Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/608fdb-a406-4b85-b14a-d2441e8f6c7a/1/yW86IhaUKwGVQd4RtzNinE31j70.roa
File: yW86IhaUKwGVQd4RtzNinE31j70.roa (raw, json)
Hash identifier: L0s63qorV1ZLD2DRoSkz8vWDV6ZcYqOqazIkwMYbzYQ=
Subject key identifier: C9:6F:3A:22:16:94:2B:01:95:41:DE:11:B7:33:62:9C:4D:F5:8F:BD
Certificate issuer: /CN=b4f82c8efde34bd99e44eaf0731b6c525b454a19
Certificate serial: 01856DEF5FC1300EDB9C91566DF5B75263BA
Authority key identifier: B4:F8:2C:8E:FD:E3:4B:D9:9E:44:EA:F0:73:1B:6C:52:5B:45:4A:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPgsjv3jS9meROrwcxtsUltFShk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/608fdb-a406-4b85-b14a-d2441e8f6c7a/1/yW86IhaUKwGVQd4RtzNinE31j70.roa
Signing time: Sun 01 Jan 2023 15:24:42 +0000
ROA not before: Sun 01 Jan 2023 15:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34500
IP address blocks: 80.73.16.0/20 maxlen: 20
80.73.16.0/21 maxlen: 21
80.73.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:5f:c1:30:0e:db:9c:91:56:6d:f5:b7:52:63:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f82c8efde34bd99e44eaf0731b6c525b454a19
Validity
Not Before: Jan 1 15:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c96f3a2216942b019541de11b733629c4df58fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cd:ee:e6:88:06:23:2e:60:33:74:13:13:61:
0f:44:ab:31:49:42:d1:c8:cc:c3:32:5a:a9:2e:ab:
26:c9:18:85:62:80:61:b7:52:2d:c1:26:5e:55:bd:
f6:7c:e3:ec:ee:fe:12:77:31:3a:39:3d:9a:91:7b:
e1:4c:62:72:b4:5c:fe:79:23:14:29:d0:f9:b9:82:
24:26:0c:e3:c0:26:1a:b1:c0:12:65:fa:76:d1:cc:
a5:ac:d9:76:a7:70:56:b9:53:77:19:4c:e8:0a:79:
54:77:7d:1e:3e:b5:ba:65:a2:5e:c1:03:34:b2:0e:
c3:10:ee:01:a4:aa:94:7e:3c:c0:ea:7a:73:8e:14:
d0:13:97:70:60:ed:fb:ed:91:07:9a:3a:29:2d:b0:
96:95:87:e0:e0:84:52:02:58:6e:00:c6:02:8c:37:
79:20:cb:a5:0f:ae:ec:0d:32:91:90:10:10:cd:f2:
5e:96:15:6e:ce:0c:ca:78:41:93:11:dd:7b:78:ec:
93:27:77:f2:98:2e:24:93:01:c1:3f:8b:3a:0e:9b:
d7:c0:b1:74:44:af:a9:da:96:81:a9:51:1a:bc:da:
d1:d8:42:b3:44:ca:9c:19:c8:e7:c9:f7:4d:bb:74:
0b:cc:91:95:c4:dd:86:07:b2:db:d8:78:fd:53:e8:
0f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:6F:3A:22:16:94:2B:01:95:41:DE:11:B7:33:62:9C:4D:F5:8F:BD
X509v3 Authority Key Identifier:
keyid:B4:F8:2C:8E:FD:E3:4B:D9:9E:44:EA:F0:73:1B:6C:52:5B:45:4A:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPgsjv3jS9meROrwcxtsUltFShk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/608fdb-a406-4b85-b14a-d2441e8f6c7a/1/yW86IhaUKwGVQd4RtzNinE31j70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/608fdb-a406-4b85-b14a-d2441e8f6c7a/1/tPgsjv3jS9meROrwcxtsUltFShk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.16.0/20
