Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/2pSKvi0R17pjfi6UBgEX_IEU4Jc.roa
File: 2pSKvi0R17pjfi6UBgEX_IEU4Jc.roa (raw, json)
Hash identifier: FXpN+EqTQK/RBm96VoadeAUgmsiCvO9/hmNZo1u9XKI=
Subject key identifier: DA:94:8A:BE:2D:11:D7:BA:63:7E:2E:94:06:01:17:FC:81:14:E0:97
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01853EF6D75BC69A897550AD93230FB057DB
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/2pSKvi0R17pjfi6UBgEX_IEU4Jc.roa
Signing time: Fri 23 Dec 2022 12:30:42 +0000
ROA not before: Fri 23 Dec 2022 12:30:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 85.254.137.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.47.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.124.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:f6:d7:5b:c6:9a:89:75:50:ad:93:23:0f:b0:57:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Dec 23 12:30:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da948abe2d11d7ba637e2e94060117fc8114e097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:82:d5:05:70:54:06:b9:24:7f:37:dc:8c:ff:
3c:e7:d5:18:b6:b3:42:67:8a:57:7f:9f:27:da:79:
dd:c5:f3:56:e4:ae:e6:cd:ab:46:cb:2f:ec:82:cb:
8e:2f:f7:ff:ad:a0:92:b0:6c:9b:b3:56:02:1a:c1:
b0:c0:2e:44:63:93:7d:65:19:46:20:f3:66:ef:37:
73:08:81:37:01:55:f9:da:55:22:eb:d4:d5:08:a0:
6b:c2:58:e1:13:a7:4f:23:bf:26:73:f3:e2:49:96:
46:08:c2:4d:ce:c5:f1:14:c6:c8:e9:bb:f2:8d:c1:
be:19:6e:1d:cd:93:27:f1:3a:19:e8:43:f2:75:be:
b3:8b:c2:1a:4e:51:1f:85:08:fa:0c:88:5d:f0:23:
51:d2:ba:0a:55:20:bc:3f:01:b2:6d:27:23:a2:cb:
67:3a:a9:cd:9d:da:f3:b5:55:b7:0d:64:f0:dc:55:
07:42:83:42:30:2f:d5:b6:13:7a:b4:a9:a6:7b:64:
56:c4:47:7d:fa:20:e0:22:20:73:65:42:fb:30:d5:
9d:df:51:56:f0:20:cc:e7:b6:f2:d8:83:28:0b:82:
3c:8d:ca:c6:61:08:61:06:06:eb:6a:17:df:45:20:
ae:7d:af:da:4c:61:80:00:10:db:45:5c:6b:ba:9d:
87:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:94:8A:BE:2D:11:D7:BA:63:7E:2E:94:06:01:17:FC:81:14:E0:97
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/2pSKvi0R17pjfi6UBgEX_IEU4Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.4.0/24
85.254.29.0-85.254.30.255
85.254.47.0/24
85.254.59.0/24
85.254.84.0/23
85.254.103.0/24
85.254.124.0/23
85.254.137.0/24
85.254.140.0/24
Signature Algorithm: sha256WithRSAEncryption
49:5d:0d:eb:c3:32:b9:c0:f2:73:1f:fd:ce:bd:f5:3b:4a:45:
ab:fe:d7:9e:1d:e0:42:e2:bc:3b:cc:45:3b:c7:42:a8:54:fe:
eb:da:bd:96:b1:8a:8a:94:62:0e:8f:18:87:29:ac:eb:7b:29:
81:92:90:cf:57:fd:2b:a4:e7:df:37:d1:43:f1:3f:e8:78:d2:
5d:72:9b:6c:e7:8f:45:86:85:29:08:cb:99:78:01:45:11:a4:
4c:30:11:f3:67:2d:0d:f1:af:c8:3f:38:7f:76:70:c9:6e:07:
d5:bc:af:69:39:d7:33:4c:ae:d6:ff:06:16:a5:2e:d4:99:61:
54:f4:86:e4:6d:fb:08:50:a3:24:f6:8e:ce:4f:cc:63:b6:9c:
22:ae:a3:66:a9:e5:85:b5:3a:c5:95:a8:79:fe:b7:47:4c:1a:
fc:d2:55:18:29:5c:80:bc:55:95:b7:46:d0:be:a9:0a:08:25:
ea:cd:a3:bf:6e:23:c0:83:be:b2:0c:aa:e3:6e:8b:a6:f1:42:
ff:de:36:09:d8:21:57:69:3a:b8:bc:97:c6:ca:c8:c1:8e:1a:
31:31:ca:70:5d:d1:5d:57:f4:b5:dc:f6:d8:1d:5d:6f:40:b5:
0a:21:f4:62:5e:2d:39:72:c5:ab:65:37:7e:46:31:93:8d:76:
ba:f8:cb:3b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYU+9tdbxpqJdVCtkyMPsFfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMjIzMTIzMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTk0OGFiZTJkMTFkN2JhNjM3ZTJlOTQwNjAxMTdmYzgxMTRlMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4LVBXBUBrkkfzfcjP8859UYtrNC
Z4pXf58n2nndxfNW5K7mzatGyy/sgsuOL/f/raCSsGybs1YCGsGwwC5EY5N9ZRlG
IPNm7zdzCIE3AVX52lUi69TVCKBrwljhE6dPI78mc/PiSZZGCMJNzsXxFMbI6bvy
jcG+GW4dzZMn8ToZ6EPydb6zi8IaTlEfhQj6DIhd8CNR0roKVSC8PwGybScjostn
OqnNndrztVW3DWTw3FUHQoNCMC/VthN6tKmme2RWxEd9+iDgIiBzZUL7MNWd31FW
8CDM57by2IMoC4I8jcrGYQhhBgbrahffRSCufa/aTGGAABDbRVxrup2HNQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNqUir4tEde6Y34ulAYBF/yBFOCXMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMnBTS3ZpMFIxN3BqZmk2VUJnRVhfSUVVNEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAVf4EMAwD
BABV/h0DBABV/h4DBABV/i8DBABV/jsDBAFV/lQDBABV/mcDBAFV/nwDBABV/okD
BABV/owwDQYJKoZIhvcNAQELBQADggEBAEldDevDMrnA8nMf/c699TtKRav+154d
4ELivDvMRTvHQqhU/uvavZaxioqUYg6PGIcprOt7KYGSkM9X/Suk59830UPxP+h4
0l1ym2znj0WGhSkIy5l4AUURpEwwEfNnLQ3xr8g/OH92cMluB9W8r2k51zNMrtb/
BhalLtSZYVT0huRt+whQoyT2js5PzGO2nCKuo2ap5YW1OsWVqHn+t0dMGvzSVRgp
XIC8VZW3RtC+qQoIJerNo79uI8CDvrIMquNui6bxQv/eNgnYIVdpOri8l8bKyMGO
GjExynBd0V1X9LXc9tgdXW9AtQoh9GJeLTlyxatlN35GMZONdrr4yzs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org