Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/B08Cl4bLbPUCd9vKKAU61TsTtiU.roa
File: B08Cl4bLbPUCd9vKKAU61TsTtiU.roa (raw, json)
Hash identifier: 3UKHoMLm0kXZwmmyy9N6nAhMwO8eVjpj4XrKZUN5aPU=
Subject key identifier: 07:4F:02:97:86:CB:6C:F5:02:77:DB:CA:28:05:3A:D5:3B:13:B6:25
Certificate issuer: /CN=af782dae3d40caf2223262541c4054e62945d933
Certificate serial: 01856EC2250087DD31A6C92DFB175E9CB596
Authority key identifier: AF:78:2D:AE:3D:40:CA:F2:22:32:62:54:1C:40:54:E6:29:45:D9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gtrj1AyvIiMmJUHEBU5ilF2TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/B08Cl4bLbPUCd9vKKAU61TsTtiU.roa
Signing time: Sun 01 Jan 2023 19:14:55 +0000
ROA not before: Sun 01 Jan 2023 19:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61347
IP address blocks: 185.9.221.0/24 maxlen: 24
185.9.222.0/24 maxlen: 24
185.9.223.0/24 maxlen: 24
185.9.220.0/24 maxlen: 24
2a02:df40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:25:00:87:dd:31:a6:c9:2d:fb:17:5e:9c:b5:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af782dae3d40caf2223262541c4054e62945d933
Validity
Not Before: Jan 1 19:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=074f029786cb6cf50277dbca28053ad53b13b625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:73:d0:32:cd:2f:ec:e7:3e:45:cd:fa:b3:e1:
cf:d3:e4:1c:86:86:de:4b:77:2b:44:bb:d9:a5:81:
5c:da:a2:bc:d6:71:b9:af:1a:6f:60:b3:48:1f:5a:
c2:ec:4a:b9:8d:d7:83:f0:61:36:d8:9f:33:14:54:
ca:ce:62:6f:38:84:8c:d2:7a:f8:e4:0e:78:d7:bc:
5e:47:0d:16:0e:a6:43:2b:a7:3a:3a:84:72:94:f6:
1b:de:66:dc:15:27:fb:4d:13:f3:ba:a0:c1:bf:96:
99:c4:6c:00:fd:ff:06:ec:7f:c8:52:6c:d4:7c:de:
9e:af:56:78:c2:57:5c:7e:cd:e7:fe:c2:52:c6:d0:
fa:90:96:37:ec:b8:dd:78:e2:a3:7f:8f:2e:ba:58:
32:d8:57:93:71:5a:84:4a:cc:f9:c1:60:a1:8c:4f:
01:d2:1c:ab:b9:7c:37:19:60:8d:59:1e:23:46:2f:
bd:d5:e1:67:5d:1e:ab:f8:c9:52:06:16:cb:85:e8:
6a:ee:90:8a:0e:6d:d4:0c:c6:ab:8c:55:c8:9a:d4:
9d:b8:b9:83:53:1e:93:cd:f2:83:95:2c:be:ed:ed:
14:a7:bf:5a:1b:56:3a:ff:d7:83:6b:20:99:9d:71:
a5:62:99:8f:77:f5:d8:52:b7:c8:40:0f:8b:a3:7b:
46:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:4F:02:97:86:CB:6C:F5:02:77:DB:CA:28:05:3A:D5:3B:13:B6:25
X509v3 Authority Key Identifier:
keyid:AF:78:2D:AE:3D:40:CA:F2:22:32:62:54:1C:40:54:E6:29:45:D9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gtrj1AyvIiMmJUHEBU5ilF2TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/B08Cl4bLbPUCd9vKKAU61TsTtiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/dee833-fe5b-4c10-bbec-f0125d02e262/1/r3gtrj1AyvIiMmJUHEBU5ilF2TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.220.0/22
