Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/ILWvRlruS76Jlmh_EarS7nOzCU0.roa
File: ILWvRlruS76Jlmh_EarS7nOzCU0.roa (raw, json)
Hash identifier: c2CWDsAYLTn4/2QzreMTG5qQUFcuvcZ4QQNNHOVEtn0=
Subject key identifier: 20:B5:AF:46:5A:EE:4B:BE:89:96:68:7F:11:AA:D2:EE:73:B3:09:4D
Certificate issuer: /CN=f16b28416ddbf39fb24b0996686acface76c98d5
Certificate serial: 097EB8AF
Authority key identifier: F1:6B:28:41:6D:DB:F3:9F:B2:4B:09:96:68:6A:CF:AC:E7:6C:98:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8WsoQW3b85-ySwmWaGrPrOdsmNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/ILWvRlruS76Jlmh_EarS7nOzCU0.roa
Signing time: Sat 01 Jan 2022 06:03:06 +0000
ROA not before: Sat 01 Jan 2022 06:03:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209754
IP address blocks: 85.119.104.0/21 maxlen: 24
185.85.112.0/22 maxlen: 24
185.85.112.0/24 maxlen: 24
185.85.112.0/23 maxlen: 24
185.85.115.0/24 maxlen: 24
185.85.113.0/24 maxlen: 24
185.85.114.0/24 maxlen: 24
185.85.114.0/23 maxlen: 23
2a01:9780::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159299759 (0x97eb8af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f16b28416ddbf39fb24b0996686acface76c98d5
Validity
Not Before: Jan 1 06:03:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20b5af465aee4bbe8996687f11aad2ee73b3094d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:da:c8:19:73:8f:1a:8e:36:84:eb:0b:8b:2b:
59:cc:92:44:08:bd:2f:39:45:6f:d6:55:09:7c:a6:
fd:79:17:95:16:81:2d:d9:00:08:f4:fd:3f:72:05:
b2:7d:01:ee:6f:f6:9e:7a:f6:97:45:77:6a:e3:ac:
19:76:8b:14:e5:99:c6:72:54:c0:35:c4:02:49:69:
80:ea:bc:eb:6c:3f:b9:ed:50:be:2c:1b:4e:c9:f4:
ce:d4:7f:10:5d:b4:5b:fa:ee:24:d6:e6:94:09:38:
dd:f4:ce:6c:87:71:ca:0f:81:f7:9c:a2:1d:a9:12:
b5:c8:cf:88:ba:17:64:f1:02:87:20:92:d9:92:28:
9d:d4:06:e7:3f:7c:e8:c9:0f:a8:44:db:1c:26:79:
0c:ea:27:cc:04:4a:de:97:1f:c1:35:40:11:c5:0a:
fb:3b:7e:97:78:e5:d7:82:20:12:0e:ad:03:5d:75:
c7:2c:de:75:ec:a5:00:33:5e:5a:b9:c3:02:a9:7f:
e8:11:73:fb:1e:43:0c:ec:61:7b:9c:5c:b8:3f:ce:
11:b0:e9:52:6f:89:47:07:49:22:2e:06:2d:b8:b6:
99:ec:1d:19:5c:c0:92:b1:06:2e:e8:5c:23:1b:df:
cd:40:bb:e8:ea:99:3e:af:65:9f:8d:39:98:ac:75:
0c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:B5:AF:46:5A:EE:4B:BE:89:96:68:7F:11:AA:D2:EE:73:B3:09:4D
X509v3 Authority Key Identifier:
keyid:F1:6B:28:41:6D:DB:F3:9F:B2:4B:09:96:68:6A:CF:AC:E7:6C:98:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8WsoQW3b85-ySwmWaGrPrOdsmNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/ILWvRlruS76Jlmh_EarS7nOzCU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/8WsoQW3b85-ySwmWaGrPrOdsmNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.104.0/21
