Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/EP16lKOUXfTaQff_t5qFsyQhWDQ.roa
File: EP16lKOUXfTaQff_t5qFsyQhWDQ.roa (raw, json)
Hash identifier: YftIIjH3+mjhz94Wl3DsDYMf1FdSPps3ti7zJ9Eszzo=
Subject key identifier: 10:FD:7A:94:A3:94:5D:F4:DA:41:F7:FF:B7:9A:85:B3:24:21:58:34
Certificate issuer: /CN=eadf80048d2032ec224364a773fe81d23fa914e0
Certificate serial: 08BD196D
Authority key identifier: EA:DF:80:04:8D:20:32:EC:22:43:64:A7:73:FE:81:D2:3F:A9:14:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6t-ABI0gMuwiQ2Snc_6B0j-pFOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/EP16lKOUXfTaQff_t5qFsyQhWDQ.roa
Signing time: Sat 01 Jan 2022 06:01:18 +0000
ROA not before: Sat 01 Jan 2022 06:01:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209825
IP address blocks: 85.209.44.0/24 maxlen: 24
85.209.44.0/22 maxlen: 22
85.209.47.0/24 maxlen: 24
85.209.45.0/24 maxlen: 24
85.209.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146610541 (0x8bd196d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eadf80048d2032ec224364a773fe81d23fa914e0
Validity
Not Before: Jan 1 06:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10fd7a94a3945df4da41f7ffb79a85b324215834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ff:d5:89:e1:00:cb:43:37:34:34:f2:d9:78:
e6:87:11:a2:10:a7:d3:c9:d3:cb:bc:73:53:9f:e2:
af:08:ce:07:f2:29:75:10:75:5c:28:9f:ad:77:b0:
5a:c2:24:1e:8d:cf:93:af:b5:d8:78:6b:ca:4a:e3:
38:8d:c3:1b:1e:79:ea:0f:d2:ee:e4:48:ff:83:58:
88:20:60:e3:f8:98:5a:8f:60:fa:5d:42:05:7a:aa:
c3:a4:78:6a:1e:70:28:35:72:ae:a6:92:68:3a:ef:
7e:40:13:f4:f7:f3:03:6b:8e:fb:07:28:69:19:67:
28:d1:2d:c3:80:22:90:94:0a:02:74:92:8c:94:b6:
aa:58:f3:21:4c:41:ba:a1:51:bd:05:89:3a:9d:c0:
33:51:ba:93:b1:af:5d:22:e8:fc:3c:2d:67:5d:6e:
8d:b1:2c:72:f0:6d:16:aa:f2:2c:ed:6c:21:b1:f2:
f0:94:b6:92:5b:1c:05:88:81:ca:62:22:f6:7d:c1:
1e:4a:ce:73:57:e6:0f:ca:4a:e0:ec:dd:a4:05:05:
3f:5a:7e:f5:8f:7b:91:a7:30:23:86:15:7c:43:f5:
cc:21:26:e9:0d:54:bd:50:6d:e4:b9:ca:b1:72:59:
86:bb:b4:4b:5e:9c:1f:24:f0:c8:7e:57:15:cf:ad:
bc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FD:7A:94:A3:94:5D:F4:DA:41:F7:FF:B7:9A:85:B3:24:21:58:34
X509v3 Authority Key Identifier:
keyid:EA:DF:80:04:8D:20:32:EC:22:43:64:A7:73:FE:81:D2:3F:A9:14:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6t-ABI0gMuwiQ2Snc_6B0j-pFOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/EP16lKOUXfTaQff_t5qFsyQhWDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/5da8c2-cfd5-4853-9831-fbb1348a8620/1/6t-ABI0gMuwiQ2Snc_6B0j-pFOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.44.0/22
