Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/1-tOaCjuvCquh9ot3ADVRGl-6-ao.roa
File: 1-tOaCjuvCquh9ot3ADVRGl-6-ao.roa (raw, json)
Hash identifier: Q4GKEL3TjIt5NZCjmn03qwqQ1iob0Nq4m1A97V5VZ78=
Subject key identifier: FA:D3:9A:0A:3B:AF:0A:AB:A1:F6:8B:77:00:35:51:1A:5F:BA:F9:AA
Certificate issuer: /CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Certificate serial: 033C2A69
Authority key identifier: CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/1-tOaCjuvCquh9ot3ADVRGl-6-ao.roa
Signing time: Sat 01 Jan 2022 15:59:20 +0000
ROA not before: Sat 01 Jan 2022 15:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21233
IP address blocks: 85.113.85.0/24 maxlen: 24
85.113.80.0/24 maxlen: 24
85.113.81.0/24 maxlen: 24
85.113.82.0/24 maxlen: 24
85.113.83.0/24 maxlen: 24
85.113.89.0/24 maxlen: 24
2001:be7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54274665 (0x33c2a69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Validity
Not Before: Jan 1 15:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fad39a0a3baf0aaba1f68b770035511a5fbaf9aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:81:c2:7b:8a:06:0a:c0:c8:37:a7:50:03:0b:
25:9f:de:e5:f0:63:75:25:9d:64:c1:78:4a:2c:de:
a1:66:1d:d8:e4:ff:26:81:b0:e2:a4:e8:64:0b:19:
88:34:fc:ea:ac:c6:e5:32:09:52:dc:f7:4a:49:78:
f0:03:53:47:8f:d5:bd:45:c4:f2:ae:7b:46:d9:77:
bb:73:6c:e3:bb:4f:46:9f:c0:4d:67:24:53:33:34:
d7:b6:c0:14:ab:46:0a:b3:92:27:73:8c:26:f3:cd:
9d:66:f9:43:b3:8b:f0:a4:b1:14:c3:f7:f0:39:ff:
75:90:2e:e7:e2:0f:22:40:23:f6:6f:08:a6:80:83:
c5:3d:f3:b8:35:e0:0b:32:a0:25:b6:6e:c7:5d:d3:
4f:ab:54:60:a7:be:0d:a6:55:dc:d0:44:c1:49:00:
24:cf:51:2b:42:a0:15:da:10:50:47:2f:3a:a4:c3:
f6:4b:03:99:2f:4e:6a:0f:db:ce:a8:ce:e7:9a:d1:
06:5d:80:67:f6:d9:8f:44:33:4e:37:48:83:dd:df:
26:e3:a9:33:be:0f:65:92:e2:da:cc:ca:d8:15:a6:
30:2f:12:91:04:69:51:77:47:15:a7:fa:0d:a2:1f:
76:09:94:e7:45:5a:5a:1d:b2:b3:25:a9:03:73:2b:
78:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D3:9A:0A:3B:AF:0A:AB:A1:F6:8B:77:00:35:51:1A:5F:BA:F9:AA
X509v3 Authority Key Identifier:
keyid:CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/1-tOaCjuvCquh9ot3ADVRGl-6-ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/zpE13-0LtjNdGd3W1-mfSK--PAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.113.80.0/22
85.113.85.0/24
85.113.89.0/24
IPv6:
2001:be7::/32
Signature Algorithm: sha256WithRSAEncryption
bc:8d:07:3b:84:99:83:57:61:ed:9c:83:90:d0:3c:8a:32:e0:
14:ce:41:2e:fc:bf:69:32:3e:61:72:64:32:ca:a7:81:36:1e:
