Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/y4dfZ0qRaPMyhTTOlMdjvVrIV2o.roa
File: y4dfZ0qRaPMyhTTOlMdjvVrIV2o.roa (raw, json)
Hash identifier: /Yp5JitV3VuY9r3tfc0dvRKoaggh2naJW4Lkm4nKWlk=
Subject key identifier: CB:87:5F:67:4A:91:68:F3:32:85:34:CE:94:C7:63:BD:5A:C8:57:6A
Certificate issuer: /CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Certificate serial: 01865519B2052B962AB0481497DCF5F117E3
Authority key identifier: 8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/y4dfZ0qRaPMyhTTOlMdjvVrIV2o.roa
Signing time: Wed 15 Feb 2023 12:43:12 +0000
ROA not before: Wed 15 Feb 2023 12:43:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203924
IP address blocks: 185.113.144.0/22 maxlen: 22
185.146.36.0/22 maxlen: 22
185.216.120.0/22 maxlen: 22
85.117.252.0/22 maxlen: 22
193.105.0.0/24 maxlen: 24
2a06:6a40::/29 maxlen: 29
2a0b:b640::/29 maxlen: 29
2a07:4d00::/30 maxlen: 30
2a07:4d00::/29 maxlen: 29
2a07:4d04::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:19:b2:05:2b:96:2a:b0:48:14:97:dc:f5:f1:17:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Validity
Not Before: Feb 15 12:43:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb875f674a9168f3328534ce94c763bd5ac8576a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b7:5d:c1:d3:d3:f6:1b:c9:54:1f:b6:66:76:
52:5d:e5:e0:db:a8:d8:04:e0:68:a1:d6:b9:51:48:
0a:45:22:6c:c6:d0:07:aa:74:40:6f:c3:05:54:34:
a7:57:7e:0b:15:e8:a1:ca:f1:2f:07:15:0a:c7:ce:
ce:34:24:11:a3:9a:c7:fd:4a:f7:1f:19:70:11:dd:
82:e6:ea:d8:18:2d:9c:2b:3e:02:dc:a0:df:e7:f6:
ff:ca:a9:f2:ce:4e:17:99:0e:61:3c:3c:49:f1:4f:
2e:f8:50:04:4c:04:e4:91:fe:07:4b:e0:bd:64:72:
34:c7:fb:eb:21:c7:cf:91:34:b7:ca:dc:d8:fd:18:
0d:ce:72:bd:b1:cc:2a:6c:09:c4:83:53:5c:dd:88:
2a:54:82:69:cf:22:5e:45:8c:34:75:b5:47:81:56:
4d:0b:26:de:dd:ad:41:05:96:01:50:11:44:ad:c0:
be:6c:9c:26:7f:56:72:fe:3b:cd:20:13:de:fd:72:
07:ee:8c:aa:f5:38:72:50:e1:ba:9b:fd:f6:de:23:
8a:1e:92:55:d7:1b:4a:3e:ae:45:67:27:5e:a6:4c:
7e:e0:8f:56:57:8a:fa:3b:52:f0:a6:ae:24:bd:d7:
10:55:8f:38:b8:01:ee:1d:9d:96:ba:55:60:d9:91:
62:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:87:5F:67:4A:91:68:F3:32:85:34:CE:94:C7:63:BD:5A:C8:57:6A
X509v3 Authority Key Identifier:
keyid:8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/y4dfZ0qRaPMyhTTOlMdjvVrIV2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/j5D2t16RPyeC7VSetyFyxZzEevE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.252.0/22
185.113.144.0/22
185.146.36.0/22
185.216.120.0/22
