Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bM_Kfio9872L_GXLIaX6BPkJ7hw.roa
File: bM_Kfio9872L_GXLIaX6BPkJ7hw.roa (raw, json)
Hash identifier: k6Gz18yC87SRz1dUzlBXO4xpimvWxZzzEIG12OdJ014=
Subject key identifier: 6C:CF:CA:7E:2A:3D:F3:BD:8B:FC:65:CB:21:A5:FA:04:F9:09:EE:1C
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0182921146A01F53F69B07EA67B8F8FB333F
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bM_Kfio9872L_GXLIaX6BPkJ7hw.roa
Signing time: Fri 12 Aug 2022 12:39:41 +0000
ROA not before: Fri 12 Aug 2022 12:39:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15899
IP address blocks: 85.254.140.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
85.254.9.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.8.0/24 maxlen: 24
85.254.11.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:92:11:46:a0:1f:53:f6:9b:07:ea:67:b8:f8:fb:33:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 12 12:39:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ccfca7e2a3df3bd8bfc65cb21a5fa04f909ee1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ed:f3:32:37:32:ea:24:6d:d4:5e:d3:69:d2:
8d:25:9b:b6:0b:e1:20:2c:3e:68:e6:7b:89:19:42:
9a:47:a3:8e:99:2a:21:3f:d3:1f:14:9b:dc:cd:8d:
0c:ab:be:56:05:e0:d1:16:e7:66:65:2f:a1:e5:0f:
42:12:1e:4d:d0:61:62:dc:7c:c8:4d:e2:02:90:a1:
ca:75:b6:40:38:fa:85:d6:27:67:2e:62:42:bb:3f:
73:f0:7c:e9:c3:de:e7:ae:43:54:93:b3:10:9f:56:
c9:ad:00:63:3e:c2:db:c6:c9:a7:55:73:ec:30:14:
03:e3:e7:f1:6d:7b:2d:f4:ce:6a:b2:22:03:1b:56:
d5:e3:9d:04:21:4a:43:d8:04:c4:05:32:11:78:3e:
03:76:f5:6a:25:d5:5e:fb:e4:b5:d1:03:bd:c7:66:
55:c2:26:0a:a6:89:a4:c3:79:a7:af:0d:24:e3:5b:
0a:80:ff:c3:6a:ce:1b:1b:a5:fd:4e:24:73:db:d6:
43:9f:03:90:dd:3e:71:a5:e8:5d:fd:a0:de:ca:76:
5c:ad:10:5f:38:ca:e8:f7:77:8a:03:b4:1a:14:16:
3c:4d:58:ca:7c:65:55:5e:fc:c8:76:ff:41:d7:89:
49:0c:c9:5b:1f:7e:3c:f3:99:62:3a:a3:16:cb:7c:
ca:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CF:CA:7E:2A:3D:F3:BD:8B:FC:65:CB:21:A5:FA:04:F9:09:EE:1C
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bM_Kfio9872L_GXLIaX6BPkJ7hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.8.0/21
85.254.140.0/24
159.148.239.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:f5:7c:09:5f:3d:25:e5:4f:ab:50:48:8f:38:b1:25:50:0f:
d5:78:45:7d:4d:ce:c2:65:cc:2b:01:c1:71:43:bb:f6:c6:1f:
1d:1f:33:2c:3a:4f:8f:02:25:1d:fa:4d:7a:43:90:52:aa:71:
41:bd:2b:e1:2b:f5:2a:20:fd:36:35:af:f3:a4:d8:88:6e:34:
9f:ac:8a:26:7b:21:ff:82:28:7d:a2:99:5f:5f:4f:63:7d:51:
cb:71:6f:39:8b:a6:3c:cf:ec:65:2c:8c:f6:e9:ab:db:d0:30:
a7:ef:f0:38:3e:34:f2:c5:7f:df:23:e3:14:2d:bc:26:d5:c6:
6f:de:16:20:b9:65:e1:5b:2c:a6:16:bd:08:3d:96:52:34:8d:
b4:f1:13:bb:aa:62:2e:10:4c:5b:95:a3:94:36:f2:a2:b8:41:
d2:5c:82:23:e3:c9:16:1d:41:69:8a:c1:0d:e4:99:23:9d:3e:
f4:6a:54:c2:7d:d9:e3:14:6b:92:d7:7c:25:22:77:f2:e9:ef:
9e:75:f6:d9:f2:91:b7:9a:fc:8b:98:41:08:7b:de:7b:64:83:
45:bc:8f:63:a1:cd:37:fb:4c:32:51:f8:99:3d:4b:77:a3:9b:
f5:db:da:72:cc:18:fa:f6:27:0a:4e:d6:8e:8e:9c:26:47:79:
44:94:7e:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKSEUagH1P2mwfqZ7j4+zM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIwODEyMTIzOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2NmY2E3ZTJhM2RmM2JkOGJmYzY1Y2IyMWE1ZmEwNGY5MDllZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO3zMjcy6iRt1F7TadKNJZu2C+Eg
LD5o5nuJGUKaR6OOmSohP9MfFJvczY0Mq75WBeDRFudmZS+h5Q9CEh5N0GFi3HzI
TeICkKHKdbZAOPqF1idnLmJCuz9z8Hzpw97nrkNUk7MQn1bJrQBjPsLbxsmnVXPs
MBQD4+fxbXst9M5qsiIDG1bV450EIUpD2ATEBTIReD4DdvVqJdVe++S10QO9x2ZV
wiYKpomkw3mnrw0k41sKgP/Das4bG6X9TiRz29ZDnwOQ3T5xpehd/aDeynZcrRBf
OMro93eKA7QaFBY8TVjKfGVVXvzIdv9B14lJDMlbH34885liOqMWy3zKnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGzPyn4qPfO9i/xlyyGl+gT5Ce4cMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvYk1fS2Zpbzk4NzJMX0dYTElhWDZCUGtKN2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDVf4IAwQA
Vf6MAwQAn5TvMA0GCSqGSIb3DQEBCwUAA4IBAQBc9XwJXz0l5U+rUEiPOLElUA/V
eEV9Tc7CZcwrAcFxQ7v2xh8dHzMsOk+PAiUd+k16Q5BSqnFBvSvhK/UqIP02Na/z
pNiIbjSfrIomeyH/gih9oplfX09jfVHLcW85i6Y8z+xlLIz26avb0DCn7/A4PjTy
xX/fI+MULbwm1cZv3hYguWXhWyymFr0IPZZSNI208RO7qmIuEExblaOUNvKiuEHS
XIIj48kWHUFpisEN5JkjnT70alTCfdnjFGuS13wlInfy6e+edfbZ8pG3mvyLmEEI
e957ZINFvI9joc03+0wyUfiZPUt3o5v129pyzBj69icKTtaOjpwmR3lElH5p
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:46 2023 by rpki-client on console-fra.rpki-client.org