Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/M-S9YYatdFrTNCiPnNAGe8mtSME.roa
File: M-S9YYatdFrTNCiPnNAGe8mtSME.roa (raw, json)
Hash identifier: GmMabhVsxsr9u7Nh7TbQEHoI3yC03FmnTKJ7vHlHnmc=
Subject key identifier: 33:E4:BD:61:86:AD:74:5A:D3:34:28:8F:9C:D0:06:7B:C9:AD:48:C1
Certificate issuer: /CN=c8d5aa7034250ab1a8789ac86cc0eef3bfc9db5f
Certificate serial: 02107FF0
Authority key identifier: C8:D5:AA:70:34:25:0A:B1:A8:78:9A:C8:6C:C0:EE:F3:BF:C9:DB:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNWqcDQlCrGoeJrIbMDu87_J218.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/M-S9YYatdFrTNCiPnNAGe8mtSME.roa
Signing time: Sat 01 Jan 2022 01:58:48 +0000
ROA not before: Sat 01 Jan 2022 01:58:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197889
IP address blocks: 85.119.8.0/21 maxlen: 21
185.223.16.0/23 maxlen: 23
185.223.18.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34635760 (0x2107ff0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5aa7034250ab1a8789ac86cc0eef3bfc9db5f
Validity
Not Before: Jan 1 01:58:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33e4bd6186ad745ad334288f9cd0067bc9ad48c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bd:f6:77:c8:fc:c7:8a:e6:f4:66:3c:78:02:
83:75:29:2d:a5:af:76:58:58:54:00:f5:f7:68:c6:
d4:24:66:0d:ff:76:84:46:6a:c1:28:ac:61:62:8d:
46:04:61:03:bb:e7:16:3f:0a:09:f7:a3:9e:e7:c4:
18:15:7b:5d:85:00:09:4c:52:68:0c:df:72:9c:e0:
02:f1:dd:25:25:ca:3e:65:ae:d3:fc:c0:5b:a8:d3:
a2:c4:45:fc:d1:38:9b:94:06:64:0f:df:76:f7:34:
78:3c:7c:c8:85:71:59:78:f9:0f:97:b0:57:b5:ef:
23:94:60:7d:b6:06:0c:63:01:b7:df:ae:2f:d4:2f:
36:52:13:36:ad:dd:b1:24:d4:1a:ef:58:6d:f5:ba:
5b:b8:f4:29:35:9d:95:01:40:95:ce:5d:79:c0:49:
8f:5e:7e:22:30:ef:2f:97:34:c0:41:6b:d1:d8:1a:
69:86:14:71:3e:b7:0d:a3:61:17:93:6f:3b:39:46:
c6:80:d8:94:c8:b8:dc:c6:9d:10:1c:38:78:35:4b:
55:f0:85:b8:7f:04:da:23:9e:db:28:85:96:3b:1a:
fd:0a:4b:dd:52:c9:9f:81:1e:fe:e8:f9:51:8a:28:
de:77:db:7a:c9:95:7c:94:16:7b:26:6c:45:07:ad:
42:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E4:BD:61:86:AD:74:5A:D3:34:28:8F:9C:D0:06:7B:C9:AD:48:C1
X509v3 Authority Key Identifier:
keyid:C8:D5:AA:70:34:25:0A:B1:A8:78:9A:C8:6C:C0:EE:F3:BF:C9:DB:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNWqcDQlCrGoeJrIbMDu87_J218.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/M-S9YYatdFrTNCiPnNAGe8mtSME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2d490c-6ff8-471d-97d2-2d72f23193db/1/yNWqcDQlCrGoeJrIbMDu87_J218.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.8.0/21
185.223.16.0/22