193.105.0.0/24
IPv6:
2a06:6a40::/29
2a07:4d00::/29
2a0b:b640::/29
Signature Algorithm: sha256WithRSAEncryption
5e:1d:fc:99:aa:dc:df:dc:9b:01:9e:8e:8a:2a:12:68:78:be:
88:e2:7f:15:87:60:b1:ac:8d:58:97:67:f6:3b:7c:a9:56:0b:
7a:dc:ca:db:e4:59:df:9f:f1:d7:41:5f:8d:ae:53:30:24:eb:
6a:d1:c1:61:e8:7f:77:58:c0:22:b6:ea:93:27:e6:2b:01:00:
4b:a9:3d:09:0a:e5:fc:35:93:2b:42:1a:00:99:bb:96:1f:4f:
aa:3f:c7:96:9f:85:fa:d9:8d:6c:61:e9:1d:02:62:1b:bb:28:
d3:85:74:28:55:af:9e:5a:6b:ba:94:35:35:67:47:ff:cc:20:
ae:35:17:1f:26:db:d3:88:72:86:5d:03:a2:61:dc:ea:d6:89:
d9:85:87:eb:da:33:84:8f:ed:fc:a2:69:d8:70:16:f7:62:83:
40:b6:bd:61:a2:34:f2:ae:e2:e1:df:c5:22:36:c8:b2:40:5e:
0a:cd:ce:eb:12:e8:35:40:95:00:17:30:77:a6:f5:f3:f5:0a:
7b:87:1c:3b:83:44:11:60:cb:5b:ea:19:29:10:1d:eb:32:c1:
65:e8:35:59:5e:da:13:66:6c:dc:07:e5:c4:f4:b5:e3:8e:08:
d8:06:73:d3:30:48:30:92:b4:c2:ab:51:d3:63:45:19:40:18:
c4:5c:fe:96
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYZVGbIFK5YqsEgUl9z18RfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOTBmNmI3NWU5MTNmMjc4MmVkNTQ5ZWI3MjE3MmM1OWNj
NDdhZjEwHhcNMjMwMjE1MTI0MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjg3NWY2NzRhOTE2OGYzMzI4NTM0Y2U5NGM3NjNiZDVhYzg1NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbddwdPT9hvJVB+2ZnZSXeXg26jY
BOBooda5UUgKRSJsxtAHqnRAb8MFVDSnV34LFeihyvEvBxUKx87ONCQRo5rH/Ur3
HxlwEd2C5urYGC2cKz4C3KDf5/b/yqnyzk4XmQ5hPDxJ8U8u+FAETATkkf4HS+C9
ZHI0x/vrIcfPkTS3ytzY/RgNznK9scwqbAnEg1Nc3YgqVIJpzyJeRYw0dbVHgVZN
Cybe3a1BBZYBUBFErcC+bJwmf1Zy/jvNIBPe/XIH7oyq9ThyUOG6m/323iOKHpJV
1xtKPq5FZydepkx+4I9WV4r6O1Lwpq4kvdcQVY84uAHuHZ2WulVg2ZFirQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFMuHX2dKkWjzMoU0zpTHY71ayFdqMB8GA1UdIwQY
MBaAFI+Q9rdekT8ngu1UnrchcsWcxHrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQt
YzFkMGFjYjc4MTlhLzEveTRkZlowcVJhUE15aFRUT2xNZGp2VnJJVjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQtYzFkMGFjYjc4MTlh
LzEvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCVXX8AwQC
uXGQAwQCuZIkAwQCudh4AwQAwWkAMBsEAgACMBUDBQMqBmpAAwUDKgdNAAMFAyoL
tkAwDQYJKoZIhvcNAQELBQADggEBAF4d/Jmq3N/cmwGejooqEmh4vojifxWHYLGs
jViXZ/Y7fKlWC3rcytvkWd+f8ddBX42uUzAk62rRwWHof3dYwCK26pMn5isBAEup
PQkK5fw1kytCGgCZu5YfT6o/x5afhfrZjWxh6R0CYhu7KNOFdChVr55aa7qUNTVn
R//MIK41Fx8m29OIcoZdA6Jh3OrWidmFh+vaM4SP7fyiadhwFvdig0C2vWGiNPKu
4uHfxSI2yLJAXgrNzusS6DVAlQAXMHem9fP1CnuHHDuDRBFgy1vqGSkQHesywWXo
NVle2hNmbNwH5cT0teOOCNgGc9MwSDCStMKrUdNjRRlAGMRc/pY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:28 2025 by rpki-client