Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/85EVtbYPgVPNJknIJxBpCiJ26Mk.roa
File: 85EVtbYPgVPNJknIJxBpCiJ26Mk.roa (raw, json)
Hash identifier: dFZVOAQS0V1912SWqxWybEXVI/RRFlGp3qRN5pmCAOg=
Subject key identifier: F3:91:15:B5:B6:0F:81:53:CD:26:49:C8:27:10:69:0A:22:76:E8:C9
Certificate issuer: /CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Certificate serial: 018460B25BF52663D92C2E8274FC6E1A18A8
Authority key identifier: 5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/85EVtbYPgVPNJknIJxBpCiJ26Mk.roa
Signing time: Thu 10 Nov 2022 08:40:12 +0000
ROA not before: Thu 10 Nov 2022 08:40:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6893
IP address blocks: 185.125.199.0/24 maxlen: 24
185.125.198.0/24 maxlen: 24
185.125.197.0/24 maxlen: 24
185.125.196.0/22 maxlen: 22
185.125.196.0/23 maxlen: 23
185.125.196.0/24 maxlen: 24
62.220.128.0/19 maxlen: 19
62.220.150.0/24 maxlen: 24
62.220.158.0/24 maxlen: 24
2001:788::/29 maxlen: 29
2001:788::/32 maxlen: 32
2001:789::/32 maxlen: 32
2001:78c::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:60:b2:5b:f5:26:63:d9:2c:2e:82:74:fc:6e:1a:18:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae8c78f161397ae1dbd0ac322584f62fb740097
Validity
Not Before: Nov 10 08:40:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f39115b5b60f8153cd2649c82710690a2276e8c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0c:98:93:0e:14:9c:6e:e7:11:22:5f:f8:ea:
1f:eb:af:53:a8:23:7a:e8:55:f1:02:10:a3:89:85:
61:7e:5f:bf:03:fb:9a:8a:91:80:d7:49:5b:9f:f8:
06:99:0a:40:2a:0d:89:cf:ee:11:d3:6c:aa:6c:7a:
49:38:3e:66:7e:63:66:b3:93:21:53:5c:93:17:15:
ba:ec:ec:7d:fe:42:ed:2c:d3:ef:c5:81:f9:ae:5d:
54:c7:52:d9:c9:93:a7:79:4a:7f:e9:d2:1d:00:79:
96:45:bd:cd:08:c2:cc:06:00:97:67:a4:3b:bd:76:
b2:a2:40:79:21:28:bd:30:4d:0e:ab:47:13:8b:97:
d6:50:ab:dc:99:de:0e:de:71:cf:ca:6a:99:a4:ef:
ca:ca:e5:a4:f7:a8:bd:60:ab:b1:19:2e:aa:19:4c:
9a:8d:ea:5f:8d:34:80:01:29:62:c2:9a:11:8c:b6:
12:05:24:83:c9:c6:b0:cb:ae:9c:ff:92:a9:5e:ae:
b3:72:40:15:b9:db:1f:0b:4d:6a:3a:35:f9:7a:94:
f8:9e:b4:04:0a:2f:66:11:8e:2d:c2:69:32:da:66:
7a:9b:96:1b:41:d1:54:8e:fa:0e:b3:ff:2f:d3:3d:
97:48:d8:83:1e:f3:20:f7:9e:0c:3c:e4:53:3c:29:
67:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:91:15:B5:B6:0F:81:53:CD:26:49:C8:27:10:69:0A:22:76:E8:C9
X509v3 Authority Key Identifier:
keyid:5A:E8:C7:8F:16:13:97:AE:1D:BD:0A:C3:22:58:4F:62:FB:74:00:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WujHjxYTl64dvQrDIlhPYvt0AJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/85EVtbYPgVPNJknIJxBpCiJ26Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/4d27bb-f85c-4bfd-b1c3-47bcd39c3d86/1/WujHjxYTl64dvQrDIlhPYvt0AJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.128.0/19