Signature Algorithm: sha256WithRSAEncryption
61:f3:2e:b9:f2:bd:b6:68:09:fe:36:fb:e5:fd:0e:6f:57:fa:
1d:d8:62:31:78:1a:a1:f7:97:1e:ab:95:d4:38:1e:88:e6:b0:
06:af:37:b6:4e:3a:58:fd:63:1a:5c:65:ca:95:65:83:f0:fb:
97:eb:84:fe:aa:08:2e:cc:89:f6:42:2e:a3:c1:3d:c3:17:40:
85:53:54:c1:90:44:43:5d:fc:e8:79:f2:c7:a0:c8:d3:62:ad:
9a:33:fd:a9:b0:16:cd:a3:b9:ed:f9:5b:b4:43:94:36:b2:a0:
e6:93:56:dd:c7:87:f4:bf:ad:c8:af:a8:72:8e:ef:cd:d2:6a:
20:50:02:65:6f:18:8d:c5:6d:80:38:a6:20:23:e9:f2:b2:a9:
1f:0c:3e:7a:d5:85:b4:c8:33:64:d3:7c:73:ab:9f:8c:38:ad:
19:87:db:5c:92:44:28:43:93:f1:47:5c:0d:e7:73:f2:f5:a5:
87:48:ee:53:3d:e6:9a:cb:5e:af:e4:27:5a:94:82:b5:1a:71:
65:b6:18:c5:a6:34:fa:5c:e3:a4:06:92:49:bb:59:6a:83:36:
0f:d8:89:3d:07:1d:90:45:9b:a2:36:e2:d4:e2:87:34:c0:3a:
18:6f:c1:ea:d2:87:ad:f6:9b:2a:2c:a3:73:b2:2c:56:00:ec:
a6:91:6c:c1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAhB/8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGQ1YWE3MDM0MjUwYWIxYTg3ODlhYzg2Y2MwZWVmM2JmYzlkYjVmMB4XDTIyMDEw
MTAxNTg0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNlNGJkNjE4NmFk
NzQ1YWQzMzQyODhmOWNkMDA2N2JjOWFkNDhjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALa99nfI/MeK5vRmPHgCg3UpLaWvdlhYVAD192jG1CRmDf92
hEZqwSisYWKNRgRhA7vnFj8KCfejnufEGBV7XYUACUxSaAzfcpzgAvHdJSXKPmWu
0/zAW6jTosRF/NE4m5QGZA/fdvc0eDx8yIVxWXj5D5ewV7XvI5RgfbYGDGMBt9+u
L9QvNlITNq3dsSTUGu9YbfW6W7j0KTWdlQFAlc5decBJj15+IjDvL5c0wEFr0dga
aYYUcT63DaNhF5NvOzlGxoDYlMi43MadEBw4eDVLVfCFuH8E2iOe2yiFljsa/QpL
3VLJn4Ee/uj5UYoo3nfbesmVfJQWeyZsRQetQo0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQz5L1hhq10WtM0KI+c0AZ7ya1IwTAfBgNVHSMEGDAWgBTI1apwNCUKsah4
mshswO7zv8nbXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lOV3FjRFFsQ3JHb2VKckliTUR1ODdfSjIxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvMmQ0OTBjLTZmZjgtNDcxZC05N2QyLTJkNzJmMjMxOTNkYi8x
L00tUzlZWWF0ZEZyVE5DaVBuTkFHZThtdFNNRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
MmQ0OTBjLTZmZjgtNDcxZC05N2QyLTJkNzJmMjMxOTNkYi8xL3lOV3FjRFFsQ3JH
b2VKckliTUR1ODdfSjIxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1V3CAMEArnfEDANBgkqhkiG9w0B
AQsFAAOCAQEAYfMuufK9tmgJ/jb75f0Ob1f6HdhiMXgaofeXHquV1DgeiOawBq83
tk46WP1jGlxlypVlg/D7l+uE/qoILsyJ9kIuo8E9wxdAhVNUwZBEQ1386Hnyx6DI
02KtmjP9qbAWzaO57flbtEOUNrKg5pNW3ceH9L+tyK+oco7vzdJqIFACZW8YjcVt
gDimICPp8rKpHww+etWFtMgzZNN8c6ufjDitGYfbXJJEKEOT8UdcDedz8vWlh0ju
Uz3mmster+QnWpSCtRpxZbYYxaY0+lzjpAaSSbtZaoM2D9iJPQcdkEWbojbi1OKH
NMA6GG/B6tKHrfabKiyjc7IsVgDsppFswQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:49 2025 by rpki-client