Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/8spnttRKBmIdWivnnP_VefpbclI.roa
File: 8spnttRKBmIdWivnnP_VefpbclI.roa (raw, json)
Hash identifier: XifOAxb6O23Ag+uW9PEwfbWX2hU570SuZeSQzCVQg4g=
Subject key identifier: F2:CA:67:B6:D4:4A:06:62:1D:5A:2B:E7:9C:FF:D5:79:FA:5B:72:52
Certificate issuer: /CN=9e441e9e705ada3f9c1e827cd276dbd097487608
Certificate serial: 018571FA0DFD7FE6AEF509639798F47E03AB
Authority key identifier: 9E:44:1E:9E:70:5A:DA:3F:9C:1E:82:7C:D2:76:DB:D0:97:48:76:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkQennBa2j-cHoJ80nbb0JdIdgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/8spnttRKBmIdWivnnP_VefpbclI.roa
Signing time: Mon 02 Jan 2023 10:14:51 +0000
ROA not before: Mon 02 Jan 2023 10:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43848
IP address blocks: 193.188.16.0/22 maxlen: 24
185.135.17.0/24 maxlen: 24
185.135.16.0/24 maxlen: 24
85.255.144.0/20 maxlen: 20
85.255.157.0/24 maxlen: 24
85.255.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:0d:fd:7f:e6:ae:f5:09:63:97:98:f4:7e:03:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e441e9e705ada3f9c1e827cd276dbd097487608
Validity
Not Before: Jan 2 10:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2ca67b6d44a06621d5a2be79cffd579fa5b7252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ce:32:e7:94:fc:22:84:22:7c:d9:bb:dc:83:
98:42:4b:b6:de:37:11:1b:53:9c:50:8d:8c:0c:78:
82:2b:a4:0e:4f:8f:a1:b5:e2:39:65:1d:61:10:f1:
91:1e:31:a6:64:d7:f1:2e:b8:28:c2:e3:cc:eb:4d:
5d:0d:0f:0b:1c:bf:65:50:0e:07:e8:bc:fb:05:0c:
96:08:fa:bf:d5:da:3a:48:2c:c6:fe:98:89:09:bd:
96:2f:5a:61:5f:94:7a:05:a1:8c:fc:b8:ea:5d:94:
28:a1:a4:2b:e5:b7:dc:63:31:57:d5:ea:80:e8:5c:
41:29:e9:4d:25:e9:d5:2c:d7:8e:22:0e:ab:ee:0d:
18:19:13:db:b4:37:6d:40:dc:df:09:5a:90:b4:45:
ba:eb:dd:35:80:58:71:44:7b:a8:59:d7:12:82:66:
c5:78:1d:f7:bb:12:e3:ca:73:a5:a7:06:f9:35:34:
a4:4e:88:1a:21:7f:88:b4:ac:9b:80:c5:05:e2:9b:
0c:95:6f:ff:80:32:f3:e9:b9:2d:6b:69:74:59:1e:
ee:fe:c3:3b:59:8d:c2:93:1d:16:c8:cf:18:ae:a7:
60:0f:27:a8:d3:02:0e:08:73:fc:68:8d:6b:b6:8f:
47:f6:5a:56:d6:07:5d:95:52:99:99:e4:20:9a:2a:
ff:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CA:67:B6:D4:4A:06:62:1D:5A:2B:E7:9C:FF:D5:79:FA:5B:72:52
X509v3 Authority Key Identifier:
keyid:9E:44:1E:9E:70:5A:DA:3F:9C:1E:82:7C:D2:76:DB:D0:97:48:76:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkQennBa2j-cHoJ80nbb0JdIdgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/8spnttRKBmIdWivnnP_VefpbclI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/nkQennBa2j-cHoJ80nbb0JdIdgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.144.0/20
