Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/vG98bloVTwWODUzExgJ65mYjEsY.roa
File: vG98bloVTwWODUzExgJ65mYjEsY.roa (raw, json)
Hash identifier: U4o4XgyW/dHOvzJIkdvREEUDj55I5fOdU2+h3FI5KTw=
Subject key identifier: BC:6F:7C:6E:5A:15:4F:05:8E:0D:4C:C4:C6:02:7A:E6:66:23:12:C6
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 01856F2FE37D602960231F5B589DEE32BB55
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/vG98bloVTwWODUzExgJ65mYjEsY.roa
Signing time: Sun 01 Jan 2023 21:14:47 +0000
ROA not before: Sun 01 Jan 2023 21:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199296
IP address blocks: 80.94.19.0/24 maxlen: 24
80.94.23.0/24 maxlen: 24
80.94.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e3:7d:60:29:60:23:1f:5b:58:9d:ee:32:bb:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 1 21:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc6f7c6e5a154f058e0d4cc4c6027ae6662312c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:75:49:4d:41:16:97:85:bf:ea:02:f5:46:94:
5b:48:3d:2b:7c:6a:60:1d:ef:dc:f7:7e:94:c3:7f:
ec:12:44:6a:c5:ca:ec:45:41:fd:ae:9d:62:0b:d6:
32:bb:5b:a3:86:07:c3:96:45:7a:36:75:55:b0:04:
18:0d:46:a3:4d:81:87:d6:f1:f1:13:f0:5b:6e:b0:
3b:57:77:02:a0:ff:81:7a:09:55:02:24:12:98:11:
d9:bf:7f:96:4c:ef:29:9e:5a:7e:ef:e9:63:5b:71:
f6:ca:79:d3:c0:7c:69:da:4c:56:f2:66:82:eb:44:
97:51:7f:38:90:76:e7:10:62:e8:c1:27:d4:56:96:
ad:d9:05:12:d1:48:55:2f:38:40:42:94:e6:75:b9:
1d:28:96:56:8b:6a:c5:44:5c:8b:db:a4:a9:f5:66:
b4:63:83:59:e9:70:a5:ee:e1:3e:35:42:49:6c:30:
bb:94:a1:1e:80:6b:95:f9:28:06:81:1e:47:50:ff:
ab:93:ca:bd:59:40:e7:3d:d6:cc:22:cc:52:d3:ec:
dc:0f:7d:b4:2c:8f:4c:72:b2:37:9c:02:f4:52:cb:
f0:4e:fb:e0:66:0e:6e:99:7e:12:50:04:e8:a2:b1:
7b:05:25:8d:2a:20:bb:32:9c:be:63:df:c5:4b:5c:
cf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:6F:7C:6E:5A:15:4F:05:8E:0D:4C:C4:C6:02:7A:E6:66:23:12:C6
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/vG98bloVTwWODUzExgJ65mYjEsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.19.0/24
80.94.23.0-80.94.24.255
Signature Algorithm: sha256WithRSAEncryption
16:34:d9:5b:3e:17:57:08:ab:13:b2:df:c4:ce:54:71:05:06:
1d:91:c4:1e:66:bc:b1:d9:c7:1b:d5:cc:68:f8:a3:79:7a:d3:
69:b9:3a:7f:29:78:6d:c8:c8:f3:21:98:fd:b4:35:40:4e:08:
23:11:75:98:fe:6d:b9:6a:ab:a0:ad:ce:82:ba:67:ff:9a:cb:
c6:17:52:cc:6e:55:68:ec:8b:a5:d9:3f:c9:bc:a4:ca:98:1e:
17:b8:6f:a5:d9:a6:cd:67:70:6b:23:bd:69:13:c0:74:40:78:
bb:c9:97:e0:63:04:cc:fd:55:3a:31:8c:13:cd:0f:0c:bd:ab:
6c:ce:8d:95:f1:d0:c5:e9:40:93:ec:1d:48:66:5d:9f:a7:db:
4d:15:73:fd:2b:6e:57:58:fc:a4:aa:86:80:21:d7:b9:22:25:
fe:97:0e:99:bc:cf:09:b1:cc:87:42:07:a4:7e:11:43:82:45:
48:0f:2e:7c:c6:e4:4e:ff:1a:a0:2d:25:91:e3:34:13:6a:6d:
25:ad:94:00:13:fe:1e:bd:21:91:b9:c2:94:7d:d5:9e:78:dd:
d9:29:fa:36:9d:50:a9:bb:8b:8f:e4:42:1d:63:c1:67:26:7e:
77:2a:dd:37:d4:67:dc:d3:83:61:60:b2:b8:eb:59:84:c6:1d:
f7:aa:a8:8c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvL+N9YClgIx9bWJ3uMrtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjMwMTAxMjExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzZmN2M2ZTVhMTU0ZjA1OGUwZDRjYzRjNjAyN2FlNjY2MjMxMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnVJTUEWl4W/6gL1RpRbSD0rfGpg
He/c936Uw3/sEkRqxcrsRUH9rp1iC9Yyu1ujhgfDlkV6NnVVsAQYDUajTYGH1vHx
E/BbbrA7V3cCoP+BeglVAiQSmBHZv3+WTO8pnlp+7+ljW3H2ynnTwHxp2kxW8maC
60SXUX84kHbnEGLowSfUVpat2QUS0UhVLzhAQpTmdbkdKJZWi2rFRFyL26Sp9Wa0
Y4NZ6XCl7uE+NUJJbDC7lKEegGuV+SgGgR5HUP+rk8q9WUDnPdbMIsxS0+zcD320
LI9McrI3nAL0UsvwTvvgZg5umX4SUAToorF7BSWNKiC7Mpy+Y9/FS1zPHwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLxvfG5aFU8Fjg1MxMYCeuZmIxLGMB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvdkc5OGJsb1ZUd1dPRFV6RXhnSjY1bVlqRXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAUF4TMAwD
BABQXhcDBABQXhgwDQYJKoZIhvcNAQELBQADggEBABY02Vs+F1cIqxOy38TOVHEF
Bh2RxB5mvLHZxxvVzGj4o3l602m5On8peG3IyPMhmP20NUBOCCMRdZj+bblqq6Ct
zoK6Z/+ay8YXUsxuVWjsi6XZP8m8pMqYHhe4b6XZps1ncGsjvWkTwHRAeLvJl+Bj
BMz9VToxjBPNDwy9q2zOjZXx0MXpQJPsHUhmXZ+n200Vc/0rbldY/KSqhoAh17ki
Jf6XDpm8zwmxzIdCB6R+EUOCRUgPLnzG5E7/GqAtJZHjNBNqbSWtlAAT/h69IZG5
wpR91Z543dkp+jadUKm7i4/kQh1jwWcmfncq3TfUZ9zTg2FgsrjrWYTGHfeqqIw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:11 2025 by rpki-client