185.85.112.0/22
IPv6:
2a01:9780::/32
Signature Algorithm: sha256WithRSAEncryption
c2:9e:ab:1a:42:ca:f7:6d:98:b8:a7:6c:56:65:ff:a6:49:13:
5f:dc:b0:29:32:73:4c:0e:7d:6b:c6:fc:83:45:40:63:c3:ec:
64:63:29:c0:8e:7d:b0:9f:00:f1:83:72:04:c2:65:04:e6:98:
06:ea:37:6b:b2:15:e5:71:52:45:78:35:da:b9:e6:77:10:5e:
27:60:db:27:ef:59:e6:4d:06:ce:41:b7:9a:d0:aa:be:a0:2d:
04:34:a8:fc:1d:bb:19:84:64:72:60:b5:df:4f:1f:2f:08:90:
b3:df:0a:b2:29:83:60:00:63:55:7d:0a:30:0c:32:35:85:c1:
50:ec:5e:1e:68:72:0e:dc:9e:62:5f:45:11:8a:80:60:16:99:
37:eb:72:85:63:d8:79:18:a4:46:07:0c:e8:ac:64:9b:2b:31:
26:85:41:1e:38:4c:b0:39:88:34:c7:9b:5a:e5:24:75:33:e9:
3e:5b:b9:0b:b1:90:74:5f:3d:fb:5c:9f:42:7d:8e:4e:e3:b1:
2c:9b:9a:bf:f0:5d:dc:33:0b:62:a1:70:df:10:e3:d4:02:77:
2d:ea:7d:92:8e:6d:f7:15:aa:a0:20:a5:18:02:8e:47:86:ac:
64:90:0b:ef:c9:fb:d7:e1:0f:65:93:b6:0f:81:eb:83:ea:d4:
ee:a4:9c:33
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECX64rzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTZiMjg0MTZkZGJmMzlmYjI0YjA5OTY2ODZhY2ZhY2U3NmM5OGQ1MB4XDTIyMDEw
MTA2MDMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBiNWFmNDY1YWVl
NGJiZTg5OTY2ODdmMTFhYWQyZWU3M2IzMDk0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3ayBlzjxqONoTrC4srWcySRAi9LzlFb9ZVCXym/XkXlRaB
LdkACPT9P3IFsn0B7m/2nnr2l0V3auOsGXaLFOWZxnJUwDXEAklpgOq862w/ue1Q
viwbTsn0ztR/EF20W/ruJNbmlAk43fTObIdxyg+B95yiHakStcjPiLoXZPEChyCS
2ZIondQG5z986MkPqETbHCZ5DOonzARK3pcfwTVAEcUK+zt+l3jl14IgEg6tA111
xyzedeylADNeWrnDAql/6BFz+x5DDOxhe5xcuD/OEbDpUm+JRwdJIi4GLbi2mewd
GVzAkrEGLuhcIxvfzUC76OqZPq9ln405mKx1DH8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQgta9GWu5LvomWaH8RqtLuc7MJTTAfBgNVHSMEGDAWgBTxayhBbdvzn7JL
CZZoas+s52yY1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhXc29RVzNiODUteVN3bVdhR3JQck9kc21OVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvYjE2NWNhLTJmMzMtNGU4ZS1hODk2LWNkYWE1ODE1MThmMy8x
L0lMV3ZSbHJ1Uzc2SmxtaF9FYXJTN25PekNVMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
YjE2NWNhLTJmMzMtNGU4ZS1hODk2LWNkYWE1ODE1MThmMy8xLzhXc29RVzNiODUt
eVN3bVdhR3JQck9kc21OVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA1V3aAMEArlVcDANBAIAAjAHAwUA
KgGXgDANBgkqhkiG9w0BAQsFAAOCAQEAwp6rGkLK922YuKdsVmX/pkkTX9ywKTJz
TA59a8b8g0VAY8PsZGMpwI59sJ8A8YNyBMJlBOaYBuo3a7IV5XFSRXg12rnmdxBe
J2DbJ+9Z5k0GzkG3mtCqvqAtBDSo/B27GYRkcmC1308fLwiQs98KsimDYABjVX0K
MAwyNYXBUOxeHmhyDtyeYl9FEYqAYBaZN+tyhWPYeRikRgcM6KxkmysxJoVBHjhM
sDmINMebWuUkdTPpPlu5C7GQdF89+1yfQn2OTuOxLJuav/Bd3DMLYqFw3xDj1AJ3
Lep9ko5t9xWqoCClGAKOR4asZJAL78n71+EPZZO2D4Hrg+rU7qScMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:33 2024 by rpki-client on console-ams.rpki-client.org