Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/BeYK1CqemN1zYVqZo9PrqqJV1aU.roa
File: BeYK1CqemN1zYVqZo9PrqqJV1aU.roa (raw, json)
Hash identifier: 54C52S9lo0eqVT7matgDz8+n8Jy08WKCWO8hH6TISdI=
Subject key identifier: 05:E6:0A:D4:2A:9E:98:DD:73:61:5A:99:A3:D3:EB:AA:A2:55:D5:A5
Certificate issuer: /CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Certificate serial: 018C83EDEB5DB5FC97C3C37D97709D5B13E8
Authority key identifier: EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/BeYK1CqemN1zYVqZo9PrqqJV1aU.roa
Signing time: Tue 19 Dec 2023 21:14:16 +0000
ROA not before: Tue 19 Dec 2023 21:14:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207167
IP address blocks: 85.209.28.0/22 maxlen: 22
185.234.132.0/22 maxlen: 22
185.179.33.0/24 maxlen: 24
185.179.32.0/24 maxlen: 24
185.59.144.0/22 maxlen: 22
2a0a:7780::/29 maxlen: 29
2a02:6c20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:83:ed:eb:5d:b5:fc:97:c3:c3:7d:97:70:9d:5b:13:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Validity
Not Before: Dec 19 21:14:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05e60ad42a9e98dd73615a99a3d3ebaaa255d5a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:5e:0a:39:42:5a:09:89:d8:30:b1:08:7d:
db:1f:24:9b:90:cc:88:a1:23:b3:2a:f4:2d:95:55:
b7:45:0c:2c:cf:3a:dc:f9:19:5b:c5:95:ac:65:de:
e1:5b:f3:da:f9:5f:43:b8:be:11:f4:ea:79:d9:c4:
34:e7:25:af:18:64:19:9b:97:a7:13:0c:eb:dd:84:
00:15:f5:63:02:64:95:b5:ff:68:41:46:ad:6e:4c:
f7:02:9e:8d:dd:1a:38:19:91:77:b8:87:ff:c2:a8:
ca:da:f7:ef:62:3e:fe:64:da:0c:30:0d:f0:2e:dc:
36:8d:4f:0d:78:f5:34:be:4f:a9:aa:24:5d:b6:0b:
01:8d:2e:cf:55:35:50:40:97:a9:31:56:33:89:db:
90:45:ee:e9:a4:d9:16:9f:3e:2b:c6:01:f6:96:1a:
cb:da:1e:80:54:af:fb:14:86:d9:77:30:91:8c:76:
91:25:c8:52:6c:55:11:ec:ef:15:6d:40:b4:c0:3c:
6e:1e:85:c7:13:43:33:a0:e2:20:b4:00:6c:49:f1:
18:3b:f5:92:09:94:5a:97:a6:df:dc:d6:3b:ab:fc:
ca:0e:22:59:e7:57:6d:5b:1e:7c:7b:b6:98:4c:b4:
0d:99:7d:0a:39:37:2f:05:f0:b1:b9:91:34:4f:75:
be:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E6:0A:D4:2A:9E:98:DD:73:61:5A:99:A3:D3:EB:AA:A2:55:D5:A5
X509v3 Authority Key Identifier:
keyid:EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/BeYK1CqemN1zYVqZo9PrqqJV1aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/7rWbeRx6EdIyqVx-8WkoXK6mlbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.28.0/22
185.59.144.0/22
185.179.32.0/23
185.234.132.0/22
IPv6:
2a02:6c20::/32
