Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/hXltkbf2Xik9fAuXkoQJLLpaRSE.roa
File: hXltkbf2Xik9fAuXkoQJLLpaRSE.roa (raw, json)
Hash identifier: GojM47+SL5pxYlRZqT1h6BA4FWw3jooGuq5IjRCZpbE=
Subject key identifier: 85:79:6D:91:B7:F6:5E:29:3D:7C:0B:97:92:84:09:2C:BA:5A:45:21
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 34205EAD
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/hXltkbf2Xik9fAuXkoQJLLpaRSE.roa
Signing time: Sat 01 Jan 2022 09:03:11 +0000
ROA not before: Sat 01 Jan 2022 09:03:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29345
IP address blocks: 85.254.193.0/24 maxlen: 24
91.240.246.0/23 maxlen: 23
2a02:501::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 874536621 (0x34205ead)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 1 09:03:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85796d91b7f65e293d7c0b979284092cba5a4521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6b:10:bd:85:64:b5:47:9d:5d:99:d0:70:f4:
f0:60:05:f2:18:7c:4d:c7:4c:14:02:40:84:2c:a8:
eb:79:f3:16:bd:b7:a7:97:bf:e4:56:b4:a1:99:a1:
c3:1d:5b:28:eb:db:70:6c:cb:d8:1a:c4:7b:6d:04:
ea:fb:38:88:1e:a6:08:0d:fe:44:a3:18:20:87:af:
3f:b1:bd:f9:92:b8:24:00:c7:ae:2c:a2:fd:1f:14:
61:42:9a:64:a9:4e:f1:dc:bf:11:3d:f0:dc:1b:c2:
47:3d:59:57:86:a0:cb:ca:1f:49:17:45:ea:ea:cc:
fb:a0:ba:5d:93:43:cb:88:ed:37:69:4c:e4:d7:3a:
c3:51:f2:6d:fb:eb:50:2e:9d:b2:71:18:1f:70:cf:
36:8e:4c:43:e2:fb:ef:02:b5:37:ad:56:c2:92:94:
dd:b8:d2:66:e3:ed:ee:60:44:81:09:fd:6b:10:25:
e4:5d:55:6c:6e:96:41:70:07:50:4c:07:f5:12:91:
7c:21:63:0e:ff:a4:1c:6a:cd:83:74:ff:fa:ea:f3:
30:58:5a:49:35:54:ba:1f:e0:37:7e:8a:54:d8:bb:
e4:d9:07:77:6c:01:c7:cc:b8:7e:76:c4:e4:19:c3:
a0:86:98:10:d7:86:58:62:a4:a9:7a:11:ff:e1:40:
b9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:79:6D:91:B7:F6:5E:29:3D:7C:0B:97:92:84:09:2C:BA:5A:45:21
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/hXltkbf2Xik9fAuXkoQJLLpaRSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.193.0/24
91.240.246.0/23
IPv6:
2a02:501::/32
Signature Algorithm: sha256WithRSAEncryption
a6:b8:19:3b:a2:c4:d3:99:ab:01:a3:6b:1d:56:1b:89:db:79:
6b:fc:2b:1b:74:5d:f9:1a:c0:0a:87:a2:20:65:78:9c:1e:93:
eb:06:7e:ab:04:e2:92:de:58:0a:90:c1:33:64:55:3b:c8:1d:
87:5d:c2:0f:bb:1a:4a:d2:8d:0c:0e:d9:14:d7:3a:89:2f:f4:
a7:6e:c2:c8:cf:15:d2:75:65:98:f8:f4:97:05:05:1b:ce:d6:
6b:df:3d:23:79:33:a9:b7:56:0e:c9:49:7c:3a:6b:dc:a5:b6:
e7:e0:8d:c2:33:a5:d9:58:88:b2:8c:36:a7:18:c9:2f:4b:3c:
36:81:e4:94:0c:cf:d9:c5:f5:27:56:a4:18:84:da:57:c7:44:
c5:9a:7c:ef:06:62:9e:7a:27:56:78:0d:32:c2:66:bb:51:7b:
5f:13:78:4f:69:45:27:a4:44:46:56:52:e6:9e:67:6d:38:a7:
6f:33:11:83:ec:c3:5e:ad:5a:8c:44:06:4e:a6:9e:8e:80:1c:
29:9e:2f:3b:4a:48:56:bd:ca:b5:14:d3:13:05:71:65:e8:27:
62:12:11:85:5b:0d:19:ac:22:48:63:2b:51:6f:11:ac:be:eb:
77:9b:a9:ec:de:12:7a:0c:7c:fd:fb:11:3b:b2:14:fb:f8:14:
c5:47:4e:51
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENCBerTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjBiMjRhNzQwZjJlNjE2MzIwNTBhZGMxNDZjMWVlNmEzZTY4NmM1MB4XDTIyMDEw
MTA5MDMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU3OTZkOTFiN2Y2
NWUyOTNkN2MwYjk3OTI4NDA5MmNiYTVhNDUyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIVrEL2FZLVHnV2Z0HD08GAF8hh8TcdMFAJAhCyo63nzFr23
p5e/5Fa0oZmhwx1bKOvbcGzL2BrEe20E6vs4iB6mCA3+RKMYIIevP7G9+ZK4JADH
riyi/R8UYUKaZKlO8dy/ET3w3BvCRz1ZV4agy8ofSRdF6urM+6C6XZNDy4jtN2lM
5Nc6w1HybfvrUC6dsnEYH3DPNo5MQ+L77wK1N61WwpKU3bjSZuPt7mBEgQn9axAl
5F1VbG6WQXAHUEwH9RKRfCFjDv+kHGrNg3T/+urzMFhaSTVUuh/gN36KVNi75NkH
d2wBx8y4fnbE5BnDoIaYENeGWGKkqXoR/+FAuY8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSFeW2Rt/ZeKT18C5eShAksulpFITAfBgNVHSMEGDAWgBQyCySnQPLmFjIF
CtwUbB7mo+aGxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01nc2twMER5NWhZeUJRcmNGR3dlNXFQbWhzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvOWMyN2U0LWQ3YjEtNDNjMS1hMzhmLTk0OTE0ZjVkZGIzYy8x
L2hYbHRrYmYyWGlrOWZBdVhrb1FKTExwYVJTRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
OWMyN2U0LWQ3YjEtNDNjMS1hMzhmLTk0OTE0ZjVkZGIzYy8xL01nc2twMER5NWhZ
eUJRcmNGR3dlNXFQbWhzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFX+wQMEAVvw9jANBAIAAjAHAwUA
KgIFATANBgkqhkiG9w0BAQsFAAOCAQEAprgZO6LE05mrAaNrHVYbidt5a/wrG3Rd
+RrACoeiIGV4nB6T6wZ+qwTikt5YCpDBM2RVO8gdh13CD7saStKNDA7ZFNc6iS/0
p27CyM8V0nVlmPj0lwUFG87Wa989I3kzqbdWDslJfDpr3KW25+CNwjOl2ViIsow2
pxjJL0s8NoHklAzP2cX1J1akGITaV8dExZp87wZinnonVngNMsJmu1F7XxN4T2lF
J6RERlZS5p5nbTinbzMRg+zDXq1ajEQGTqaejoAcKZ4vO0pIVr3KtRTTEwVxZegn
YhIRhVsNGawiSGMrUW8RrL7rd5up7N4Segx8/fsRO7IU+/gUxUdOUQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:53 2025 by rpki-client