Signature Algorithm: sha256WithRSAEncryption
57:b9:54:4e:7f:e5:d6:9d:ca:d9:28:d5:e6:f2:70:6b:9a:68:
f3:3d:fa:59:be:22:a1:c6:42:0a:f8:5e:0a:37:73:42:0f:c7:
59:96:50:46:eb:19:8e:4a:09:77:ba:f7:14:46:8a:e6:61:4c:
5f:16:83:48:b6:32:73:28:e5:30:6f:1c:07:cc:d2:a0:c7:5c:
cb:3f:82:17:54:d1:43:0a:55:30:26:19:28:91:5e:79:0c:de:
a4:3c:c6:af:ad:d5:bd:e1:42:8b:e8:75:d0:ba:12:9d:93:99:
b5:64:21:cf:8b:a5:35:15:ee:03:67:ff:01:b3:16:40:9a:ba:
1a:cc:00:ab:24:40:ec:98:06:a4:f9:da:e2:39:98:c8:5e:3a:
6c:33:9c:1e:4b:72:14:99:ff:27:e5:3c:83:36:0e:64:41:60:
04:b2:14:be:4e:e9:9a:00:ab:31:02:a5:08:14:0d:54:3f:fe:
92:e4:d1:30:a7:e1:22:16:58:7b:0e:0f:ed:5a:20:89:56:59:
e7:bc:a4:32:2b:e6:b8:5d:75:a0:69:05:0e:b2:13:24:d0:af:
e2:b9:62:53:dd:74:0a:89:a5:39:0a:7e:ae:fd:81:cb:14:65:
ca:bb:ee:eb:ac:66:2e:e2:de:a1:8a:28:68:dc:66:1a:28:ce:
63:17:da:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt71/BMA7bnJFWbfW3UmO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZjgyYzhlZmRlMzRiZDk5ZTQ0ZWFmMDczMWI2YzUyNWI0
NTRhMTkwHhcNMjMwMTAxMTUyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTZmM2EyMjE2OTQyYjAxOTU0MWRlMTFiNzMzNjI5YzRkZjU4ZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM3u5ogGIy5gM3QTE2EPRKsxSULR
yMzDMlqpLqsmyRiFYoBht1ItwSZeVb32fOPs7v4SdzE6OT2akXvhTGJytFz+eSMU
KdD5uYIkJgzjwCYascASZfp20cylrNl2p3BWuVN3GUzoCnlUd30ePrW6ZaJewQM0
sg7DEO4BpKqUfjzA6npzjhTQE5dwYO377ZEHmjopLbCWlYfg4IRSAlhuAMYCjDd5
IMulD67sDTKRkBAQzfJelhVuzgzKeEGTEd17eOyTJ3fymC4kkwHBP4s6DpvXwLF0
RK+p2paBqVEavNrR2EKzRMqcGcjnyfdNu3QLzJGVxN2GB7Lb2Hj9U+gPVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMlvOiIWlCsBlUHeEbczYpxN9Y+9MB8GA1UdIwQY
MBaAFLT4LI7940vZnkTq8HMbbFJbRUoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBnc2p2M2pTOW1lUk9yd2N4dHNVbHRGU2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82MDhmZGItYTQwNi00Yjg1LWIxNGEt
ZDI0NDFlOGY2YzdhLzEveVc4NkloYVVLd0dWUWQ0UnR6TmluRTMxajcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82MDhmZGItYTQwNi00Yjg1LWIxNGEtZDI0NDFlOGY2Yzdh
LzEvdFBnc2p2M2pTOW1lUk9yd2N4dHNVbHRGU2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUEkQMA0G
CSqGSIb3DQEBCwUAA4IBAQBXuVROf+XWncrZKNXm8nBrmmjzPfpZviKhxkIK+F4K
N3NCD8dZllBG6xmOSgl3uvcURormYUxfFoNItjJzKOUwbxwHzNKgx1zLP4IXVNFD
ClUwJhkokV55DN6kPMavrdW94UKL6HXQuhKdk5m1ZCHPi6U1Fe4DZ/8BsxZAmroa
zACrJEDsmAak+driOZjIXjpsM5weS3IUmf8n5TyDNg5kQWAEshS+TumaAKsxAqUI
FA1UP/6S5NEwp+EiFlh7Dg/tWiCJVlnnvKQyK+a4XXWgaQUOshMk0K/iuWJT3XQK
iaU5Cn6u/YHLFGXKu+7rrGYu4t6hiiho3GYaKM5jF9pC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:10 2025 by rpki-client