Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eYDO3G1Eu32OW2xJLF89mirrLso.roa
File: eYDO3G1Eu32OW2xJLF89mirrLso.roa (raw, json)
Hash identifier: FIT+7nT+HhHVW/K3YhKUDzD6b3Bf+/fWTF//yLsGVow=
Subject key identifier: 79:80:CE:DC:6D:44:BB:7D:8E:5B:6C:49:2C:5F:3D:9A:2A:EB:2E:CA
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 39A14521
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eYDO3G1Eu32OW2xJLF89mirrLso.roa
Signing time: Fri 22 Apr 2022 10:33:01 +0000
ROA not before: Fri 22 Apr 2022 10:33:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 85.254.137.0/24 maxlen: 24
85.254.134.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.140.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.40.0/24 maxlen: 24
85.254.47.0/24 maxlen: 24
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.2.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 966870305 (0x39a14521)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 22 10:33:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7980cedc6d44bb7d8e5b6c492c5f3d9a2aeb2eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:79:00:de:1e:b7:04:82:5d:13:b9:3d:f7:15:
54:a3:77:ae:2b:5f:b7:14:f1:9d:df:35:86:95:ea:
8e:08:dd:09:e1:bf:fc:3a:a3:8b:22:85:05:1b:b6:
7e:56:b3:52:81:b8:55:26:8c:30:20:93:be:f9:f4:
c4:7d:04:d0:e3:ec:84:c9:94:16:cf:16:53:6b:49:
b6:a1:51:bf:cd:ee:e0:54:a0:07:29:97:6c:ae:67:
5c:ea:c3:aa:08:e3:ea:df:80:8a:e3:fa:99:72:f5:
ed:9f:01:ef:4f:ff:87:f3:38:ad:30:9b:4d:b2:57:
c0:bb:ec:44:5e:5c:7e:22:bf:77:99:eb:53:df:ed:
4e:5c:90:cd:4e:2c:ca:83:96:44:05:68:ba:6c:db:
66:da:8c:77:28:1f:fa:e0:85:3f:9d:bd:51:e3:6b:
df:88:1a:8e:7a:34:04:98:47:b8:e7:2b:24:b9:36:
a4:7e:f3:99:b8:d8:24:98:4d:c6:21:45:75:21:0e:
de:20:f7:2c:00:89:d1:75:03:54:6e:79:47:e9:03:
c6:e4:d8:64:74:58:bc:3f:e4:4f:89:95:5e:56:40:
97:9b:12:06:7a:f0:01:4b:83:9b:bb:00:92:de:ed:
86:c5:4f:ea:90:95:aa:ae:65:4a:df:1a:44:a0:fb:
54:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:80:CE:DC:6D:44:BB:7D:8E:5B:6C:49:2C:5F:3D:9A:2A:EB:2E:CA
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eYDO3G1Eu32OW2xJLF89mirrLso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.29.0-85.254.30.255
85.254.40.0/24
85.254.47.0/24
85.254.51.0/24
85.254.59.0/24
85.254.84.0/23
85.254.103.0/24
85.254.124.0-85.254.126.255
85.254.134.0/24
85.254.137.0-85.254.140.255
Signature Algorithm: sha256WithRSAEncryption
6c:84:db:88:b1:ee:80:ca:b8:93:23:8a:30:26:c0:f2:a8:57:
43:fd:37:6f:df:8e:ad:2d:a5:65:35:c6:5a:57:d4:4a:ba:b1:
1a:60:d7:61:03:06:4d:cc:21:c3:c6:12:53:e3:14:31:28:fe:
97:7a:a5:6a:db:86:75:6c:fc:cd:a3:97:9a:ce:3e:81:47:4e:
10:eb:d6:79:1e:e3:80:90:54:5e:e6:b1:ff:5e:14:67:7e:88:
1b:0f:c6:cb:91:69:20:83:49:b0:11:72:9e:02:4c:62:c5:41:
2f:53:ed:8c:12:a1:dc:ba:25:6d:bf:ea:43:7f:92:70:b8:35:
43:12:0e:2e:6a:fa:91:33:4d:f9:98:59:63:a5:aa:e2:4d:0f:
81:67:e0:50:96:4c:5c:3a:1e:bc:f7:33:48:aa:82:b3:f8:34:
da:72:c9:64:3f:fe:41:bc:e7:0f:a1:e0:fe:5f:23:0f:a4:44:
f1:8a:08:d1:78:81:de:58:6c:ac:b0:22:69:75:87:9d:e7:c5:
f3:3f:01:2b:72:ff:53:27:7d:7c:6e:67:61:d1:4d:a3:f4:6f:
17:ed:4e:23:a5:af:77:da:fd:e7:18:f6:e4:d9:a3:70:92:cf:
a2:33:40:fe:f7:cc:1a:f9:b6:6b:95:3a:2b:04:e3:c9:07:39:
df:14:14:dc
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEOaFFITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDQy
MjEwMzMwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzk4MGNlZGM2ZDQ0
YmI3ZDhlNWI2YzQ5MmM1ZjNkOWEyYWViMmVjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ55AN4etwSCXRO5PfcVVKN3ritftxTxnd81hpXqjgjdCeG/
/DqjiyKFBRu2flazUoG4VSaMMCCTvvn0xH0E0OPshMmUFs8WU2tJtqFRv83u4FSg
BymXbK5nXOrDqgjj6t+AiuP6mXL17Z8B70//h/M4rTCbTbJXwLvsRF5cfiK/d5nr
U9/tTlyQzU4syoOWRAVoumzbZtqMdygf+uCFP529UeNr34gajno0BJhHuOcrJLk2
pH7zmbjYJJhNxiFFdSEO3iD3LACJ0XUDVG55R+kDxuTYZHRYvD/kT4mVXlZAl5sS
BnrwAUuDm7sAkt7thsVP6pCVqq5lSt8aRKD7VFECAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBR5gM7cbUS7fY5bbEksXz2aKusuyjAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L2VZRE8zRzFFdTMyT1cyeEpMRjg5bWlyckxzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAFX+AgMEAFX+BAMEAFX+BzAMAwQA
Vf4dAwQAVf4eAwQAVf4oAwQAVf4vAwQAVf4zAwQAVf47AwQBVf5UAwQAVf5nMAwD
BAJV/nwDBABV/n4DBABV/oYwDAMEAFX+iQMEAFX+jDANBgkqhkiG9w0BAQsFAAOC
AQEAbITbiLHugMq4kyOKMCbA8qhXQ/03b9+OrS2lZTXGWlfUSrqxGmDXYQMGTcwh
w8YSU+MUMSj+l3qlatuGdWz8zaOXms4+gUdOEOvWeR7jgJBUXuax/14UZ36IGw/G
y5FpIINJsBFyngJMYsVBL1PtjBKh3Lolbb/qQ3+ScLg1QxIOLmr6kTNN+ZhZY6Wq
4k0PgWfgUJZMXDoevPczSKqCs/g02nLJZD/+QbznD6Hg/l8jD6RE8YoI0XiB3lhs
rLAiaXWHnefF8z8BK3L/Uyd9fG5nYdFNo/RvF+1OI6Wvd9r95xj25NmjcJLPojNA
/vfMGvm2a5U6KwTjyQc53xQU3A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:46 2023 by rpki-client on console-fra.rpki-client.org