Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c566c7-3cac-45a9-82a1-04b09057522f/1/Pb5qCYMvFtbMjzV9TLNcFaWAoJo.roa
File: Pb5qCYMvFtbMjzV9TLNcFaWAoJo.roa (raw, json)
Hash identifier: BaNSE5kWh0tAwuLxZIRfm3CfmFpAFyy3/IyM94X5eWg=
Subject key identifier: 3D:BE:6A:09:83:2F:16:D6:CC:8F:35:7D:4C:B3:5C:15:A5:80:A0:9A
Certificate issuer: /CN=a0af3d8551fbdd3b62f4ffdfd59cad4161e4471e
Certificate serial: 01892CA5FF895E91E00C320C04A820B39518
Authority key identifier: A0:AF:3D:85:51:FB:DD:3B:62:F4:FF:DF:D5:9C:AD:41:61:E4:47:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oK89hVH73Tti9P_f1ZytQWHkRx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c566c7-3cac-45a9-82a1-04b09057522f/1/Pb5qCYMvFtbMjzV9TLNcFaWAoJo.roa
Signing time: Thu 06 Jul 2023 19:20:23 +0000
ROA not before: Thu 06 Jul 2023 19:20:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202973
IP address blocks: 185.80.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2c:a5:ff:89:5e:91:e0:0c:32:0c:04:a8:20:b3:95:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0af3d8551fbdd3b62f4ffdfd59cad4161e4471e
Validity
Not Before: Jul 6 19:20:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3dbe6a09832f16d6cc8f357d4cb35c15a580a09a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fd:27:b4:af:c8:3e:00:29:78:27:34:0f:c1:
d1:3b:bb:ef:37:58:b6:8f:f9:da:bb:90:da:32:86:
a1:c4:24:f5:a0:a0:2a:f3:c2:d7:56:c5:f4:ad:89:
74:c4:f4:3a:3d:b3:94:c5:2e:1b:5c:a2:83:eb:18:
36:05:8e:94:c1:0c:e2:7c:56:1d:96:11:57:19:22:
3c:46:2b:53:dd:ce:bb:42:b7:f0:77:a9:0a:16:71:
e8:7e:3e:4b:82:e8:db:5f:e0:45:8f:1b:37:e2:68:
fd:fa:ff:15:d1:25:a2:87:88:dd:0d:88:8d:1f:2c:
f7:2c:c0:fc:fc:e9:0d:04:ac:21:8a:4f:a5:7e:ca:
96:eb:36:2e:50:cc:01:bf:a9:3e:5a:79:fa:60:a9:
48:da:84:4c:90:c1:a3:13:b5:f9:ba:91:3c:b1:e6:
21:0d:e6:a2:4a:12:ba:90:1e:66:9e:0a:61:f2:ba:
37:4e:71:21:34:d9:6b:ec:35:3e:d9:eb:2c:41:e6:
85:07:7f:6d:4d:d6:b9:c3:db:ce:c9:fd:9f:0d:6f:
c1:69:f9:d4:e1:f4:43:6f:57:82:64:fe:45:d5:ca:
0e:2c:c6:73:c7:01:f1:a3:82:22:3b:13:b0:15:36:
b3:c5:a3:d8:3b:9c:78:2f:41:54:d1:d3:75:05:70:
24:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BE:6A:09:83:2F:16:D6:CC:8F:35:7D:4C:B3:5C:15:A5:80:A0:9A
X509v3 Authority Key Identifier:
keyid:A0:AF:3D:85:51:FB:DD:3B:62:F4:FF:DF:D5:9C:AD:41:61:E4:47:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oK89hVH73Tti9P_f1ZytQWHkRx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c566c7-3cac-45a9-82a1-04b09057522f/1/Pb5qCYMvFtbMjzV9TLNcFaWAoJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c566c7-3cac-45a9-82a1-04b09057522f/1/oK89hVH73Tti9P_f1ZytQWHkRx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.91.0/24
