Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/PeiMtjNXk-weG2n7gnKzJFE8U0Q.roa
File: PeiMtjNXk-weG2n7gnKzJFE8U0Q.roa (raw, json)
Hash identifier: DVVerctVTY4eei67ECFztFuYM5qpsPYkmZPFwOF7bPw=
Subject key identifier: 3D:E8:8C:B6:33:57:93:EC:1E:1B:69:FB:82:72:B3:24:51:3C:53:44
Certificate issuer: /CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Certificate serial: 01856E78F1601A2189E3CD24807604E8792C
Authority key identifier: DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/PeiMtjNXk-weG2n7gnKzJFE8U0Q.roa
Signing time: Sun 01 Jan 2023 17:54:57 +0000
ROA not before: Sun 01 Jan 2023 17:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25176
IP address blocks: 81.8.204.0/24 maxlen: 24
80.88.96.0/19 maxlen: 19
85.194.128.0/18 maxlen: 18
81.8.226.0/24 maxlen: 24
81.8.128.0/17 maxlen: 17
2a01:4040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:f1:60:1a:21:89:e3:cd:24:80:76:04:e8:79:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Validity
Not Before: Jan 1 17:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3de88cb6335793ec1e1b69fb8272b324513c5344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7c:3a:3c:ae:e0:9e:04:c6:0c:b1:7f:b3:9f:
4f:64:cd:74:98:79:eb:3f:29:a6:4a:c9:12:15:87:
11:5a:37:ab:c5:e3:2c:e6:5e:2c:da:22:e9:1e:2f:
b8:a5:e0:c6:3e:91:19:78:50:53:8f:94:fb:f1:55:
6c:11:de:da:b4:2d:b0:e3:18:25:5a:26:9d:61:16:
ca:23:c9:10:39:cc:2e:ac:41:5a:80:c6:72:e5:85:
ba:40:3e:c3:21:e4:d0:60:f3:10:93:7a:c2:a9:6b:
db:c4:82:81:03:d9:37:d3:cd:70:10:45:f5:30:5c:
d4:eb:7d:69:0e:78:0d:c5:d2:b7:b2:1f:66:cb:37:
8e:14:fc:96:69:16:fb:83:0b:c0:e2:65:1f:2d:30:
a4:35:de:f3:8b:73:82:31:de:55:49:29:9b:65:1f:
6e:90:e3:73:d1:86:b8:26:3d:8d:e4:34:85:f5:d2:
de:2e:e2:5a:58:8f:0a:26:37:22:6d:79:d5:e9:7b:
bd:aa:9b:da:e1:75:81:0a:ce:63:21:e5:2d:57:74:
8c:c1:b6:41:62:9a:cb:82:3d:db:6c:ee:cb:76:fe:
96:c2:b7:79:05:ce:f3:5b:a6:f9:81:12:15:38:e9:
45:99:ac:53:e6:c8:55:27:be:a5:7d:6c:f3:ce:f9:
99:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E8:8C:B6:33:57:93:EC:1E:1B:69:FB:82:72:B3:24:51:3C:53:44
X509v3 Authority Key Identifier:
keyid:DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/PeiMtjNXk-weG2n7gnKzJFE8U0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.88.96.0/19
81.8.128.0/17
85.194.128.0/18
IPv6:
2a01:4040::/32
Signature Algorithm: sha256WithRSAEncryption
82:30:54:e8:08:fd:e2:fe:68:07:ba:17:3c:2a:8b:49:12:bf:
08:cd:10:ff:31:05:ba:39:db:98:c8:f2:f2:b7:9e:b1:5d:50:
fa:1f:ba:e5:16:3a:b6:29:e5:f1:1b:ad:36:7b:f0:c4:f0:6d:
3e:a5:1a:1e:23:e6:f2:ed:80:20:eb:5e:5d:40:9c:43:fe:9d:
c7:e6:c0:c6:17:c7:d6:81:6e:c8:35:e7:c6:5b:e6:2f:6c:a4:
70:8d:a9:d1:18:0c:db:8a:fe:c0:3e:e9:a7:d2:a7:c9:85:04:
e1:28:2b:1b:0d:70:e6:68:14:c9:7e:a1:f5:10:16:37:04:91:
69:87:c3:e6:7c:64:3f:59:8a:10:9f:47:3f:47:b7:e3:f4:aa:
45:c6:0d:33:e4:23:6a:86:c3:83:78:b4:c5:21:70:90:87:18:
7e:a5:fe:eb:61:03:a5:ce:5e:46:ec:da:dc:a3:c3:bb:4d:91:
35:62:f9:ec:fa:5d:7b:dc:ad:0e:20:d0:c6:3d:37:2e:04:36:
9b:72:69:86:f4:d6:fd:4e:0f:2e:71:fb:88:aa:61:d2:10:9d:
56:d6:10:39:ae:e4:a8:95:0c:17:45:80:2c:7a:bd:c7:09:d4:
e1:c7:40:c8:2a:a0:33:71:33:d4:0e:52:e8:56:58:dc:2a:1c:
f6:c9:14:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuePFgGiGJ480kgHYE6HksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMGIzM2NkZGI3OTliN2JjZjVkM2RjZTAwNGZkYmE4YzNl
ODY0ZmYwHhcNMjMwMTAxMTc1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGU4OGNiNjMzNTc5M2VjMWUxYjY5ZmI4MjcyYjMyNDUxM2M1MzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonw6PK7gngTGDLF/s59PZM10mHnr
PymmSskSFYcRWjerxeMs5l4s2iLpHi+4peDGPpEZeFBTj5T78VVsEd7atC2w4xgl
WiadYRbKI8kQOcwurEFagMZy5YW6QD7DIeTQYPMQk3rCqWvbxIKBA9k3081wEEX1
MFzU631pDngNxdK3sh9myzeOFPyWaRb7gwvA4mUfLTCkNd7zi3OCMd5VSSmbZR9u
kONz0Ya4Jj2N5DSF9dLeLuJaWI8KJjcibXnV6Xu9qpva4XWBCs5jIeUtV3SMwbZB
YprLgj3bbO7Ldv6Wwrd5Bc7zW6b5gRIVOOlFmaxT5shVJ76lfWzzzvmZxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD3ojLYzV5PsHhtp+4JysyRRPFNEMB8GA1UdIwQY
MBaAFNoLM83beZt7z109zgBP26jD6GT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQt
NzczM2JkODg4ZTI4LzEvUGVpTXRqTlhrLXdlRzJuN2duS3pKRkU4VTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQtNzczM2JkODg4ZTI4
LzEvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUFhgAwQH
UQiAAwQGVcKAMA0EAgACMAcDBQAqAUBAMA0GCSqGSIb3DQEBCwUAA4IBAQCCMFTo
CP3i/mgHuhc8KotJEr8IzRD/MQW6OduYyPLyt56xXVD6H7rlFjq2KeXxG602e/DE
8G0+pRoeI+by7YAg615dQJxD/p3H5sDGF8fWgW7INefGW+YvbKRwjanRGAzbiv7A
Pumn0qfJhQThKCsbDXDmaBTJfqH1EBY3BJFph8PmfGQ/WYoQn0c/R7fj9KpFxg0z
5CNqhsODeLTFIXCQhxh+pf7rYQOlzl5G7Nrco8O7TZE1Yvns+l173K0OINDGPTcu
BDabcmmG9Nb9Tg8ucfuIqmHSEJ1W1hA5ruSolQwXRYAser3HCdThx0DIKqAzcTPU
DlLoVljcKhz2yRRM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:46 2025 by rpki-client