Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/8Ss_KpTlNsgKe5YF12MUccz7xUY.roa
File: 8Ss_KpTlNsgKe5YF12MUccz7xUY.roa (raw, json)
Hash identifier: X/WTeJ8z5OqxZ0erXaoZVDbJJl/ESfyGU/Gtjsk2tqw=
Subject key identifier: F1:2B:3F:2A:94:E5:36:C8:0A:7B:96:05:D7:63:14:71:CC:FB:C5:46
Certificate issuer: /CN=78fb099aa43081ac8395ee0b90ccf1a8844f8d64
Certificate serial: 01856BA59225047FF10F5745BD4E7A5CC5F6
Authority key identifier: 78:FB:09:9A:A4:30:81:AC:83:95:EE:0B:90:CC:F1:A8:84:4F:8D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePsJmqQwgayDle4LkMzxqIRPjWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/8Ss_KpTlNsgKe5YF12MUccz7xUY.roa
Signing time: Sun 01 Jan 2023 04:44:51 +0000
ROA not before: Sun 01 Jan 2023 04:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47605
IP address blocks: 85.194.194.0/23 maxlen: 23
85.194.220.0/22 maxlen: 22
87.236.152.0/21 maxlen: 21
85.194.234.0/23 maxlen: 23
185.38.0.0/22 maxlen: 22
80.208.240.0/21 maxlen: 21
2a00:1d50:3::/48 maxlen: 48
2a00:1d50::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:a5:92:25:04:7f:f1:0f:57:45:bd:4e:7a:5c:c5:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78fb099aa43081ac8395ee0b90ccf1a8844f8d64
Validity
Not Before: Jan 1 04:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f12b3f2a94e536c80a7b9605d7631471ccfbc546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:12:0d:d8:4c:d7:e8:ea:5d:aa:99:0f:7d:88:
23:3e:23:1d:7b:64:f3:c8:a0:3b:79:03:e1:4a:df:
92:2d:a6:e2:b2:89:29:c7:e7:74:a0:f8:96:80:86:
d1:2d:ed:d0:dd:94:ab:22:02:02:bb:d2:33:b7:12:
97:18:3e:b6:e0:c8:ea:0c:6f:43:fa:03:fb:61:38:
00:af:e4:11:e8:a2:25:bf:d9:1c:d4:4c:6e:1c:5a:
35:89:14:e5:81:09:a9:84:00:77:66:5f:a8:e8:de:
1c:fb:8d:2e:d3:15:d1:88:af:2a:28:92:4e:a6:3d:
29:80:5c:b8:8b:b6:7f:39:58:4a:40:30:8e:4a:62:
5c:07:7c:7d:ee:d4:ab:df:be:c1:71:eb:13:a0:9c:
06:e8:4d:85:86:80:73:87:41:4c:24:54:b9:d4:32:
34:ba:ed:3f:e5:a3:c2:c6:5f:1a:0f:f0:b6:54:4a:
74:db:98:c1:df:67:b7:6b:d9:b8:ed:03:21:4d:0a:
90:57:e2:f8:25:8d:ef:11:1b:3f:ce:f2:22:a3:d2:
97:df:35:26:e9:65:5d:b1:69:db:98:ad:b8:3b:4c:
2c:62:17:c8:67:4a:ed:79:10:b1:61:1c:f4:1a:0a:
3c:c6:8b:86:07:b2:c0:09:f4:ec:90:4f:78:1c:df:
18:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2B:3F:2A:94:E5:36:C8:0A:7B:96:05:D7:63:14:71:CC:FB:C5:46
X509v3 Authority Key Identifier:
keyid:78:FB:09:9A:A4:30:81:AC:83:95:EE:0B:90:CC:F1:A8:84:4F:8D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePsJmqQwgayDle4LkMzxqIRPjWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/8Ss_KpTlNsgKe5YF12MUccz7xUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cd17fe-e44a-4b98-9f1c-2d8a8d9669f8/1/ePsJmqQwgayDle4LkMzxqIRPjWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.208.240.0/21
