Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/33dPncYrgfQRTqHqDh0D6rVv85k.roa
File: 33dPncYrgfQRTqHqDh0D6rVv85k.roa (raw, json)
Hash identifier: /WTW3UcFSEx9x9sug3Jlye63E35YhqMP4HYSBDI73CM=
Subject key identifier: DF:77:4F:9D:C6:2B:81:F4:11:4E:A1:EA:0E:1D:03:EA:B5:6F:F3:99
Certificate issuer: /CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Certificate serial: 018844C163F4AB8B13743CC309D53A44CAE6
Authority key identifier: 7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/33dPncYrgfQRTqHqDh0D6rVv85k.roa
Signing time: Mon 22 May 2023 18:38:24 +0000
ROA not before: Mon 22 May 2023 18:38:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20722
IP address blocks: 85.204.44.0/24 maxlen: 24
194.102.188.0/24 maxlen: 24
185.88.130.0/23 maxlen: 23
185.88.131.0/24 maxlen: 24
185.88.128.0/22 maxlen: 22
185.88.129.0/24 maxlen: 24
85.204.56.0/21 maxlen: 21
85.204.56.0/24 maxlen: 24
85.204.57.0/24 maxlen: 24
85.204.58.0/24 maxlen: 24
85.204.59.0/24 maxlen: 24
85.204.60.0/24 maxlen: 24
85.204.61.0/24 maxlen: 24
85.204.62.0/24 maxlen: 24
85.204.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:44:c1:63:f4:ab:8b:13:74:3c:c3:09:d5:3a:44:ca:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Validity
Not Before: May 22 18:38:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df774f9dc62b81f4114ea1ea0e1d03eab56ff399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:dd:12:db:a3:fa:5e:50:e0:e0:41:61:72:14:
5e:28:fb:26:9e:40:60:e1:3d:0e:4d:0f:05:b7:61:
64:a4:f4:19:4b:a7:8f:8b:a2:66:e6:96:13:13:d1:
d6:73:20:52:dc:ec:bc:d8:37:1a:92:46:c9:bf:37:
1f:50:81:a2:48:57:9d:a8:14:89:3b:1b:3f:89:3c:
0a:a8:af:d1:d0:2d:25:51:1d:48:4e:a6:c4:69:a3:
b9:08:e8:1a:0b:65:f0:e8:1e:73:df:f0:aa:40:d6:
66:7a:cf:be:e5:be:aa:7d:b4:fb:52:f1:c8:f5:29:
ac:90:b0:7e:5b:94:7d:05:ad:13:d2:7a:ac:fa:78:
64:c5:fb:be:e0:04:01:36:3e:58:79:cc:41:a2:65:
f6:44:6e:4f:f3:5d:02:4e:8c:d8:dc:ee:15:b9:ad:
fb:45:30:67:d2:f8:db:a5:b6:2f:51:f8:bf:e9:4c:
38:bb:74:13:d5:f0:eb:d8:18:a5:20:b0:ef:fb:be:
ce:e3:20:61:d6:48:fd:89:3d:1e:a9:c7:23:bb:64:
ee:2f:2a:71:c4:34:05:63:92:96:4e:23:04:92:0a:
a2:f5:b2:48:b6:5a:98:3e:db:f2:26:0f:6f:d4:94:
5e:d2:7c:15:5f:56:37:b0:b1:13:5b:c6:0d:27:de:
e5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:77:4F:9D:C6:2B:81:F4:11:4E:A1:EA:0E:1D:03:EA:B5:6F:F3:99
X509v3 Authority Key Identifier:
keyid:7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/33dPncYrgfQRTqHqDh0D6rVv85k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.44.0/24
