Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/P1N0YpK3GVYUdXZfEw-eoFyTAV8.roa
File: P1N0YpK3GVYUdXZfEw-eoFyTAV8.roa (raw, json)
Hash identifier: yBDQGKitpbjnysunClmiLnMfM9Z9k8t1oIMgFmITO5c=
Subject key identifier: 3F:53:74:62:92:B7:19:56:14:75:76:5F:13:0F:9E:A0:5C:93:01:5F
Certificate issuer: /CN=4e69b402b67d75936f45dc8bc54b86814e0636ba
Certificate serial: 01856DEF7CC8D00663920E5656CA31B7FB5E
Authority key identifier: 4E:69:B4:02:B6:7D:75:93:6F:45:DC:8B:C5:4B:86:81:4E:06:36:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/P1N0YpK3GVYUdXZfEw-eoFyTAV8.roa
Signing time: Sun 01 Jan 2023 15:24:49 +0000
ROA not before: Sun 01 Jan 2023 15:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 80.89.160.0/20 maxlen: 20
80.94.208.0/20 maxlen: 20
88.83.128.0/19 maxlen: 19
2a00:6e80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:7c:c8:d0:06:63:92:0e:56:56:ca:31:b7:fb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e69b402b67d75936f45dc8bc54b86814e0636ba
Validity
Not Before: Jan 1 15:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f53746292b719561475765f130f9ea05c93015f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8b:ac:76:dc:8e:5c:59:80:62:72:40:e6:5a:
ef:15:38:53:8a:4e:9e:f6:0f:a2:36:59:95:ff:c3:
1c:6c:06:2d:40:93:e1:29:44:12:c3:0e:3e:04:a5:
34:68:f9:c7:13:fb:62:6d:57:66:0c:7c:d9:99:43:
5b:6e:d8:bd:de:0f:80:4e:27:70:47:71:de:ef:26:
fe:5e:65:3d:59:32:47:5c:6b:d6:af:20:93:51:17:
10:1c:90:d9:e2:97:35:28:16:77:e0:c5:13:41:b8:
a5:c8:61:a2:78:5c:4a:44:3f:58:d2:4a:56:59:5c:
83:31:e2:2f:e0:c6:56:7e:43:b1:52:63:35:06:31:
dd:ef:5f:6c:20:dc:37:90:2d:43:fc:71:66:f1:05:
1d:d6:5c:5b:f3:57:b6:cd:fd:be:79:cb:89:29:bf:
fe:7e:e3:35:fd:00:bc:70:4c:5e:15:10:32:3d:ad:
ef:52:55:20:46:12:42:79:0f:a4:4d:3c:cb:47:a8:
44:bb:20:96:1f:10:bb:b3:61:36:12:62:9a:32:1b:
5f:9c:03:7e:17:f1:31:24:95:ca:d2:2e:40:01:4c:
ef:d7:48:b7:63:af:21:77:d2:a5:fb:1f:42:1d:79:
3f:a6:6c:75:e2:e1:ac:48:a1:e4:92:ec:d3:7a:07:
76:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:53:74:62:92:B7:19:56:14:75:76:5F:13:0F:9E:A0:5C:93:01:5F
X509v3 Authority Key Identifier:
keyid:4E:69:B4:02:B6:7D:75:93:6F:45:DC:8B:C5:4B:86:81:4E:06:36:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/P1N0YpK3GVYUdXZfEw-eoFyTAV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.160.0/20
80.94.208.0/20
88.83.128.0/19
IPv6:
2a00:6e80::/32
Signature Algorithm: sha256WithRSAEncryption
6a:c9:3b:31:76:43:5c:c7:b8:4d:79:cb:8d:02:86:74:ed:86:
