Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/0pJa-Ij2owOje54O1gyJuVIHmxE.roa
File: 0pJa-Ij2owOje54O1gyJuVIHmxE.roa (raw, json)
Hash identifier: k1eWVH+Lu5J0K+UPCrrMLSnjzC2lcYom9qNKi6285lw=
Subject key identifier: D2:92:5A:F8:88:F6:A3:03:A3:7B:9E:0E:D6:0C:89:B9:52:07:9B:11
Certificate issuer: /CN=b77627cafe755785750bde5ba49e6c1091bf4247
Certificate serial: 01856B2E9CE9FAA99CEC303ED128054C3D1C
Authority key identifier: B7:76:27:CA:FE:75:57:85:75:0B:DE:5B:A4:9E:6C:10:91:BF:42:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3Ynyv51V4V1C95bpJ5sEJG_Qkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/0pJa-Ij2owOje54O1gyJuVIHmxE.roa
Signing time: Sun 01 Jan 2023 02:34:54 +0000
ROA not before: Sun 01 Jan 2023 02:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209302
IP address blocks: 85.209.251.0/24 maxlen: 24
85.209.250.0/24 maxlen: 24
85.209.248.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:2e:9c:e9:fa:a9:9c:ec:30:3e:d1:28:05:4c:3d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b77627cafe755785750bde5ba49e6c1091bf4247
Validity
Not Before: Jan 1 02:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2925af888f6a303a37b9e0ed60c89b952079b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c9:87:e5:b7:03:f0:ac:08:08:7e:6e:5e:f5:
ed:62:b6:36:37:df:7f:1d:49:6a:ed:41:a9:a8:6d:
c9:81:fe:62:8c:99:33:55:39:45:39:9a:9c:dd:22:
f7:ad:bb:55:bc:6c:f2:a3:8d:27:44:ad:a6:fc:82:
97:85:ad:45:2d:27:d1:ee:54:ce:69:38:48:91:11:
72:27:15:4a:91:f3:7d:03:8c:c6:15:c0:d3:0b:96:
55:4d:70:46:af:59:44:57:f4:13:63:f7:45:eb:3d:
32:6b:20:6b:6c:c8:89:14:e4:a6:f4:c0:99:28:8e:
8a:de:69:4a:6b:ee:3a:08:c9:2f:d8:6c:9c:04:b9:
af:4e:89:c0:47:f6:ca:31:e6:4c:bf:04:12:f6:a5:
f0:1e:b5:fa:a7:4c:a6:da:86:b6:8c:59:93:de:d8:
17:bd:dc:ba:d2:53:7c:7e:de:ac:71:3b:00:35:c3:
46:1b:4c:1e:1e:59:7a:c4:39:15:d6:63:e6:f0:22:
04:08:79:ed:ed:be:3a:4e:7f:bf:d1:59:30:a2:12:
00:22:ac:b9:98:6c:eb:5c:50:5c:a6:39:d6:72:80:
73:ce:b3:fc:15:cb:2c:c4:88:fc:98:93:f1:41:d7:
fb:16:a4:83:62:73:54:37:17:1c:f5:23:b3:e9:51:
ca:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:92:5A:F8:88:F6:A3:03:A3:7B:9E:0E:D6:0C:89:B9:52:07:9B:11
X509v3 Authority Key Identifier:
keyid:B7:76:27:CA:FE:75:57:85:75:0B:DE:5B:A4:9E:6C:10:91:BF:42:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3Ynyv51V4V1C95bpJ5sEJG_Qkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/0pJa-Ij2owOje54O1gyJuVIHmxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/t3Ynyv51V4V1C95bpJ5sEJG_Qkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.248.0/22
