Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/4PREDSUdyYrlsfD8cmrtsicwwuY.roa
File: 4PREDSUdyYrlsfD8cmrtsicwwuY.roa (raw, json)
Hash identifier: kAYCylU8fgmi3uRD+HIJBURf9742ziVgfxp7yDrnSkY=
Subject key identifier: E0:F4:44:0D:25:1D:C9:8A:E5:B1:F0:FC:72:6A:ED:B2:27:30:C2:E6
Certificate issuer: /CN=24b086f4824266384e078cf777375f21bd370b70
Certificate serial: 066C3EB2
Authority key identifier: 24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/4PREDSUdyYrlsfD8cmrtsicwwuY.roa
Signing time: Tue 22 Mar 2022 09:48:29 +0000
ROA not before: Tue 22 Mar 2022 09:48:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62382
IP address blocks: 185.37.191.0/24 maxlen: 24
185.37.188.0/22 maxlen: 22
185.37.189.0/24 maxlen: 24
185.37.188.0/24 maxlen: 24
80.72.219.0/24 maxlen: 24
80.72.218.0/24 maxlen: 24
80.72.217.0/24 maxlen: 24
80.72.216.0/21 maxlen: 21
80.72.216.0/24 maxlen: 24
80.72.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107757234 (0x66c3eb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24b086f4824266384e078cf777375f21bd370b70
Validity
Not Before: Mar 22 09:48:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0f4440d251dc98ae5b1f0fc726aedb22730c2e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:48:59:7d:c2:c9:a6:2b:08:2a:78:0a:ca:76:
fc:b8:41:76:aa:0b:5a:98:53:9d:4e:e8:37:8f:4a:
b8:91:a5:07:6a:55:4f:79:16:1a:29:aa:54:b2:16:
49:7e:5c:bc:7a:66:de:27:73:a2:2b:14:43:55:6a:
a1:10:54:9e:f2:d6:e0:b3:68:a1:b0:09:e6:96:72:
6c:6c:29:45:a3:2d:b6:b4:55:8d:2b:0f:83:2a:cd:
e1:0a:43:79:9b:57:a4:ca:9a:f2:81:86:ab:1a:65:
e0:dc:25:44:5a:a5:ea:14:22:2a:74:87:26:a0:c7:
5e:08:a3:80:05:4b:46:b4:20:80:46:0f:6b:0f:5a:
89:76:7f:75:50:68:b8:69:73:9e:ec:c2:e7:5d:98:
5f:c7:47:8a:e1:7a:2f:06:69:f4:6b:8c:b5:f9:d7:
4f:e2:1e:8b:a2:14:ef:cd:4b:b5:45:c4:59:73:b2:
73:a4:bc:70:96:ad:29:97:8e:0c:11:d8:44:67:05:
cc:1b:72:c5:79:c4:b5:5d:8c:b6:68:74:46:14:79:
8d:1b:c5:bc:07:82:cc:19:8a:b9:20:d0:6c:d2:47:
dc:1c:a2:28:f4:c2:b6:d2:00:63:35:1a:d4:25:01:
85:96:1f:e2:29:15:87:42:d0:09:c3:45:50:15:4b:
22:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F4:44:0D:25:1D:C9:8A:E5:B1:F0:FC:72:6A:ED:B2:27:30:C2:E6
X509v3 Authority Key Identifier:
keyid:24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/4PREDSUdyYrlsfD8cmrtsicwwuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/JLCG9IJCZjhOB4z3dzdfIb03C3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.216.0/21
185.37.188.0/22
Signature Algorithm: sha256WithRSAEncryption