85.204.56.0/21
185.88.128.0/22
194.102.188.0/24
Signature Algorithm: sha256WithRSAEncryption
87:8e:79:38:fe:dd:03:12:a4:3d:2b:be:0e:42:40:db:37:09:
97:be:b4:7a:83:35:df:b3:20:72:2f:1b:16:61:c2:90:14:42:
07:35:5b:22:11:48:6f:2b:ba:39:de:23:e0:3f:bd:3a:a3:a6:
6c:d3:a2:c3:6b:28:cb:ae:ac:25:88:d4:5d:29:db:04:e4:b8:
24:14:bd:85:0f:25:03:a4:92:8a:4e:19:12:5c:bb:41:3f:1c:
68:17:08:43:7b:5b:56:4c:24:8d:b2:5a:44:23:ad:f4:fc:79:
1c:03:b4:eb:e6:71:87:16:ff:73:2e:00:f9:ba:c3:9e:b8:6d:
89:7e:87:bd:1f:59:cf:91:db:13:a7:3c:ca:a2:d7:3b:3b:fd:
1b:a7:1d:b0:a1:c0:67:68:60:29:12:8b:0d:e4:81:cb:fd:82:
fa:cb:4c:4f:0a:00:b7:4a:40:1b:84:8d:66:7a:3f:d2:07:4f:
25:20:7a:6d:af:58:b3:54:d0:87:21:7e:06:65:e1:89:35:b2:
fb:cf:36:1d:5d:7e:ab:65:2d:26:60:9a:ed:46:4d:c6:eb:26:
7c:be:62:24:eb:59:47:ef:2c:b6:6d:a7:6e:fd:fc:f1:26:0c:
6e:22:22:c6:8f:0a:68:69:8f:8f:ef:32:b9:41:e9:20:a5:64:
e5:f9:b0:30
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhEwWP0q4sTdDzDCdU6RMrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZWYwNjllN2UzZWQ1YmY3MGY2ODJjZTQwYzU4MTBmZjNl
NWUzNzgwHhcNMjMwNTIyMTgzODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjc3NGY5ZGM2MmI4MWY0MTE0ZWExZWEwZTFkMDNlYWI1NmZmMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt90S26P6XlDg4EFhchReKPsmnkBg
4T0OTQ8Ft2FkpPQZS6ePi6Jm5pYTE9HWcyBS3Oy82DcakkbJvzcfUIGiSFedqBSJ
Oxs/iTwKqK/R0C0lUR1ITqbEaaO5COgaC2Xw6B5z3/CqQNZmes++5b6qfbT7UvHI
9SmskLB+W5R9Ba0T0nqs+nhkxfu+4AQBNj5YecxBomX2RG5P810CTozY3O4Vua37
RTBn0vjbpbYvUfi/6Uw4u3QT1fDr2BilILDv+77O4yBh1kj9iT0eqccju2TuLypx
xDQFY5KWTiMEkgqi9bJItlqYPtvyJg9v1JRe0nwVX1Y3sLETW8YNJ97lKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN93T53GK4H0EU6h6g4dA+q1b/OZMB8GA1UdIwQY
MBaAFHrvBp5+PtW/cPaCzkDFgQ/z5eN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmIt
OTAwMDM0ZjAwZDllLzEvMzNkUG5jWXJnZlFSVHFIcURoMEQ2clZ2ODVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmItOTAwMDM0ZjAwZDll
LzEvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVcwsAwQD
Vcw4AwQCuViAAwQAwma8MA0GCSqGSIb3DQEBCwUAA4IBAQCHjnk4/t0DEqQ9K74O
QkDbNwmXvrR6gzXfsyByLxsWYcKQFEIHNVsiEUhvK7o53iPgP706o6Zs06LDayjL
rqwliNRdKdsE5LgkFL2FDyUDpJKKThkSXLtBPxxoFwhDe1tWTCSNslpEI630/Hkc
A7Tr5nGHFv9zLgD5usOeuG2Jfoe9H1nPkdsTpzzKotc7O/0bpx2wocBnaGApEosN
5IHL/YL6y0xPCgC3SkAbhI1mej/SB08lIHptr1izVNCHIX4GZeGJNbL7zzYdXX6r
ZS0mYJrtRk3G6yZ8vmIk61lH7yy2badu/fzxJgxuIiLGjwpoaY+P7zK5QekgpWTl
+bAw
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:53:41 2025 by rpki-client