Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Cv4joySAr3zK5hMB9YrxjhL3SyE.roa
File: Cv4joySAr3zK5hMB9YrxjhL3SyE.roa (raw, json)
Hash identifier: B+judrmsV2rADQJ5D1GfDmb2xrrPclUHkON8X5Ai6vc=
Subject key identifier: 0A:FE:23:A3:24:80:AF:7C:CA:E6:13:01:F5:8A:F1:8E:12:F7:4B:21
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0186E619F938ACC5174B36FD47B1DED05852
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Cv4joySAr3zK5hMB9YrxjhL3SyE.roa
Signing time: Wed 15 Mar 2023 16:28:27 +0000
ROA not before: Wed 15 Mar 2023 16:28:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31479
IP address blocks: 80.66.112.0/20 maxlen: 20
185.28.49.0/24 maxlen: 24
2001:4030::/32 maxlen: 32
2001:4030:16::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e6:19:f9:38:ac:c5:17:4b:36:fd:47:b1:de:d0:58:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 15 16:28:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0afe23a32480af7ccae61301f58af18e12f74b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d0:04:7d:0e:2b:f3:8f:04:95:ab:6e:0e:c9:
a0:a0:47:6a:6b:2f:0e:2f:89:62:ad:f3:ce:23:d4:
37:0c:6b:55:09:6e:3a:da:4e:74:55:93:ee:07:27:
18:3a:80:e9:49:97:c0:3e:a7:d4:4d:b5:25:9c:8c:
a4:dd:3d:2b:94:ab:6f:23:e9:c6:79:79:e5:22:c1:
ef:b5:69:f2:13:57:de:35:3a:de:78:bc:8b:22:7d:
57:99:f2:2b:a2:0e:e2:c2:8c:7a:d8:15:0a:1f:ca:
4b:f4:25:2f:fe:8f:3e:e4:1c:82:01:93:d0:43:67:
a5:57:66:c1:e6:18:bd:66:1d:11:bb:f2:7c:94:da:
67:b5:ab:7c:5a:07:4a:ca:99:d2:c9:5a:6c:e7:d8:
2c:cc:7d:1d:1c:dc:61:4f:e4:cc:5b:d6:f4:4c:99:
92:f6:39:5a:77:a3:b4:f5:08:87:72:ac:da:2b:b5:
60:cc:ee:7b:64:28:1f:34:9d:7d:45:2b:d1:41:5e:
f6:de:99:ec:f4:71:a6:ad:4e:54:2d:d0:13:7b:5e:
c7:12:86:54:81:de:33:1a:da:c4:de:5f:e5:b9:eb:
9f:a2:ec:62:b1:8c:e7:b0:81:c9:e2:4a:c6:3d:d8:
c9:7e:7f:1d:fd:36:56:69:4b:d6:35:cf:56:d0:ce:
92:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FE:23:A3:24:80:AF:7C:CA:E6:13:01:F5:8A:F1:8E:12:F7:4B:21
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Cv4joySAr3zK5hMB9YrxjhL3SyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.112.0/20
185.28.49.0/24
IPv6:
2001:4030::/32
Signature Algorithm: sha256WithRSAEncryption
be:17:37:16:a4:2c:2d:2e:a4:ee:c4:5e:50:61:76:e5:53:89:
3d:b3:16:8e:1c:60:3c:3e:1a:3e:9c:6c:93:50:cd:da:7d:17:
9b:a4:45:46:39:50:01:9c:d2:2f:9f:f7:2a:04:5c:d5:f8:55:
9c:ee:60:e9:04:b5:5a:3b:63:3d:05:4c:69:58:5f:c4:37:96:
17:a1:95:a9:b9:19:13:2f:c4:78:86:6c:3b:77:e4:5b:fc:55:
f5:0d:7e:e2:06:1a:ff:f0:ff:d3:54:0e:b7:b3:a2:6b:fd:e9:
5a:2c:49:6e:19:e4:7e:96:ac:39:3a:05:75:16:97:56:d2:56:
a8:fd:11:bd:c1:f6:30:6a:03:6b:e5:7e:90:ca:9c:12:a7:c4:
44:cf:ab:ff:4c:02:0c:a0:f4:98:21:67:99:d4:34:0d:06:2b:
95:a5:71:ab:f2:82:d9:96:fd:16:3b:6c:32:34:5e:07:33:4d:
2c:40:09:a5:96:21:29:b5:6c:7f:f4:90:ea:74:61:62:69:30:
bc:76:6f:d1:0f:e9:62:92:54:c3:37:f2:d0:a0:e9:97:d8:1d:
bf:14:63:f8:dc:db:a4:59:c9:d1:7d:51:00:47:82:7e:ae:22:
ab:46:e8:d0:bd:c0:27:ed:05:46:34:a3:64:96:7a:20:1a:b7:
d5:3f:10:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbmGfk4rMUXSzb9R7He0FhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMzE1MTYyODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWZlMjNhMzI0ODBhZjdjY2FlNjEzMDFmNThhZjE4ZTEyZjc0YjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtAEfQ4r848ElatuDsmgoEdqay8O
L4lirfPOI9Q3DGtVCW462k50VZPuBycYOoDpSZfAPqfUTbUlnIyk3T0rlKtvI+nG
eXnlIsHvtWnyE1feNTreeLyLIn1XmfIrog7iwox62BUKH8pL9CUv/o8+5ByCAZPQ
Q2elV2bB5hi9Zh0Ru/J8lNpntat8WgdKypnSyVps59gszH0dHNxhT+TMW9b0TJmS
9jlad6O09QiHcqzaK7VgzO57ZCgfNJ19RSvRQV723pns9HGmrU5ULdATe17HEoZU
gd4zGtrE3l/lueufouxisYznsIHJ4krGPdjJfn8d/TZWaUvWNc9W0M6SUQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAr+I6MkgK98yuYTAfWK8Y4S90shMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQ3Y0am95U0FyM3pLNWhNQjlZcnhqaEwzU3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEJwAwQA
uRwxMA0EAgACMAcDBQAgAUAwMA0GCSqGSIb3DQEBCwUAA4IBAQC+FzcWpCwtLqTu
xF5QYXblU4k9sxaOHGA8Pho+nGyTUM3afRebpEVGOVABnNIvn/cqBFzV+FWc7mDp
BLVaO2M9BUxpWF/EN5YXoZWpuRkTL8R4hmw7d+Rb/FX1DX7iBhr/8P/TVA63s6Jr
/elaLEluGeR+lqw5OgV1FpdW0lao/RG9wfYwagNr5X6QypwSp8REz6v/TAIMoPSY
IWeZ1DQNBiuVpXGr8oLZlv0WO2wyNF4HM00sQAmlliEptWx/9JDqdGFiaTC8dm/R
D+liklTDN/LQoOmX2B2/FGP43NukWcnRfVEAR4J+riKrRujQvcAn7QVGNKNklnog
GrfVPxDz
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:09:01 2025 by rpki-client