185.135.16.0/23
193.188.16.0/22
Signature Algorithm: sha256WithRSAEncryption
44:32:ed:6a:cf:87:3e:e3:b6:5e:74:08:33:36:63:1a:ab:46:
66:ab:f2:69:9e:0e:70:f0:87:e5:35:3f:26:96:ee:42:a4:ce:
ce:90:d1:bc:fe:3c:ed:8e:47:11:b7:62:dc:15:6c:e0:d6:b3:
9b:cb:6d:de:1e:b0:5d:07:8c:92:c2:b9:35:9b:d2:c2:40:42:
2e:99:d2:ff:b5:cc:da:a0:e0:5f:cc:ca:14:25:e0:d4:c8:c3:
14:b8:f1:14:f0:ea:41:e6:c4:5b:10:cd:80:26:0a:e5:f9:da:
58:54:a3:d5:6b:35:db:65:63:89:b7:c7:69:21:70:d0:59:c3:
a4:0d:62:ef:a6:79:8f:39:fc:e2:fe:21:c3:f7:b8:80:18:bd:
71:50:09:e9:38:1e:38:6c:d5:3d:1b:6f:a3:90:f6:11:f5:22:
5c:97:97:1f:d0:f7:37:4e:c8:c2:b6:66:74:2d:44:48:b3:1f:
ce:c1:88:fe:c0:12:ae:96:ef:9d:6f:a9:86:a5:d8:82:5b:91:
b1:c2:89:07:24:46:e3:35:94:4c:16:1d:33:ef:57:54:4a:6f:
de:fc:12:ad:2b:9b:04:ed:50:1a:f2:87:0b:3f:5b:75:9e:31:
cd:a7:05:94:95:2b:92:87:63:c8:c9:7d:41:1b:83:c4:78:76:
ae:0d:b7:f1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx+g39f+au9Qljl5j0fgOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDQxZTllNzA1YWRhM2Y5YzFlODI3Y2QyNzZkYmQwOTc0
ODc2MDgwHhcNMjMwMTAyMTAxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmNhNjdiNmQ0NGEwNjYyMWQ1YTJiZTc5Y2ZmZDU3OWZhNWI3MjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc4y55T8IoQifNm73IOYQku23jcR
G1OcUI2MDHiCK6QOT4+hteI5ZR1hEPGRHjGmZNfxLrgowuPM601dDQ8LHL9lUA4H
6Lz7BQyWCPq/1do6SCzG/piJCb2WL1phX5R6BaGM/LjqXZQooaQr5bfcYzFX1eqA
6FxBKelNJenVLNeOIg6r7g0YGRPbtDdtQNzfCVqQtEW66901gFhxRHuoWdcSgmbF
eB33uxLjynOlpwb5NTSkTogaIX+ItKybgMUF4psMlW//gDLz6bkta2l0WR7u/sM7
WY3Ckx0WyM8YrqdgDyeo0wIOCHP8aI1rto9H9lpW1gddlVKZmeQgmir/lwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPLKZ7bUSgZiHVor55z/1Xn6W3JSMB8GA1UdIwQY
MBaAFJ5EHp5wWto/nB6CfNJ229CXSHYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtRZW5uQmEyai1jSG9KODBuYmIwSmRJZGdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9jZTE2ZjctYjg2OC00YjRjLTlkOWIt
OTMyZDE2YjA4ZGYwLzEvOHNwbnR0UktCbUlkV2l2bm5QX1ZlZnBiY2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9jZTE2ZjctYjg2OC00YjRjLTlkOWItOTMyZDE2YjA4ZGYw
LzEvbmtRZW5uQmEyai1jSG9KODBuYmIwSmRJZGdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEVf+QAwQB
uYcQAwQCwbwQMA0GCSqGSIb3DQEBCwUAA4IBAQBEMu1qz4c+47ZedAgzNmMaq0Zm
q/Jpng5w8IflNT8mlu5CpM7OkNG8/jztjkcRt2LcFWzg1rOby23eHrBdB4ySwrk1
m9LCQEIumdL/tczaoOBfzMoUJeDUyMMUuPEU8OpB5sRbEM2AJgrl+dpYVKPVazXb
ZWOJt8dpIXDQWcOkDWLvpnmPOfzi/iHD97iAGL1xUAnpOB44bNU9G2+jkPYR9SJc
l5cf0Pc3TsjCtmZ0LURIsx/OwYj+wBKulu+db6mGpdiCW5GxwokHJEbjNZRMFh0z
71dUSm/e/BKtK5sE7VAa8ocLP1t1njHNpwWUlSuSh2PIyX1BG4PEeHauDbfx
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:21 2025 by rpki-client