Signature Algorithm: sha256WithRSAEncryption
27:7b:5e:7f:ba:9b:66:80:c9:8c:31:83:7e:21:55:20:95:54:
01:b5:75:46:c1:2f:67:08:cc:9e:67:94:9e:75:03:ef:71:35:
aa:47:25:92:3d:e5:5e:e3:f0:b0:bb:7a:cd:a0:a2:66:b6:85:
0d:f5:1a:66:04:13:42:38:0e:a5:08:92:ea:e9:23:30:49:4f:
78:57:91:b5:f3:ba:22:20:95:94:4b:a7:7a:c2:91:70:ac:97:
92:41:37:6c:77:49:78:16:20:81:7d:46:4e:29:3c:ba:50:fc:
ae:03:b7:78:cb:53:a5:80:d5:a5:0d:94:43:64:0e:b6:26:10:
90:26:f2:ef:22:18:4f:a0:5e:2e:90:b7:a7:cb:e7:3c:01:c1:
cb:1e:05:e7:4c:87:4b:c8:1e:72:f8:88:d0:8a:75:ff:4b:e3:
b5:6f:88:93:53:6b:da:38:9f:24:44:96:95:19:fc:37:74:55:
3f:46:22:5e:50:2b:74:40:41:e9:2f:34:0a:99:27:5b:67:e0:
0e:00:73:39:0e:2b:54:e5:18:eb:b3:f1:5c:3e:64:e2:1a:b6:
cb:02:a4:bf:f5:34:d4:a8:2c:82:c7:9a:f6:5c:5c:67:c7:3e:
8a:15:ec:a1:33:8e:53:0a:23:97:cd:3e:62:27:ea:d1:8a:70:
2d:06:51:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECL0ZbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWRmODAwNDhkMjAzMmVjMjI0MzY0YTc3M2ZlODFkMjNmYTkxNGUwMB4XDTIyMDEw
MTA2MDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTBmZDdhOTRhMzk0
NWRmNGRhNDFmN2ZmYjc5YTg1YjMyNDIxNTgzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMr/1YnhAMtDNzQ08tl45ocRohCn08nTy7xzU5/irwjOB/Ip
dRB1XCifrXewWsIkHo3Pk6+12HhrykrjOI3DGx556g/S7uRI/4NYiCBg4/iYWo9g
+l1CBXqqw6R4ah5wKDVyrqaSaDrvfkAT9PfzA2uO+wcoaRlnKNEtw4AikJQKAnSS
jJS2qljzIUxBuqFRvQWJOp3AM1G6k7GvXSLo/DwtZ11ujbEscvBtFqryLO1sIbHy
8JS2klscBYiBymIi9n3BHkrOc1fmD8pK4OzdpAUFP1p+9Y97kacwI4YVfEP1zCEm
6Q1UvVBt5LnKsXJZhru0S16cHyTwyH5XFc+tvJMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQQ/XqUo5Rd9NpB9/+3moWzJCFYNDAfBgNVHSMEGDAWgBTq34AEjSAy7CJD
ZKdz/oHSP6kU4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZ0LUFCSTBnTXV3aVEyU25jXzZCMGotcEZPQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvNWRhOGMyLWNmZDUtNDg1My05ODMxLWZiYjEzNDhhODYyMC8x
L0VQMTZsS09VWGZUYVFmZl90NXFGc3lRaFdEUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
NWRhOGMyLWNmZDUtNDg1My05ODMxLWZiYjEzNDhhODYyMC8xLzZ0LUFCSTBnTXV3
aVEyU25jXzZCMGotcEZPQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXRLDANBgkqhkiG9w0BAQsFAAOC
AQEAJ3tef7qbZoDJjDGDfiFVIJVUAbV1RsEvZwjMnmeUnnUD73E1qkclkj3lXuPw
sLt6zaCiZraFDfUaZgQTQjgOpQiS6ukjMElPeFeRtfO6IiCVlEunesKRcKyXkkE3
bHdJeBYggX1GTik8ulD8rgO3eMtTpYDVpQ2UQ2QOtiYQkCby7yIYT6BeLpC3p8vn
PAHByx4F50yHS8gecviI0Ip1/0vjtW+Ik1Nr2jifJESWlRn8N3RVP0YiXlArdEBB
6S80CpknW2fgDgBzOQ4rVOUY67PxXD5k4hq2ywKkv/U01Kgsgsea9lxcZ8c+ihXs
oTOOUwojl80+Yifq0YpwLQZRYw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:10 2025 by rpki-client