm5ROYrAZaI=
Subject key identifier: 5B:65:9D:C9:29:3F:E2:F9:C9:A8:E9:CF:FF:EC:5F:34:BB:18:24:40
Certificate issuer: /CN=94dec641051b026b95c8459150ca47ddaec89668
Certificate serial: 01857343A3D91A248041180151E0714224E7
Authority key identifier: 94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/W2WdySk_4vnJqOnP_-xfNLsYJEA.roa
Signing time: Mon 02 Jan 2023 16:14:50 +0000
ROA not before: Mon 02 Jan 2023 16:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21282
IP address blocks: 80.241.4.0/24 maxlen: 24
80.241.0.0/20 maxlen: 20
80.241.1.0/24 maxlen: 24
80.241.2.0/24 maxlen: 24
2a01:7640::/64 maxlen: 64
2a01:7640::/38 maxlen: 38
2a01:7640:0:1::/64 maxlen: 64
2a01:7640::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:a3:d9:1a:24:80:41:18:01:51:e0:71:42:24:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94dec641051b026b95c8459150ca47ddaec89668
Validity
Not Before: Jan 2 16:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b659dc9293fe2f9c9a8e9cfffec5f34bb182440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:83:a3:64:52:d2:c2:df:14:04:2f:17:0a:53:
71:dc:e1:4f:2d:fe:60:cb:1f:ee:f3:0b:80:f9:2c:
85:f9:66:e6:2e:58:a3:03:16:30:b0:2b:a3:43:91:
cf:15:0b:7a:af:4a:53:e7:95:8d:2c:06:0e:29:1f:
3b:3d:90:27:35:be:c5:84:30:e2:67:ad:9e:ae:8f:
e5:e6:67:9a:1d:37:f9:ff:06:42:7d:25:04:0d:5b:
e1:0e:16:c6:14:0e:bf:92:c6:8d:96:ab:37:49:77:
67:cb:c4:7d:2c:96:0a:ca:66:7d:62:ba:7d:c1:12:
a9:68:1d:2c:6e:ef:0e:43:c0:95:86:af:72:90:d1:
ea:16:bd:1c:31:a1:d1:03:b7:d6:26:16:74:28:89:
f7:93:83:43:11:44:40:11:1b:5a:9f:ca:7f:48:66:
9f:8e:84:f1:54:19:33:6f:55:a9:43:36:ba:61:6a:
f8:0c:32:7f:a8:16:aa:0b:41:5b:f9:7d:d6:68:fb:
cd:11:14:7c:a8:14:8e:93:3c:d5:e2:24:d3:9d:79:
00:b3:19:95:cb:14:8c:5a:23:87:36:22:96:dd:8f:
91:98:23:dd:14:45:7b:0f:fc:26:cb:4f:9a:d3:4e:
aa:41:91:80:69:9d:64:5d:3f:f6:66:91:31:0e:25:
eb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:65:9D:C9:29:3F:E2:F9:C9:A8:E9:CF:FF:EC:5F:34:BB:18:24:40
X509v3 Authority Key Identifier:
keyid:94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/W2WdySk_4vnJqOnP_-xfNLsYJEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.241.0.0/20
IPv6:
2a01:7640::/38
Signature Algorithm: sha256WithRSAEncryption
09:f7:e4:f8:c6:ac:b7:1a:f0:0b:94:45:7f:91:3d:0c:22:1b:
e1:7d:05:76:27:93:67:87:3d:1b:47:13:50:33:0a:3d:da:f9:
59:1e:01:91:a8:d5:ea:d0:bb:65:8d:77:2c:63:97:34:d5:69:
ad:65:50:44:8e:cf:b4:2d:6d:d4:eb:a5:a2:55:4e:a3:f1:25:
41:71:41:2f:ba:c7:c7:9a:0b:5d:38:1d:ef:2f:4e:e0:57:60:
97:c0:6c:e6:22:24:94:34:eb:74:9f:d4:7a:25:87:1a:4a:a7:
bc:22:8a:33:6d:80:53:f0:f3:3a:84:6d:2f:fc:c4:92:9b:96:
71:d8:3e:ed:7b:f1:27:3f:7f:e2:e0:9b:43:b8:bd:98:00:45:
54:0f:f5:8c:48:b7:cc:59:76:88:6c:c9:86:17:65:b1:ff:fa:
7a:0c:df:59:b1:ad:85:da:a3:e2:04:13:ad:05:77:14:da:45:
0e:e4:0c:b6:8e:3c:50:93:70:d3:20:12:e0:70:70:67:14:5a:
b4:89:8e:9e:cd:86:7e:13:0a:6a:38:d6:3a:b8:96:09:14:a9:
07:d3:f5:ad:0a:de:68:74:06:a3:b6:87:49:fb:7f:1a:0f:54:
3c:01:9f:63:7b:c3:e2:61:ea:fb:b2:b8:fc:08:d2:dd:9f:1d:
0a:78:95:ea
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVzQ6PZGiSAQRgBUeBxQiTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZGVjNjQxMDUxYjAyNmI5NWM4NDU5MTUwY2E0N2RkYWVj
ODk2NjgwHhcNMjMwMTAyMTYxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjY1OWRjOTI5M2ZlMmY5YzlhOGU5Y2ZmZmVjNWYzNGJiMTgyNDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYOjZFLSwt8UBC8XClNx3OFPLf5g
yx/u8wuA+SyF+WbmLlijAxYwsCujQ5HPFQt6r0pT55WNLAYOKR87PZAnNb7FhDDi
Z62ero/l5meaHTf5/wZCfSUEDVvhDhbGFA6/ksaNlqs3SXdny8R9LJYKymZ9Yrp9
wRKpaB0sbu8OQ8CVhq9ykNHqFr0cMaHRA7fWJhZ0KIn3k4NDEURAERtan8p/SGaf
joTxVBkzb1WpQza6YWr4DDJ/qBaqC0Fb+X3WaPvNERR8qBSOkzzV4iTTnXkAsxmV
yxSMWiOHNiKW3Y+RmCPdFEV7D/wmy0+a006qQZGAaZ1kXT/2ZpExDiXrIQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFtlnckpP+L5yajpz//sXzS7GCRAMB8GA1UdIwQY
MBaAFJTexkEFGwJrlchFkVDKR92uyJZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYt
OWVhNjQ4NjJhOWFiLzEvVzJXZHlTa180dm5KcU9uUF8teGZOTHNZSkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYtOWVhNjQ4NjJhOWFi
LzEvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEUPEAMA4E
AgACMAgDBgIqAXZAADANBgkqhkiG9w0BAQsFAAOCAQEACffk+MastxrwC5RFf5E9
DCIb4X0FdieTZ4c9G0cTUDMKPdr5WR4BkajV6tC7ZY13LGOXNNVprWVQRI7PtC1t
1OulolVOo/ElQXFBL7rHx5oLXTgd7y9O4Fdgl8Bs5iIklDTrdJ/UeiWHGkqnvCKK
M22AU/DzOoRtL/zEkpuWcdg+7XvxJz9/4uCbQ7i9mABFVA/1jEi3zFl2iGzJhhdl
sf/6egzfWbGthdqj4gQTrQV3FNpFDuQMto48UJNw0yAS4HBwZxRatImOns2GfhMK
ajjWOriWCRSpB9P1rQreaHQGo7aHSft/Gg9UPAGfY3vD4mHq+7K4/AjS3Z8dCniV
6g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:12 2025 by rpki-client