33:90:64:41:16:7d:93:27:da:b6:16:a2:2d:82:c7:c6:83:a4:
06:54:bc:32:8d:a9:74:de:5a:0f:5e:70:19:8a:7b:28:a2:b0:
5c:91:17:45:0f:3e:40:0e:34:1b:f0:e2:69:7f:eb:4b:d9:24:
e1:7e:42:a2:5a:96:55:2b:e2:62:02:91:3f:2d:1f:cb:69:6c:
5d:5c:ea:80:7a:f2:aa:f3:9d:13:43:3c:46:af:97:9e:57:4c:
8e:5c:ab:0c:55:b4:6a:ad:14:d1:1b:bd:c7:cd:ce:dd:ee:cb:
80:46:9f:68:1a:bc:23:4f:7c:41:2a:e4:b2:31:91:75:42:82:
94:98:0d:57:21:5d:d6:36:be:11:4b:36:dd:e9:cd:ce:ce:64:
83:55:5c:ca:5c:2a:7f:d0:9b:ec:b7:21:ae:c2:af:94:26:a5:
92:ac:75:4f:71:ae:9b:c6:dd:c9:bb:00:b1:90:e9:a8:22:07:
5e:5f:8f:07:25:1d:07:c8:82:0c:fc:8e:6d:39:49:75:6b:8a:
f1:71:98:62:df:d0:f7:6f:4d:22:18:b7:e5:f6:af:38:36:d8:
fc:51:69:78:96:1f:1c:ae:c3:1f:c0:b7:9b:22:27:c0:53:e0:
0b:d5:de:7d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVt73zI0AZjkg5WVsoxt/teMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNjliNDAyYjY3ZDc1OTM2ZjQ1ZGM4YmM1NGI4NjgxNGUw
NjM2YmEwHhcNMjMwMTAxMTUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUzNzQ2MjkyYjcxOTU2MTQ3NTc2NWYxMzBmOWVhMDVjOTMwMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4usdtyOXFmAYnJA5lrvFThTik6e
9g+iNlmV/8McbAYtQJPhKUQSww4+BKU0aPnHE/tibVdmDHzZmUNbbti93g+ATidw
R3He7yb+XmU9WTJHXGvWryCTURcQHJDZ4pc1KBZ34MUTQbilyGGieFxKRD9Y0kpW
WVyDMeIv4MZWfkOxUmM1BjHd719sINw3kC1D/HFm8QUd1lxb81e2zf2+ecuJKb/+
fuM1/QC8cExeFRAyPa3vUlUgRhJCeQ+kTTzLR6hEuyCWHxC7s2E2EmKaMhtfnAN+
F/ExJJXK0i5AAUzv10i3Y68hd9Kl+x9CHXk/pmx14uGsSKHkkuzTegd26QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD9TdGKStxlWFHV2XxMPnqBckwFfMB8GA1UdIwQY
MBaAFE5ptAK2fXWTb0Xci8VLhoFOBja6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG1tMEFyWjlkWk52UmR5THhVdUdnVTRHTnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82ODlhYjUtMzBkMi00NmEzLThjNTQt
MTZiNDE5NmZhMjk0LzEvUDFOMFlwSzNHVllVZFhaZkV3LWVvRnlUQVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82ODlhYjUtMzBkMi00NmEzLThjNTQtMTZiNDE5NmZhMjk0
LzEvVG1tMEFyWjlkWk52UmR5THhVdUdnVTRHTnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUFmgAwQE
UF7QAwQFWFOAMA0EAgACMAcDBQAqAG6AMA0GCSqGSIb3DQEBCwUAA4IBAQBqyTsx
dkNcx7hNecuNAoZ07YYzkGRBFn2TJ9q2FqItgsfGg6QGVLwyjal03loPXnAZinso
orBckRdFDz5ADjQb8OJpf+tL2SThfkKiWpZVK+JiApE/LR/LaWxdXOqAevKq850T
QzxGr5eeV0yOXKsMVbRqrRTRG73Hzc7d7suARp9oGrwjT3xBKuSyMZF1QoKUmA1X
IV3WNr4RSzbd6c3OzmSDVVzKXCp/0JvstyGuwq+UJqWSrHVPca6bxt3JuwCxkOmo
IgdeX48HJR0HyIIM/I5tOUl1a4rxcZhi39D3b00iGLfl9q84Ntj8UWl4lh8crsMf
wLebIifAU+AL1d59
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:19:22 2025 by rpki-client