IPv6:
2a02:df40::/48
Signature Algorithm: sha256WithRSAEncryption
43:42:2a:7f:2b:b8:4b:de:4a:cd:5c:63:97:0e:db:9e:a8:79:
ba:12:7f:26:d3:17:c9:4b:cd:39:9e:6f:eb:16:99:3b:d9:4a:
b8:0e:7c:cb:47:65:f4:38:5c:a1:db:cf:34:1b:77:6e:1c:cf:
56:3e:50:1c:a4:78:2b:13:b1:45:45:fb:25:ed:4a:5b:e8:b4:
ea:c5:5d:af:46:d7:01:40:03:33:e7:ba:50:bb:51:ff:3e:0d:
7f:9d:26:fa:82:a6:09:6d:e9:31:85:0a:c1:e2:d0:06:8b:12:
a1:25:00:e6:b3:19:74:39:57:f2:28:b9:5a:b5:af:c6:44:e7:
2d:93:f3:6d:24:50:d4:9b:52:58:8e:77:a7:47:e6:2b:91:ec:
8a:b6:b3:f1:aa:95:01:e7:8f:b6:68:42:48:ee:82:6c:e3:30:
b9:cc:18:b6:d1:3d:02:e2:73:f2:05:8e:d9:3b:df:ac:d2:a8:
c0:30:fd:f3:17:9d:7b:46:3c:77:c5:bc:10:ab:b1:7e:40:9e:
09:99:ab:83:56:3a:9e:bb:ae:54:dd:3a:32:48:75:99:94:b3:
84:d0:b6:c0:cd:7c:1d:f4:07:2a:2c:e7:55:b7:0e:a6:69:d9:
ce:43:b5:a3:54:a7:ba:59:81:5e:1f:90:ae:a7:ab:1a:ba:e1:
38:39:36:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuwiUAh90xpskt+xdenLWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgyZGFlM2Q0MGNhZjIyMjMyNjI1NDFjNDA1NGU2Mjk0
NWQ5MzMwHhcNMjMwMTAxMTkxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzRmMDI5Nzg2Y2I2Y2Y1MDI3N2RiY2EyODA1M2FkNTNiMTNiNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHPQMs0v7Oc+Rc36s+HP0+Qchobe
S3crRLvZpYFc2qK81nG5rxpvYLNIH1rC7Eq5jdeD8GE22J8zFFTKzmJvOISM0nr4
5A5417xeRw0WDqZDK6c6OoRylPYb3mbcFSf7TRPzuqDBv5aZxGwA/f8G7H/IUmzU
fN6er1Z4wldcfs3n/sJSxtD6kJY37LjdeOKjf48uulgy2FeTcVqESsz5wWChjE8B
0hyruXw3GWCNWR4jRi+91eFnXR6r+MlSBhbLhehq7pCKDm3UDMarjFXImtSduLmD
Ux6TzfKDlSy+7e0Up79aG1Y6/9eDayCZnXGlYpmPd/XYUrfIQA+Lo3tGUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAdPApeGy2z1AnfbyigFOtU7E7YlMB8GA1UdIwQY
MBaAFK94La49QMryIjJiVBxAVOYpRdkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNndHJqMUF5dklpTW1KVUhFQlU1aWxGMlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kZWU4MzMtZmU1Yi00YzEwLWJiZWMt
ZjAxMjVkMDJlMjYyLzEvQjA4Q2w0YkxiUFVDZDl2S0tBVTYxVHNUdGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kZWU4MzMtZmU1Yi00YzEwLWJiZWMtZjAxMjVkMDJlMjYy
LzEvcjNndHJqMUF5dklpTW1KVUhFQlU1aWxGMlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuQncMA8E
AgACMAkDBwAqAt9AAAAwDQYJKoZIhvcNAQELBQADggEBAENCKn8ruEveSs1cY5cO
256oeboSfybTF8lLzTmeb+sWmTvZSrgOfMtHZfQ4XKHbzzQbd24cz1Y+UBykeCsT
sUVF+yXtSlvotOrFXa9G1wFAAzPnulC7Uf8+DX+dJvqCpglt6TGFCsHi0AaLEqEl
AOazGXQ5V/IouVq1r8ZE5y2T820kUNSbUliOd6dH5iuR7Iq2s/GqlQHnj7ZoQkju
gmzjMLnMGLbRPQLic/IFjtk736zSqMAw/fMXnXtGPHfFvBCrsX5AngmZq4NWOp67
rlTdOjJIdZmUs4TQtsDNfB30Byos51W3DqZp2c5DtaNUp7pZgV4fkK6nqxq64Tg5
Ni4=
-----END CERTIFICATE-----
Generated at Fri Apr 18 11:27:49 2025 by rpki-client