14:b0:33:d5:2c:06:c8:c8:a9:7e:e2:5c:91:e6:14:65:8f:1d:
61:c5:59:77:3d:05:4a:c8:c7:53:bd:b7:ac:60:0b:8a:f8:e2:
36:71:db:d8:e5:b3:a8:4a:e8:40:37:6e:6b:c7:48:e1:bb:b9:
f7:81:b2:ff:54:21:e8:0f:a8:44:b5:62:14:6a:2e:5a:50:45:
be:05:de:9c:d2:53:de:27:55:63:dd:82:28:a0:a2:9f:51:bb:
9a:d7:dc:c4:30:d6:dd:55:2e:4f:27:27:df:24:d4:3b:aa:37:
a2:49:3a:e8:0b:51:b8:78:d2:7c:d9:a6:dd:b5:2d:c7:55:ed:
c5:20:74:5a:0d:ef:b0:06:c6:e2:6f:de:be:be:6e:04:07:dc:
df:e8:d2:6f:de:f8:55:a0:d3:68:5b:74:12:9b:d5:6c:1e:00:
15:46:01:18:5c:a3:b6:a5:1a:ee:17:c3:36:f6:88:d3:8c:18:
49:a3:7f:73:e7:0a:38:10:c3:5c:49:b5:57:c1:bb:0d:83:96:
d6:22:3e:55:0b:ae:32:c7:40:3e:f2:05:d9:f1:ec:23:27:45:
aa:1b:2b:bf
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEAzwqaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTkxMzVkZmVkMGJiNjMzNWQxOWRkZDZkN2U5OWY0OGFmYmUzYzAxMB4XDTIyMDEw
MTE1NTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFkMzlhMGEzYmFm
MGFhYmExZjY4Yjc3MDAzNTUxMWE1ZmJhZjlhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+BwnuKBgrAyDenUAMLJZ/e5fBjdSWdZMF4SizeoWYd2OT/
JoGw4qToZAsZiDT86qzG5TIJUtz3Skl48ANTR4/VvUXE8q57Rtl3u3Ns47tPRp/A
TWckUzM017bAFKtGCrOSJ3OMJvPNnWb5Q7OL8KSxFMP38Dn/dZAu5+IPIkAj9m8I
poCDxT3zuDXgCzKgJbZux13TT6tUYKe+DaZV3NBEwUkAJM9RK0KgFdoQUEcvOqTD
9ksDmS9Oag/bzqjO55rRBl2AZ/bZj0QzTjdIg93fJuOpM74PZZLi2szK2BWmMC8S
kQRpUXdHFaf6DaIfdgmU50VaWh2ysyWpA3MreJMCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBT605oKO68Kq6H2i3cANVEaX7r5qjAfBgNVHSMEGDAWgBTOkTXf7Qu2M10Z
3dbX6Z9Ir748ATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pwRTEzLTBMdGpOZEdkM1cxLW1mU0stLVBBRS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvM2M5YzNjLWQ2MDgtNGVhMi05YTI4LWMxMWVjNmVhODZiOC8x
LzEtdE9hQ2p1dkNxdWg5b3QzQURWUkdsLTYtYW8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI4
LzNjOWMzYy1kNjA4LTRlYTItOWEyOC1jMTFlYzZlYTg2YjgvMS96cEUxMy0wTHRq
TmRHZDNXMS1tZlNLLS1QQUUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
OgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAJVcVADBABVcVUDBABVcVkwDQQC
AAIwBwMFACABC+cwDQYJKoZIhvcNAQELBQADggEBALyNBzuEmYNXYe2cg5DQPIoy
4BTOQS78v2kyPmFyZDLKp4E2HhSwM9UsBsjIqX7iXJHmFGWPHWHFWXc9BUrIx1O9
t6xgC4r44jZx29jls6hK6EA3bmvHSOG7ufeBsv9UIegPqES1YhRqLlpQRb4F3pzS
U94nVWPdgiigop9Ru5rX3MQw1t1VLk8nJ98k1DuqN6JJOugLUbh40nzZpt21LcdV
7cUgdFoN77AGxuJv3r6+bgQH3N/o0m/e+FWg02hbdBKb1WweABVGARhco7alGu4X
wzb2iNOMGEmjf3PnCjgQw1xJtVfBuw2DltYiPlULrjLHQD7yBdnx7CMnRaobK78=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:05 2024 by rpki-client on console-fra.rpki-client.org