Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/0A8F6UwqPwZMe-wmLp82HYaLSH4.roa
File: 0A8F6UwqPwZMe-wmLp82HYaLSH4.roa (raw, json)
Hash identifier: ePQOr7u0GTgsZ1W3+N7jJR8/V5JMD9uYTFrf6/TzonA=
Subject key identifier: D0:0F:05:E9:4C:2A:3F:06:4C:7B:EC:26:2E:9F:36:1D:86:8B:48:7E
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 0186850A5FE6447182E6439228F4B4F8D7E7
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/0A8F6UwqPwZMe-wmLp82HYaLSH4.roa
Signing time: Fri 24 Feb 2023 20:08:14 +0000
ROA not before: Fri 24 Feb 2023 20:08:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211057
IP address blocks: 185.71.140.0/24 maxlen: 24
185.71.141.0/24 maxlen: 24
185.71.140.0/22 maxlen: 22
185.71.142.0/24 maxlen: 24
185.71.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:85:0a:5f:e6:44:71:82:e6:43:92:28:f4:b4:f8:d7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Feb 24 20:08:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d00f05e94c2a3f064c7bec262e9f361d868b487e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8a:3b:e2:43:6d:b9:27:85:f5:43:28:18:95:
e0:e2:7c:ca:c3:0e:1d:d6:18:9c:51:3c:98:dd:64:
d9:c7:23:56:ac:7c:45:b0:f0:1e:13:4f:d9:a9:23:
e2:1f:4a:43:3f:28:3e:43:39:a1:1d:55:a2:3d:e4:
7a:93:50:cc:0a:22:f8:cd:0b:5d:d4:19:3a:57:c7:
09:73:18:19:0f:18:78:87:39:38:94:13:1e:98:27:
3a:7a:0e:58:33:61:9e:11:70:3b:e8:76:35:50:5b:
04:75:62:a3:93:60:a1:44:29:98:e2:c0:66:f2:7c:
09:04:0e:d5:e3:fb:bb:25:64:6e:b5:aa:ee:e2:f1:
87:54:99:28:c9:a9:4d:ca:c6:66:47:ab:e6:5e:84:
0d:44:42:c2:51:cb:3a:6e:88:8c:3b:3f:1f:80:6f:
75:d3:09:c1:1a:86:bb:b9:30:98:6b:6e:25:86:45:
54:cc:9d:0e:66:fc:08:c3:a6:2e:c8:da:a5:70:b9:
89:20:24:70:1d:1a:12:64:c2:f3:8d:30:14:e3:a6:
7e:b8:50:8d:79:68:d4:fd:30:f0:82:c1:38:b2:bf:
88:3a:d8:cc:fa:86:83:22:6c:8b:16:be:e3:41:fd:
75:b8:ab:03:9d:b2:8c:df:c0:5d:d4:30:0c:bb:0f:
bf:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0F:05:E9:4C:2A:3F:06:4C:7B:EC:26:2E:9F:36:1D:86:8B:48:7E
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/0A8F6UwqPwZMe-wmLp82HYaLSH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.140.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:15:4e:b9:b7:e2:75:31:d2:bf:5c:c7:c7:d3:a6:7d:d1:38:
4c:eb:5e:a6:e7:a3:db:15:a9:36:e9:8f:fa:60:91:70:d0:9f:
05:9b:bd:34:d9:62:d1:69:b1:3a:5e:14:9d:c4:f8:91:eb:c3:
89:bc:8e:a8:65:df:b4:c3:12:6d:37:bf:5d:7a:d7:60:c8:c0:
5e:3e:97:40:e5:7d:55:c0:92:54:4c:a2:69:11:c1:0a:d2:45:
5d:2c:13:d3:83:d9:6b:f6:8d:15:d8:21:6d:e0:e9:3c:0c:c4:
90:cf:1a:c4:62:68:d4:01:e2:93:12:05:2b:d6:ff:40:73:a4:
6d:65:56:24:51:e2:4f:3b:30:d4:8b:ee:96:41:0f:f5:7d:26:
a2:e4:0e:01:11:0e:62:e1:de:9d:fd:22:99:96:0d:45:e0:3d:
aa:20:e0:3d:77:8d:ff:69:b0:86:72:d2:3a:a7:6a:8f:cf:5c:
a7:67:ff:4a:cf:7c:b6:a4:83:47:ba:96:51:da:fb:7b:57:f9:
20:24:57:9d:9c:a4:b9:43:9d:52:c5:09:99:a6:0d:13:d2:04:
6e:e5:15:8d:23:6a:51:ad:6e:6e:e8:62:7e:10:62:6b:07:da:
af:5b:17:12:19:dd:fc:78:d9:44:e4:c4:4b:de:cf:57:22:b9:
75:d0:db:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaFCl/mRHGC5kOSKPS0+NfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjMwMjI0MjAwODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDBmMDVlOTRjMmEzZjA2NGM3YmVjMjYyZTlmMzYxZDg2OGI0ODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4o74kNtuSeF9UMoGJXg4nzKww4d
1hicUTyY3WTZxyNWrHxFsPAeE0/ZqSPiH0pDPyg+QzmhHVWiPeR6k1DMCiL4zQtd
1Bk6V8cJcxgZDxh4hzk4lBMemCc6eg5YM2GeEXA76HY1UFsEdWKjk2ChRCmY4sBm
8nwJBA7V4/u7JWRutaru4vGHVJkoyalNysZmR6vmXoQNRELCUcs6boiMOz8fgG91
0wnBGoa7uTCYa24lhkVUzJ0OZvwIw6YuyNqlcLmJICRwHRoSZMLzjTAU46Z+uFCN
eWjU/TDwgsE4sr+IOtjM+oaDImyLFr7jQf11uKsDnbKM38Bd1DAMuw+/9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAPBelMKj8GTHvsJi6fNh2Gi0h+MB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvMEE4RjZVd3FQd1pNZS13bUxwODJIWWFMU0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUeMMA0G
CSqGSIb3DQEBCwUAA4IBAQAKFU65t+J1MdK/XMfH06Z90ThM616m56PbFak26Y/6
YJFw0J8Fm7002WLRabE6XhSdxPiR68OJvI6oZd+0wxJtN79detdgyMBePpdA5X1V
wJJUTKJpEcEK0kVdLBPTg9lr9o0V2CFt4Ok8DMSQzxrEYmjUAeKTEgUr1v9Ac6Rt
ZVYkUeJPOzDUi+6WQQ/1fSai5A4BEQ5i4d6d/SKZlg1F4D2qIOA9d43/abCGctI6
p2qPz1ynZ/9Kz3y2pINHupZR2vt7V/kgJFednKS5Q51SxQmZpg0T0gRu5RWNI2pR
rW5u6GJ+EGJrB9qvWxcSGd38eNlE5MRL3s9XIrl10Nt3
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:12 2025 by rpki-client