2a0a:7780::/29
Signature Algorithm: sha256WithRSAEncryption
54:d9:16:32:a1:52:3e:23:2e:17:50:70:85:c8:df:bd:3f:12:
17:41:a7:3e:c4:61:e6:9d:a7:65:d9:c9:51:72:5d:53:6a:ed:
d8:e8:bf:88:55:59:0c:55:39:78:c8:66:9e:1f:39:d9:a0:6b:
fb:10:9b:a5:17:4c:15:8e:61:da:38:86:3a:e5:5f:d0:7a:4b:
ab:11:5b:57:5f:28:3e:90:89:fb:2e:19:59:de:8e:0b:ac:0a:
a8:ef:f0:3c:f9:84:8f:4c:73:be:e0:d7:51:88:7f:b1:ec:7c:
19:e9:ba:45:2a:ca:22:d2:30:df:c8:14:25:69:32:38:94:90:
df:cb:31:f2:ad:3f:91:86:d7:ee:6c:e4:81:0c:8b:a4:21:dd:
04:bf:91:59:b6:87:0a:ad:5d:ab:84:b0:4f:ec:a6:15:7b:70:
05:9c:78:46:27:9a:80:36:65:9d:95:9f:21:d8:84:31:3d:0a:
2d:83:1a:bd:39:c6:33:1c:94:8c:71:60:e2:80:d8:f8:6e:29:
1d:64:44:0a:7a:9e:3e:b6:82:8d:52:d9:12:fa:90:f6:cb:1b:
a0:19:bb:12:ce:66:14:0d:6b:b1:fb:6a:b1:38:fb:55:cd:87:
a1:37:53:ba:fc:ef:bd:ce:af:cf:ad:41:51:e3:5a:bb:aa:a0:
64:47:67:35
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYyD7etdtfyXw8N9l3CdWxPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYjU5Yjc5MWM3YTExZDIzMmE5NWM3ZWYxNjkyODVjYWVh
Njk1YmMwHhcNMjMxMjE5MjExNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWU2MGFkNDJhOWU5OGRkNzM2MTVhOTlhM2QzZWJhYWEyNTVkNWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtExeCjlCWgmJ2DCxCH3bHySbkMyI
oSOzKvQtlVW3RQwszzrc+RlbxZWsZd7hW/Pa+V9DuL4R9Op52cQ05yWvGGQZm5en
Ewzr3YQAFfVjAmSVtf9oQUatbkz3Ap6N3Ro4GZF3uIf/wqjK2vfvYj7+ZNoMMA3w
Ltw2jU8NePU0vk+pqiRdtgsBjS7PVTVQQJepMVYziduQRe7ppNkWnz4rxgH2lhrL
2h6AVK/7FIbZdzCRjHaRJchSbFUR7O8VbUC0wDxuHoXHE0MzoOIgtABsSfEYO/WS
CZRal6bf3NY7q/zKDiJZ51dtWx58e7aYTLQNmX0KOTcvBfCxuZE0T3W+EwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAXmCtQqnpjdc2FamaPT66qiVdWlMB8GA1UdIwQY
MBaAFO61m3kcehHSMqlcfvFpKFyuppW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMt
YTY3ZDhjN2VkN2NhLzEvQmVZSzFDcWVtTjF6WVZxWm85UHJxcUpWMWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMtYTY3ZDhjN2VkN2Nh
LzEvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCVdEcAwQC
uTuQAwQBubMgAwQCueqEMBQEAgACMA4DBQAqAmwgAwUDKgp3gDANBgkqhkiG9w0B
AQsFAAOCAQEAVNkWMqFSPiMuF1BwhcjfvT8SF0GnPsRh5p2nZdnJUXJdU2rt2Oi/
iFVZDFU5eMhmnh852aBr+xCbpRdMFY5h2jiGOuVf0HpLqxFbV18oPpCJ+y4ZWd6O
C6wKqO/wPPmEj0xzvuDXUYh/sex8Gem6RSrKItIw38gUJWkyOJSQ38sx8q0/kYbX
7mzkgQyLpCHdBL+RWbaHCq1dq4SwT+ymFXtwBZx4RieagDZlnZWfIdiEMT0KLYMa
vTnGMxyUjHFg4oDY+G4pHWRECnqePraCjVLZEvqQ9ssboBm7Es5mFA1rsftqsTj7
Vc2HoTdTuvzvvc6vz61BUeNau6qgZEdnNQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:40 2025 by rpki-client