Signature Algorithm: sha256WithRSAEncryption
88:08:2b:1d:8b:d4:4a:37:8e:a8:0b:1e:86:58:af:43:50:00:
87:04:ad:d9:9a:b9:e6:3b:e4:f9:2b:05:74:ff:30:ad:13:06:
48:79:12:6c:7f:cc:f5:f5:fb:02:9b:11:e5:e2:bc:f2:34:7a:
d6:b9:de:34:0e:9a:9e:a4:0f:b4:65:f6:df:c6:82:11:5e:1f:
9b:45:2a:4e:5f:31:08:94:66:b8:bb:95:0e:48:e8:e1:1e:61:
fb:44:07:f8:2d:45:be:05:db:7e:ae:eb:5e:dd:7a:17:42:2f:
2a:ba:59:76:1d:2f:69:2d:fc:01:9c:c4:24:60:f2:6c:10:ce:
2e:87:5c:51:4b:e2:f6:ca:55:1d:08:a7:27:e9:ea:42:f3:e4:
08:66:7e:5c:35:a1:fd:7c:c1:f0:56:c4:3f:c7:af:96:63:ba:
1b:93:98:2b:b8:e9:64:e9:95:39:a1:9e:aa:eb:ad:b8:cd:f7:
90:cc:ae:cd:36:f6:fd:70:58:06:a7:73:72:4c:4d:be:f9:8f:
57:69:3b:bb:59:8f:0d:da:c1:7c:ad:d2:f1:89:f0:27:bc:6d:
4d:cf:43:ee:7b:42:ae:86:40:e5:fe:0e:61:0b:22:39:a0:21:
da:c9:7f:1a:66:15:89:9d:80:8c:96:12:11:7d:da:c0:8f:61:
70:ec:f4:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkspf+JXpHgDDIMBKggs5UYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWYzZDg1NTFmYmRkM2I2MmY0ZmZkZmQ1OWNhZDQxNjFl
NDQ3MWUwHhcNMjMwNzA2MTkyMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGJlNmEwOTgzMmYxNmQ2Y2M4ZjM1N2Q0Y2IzNWMxNWE1ODBhMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf0ntK/IPgApeCc0D8HRO7vvN1i2
j/nau5DaMoahxCT1oKAq88LXVsX0rYl0xPQ6PbOUxS4bXKKD6xg2BY6UwQzifFYd
lhFXGSI8RitT3c67Qrfwd6kKFnHofj5LgujbX+BFjxs34mj9+v8V0SWih4jdDYiN
Hyz3LMD8/OkNBKwhik+lfsqW6zYuUMwBv6k+Wnn6YKlI2oRMkMGjE7X5upE8seYh
DeaiShK6kB5mngph8ro3TnEhNNlr7DU+2essQeaFB39tTda5w9vOyf2fDW/BafnU
4fRDb1eCZP5F1coOLMZzxwHxo4IiOxOwFTazxaPYO5x4L0FU0dN1BXAkcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2+agmDLxbWzI81fUyzXBWlgKCaMB8GA1UdIwQY
MBaAFKCvPYVR+907YvT/39WcrUFh5EceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0s4OWhWSDczVHRpOVBfZjFaeXRRV0hrUng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jNTY2YzctM2NhYy00NWE5LTgyYTEt
MDRiMDkwNTc1MjJmLzEvUGI1cUNZTXZGdGJNanpWOVRMTmNGYVdBb0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jNTY2YzctM2NhYy00NWE5LTgyYTEtMDRiMDkwNTc1MjJm
LzEvb0s4OWhWSDczVHRpOVBfZjFaeXRRV0hrUng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVBbMA0G
CSqGSIb3DQEBCwUAA4IBAQCICCsdi9RKN46oCx6GWK9DUACHBK3ZmrnmO+T5KwV0
/zCtEwZIeRJsf8z19fsCmxHl4rzyNHrWud40DpqepA+0ZfbfxoIRXh+bRSpOXzEI
lGa4u5UOSOjhHmH7RAf4LUW+Bdt+rute3XoXQi8qull2HS9pLfwBnMQkYPJsEM4u
h1xRS+L2ylUdCKcn6epC8+QIZn5cNaH9fMHwVsQ/x6+WY7obk5gruOlk6ZU5oZ6q
6624zfeQzK7NNvb9cFgGp3NyTE2++Y9XaTu7WY8N2sF8rdLxifAnvG1Nz0Pue0Ku
hkDl/g5hCyI5oCHayX8aZhWJnYCMlhIRfdrAj2Fw7PTm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:53 2025 by rpki-client