85.194.194.0/23
85.194.220.0/22
85.194.234.0/23
87.236.152.0/21
185.38.0.0/22
IPv6:
2a00:1d50::/32
Signature Algorithm: sha256WithRSAEncryption
38:fd:45:1a:37:48:a8:2a:75:61:e1:1a:06:13:22:a6:19:c5:
d3:ad:d3:d8:02:85:a7:cc:d6:4e:08:30:da:04:23:df:9c:a6:
06:ea:88:83:03:2a:8b:5e:f5:5b:bc:18:7e:91:d0:1b:c3:d6:
38:84:5b:05:89:e4:38:1a:e8:60:ce:0f:12:88:74:f9:6f:c5:
a4:b7:35:07:e9:c0:4a:22:37:15:2c:84:02:94:f2:4c:62:6f:
25:5b:91:ec:af:3f:f8:da:6d:b3:8a:0a:20:43:fd:bc:d1:25:
6c:60:c8:f2:4f:62:3d:09:9b:99:6c:0f:0e:d8:46:ba:8a:d4:
30:ed:21:cb:54:1e:a1:0f:e4:6a:fd:0f:0b:b5:1c:e7:78:a7:
8b:c0:7e:db:76:8b:c1:fb:73:7f:0d:eb:a8:f5:90:e6:f6:88:
28:c7:06:d6:02:43:09:18:ed:05:8e:20:e7:d1:7a:70:60:1e:
09:c1:15:f3:fb:95:e1:c8:73:be:90:1a:a7:af:93:d7:84:35:
17:1a:58:83:73:a9:69:f0:9b:8c:61:0a:71:cb:f1:8d:e6:92:
7d:02:67:76:bf:81:47:a4:10:83:e5:2f:53:fa:74:ba:1f:36:
d7:6c:fb:bf:d0:00:0d:93:29:03:a7:7e:ac:e4:4e:43:3d:11:
e4:a6:cf:6d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVrpZIlBH/xD1dFvU56XMX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZmIwOTlhYTQzMDgxYWM4Mzk1ZWUwYjkwY2NmMWE4ODQ0
ZjhkNjQwHhcNMjMwMTAxMDQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTJiM2YyYTk0ZTUzNmM4MGE3Yjk2MDVkNzYzMTQ3MWNjZmJjNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihIN2EzX6OpdqpkPfYgjPiMde2Tz
yKA7eQPhSt+SLabisokpx+d0oPiWgIbRLe3Q3ZSrIgICu9IztxKXGD624MjqDG9D
+gP7YTgAr+QR6KIlv9kc1ExuHFo1iRTlgQmphAB3Zl+o6N4c+40u0xXRiK8qKJJO
pj0pgFy4i7Z/OVhKQDCOSmJcB3x97tSr377BcesToJwG6E2FhoBzh0FMJFS51DI0
uu0/5aPCxl8aD/C2VEp025jB32e3a9m47QMhTQqQV+L4JY3vERs/zvIio9KX3zUm
6WVdsWnbmK24O0wsYhfIZ0rteRCxYRz0Ggo8xouGB7LACfTskE94HN8YFwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPErPyqU5TbICnuWBddjFHHM+8VGMB8GA1UdIwQY
MBaAFHj7CZqkMIGsg5XuC5DM8aiET41kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVBzSm1xUXdnYXlEbGU0TGtNenhxSVJQaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9jZDE3ZmUtZTQ0YS00Yjk4LTlmMWMt
MmQ4YThkOTY2OWY4LzEvOFNzX0twVGxOc2dLZTVZRjEyTVVjY3o3eFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9jZDE3ZmUtZTQ0YS00Yjk4LTlmMWMtMmQ4YThkOTY2OWY4
LzEvZVBzSm1xUXdnYXlEbGU0TGtNenhxSVJQaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDUNDwAwQB
VcLCAwQCVcLcAwQBVcLqAwQDV+yYAwQCuSYAMA0EAgACMAcDBQAqAB1QMA0GCSqG
SIb3DQEBCwUAA4IBAQA4/UUaN0ioKnVh4RoGEyKmGcXTrdPYAoWnzNZOCDDaBCPf
nKYG6oiDAyqLXvVbvBh+kdAbw9Y4hFsFieQ4Guhgzg8SiHT5b8WktzUH6cBKIjcV
LIQClPJMYm8lW5Hsrz/42m2zigogQ/280SVsYMjyT2I9CZuZbA8O2Ea6itQw7SHL
VB6hD+Rq/Q8LtRzneKeLwH7bdovB+3N/Deuo9ZDm9ogoxwbWAkMJGO0FjiDn0Xpw
YB4JwRXz+5XhyHO+kBqnr5PXhDUXGliDc6lp8JuMYQpxy/GN5pJ9Amd2v4FHpBCD
5S9T+nS6HzbXbPu/0AANkykDp36s5E5DPRHkps9t
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:53 2025 by rpki-client