50:b3:17:78:83:b9:1c:f9:a7:12:47:71:39:32:b7:52:ec:53:
70:08:6c:ed:66:55:15:ba:2a:39:14:2c:60:2d:c1:55:d9:f5:
3f:db:3b:03:d5:a3:56:7f:3f:aa:c6:33:a1:04:e4:8f:c8:63:
e1:cd:bb:76:e6:ac:f8:1a:8d:db:7d:33:e9:de:35:3f:da:67:
c0:80:36:57:39:4e:c3:53:f0:3f:e8:70:7e:d6:57:77:a0:e2:
8b:93:da:06:83:b6:a2:94:22:bc:29:39:aa:3d:af:05:67:71:
11:b7:bb:f6:18:39:8c:f3:78:31:42:ab:b3:90:d5:29:b1:4d:
ae:a6:a9:90:4b:1e:68:21:e8:d4:c7:21:bb:d9:19:ec:89:53:
c4:a2:e4:5b:cf:23:70:22:0f:bd:f7:a3:fe:f0:b6:1e:11:3d:
b0:2c:35:a6:fb:be:07:3a:46:c9:7b:b1:9d:82:c1:56:a2:e3:
11:53:21:0e:80:f8:02:e2:7c:97:6b:3f:08:1e:69:be:1d:bf:
f2:19:b1:34:c3:b3:eb:00:46:92:eb:0c:fa:fc:19:7a:e6:c8:
ab:0f:93:82:ee:8d:b0:33:b9:6e:55:91:b1:62:b5:34:0a:14:
55:10:5e:a9:9a:c2:86:fc:5e:a5:43:02:70:3a:f7:f6:fc:20:
db:86:f9:cc
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBmw+sjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGIwODZmNDgyNDI2NjM4NGUwNzhjZjc3NzM3NWYyMWJkMzcwYjcwMB4XDTIyMDMy
MjA5NDgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBmNDQ0MGQyNTFk
Yzk4YWU1YjFmMGZjNzI2YWVkYjIyNzMwYzJlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFIWX3CyaYrCCp4Csp2/LhBdqoLWphTnU7oN49KuJGlB2pV
T3kWGimqVLIWSX5cvHpm3idzoisUQ1VqoRBUnvLW4LNoobAJ5pZybGwpRaMttrRV
jSsPgyrN4QpDeZtXpMqa8oGGqxpl4NwlRFql6hQiKnSHJqDHXgijgAVLRrQggEYP
aw9aiXZ/dVBouGlznuzC512YX8dHiuF6LwZp9GuMtfnXT+Iei6IU781LtUXEWXOy
c6S8cJatKZeODBHYRGcFzBtyxXnEtV2Mtmh0RhR5jRvFvAeCzBmKuSDQbNJH3Byi
KPTCttIAYzUa1CUBhZYf4ikVh0LQCcNFUBVLIhkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTg9EQNJR3JiuWx8Pxyau2yJzDC5jAfBgNVHSMEGDAWgBQksIb0gkJmOE4H
jPd3N18hvTcLcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pMQ0c5SUpDWmpoT0I0ejNkemRmSWIwM0MzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvZWUxMzhmLTVlNjMtNGNjNC04ZTc1LWRlY2IxODhhMDAwZC8x
LzRQUkVEU1VkeVlybHNmRDhjbXJ0c2ljd3d1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
ZWUxMzhmLTVlNjMtNGNjNC04ZTc1LWRlY2IxODhhMDAwZC8xL0pMQ0c5SUpDWmpo
T0I0ejNkemRmSWIwM0MzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1BI2AMEArklvDANBgkqhkiG9w0B
AQsFAAOCAQEAULMXeIO5HPmnEkdxOTK3UuxTcAhs7WZVFboqORQsYC3BVdn1P9s7
A9WjVn8/qsYzoQTkj8hj4c27duas+BqN230z6d41P9pnwIA2VzlOw1PwP+hwftZX
d6Dii5PaBoO2opQivCk5qj2vBWdxEbe79hg5jPN4MUKrs5DVKbFNrqapkEseaCHo
1Mchu9kZ7IlTxKLkW88jcCIPvfej/vC2HhE9sCw1pvu+BzpGyXuxnYLBVqLjEVMh
DoD4AuJ8l2s/CB5pvh2/8hmxNMOz6wBGkusM+vwZeubIqw+Tgu6NsDO5blWRsWK1
NAoUVRBeqZrChvxepUMCcDr39vwg24b5zA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:47:05 2025 by rpki-client