Signature Algorithm: sha256WithRSAEncryption
be:81:0f:d9:60:9f:80:14:69:9c:37:59:46:27:70:fe:e8:77:
ec:a9:5b:c8:f2:56:ef:1a:e8:30:03:87:29:76:06:29:d5:af:
3f:73:8f:4d:b4:04:2d:cd:ae:70:99:6d:e4:ce:d5:c6:9f:8a:
cb:33:e6:aa:04:ef:dc:e8:52:73:38:24:01:cd:ea:1e:eb:33:
ab:ad:62:63:41:47:a3:6e:4a:17:48:9f:8a:d7:9f:7f:5d:d3:
8a:31:ce:5e:e6:5a:8a:bc:b7:1a:8a:66:b1:a8:58:bc:b8:6d:
53:8a:57:f9:12:cc:9a:59:79:cc:73:9b:cd:91:bf:24:0a:9d:
d6:7e:e3:b8:0e:de:2e:a3:ae:d8:84:94:e9:69:1c:9c:b2:38:
58:03:89:62:44:e8:2a:bb:c9:85:36:f7:a3:6d:27:72:09:21:
58:7d:1d:87:74:fb:d1:a6:07:93:73:cb:68:56:eb:a7:38:73:
ea:88:ff:ed:96:4d:52:26:34:8d:2f:8f:0c:be:ae:e1:33:ba:
98:f2:27:71:68:a4:27:ed:91:a5:12:bc:7e:91:7a:1c:a6:bf:
7a:b4:6e:78:6c:a9:0f:ce:5a:12:c1:6d:b7:cf:37:1a:68:d8:
c8:dd:da:74:7a:e9:6a:dd:77:f4:08:80:3b:c1:60:cc:9a:54:
19:8c:28:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrLpzp+qmc7DA+0SgFTD0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzYyN2NhZmU3NTU3ODU3NTBiZGU1YmE0OWU2YzEwOTFi
ZjQyNDcwHhcNMjMwMTAxMDIzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjkyNWFmODg4ZjZhMzAzYTM3YjllMGVkNjBjODliOTUyMDc5YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8mH5bcD8KwICH5uXvXtYrY2N99/
HUlq7UGpqG3Jgf5ijJkzVTlFOZqc3SL3rbtVvGzyo40nRK2m/IKXha1FLSfR7lTO
aThIkRFyJxVKkfN9A4zGFcDTC5ZVTXBGr1lEV/QTY/dF6z0yayBrbMiJFOSm9MCZ
KI6K3mlKa+46CMkv2GycBLmvTonAR/bKMeZMvwQS9qXwHrX6p0ym2oa2jFmT3tgX
vdy60lN8ft6scTsANcNGG0weHll6xDkV1mPm8CIECHnt7b46Tn+/0VkwohIAIqy5
mGzrXFBcpjnWcoBzzrP8FcssxIj8mJPxQdf7FqSDYnNUNxcc9SOz6VHKRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKSWviI9qMDo3ueDtYMiblSB5sRMB8GA1UdIwQY
MBaAFLd2J8r+dVeFdQveW6SebBCRv0JHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNZbnl2NTFWNFYxQzk1YnBKNXNFSkdfUWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MDIxMzctZGQ0MC00ZWY5LWJiMGYt
NDQ1N2ZhMjBiY2JhLzEvMHBKYS1JajJvd09qZTU0TzFneUp1VklIbXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MDIxMzctZGQ0MC00ZWY5LWJiMGYtNDQ1N2ZhMjBiY2Jh
LzEvdDNZbnl2NTFWNFYxQzk1YnBKNXNFSkdfUWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdH4MA0G
CSqGSIb3DQEBCwUAA4IBAQC+gQ/ZYJ+AFGmcN1lGJ3D+6HfsqVvI8lbvGugwA4cp
dgYp1a8/c49NtAQtza5wmW3kztXGn4rLM+aqBO/c6FJzOCQBzeoe6zOrrWJjQUej
bkoXSJ+K159/XdOKMc5e5lqKvLcaimaxqFi8uG1Tilf5EsyaWXnMc5vNkb8kCp3W
fuO4Dt4uo67YhJTpaRycsjhYA4liROgqu8mFNvejbSdyCSFYfR2HdPvRpgeTc8to
VuunOHPqiP/tlk1SJjSNL48Mvq7hM7qY8idxaKQn7ZGlErx+kXocpr96tG54bKkP
zloSwW23zzcaaNjI3dp0eulq3Xf0CIA7wWDMmlQZjCgE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:57 2025 by rpki-client