185.125.196.0/22
IPv6:
2001:788::/29
Signature Algorithm: sha256WithRSAEncryption
16:dd:30:da:d5:8f:f2:f6:42:47:4a:d2:5c:3d:a4:5a:2e:0a:
8c:7b:d4:8a:c9:b3:b2:1c:51:88:a2:f7:83:5f:eb:ce:30:4f:
a2:2d:eb:4d:f2:bf:c3:69:c4:4d:5a:c0:b9:da:22:9f:9a:28:
48:ec:69:d2:47:92:85:5a:ae:54:e3:f5:a1:ce:1e:89:41:6e:
0c:7f:e2:c1:ae:56:09:f0:99:99:56:20:ad:98:5b:d4:90:4a:
a5:a5:a1:2d:a5:02:4e:b2:73:7b:cb:f2:1c:4f:f9:af:eb:42:
dc:b0:82:62:44:fe:68:18:c2:7f:9d:56:e5:89:40:b7:e0:54:
f8:a4:b4:57:14:32:66:d0:ee:7b:44:5f:73:d4:64:92:05:9a:
44:ee:e4:f9:99:25:30:09:3c:89:c1:68:80:3e:0e:f1:b5:3b:
8f:27:e6:fd:43:86:9f:b9:c0:7a:9a:88:0d:de:8b:b7:48:f1:
bb:7c:cf:91:57:ce:01:8c:2a:6d:66:82:00:d0:ec:81:d0:c2:
74:d9:e4:9a:86:5e:36:7d:f0:3f:c0:04:a2:df:b8:98:1a:0e:
05:ed:80:be:c0:b9:6f:99:47:9b:ca:ec:14:0d:c9:9e:35:4f:
28:99:19:cf:ec:2d:5e:f4:0d:07:bc:01:e4:f5:ed:52:ea:c8:
3c:4f:00:10
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYRgslv1JmPZLC6CdPxuGhioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZThjNzhmMTYxMzk3YWUxZGJkMGFjMzIyNTg0ZjYyZmI3
NDAwOTcwHhcNMjIxMTEwMDg0MDEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzkxMTViNWI2MGY4MTUzY2QyNjQ5YzgyNzEwNjkwYTIyNzZlOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAyYkw4UnG7nESJf+Oof669TqCN6
6FXxAhCjiYVhfl+/A/uaipGA10lbn/gGmQpAKg2Jz+4R02yqbHpJOD5mfmNms5Mh
U1yTFxW67Ox9/kLtLNPvxYH5rl1Ux1LZyZOneUp/6dIdAHmWRb3NCMLMBgCXZ6Q7
vXayokB5ISi9ME0Oq0cTi5fWUKvcmd4O3nHPymqZpO/KyuWk96i9YKuxGS6qGUya
jepfjTSAASliwpoRjLYSBSSDycawy66c/5KpXq6zckAVudsfC01qOjX5epT4nrQE
Ci9mEY4twmky2mZ6m5YbQdFUjvoOs/8v0z2XSNiDHvMg954MPORTPCln4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPORFbW2D4FTzSZJyCcQaQoidujJMB8GA1UdIwQY
MBaAFFrox48WE5euHb0KwyJYT2L7dACXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMt
NDdiY2QzOWMzZDg2LzEvODVFVnRiWVBnVlBOSmtuSUp4QnBDaUoyNk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80ZDI3YmItZjg1Yy00YmZkLWIxYzMtNDdiY2QzOWMzZDg2
LzEvV3VqSGp4WVRsNjRkdlFyRElsaFBZdnQwQUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPtyAAwQC
uX3EMA0EAgACMAcDBQMgAQeIMA0GCSqGSIb3DQEBCwUAA4IBAQAW3TDa1Y/y9kJH
StJcPaRaLgqMe9SKybOyHFGIoveDX+vOME+iLetN8r/DacRNWsC52iKfmihI7GnS
R5KFWq5U4/Whzh6JQW4Mf+LBrlYJ8JmZViCtmFvUkEqlpaEtpQJOsnN7y/IcT/mv
60LcsIJiRP5oGMJ/nVbliUC34FT4pLRXFDJm0O57RF9z1GSSBZpE7uT5mSUwCTyJ
wWiAPg7xtTuPJ+b9Q4afucB6mogN3ou3SPG7fM+RV84BjCptZoIA0OyB0MJ02eSa
hl42ffA/wASi37iYGg4F7YC+wLlvmUebyuwUDcmeNU8omRnP7C1e9A0HvAHk9e1S
6sg8TwAQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:28 2024 by rpki-client on console-ams.rpki-client.org