Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/1-P-pOdmuQ8Ilkhn6ZYuj4_0uu2c.roa
File: 1-P-pOdmuQ8Ilkhn6ZYuj4_0uu2c.roa (raw, json)
Hash identifier: 9DH0skIKdTQcz1k471ulSdXE6qlZsN9pXo9wPuktKoo=
Subject key identifier: F8:FF:A9:39:D9:AE:43:C2:25:92:19:FA:65:8B:A3:E3:FD:2E:BB:67
Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial: 018C5818D5CB6111A6EE07FFADC379D2C92A
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/1-P-pOdmuQ8Ilkhn6ZYuj4_0uu2c.roa
Signing time: Mon 11 Dec 2023 08:57:51 +0000
ROA not before: Mon 11 Dec 2023 08:57:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8814
IP address blocks: 212.47.132.0/22 maxlen: 22
212.47.128.0/22 maxlen: 22
212.47.136.0/22 maxlen: 22
212.47.144.0/22 maxlen: 22
212.47.140.0/22 maxlen: 22
212.47.148.0/22 maxlen: 22
158.181.44.0/22 maxlen: 22
158.181.40.0/22 maxlen: 22
80.69.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:18:d5:cb:61:11:a6:ee:07:ff:ad:c3:79:d2:c9:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Validity
Not Before: Dec 11 08:57:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8ffa939d9ae43c2259219fa658ba3e3fd2ebb67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:09:84:4f:41:fc:b5:55:8e:a2:85:e2:44:77:
24:de:4f:8b:7a:dc:fd:fb:53:2f:46:76:0a:b6:95:
1e:e4:ab:6e:98:29:c2:16:ff:ee:2b:da:87:86:28:
c8:c5:cd:77:1c:5b:5a:a6:b6:9e:b6:ad:e9:dc:90:
62:c8:73:d7:61:6e:f2:72:08:2a:f3:fb:a1:31:a8:
f7:14:86:34:52:15:1a:04:f0:ed:12:8b:2b:04:7a:
05:79:76:f3:a7:db:74:a9:f6:6a:c7:ab:fa:07:c9:
d9:8b:d9:b3:68:d6:0e:6e:77:72:da:0d:63:9a:9e:
91:e5:46:25:87:10:e5:ab:90:54:e0:18:e9:fb:61:
b5:b0:18:d8:fc:67:ce:9f:4a:62:a7:9b:2a:02:16:
91:57:05:e1:cf:72:c5:ec:92:dd:33:02:e5:bf:05:
d2:4e:31:a0:d3:58:bd:c6:16:71:aa:fb:a7:f7:23:
d7:a2:66:c0:19:ef:b8:cd:6f:90:f1:11:fa:7b:3b:
fa:fe:f0:a3:c6:9d:37:23:1a:b7:d0:aa:58:bf:a9:
4b:0b:38:90:6c:97:d7:4b:74:4e:a1:0e:9c:91:5d:
e8:cf:e0:35:11:c1:ab:c8:16:38:21:1b:95:82:53:
31:01:d8:d8:93:57:b9:61:0e:74:e7:3e:c4:18:e2:
1a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FF:A9:39:D9:AE:43:C2:25:92:19:FA:65:8B:A3:E3:FD:2E:BB:67
X509v3 Authority Key Identifier:
keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/1-P-pOdmuQ8Ilkhn6ZYuj4_0uu2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.69.52.0/24
158.181.40.0/21
212.47.128.0-212.47.151.255
Signature Algorithm: sha256WithRSAEncryption
8c:42:77:9e:fa:59:43:d2:fb:e1:6e:40:d2:6c:35:a8:93:fa:
05:ec:13:08:51:60:72:75:ad:7b:a2:68:6b:4c:35:05:31:9a:
84:7f:36:64:8f:8b:17:78:b9:74:49:52:e2:c6:89:6c:c9:88:
12:0f:5a:d6:94:9e:4c:7e:13:7b:7e:0f:1f:85:d1:4a:3f:37:
d4:66:84:68:d0:c6:a4:06:e8:a9:ee:37:4a:f9:39:0e:41:7c:
67:41:32:30:31:9c:de:60:13:c3:4a:05:7c:9d:c5:4b:da:fd:
42:97:39:e4:ff:06:21:8d:f0:87:4f:82:a4:73:58:12:f1:26:
79:29:15:6b:c6:3b:41:68:d2:72:f1:43:d7:ac:75:08:a0:b1:
31:b8:cc:d8:49:e7:e8:52:d3:48:fd:47:99:54:ee:cc:8a:51:
0f:44:97:a2:f1:d1:bb:18:25:ba:74:cf:a7:47:8a:e5:01:10:
07:b7:2e:13:cf:1a:47:71:af:59:ba:e1:b9:ae:28:a0:13:0b:
5a:ad:58:c3:90:8c:fe:e8:68:d3:25:3e:61:d1:8b:f2:bc:d2:
a9:74:f8:6b:34:a6:e1:04:6d:24:3c:e3:93:de:e3:ac:17:c4:
3c:75:9a:a6:92:60:b0:80:17:2f:d6:33:01:02:91:10:ed:e6:
aa:8b:b6:4a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxYGNXLYRGm7gf/rcN50skqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjMxMjExMDg1NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGZmYTkzOWQ5YWU0M2MyMjU5MjE5ZmE2NThiYTNlM2ZkMmViYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAmET0H8tVWOooXiRHck3k+Letz9
+1MvRnYKtpUe5KtumCnCFv/uK9qHhijIxc13HFtapraetq3p3JBiyHPXYW7ycggq
8/uhMaj3FIY0UhUaBPDtEosrBHoFeXbzp9t0qfZqx6v6B8nZi9mzaNYObndy2g1j
mp6R5UYlhxDlq5BU4Bjp+2G1sBjY/GfOn0pip5sqAhaRVwXhz3LF7JLdMwLlvwXS
TjGg01i9xhZxqvun9yPXombAGe+4zW+Q8RH6ezv6/vCjxp03Ixq30KpYv6lLCziQ
bJfXS3ROoQ6ckV3oz+A1EcGryBY4IRuVglMxAdjYk1e5YQ505z7EGOIaFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPj/qTnZrkPCJZIZ+mWLo+P9LrtnMB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvMS1QLXBPZG11UThJbGtobjZaWXVqNF8wdXUyYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTIvZjRiNzMzLTI5YWQtNGQ1Ni1iOWQyLTVkNDhiY2Q3YzFk
Yy8xL1ptQTB5bW9XdTlBVVNyMzF6eVJZLVdpeFdKdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAFBFNAME
A561KDAMAwQH1C+AAwQD1C+QMA0GCSqGSIb3DQEBCwUAA4IBAQCMQnee+llD0vvh
bkDSbDWok/oF7BMIUWByda17omhrTDUFMZqEfzZkj4sXeLl0SVLixolsyYgSD1rW
lJ5MfhN7fg8fhdFKPzfUZoRo0MakBuip7jdK+TkOQXxnQTIwMZzeYBPDSgV8ncVL
2v1Clznk/wYhjfCHT4Kkc1gS8SZ5KRVrxjtBaNJy8UPXrHUIoLExuMzYSefoUtNI
/UeZVO7MilEPRJei8dG7GCW6dM+nR4rlARAHty4TzxpHca9ZuuG5riigEwtarVjD
kIz+6GjTJT5h0YvyvNKpdPhrNKbhBG0kPOOT3uOsF8Q8dZqmkmCwgBcv1jMBApEQ
7eaqi7ZK
-----END CERTIFICATE-----
Generated at Tue May 13 04:46:25 2025 by rpki-client