Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_7vGygkq6149e16utSs-pKffCYc.roa
File: _7vGygkq6149e16utSs-pKffCYc.roa (raw, json)
Hash identifier: NibAMSeAIocw1agtH5dnAsCjEwcib3bZPD1F6nue/1o=
Subject key identifier: FF:BB:C6:CA:09:2A:EB:5E:3D:7B:5E:AE:B5:2B:3E:A4:A7:DF:09:87
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0183601BD03C25CD93124C0D9FA7E80B6937
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_7vGygkq6149e16utSs-pKffCYc.roa
Signing time: Wed 21 Sep 2022 12:52:58 +0000
ROA not before: Wed 21 Sep 2022 12:52:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15899
IP address blocks: 85.254.9.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.8.0/24 maxlen: 24
85.254.11.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:60:1b:d0:3c:25:cd:93:12:4c:0d:9f:a7:e8:0b:69:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 21 12:52:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffbbc6ca092aeb5e3d7b5eaeb52b3ea4a7df0987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:93:37:98:84:68:da:98:6c:d0:91:70:cb:b7:
cf:4e:b0:1d:97:36:5f:5d:0b:56:10:c5:a2:34:e3:
9e:18:cf:13:e1:bb:b7:13:a0:a3:cc:15:b4:32:95:
3a:93:24:b5:3f:13:ab:d1:44:b1:51:22:e7:2f:1d:
e5:a2:97:3b:8a:16:3b:02:b7:ac:be:cc:7e:f3:33:
b0:06:dc:1f:7a:8b:85:90:2b:04:c8:8e:13:c1:f2:
f2:17:1c:82:32:42:67:29:96:17:00:84:1d:59:14:
41:f6:d5:b0:d5:5b:fa:ab:f9:57:4d:20:8f:90:26:
32:0f:3f:01:75:65:96:46:2c:ad:33:cc:64:8b:3c:
8b:5c:b3:2d:32:dc:6a:2a:fe:35:61:5a:0e:84:24:
e7:c8:7e:90:5c:8e:fc:95:e6:c0:29:4a:0f:b6:aa:
88:9a:a7:c6:ac:9a:65:bb:78:38:fa:16:07:c9:91:
87:54:0d:2f:f4:0c:b4:ba:23:8c:b3:2d:34:a3:d6:
51:c5:34:76:24:f1:7e:77:9c:e6:fe:a2:65:ed:fd:
f8:d1:30:5e:4c:0b:49:b1:04:fc:ae:a3:7b:6a:9d:
a5:a6:cf:98:2f:d7:a0:8a:94:01:33:0b:f1:e8:f0:
25:f4:df:37:ad:46:b9:63:9f:8b:fd:4e:5f:cb:de:
09:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:BB:C6:CA:09:2A:EB:5E:3D:7B:5E:AE:B5:2B:3E:A4:A7:DF:09:87
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_7vGygkq6149e16utSs-pKffCYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.8.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:ff:2a:9d:37:fe:c8:49:d3:ab:4d:90:72:22:a4:e9:9c:ec:
2d:61:8a:c8:65:97:2e:0f:34:70:44:cf:7b:87:58:75:1e:16:
f0:e7:f5:11:1b:dc:09:e6:4f:8b:8f:66:26:cf:f7:5a:83:db:
cc:ab:7c:2f:4e:7f:26:a4:f8:1d:cc:f7:aa:b6:93:fc:40:47:
77:c7:8c:7c:e7:20:f4:df:95:5e:7f:a0:22:75:1c:ad:1e:17:
b7:a7:ea:f1:b4:75:7d:fc:91:8c:81:5f:45:c4:52:3b:da:83:
56:41:dc:cf:0b:b4:c3:63:7c:cf:b2:1b:0f:17:6a:f7:6d:06:
91:58:e5:3f:16:3e:ed:62:0a:be:61:19:97:55:cb:52:56:c7:
70:06:55:27:56:b9:4d:c5:50:f0:0e:47:93:c2:03:6c:6a:d7:
cb:3a:c8:23:07:3d:0a:94:f9:1d:68:e5:d4:77:4c:da:75:75:
93:85:60:52:42:96:4c:40:09:9b:9d:c1:40:06:fa:d1:6d:ee:
ad:a2:a5:92:b4:65:c1:b1:78:90:7e:e7:b5:10:c2:04:e7:c5:
05:c3:b3:e0:f8:5b:41:75:52:8e:d3:99:77:c7:13:98:20:60:
14:6b:6d:7d:ce:7c:2a:ff:b9:a8:3b:4a:98:58:e0:74:63:05:
99:a5:34:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNgG9A8Jc2TEkwNn6foC2k3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIwOTIxMTI1MjU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmJiYzZjYTA5MmFlYjVlM2Q3YjVlYWViNTJiM2VhNGE3ZGYwOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJM3mIRo2phs0JFwy7fPTrAdlzZf
XQtWEMWiNOOeGM8T4bu3E6CjzBW0MpU6kyS1PxOr0USxUSLnLx3lopc7ihY7Ares
vsx+8zOwBtwfeouFkCsEyI4TwfLyFxyCMkJnKZYXAIQdWRRB9tWw1Vv6q/lXTSCP
kCYyDz8BdWWWRiytM8xkizyLXLMtMtxqKv41YVoOhCTnyH6QXI78lebAKUoPtqqI
mqfGrJplu3g4+hYHyZGHVA0v9Ay0uiOMsy00o9ZRxTR2JPF+d5zm/qJl7f340TBe
TAtJsQT8rqN7ap2lps+YL9egipQBMwvx6PAl9N83rUa5Y5+L/U5fy94JjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP+7xsoJKutePXterrUrPqSn3wmHMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvXzd2R3lna3E2MTQ5ZTE2dXRTcy1wS2ZmQ1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVf4IMA0G
CSqGSIb3DQEBCwUAA4IBAQCa/yqdN/7ISdOrTZByIqTpnOwtYYrIZZcuDzRwRM97
h1h1Hhbw5/URG9wJ5k+Lj2Ymz/dag9vMq3wvTn8mpPgdzPeqtpP8QEd3x4x85yD0
35Vef6AidRytHhe3p+rxtHV9/JGMgV9FxFI72oNWQdzPC7TDY3zPshsPF2r3bQaR
WOU/Fj7tYgq+YRmXVctSVsdwBlUnVrlNxVDwDkeTwgNsatfLOsgjBz0KlPkdaOXU
d0zadXWThWBSQpZMQAmbncFABvrRbe6toqWStGXBsXiQfue1EMIE58UFw7Pg+FtB
dVKO05l3xxOYIGAUa219znwq/7moO0qYWOB0YwWZpTTr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org