Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/0tASo5y-pO1u7L1SpfCLmAIRE0w.roa
File: 0tASo5y-pO1u7L1SpfCLmAIRE0w.roa (raw, json)
Hash identifier: 7pppw0cRBKWnPUCNXhWywtmpm/vXqwawPiv6zwhvuaI=
Subject key identifier: D2:D0:12:A3:9C:BE:A4:ED:6E:EC:BD:52:A5:F0:8B:98:02:11:13:4C
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01856F429F35295721A758B00BB6BBB60E22
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/0tASo5y-pO1u7L1SpfCLmAIRE0w.roa
Signing time: Sun 01 Jan 2023 21:35:15 +0000
ROA not before: Sun 01 Jan 2023 21:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61157
IP address blocks: 85.93.66.0/24 maxlen: 24
85.93.65.0/24 maxlen: 24
85.93.67.0/24 maxlen: 24
85.93.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9f:35:29:57:21:a7:58:b0:0b:b6:bb:b6:0e:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 21:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2d012a39cbea4ed6eecbd52a5f08b980211134c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ee:99:6a:62:0c:1b:01:fe:58:21:ed:fc:a9:
91:3b:0b:d7:3a:2c:99:36:49:01:61:78:10:60:63:
77:21:10:7e:11:07:9e:70:c7:da:7b:06:46:e6:3f:
f4:bd:72:fd:1c:b7:69:13:9c:b5:ff:1d:f4:71:dc:
3b:6c:7f:8e:75:44:25:86:c0:3f:e8:a9:1a:46:14:
4c:59:1b:0f:8c:88:70:5c:65:0d:b9:06:30:bf:fc:
4d:12:a4:7e:e3:79:a1:88:8a:86:4b:bd:4a:b1:25:
72:48:8b:dd:d9:3e:fd:45:95:99:c4:31:49:00:b8:
81:1e:9b:88:b2:98:11:2b:ee:db:a8:c1:33:f0:4c:
06:2f:2a:b1:47:b3:a6:92:d7:42:11:31:c8:7e:8c:
d6:cc:5d:7e:45:b7:ab:9f:2a:8c:b7:51:0d:37:6c:
75:b9:00:c4:82:7c:4b:ac:fa:2e:d7:fd:42:e8:7a:
d3:f0:11:97:a3:c3:1f:d3:3e:5a:3f:01:f8:c9:66:
d8:48:5b:4f:49:37:9c:53:61:98:0c:9d:fd:b8:36:
5a:29:dc:0a:b9:7d:a8:63:c5:86:35:22:a9:61:22:
66:04:89:2f:96:f0:13:bc:45:60:09:1a:f9:65:5e:
c5:da:19:ae:b2:45:37:09:2f:4f:29:73:ef:49:97:
c4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D0:12:A3:9C:BE:A4:ED:6E:EC:BD:52:A5:F0:8B:98:02:11:13:4C
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/0tASo5y-pO1u7L1SpfCLmAIRE0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.93.65.0-85.93.67.255
85.93.80.0/24
Signature Algorithm: sha256WithRSAEncryption
98:38:eb:18:b0:54:ff:05:23:e5:d3:86:89:1c:10:05:75:b4:
39:6c:45:41:60:60:3f:5c:86:29:41:0a:52:7a:44:3a:d0:f6:
fe:cc:76:6c:99:8e:40:31:e1:79:4b:a2:c5:c5:fb:7f:ec:9f:
2c:0b:97:ef:19:3d:e7:ee:99:c7:fc:a4:6d:34:89:25:5e:c5:
98:3b:8e:02:9d:52:de:9a:08:d7:57:11:09:2e:e0:b8:3c:30:
b6:eb:93:ca:0e:d7:e7:8f:12:ed:0a:e4:1b:3e:2a:7b:25:29:
1e:fd:3b:2c:56:6d:cb:09:12:c5:30:6a:14:9f:63:9f:70:4a:
0b:eb:84:92:61:7e:45:57:91:eb:ce:a1:e6:95:52:e4:65:af:
0d:6c:d0:ba:c0:a6:c4:d6:c0:37:be:66:d9:aa:06:9a:7d:38:
01:68:38:5f:5d:60:1e:04:96:a7:de:4c:2e:ab:6b:45:31:62:
21:1d:f5:e9:68:ca:c9:b9:b0:ca:77:a7:fe:b4:e9:e1:b6:f1:
2c:03:85:59:65:5a:c5:43:14:33:cb:cb:bc:e7:96:c1:38:eb:
43:b6:7b:0b:65:21:c0:3a:4b:b2:5e:14:40:a8:4a:6e:bd:46:
45:2c:e5:fc:b2:ee:2c:55:9d:7d:60:68:b3:de:7e:a7:da:e1:
22:98:fa:01
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvQp81KVchp1iwC7a7tg4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMwMTAxMjEzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmQwMTJhMzljYmVhNGVkNmVlY2JkNTJhNWYwOGI5ODAyMTExMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAge6ZamIMGwH+WCHt/KmROwvXOiyZ
NkkBYXgQYGN3IRB+EQeecMfaewZG5j/0vXL9HLdpE5y1/x30cdw7bH+OdUQlhsA/
6KkaRhRMWRsPjIhwXGUNuQYwv/xNEqR+43mhiIqGS71KsSVySIvd2T79RZWZxDFJ
ALiBHpuIspgRK+7bqMEz8EwGLyqxR7OmktdCETHIfozWzF1+RbernyqMt1ENN2x1
uQDEgnxLrPou1/1C6HrT8BGXo8Mf0z5aPwH4yWbYSFtPSTecU2GYDJ39uDZaKdwK
uX2oY8WGNSKpYSJmBIkvlvATvEVgCRr5ZV7F2hmuskU3CS9PKXPvSZfE3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNLQEqOcvqTtbuy9UqXwi5gCERNMMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvMHRBU281eS1wTzF1N0wxU3BmQ0xtQUlSRTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABVXUED
BAJVXUADBABVXVAwDQYJKoZIhvcNAQELBQADggEBAJg46xiwVP8FI+XThokcEAV1
tDlsRUFgYD9chilBClJ6RDrQ9v7MdmyZjkAx4XlLosXF+3/snywLl+8ZPefumcf8
pG00iSVexZg7jgKdUt6aCNdXEQku4Lg8MLbrk8oO1+ePEu0K5Bs+KnslKR79OyxW
bcsJEsUwahSfY59wSgvrhJJhfkVXkevOoeaVUuRlrw1s0LrApsTWwDe+ZtmqBpp9
OAFoOF9dYB4ElqfeTC6ra0UxYiEd9eloysm5sMp3p/606eG28SwDhVllWsVDFDPL
y7znlsE460O2ewtlIcA6S7JeFECoSm69RkUs5fyy7ixVnX1gaLPefqfa4SKY+gE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:32 2025 by rpki-client