Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/9YtAlooqdyu5qtUs7Oa-wp04bZ8.roa
File: 9YtAlooqdyu5qtUs7Oa-wp04bZ8.roa (raw, json)
Hash identifier: RLLiSnLfgSbAQ3JqAPW16k4sKXij3xlU7HZjowrOQts=
Subject key identifier: F5:8B:40:96:8A:2A:77:2B:B9:AA:D5:2C:EC:E6:BE:C2:9D:38:6D:9F
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 018AE1858B01093F53650FBB1074E269BC14
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/9YtAlooqdyu5qtUs7Oa-wp04bZ8.roa
Signing time: Fri 29 Sep 2023 15:18:59 +0000
ROA not before: Fri 29 Sep 2023 15:18:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.144.0/22 maxlen: 22
85.239.145.0/24 maxlen: 24
85.239.148.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:85:8b:01:09:3f:53:65:0f:bb:10:74:e2:69:bc:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Sep 29 15:18:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f58b40968a2a772bb9aad52cece6bec29d386d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:30:e9:9f:27:1a:6e:48:71:15:ff:88:29:26:
30:91:e0:1c:4b:a1:86:9a:dd:7e:06:b4:54:75:27:
09:48:c1:e2:e0:95:37:2f:12:92:fc:64:b7:56:08:
c9:ca:29:39:bd:4e:d0:9f:e5:d0:fd:93:9f:71:a7:
03:9e:29:db:0a:1b:d3:81:50:29:b1:d8:83:62:70:
dd:14:9e:e3:51:00:37:f5:4a:d6:47:27:a0:e6:52:
ab:99:bf:b9:2d:be:88:60:8e:28:eb:bd:18:16:b9:
66:cd:35:43:5c:3f:1e:f6:13:30:eb:33:d0:43:7f:
39:43:7a:4b:9a:fb:0b:1f:44:d6:6b:45:b3:03:d9:
f5:20:76:60:0b:7d:61:64:41:b0:a8:bf:e7:99:2b:
7f:0d:a6:9b:6e:65:44:44:95:5d:e0:4a:7d:7f:6e:
31:4c:24:b0:ce:c0:32:69:8f:4e:e7:68:e5:18:0c:
4a:24:e7:97:62:31:8e:0d:93:c4:40:6b:90:d8:4a:
91:ee:aa:c9:ca:5d:17:dc:b1:b2:26:8c:c4:58:fe:
b1:51:5c:9c:ac:8d:78:60:5d:56:3b:48:44:19:2e:
e3:2e:5f:80:44:80:f7:eb:2a:9d:aa:9a:3d:f9:f7:
64:6e:ea:2b:ed:2c:71:d4:ae:8d:bd:97:69:64:04:
c0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:8B:40:96:8A:2A:77:2B:B9:AA:D5:2C:EC:E6:BE:C2:9D:38:6D:9F
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/9YtAlooqdyu5qtUs7Oa-wp04bZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0-85.239.148.255
85.239.150.0/23
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
85:79:e5:ae:16:f1:16:ed:f6:12:3f:52:25:3e:18:38:86:2f:
6c:87:bf:d9:39:46:67:3b:40:bb:ea:bf:13:98:3a:35:91:6b:
37:3f:1e:63:67:9e:2a:8e:c2:da:74:1f:e4:78:81:87:04:72:
ee:6d:15:8d:68:9f:76:6b:d9:4d:36:ec:ba:98:fd:30:ea:77:
ff:96:2a:94:d1:95:85:c3:a8:83:46:7f:77:30:11:47:71:eb:
db:79:c6:34:c4:4e:3f:37:47:7e:a7:60:7e:93:bf:8d:89:ed:
84:82:24:6a:02:78:10:78:71:5c:c1:fd:51:60:bc:f4:a7:15:
28:29:48:82:3d:a6:a1:16:90:1c:ca:00:fc:64:97:44:17:9b:
68:cb:37:06:89:ff:f1:c5:99:ef:b9:c7:98:38:ee:93:1d:ff:
d5:8b:2a:ca:76:cf:89:e2:9c:41:2e:d2:24:01:86:ab:73:d6:
c1:28:0f:1b:c1:42:37:2c:60:d3:7e:04:de:2f:d9:7f:4b:47:
da:80:b4:41:ce:27:32:51:b1:8a:7e:a6:27:ee:d9:4e:13:d5:
30:95:87:f2:aa:47:d6:26:8b:c0:5c:42:5a:7f:dd:07:37:27:
9d:f9:5a:a5:92:32:39:67:2f:a3:e7:56:b8:30:05:83:e4:3f:
9b:b0:16:5b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYrhhYsBCT9TZQ+7EHTiabwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwOTI5MTUxODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNThiNDA5NjhhMmE3NzJiYjlhYWQ1MmNlY2U2YmVjMjlkMzg2ZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzDpnycabkhxFf+IKSYwkeAcS6GG
mt1+BrRUdScJSMHi4JU3LxKS/GS3VgjJyik5vU7Qn+XQ/ZOfcacDninbChvTgVAp
sdiDYnDdFJ7jUQA39UrWRyeg5lKrmb+5Lb6IYI4o670YFrlmzTVDXD8e9hMw6zPQ
Q385Q3pLmvsLH0TWa0WzA9n1IHZgC31hZEGwqL/nmSt/DaabbmVERJVd4Ep9f24x
TCSwzsAyaY9O52jlGAxKJOeXYjGODZPEQGuQ2EqR7qrJyl0X3LGyJozEWP6xUVyc
rI14YF1WO0hEGS7jLl+ARID36yqdqpo9+fdkbuor7Sxx1K6NvZdpZATAoQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPWLQJaKKncruarVLOzmvsKdOG2fMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvOVl0QWxvb3FkeXU1cXRVczdPYS13cDA0Ylo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBARV75AD
BABV75QDBAFV75YDBAC5X58wDQYJKoZIhvcNAQELBQADggEBAIV55a4W8Rbt9hI/
UiU+GDiGL2yHv9k5Rmc7QLvqvxOYOjWRazc/HmNnniqOwtp0H+R4gYcEcu5tFY1o
n3Zr2U027LqY/TDqd/+WKpTRlYXDqINGf3cwEUdx69t5xjTETj83R36nYH6Tv42J
7YSCJGoCeBB4cVzB/VFgvPSnFSgpSII9pqEWkBzKAPxkl0QXm2jLNwaJ//HFme+5
x5g47pMd/9WLKsp2z4ninEEu0iQBhqtz1sEoDxvBQjcsYNN+BN4v2X9LR9qAtEHO
JzJRsYp+pifu2U4T1TCVh/KqR9Ymi8BcQlp/3Qc3J535WqWSMjlnL6PnVrgwBYPk
P5uwFls=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:24 2025 by rpki-client