Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/85mdw-OEc6c0pCJcF5vsj48nQSE.roa
File: 85mdw-OEc6c0pCJcF5vsj48nQSE.roa (raw, json)
Hash identifier: yTiCIW889Bn2e3KHIrY9O7Y+CsD5lTgcPABCLnkmOyM=
Subject key identifier: F3:99:9D:C3:E3:84:73:A7:34:A4:22:5C:17:9B:EC:8F:8F:27:41:21
Certificate issuer: /CN=91f5891a26cfa436a23e7e1ff976648bee79ef77
Certificate serial: 01856FE7030B7A0D8AA6F416C41B0490F929
Authority key identifier: 91:F5:89:1A:26:CF:A4:36:A2:3E:7E:1F:F9:76:64:8B:EE:79:EF:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/85mdw-OEc6c0pCJcF5vsj48nQSE.roa
Signing time: Mon 02 Jan 2023 00:34:48 +0000
ROA not before: Mon 02 Jan 2023 00:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41847
IP address blocks: 185.144.220.0/22 maxlen: 24
185.144.220.0/24 maxlen: 24
185.144.222.0/24 maxlen: 24
185.144.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:03:0b:7a:0d:8a:a6:f4:16:c4:1b:04:90:f9:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91f5891a26cfa436a23e7e1ff976648bee79ef77
Validity
Not Before: Jan 2 00:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3999dc3e38473a734a4225c179bec8f8f274121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:50:71:f2:0f:0b:8b:21:ec:5b:3d:f2:07:5a:
b2:93:e0:cd:b7:8e:ca:5f:8b:76:10:df:7b:4b:7b:
cf:12:ef:3a:d3:e9:f8:2a:6d:01:5d:73:1b:d8:4b:
1b:e5:fd:0f:5c:af:39:1e:3c:12:c3:a5:c7:66:c1:
83:2e:17:c4:79:fb:d6:84:a0:f5:d4:97:1e:39:c0:
34:36:5a:77:9e:4f:b5:09:16:99:23:ac:17:1d:49:
de:1b:40:9f:31:86:88:ec:12:be:7e:0c:97:9e:6e:
ae:d3:a1:da:c9:ed:d4:59:79:29:5f:2f:1c:47:31:
61:44:ab:0b:52:e3:1c:82:20:3f:de:7b:5c:98:e8:
ef:f1:59:06:ec:ca:95:a2:12:96:c1:42:77:7e:5c:
b0:1a:d3:6e:65:67:f7:fd:7a:12:4b:5d:62:75:4c:
da:f2:d5:46:a5:a5:88:74:5b:8c:b1:34:bd:b4:2a:
8d:0e:67:b4:1c:27:b6:09:a5:80:3a:2e:52:99:7a:
6e:ea:98:43:d3:e8:67:69:31:fc:31:93:e2:97:27:
4d:9b:d6:f2:40:96:4e:d7:39:3f:c9:de:ce:2e:c2:
88:fb:a7:a1:30:a7:5f:2f:e8:1c:9e:5c:db:e6:03:
ea:fb:04:5c:d3:b0:43:a2:36:4b:71:c2:5b:c7:28:
55:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:99:9D:C3:E3:84:73:A7:34:A4:22:5C:17:9B:EC:8F:8F:27:41:21
X509v3 Authority Key Identifier:
keyid:91:F5:89:1A:26:CF:A4:36:A2:3E:7E:1F:F9:76:64:8B:EE:79:EF:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/85mdw-OEc6c0pCJcF5vsj48nQSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.220.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:8e:35:9e:74:51:7b:b4:d3:61:f9:f4:90:b5:83:59:00:56:
25:82:71:21:05:8a:d0:18:eb:47:4b:26:3d:ed:5f:9a:8e:51:
7b:17:ec:f9:42:6e:43:f5:e9:42:04:66:c0:78:3c:3d:84:f9:
98:23:01:0a:14:4b:9a:bd:af:b3:fe:24:2a:57:7c:f0:09:f6:
4a:de:e8:e7:e6:7a:4d:fb:c0:ed:f6:19:04:72:bc:d0:d1:04:
83:25:e2:7d:d2:37:ab:8c:ad:81:57:07:80:98:08:61:9f:12:
87:2c:5c:57:7b:9b:8d:d2:b4:a8:95:45:3a:a9:f8:eb:f2:2e:
06:68:f6:44:27:e8:5f:47:a5:e2:6e:e6:5c:43:45:7f:69:37:
5f:11:74:30:5f:5c:4a:5f:6e:f8:93:57:7a:a3:3e:4c:c4:46:
97:16:8c:f9:19:4a:30:8d:8b:0c:f8:c3:18:01:b9:a9:ad:d4:
28:cc:72:03:33:27:88:55:cf:92:a4:66:cb:b5:39:a4:be:fc:
b1:73:d9:e8:32:aa:55:f5:83:cb:7a:81:71:3b:db:20:3c:9f:
92:37:64:1e:4e:e4:84:bf:cf:72:02:b9:98:e9:89:47:a6:a2:
81:ab:1a:86:0e:24:73:b5:73:2a:92:bb:28:3f:a6:7c:02:29:
2f:16:b3:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5wMLeg2KpvQWxBsEkPkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjU4OTFhMjZjZmE0MzZhMjNlN2UxZmY5NzY2NDhiZWU3
OWVmNzcwHhcNMjMwMTAyMDAzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk5OWRjM2UzODQ3M2E3MzRhNDIyNWMxNzliZWM4ZjhmMjc0MTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlBx8g8LiyHsWz3yB1qyk+DNt47K
X4t2EN97S3vPEu860+n4Km0BXXMb2Esb5f0PXK85HjwSw6XHZsGDLhfEefvWhKD1
1JceOcA0Nlp3nk+1CRaZI6wXHUneG0CfMYaI7BK+fgyXnm6u06Haye3UWXkpXy8c
RzFhRKsLUuMcgiA/3ntcmOjv8VkG7MqVohKWwUJ3flywGtNuZWf3/XoSS11idUza
8tVGpaWIdFuMsTS9tCqNDme0HCe2CaWAOi5SmXpu6phD0+hnaTH8MZPilydNm9by
QJZO1zk/yd7OLsKI+6ehMKdfL+gcnlzb5gPq+wRc07BDojZLccJbxyhVLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOZncPjhHOnNKQiXBeb7I+PJ0EhMB8GA1UdIwQY
MBaAFJH1iRomz6Q2oj5+H/l2ZIvuee93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83ZjFiNzQtYzhkNy00YTBkLThhMzkt
ZGFhNzM5MGI1YmE3LzEvODVtZHctT0VjNmMwcENKY0Y1dnNqNDhuUVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83ZjFiNzQtYzhkNy00YTBkLThhMzktZGFhNzM5MGI1YmE3
LzEva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZDcMA0G
CSqGSIb3DQEBCwUAA4IBAQA7jjWedFF7tNNh+fSQtYNZAFYlgnEhBYrQGOtHSyY9
7V+ajlF7F+z5Qm5D9elCBGbAeDw9hPmYIwEKFEuava+z/iQqV3zwCfZK3ujn5npN
+8Dt9hkEcrzQ0QSDJeJ90jerjK2BVweAmAhhnxKHLFxXe5uN0rSolUU6qfjr8i4G
aPZEJ+hfR6XibuZcQ0V/aTdfEXQwX1xKX274k1d6oz5MxEaXFoz5GUowjYsM+MMY
AbmprdQozHIDMyeIVc+SpGbLtTmkvvyxc9noMqpV9YPLeoFxO9sgPJ+SN2QeTuSE
v89yArmY6YlHpqKBqxqGDiRztXMqkrsoP6Z8AikvFrPf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:15 2025 by rpki-client