Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/es81pj6CRvipaNZOwWjybCKreLk.roa
File: es81pj6CRvipaNZOwWjybCKreLk.roa (raw, json)
Hash identifier: 7yULfcu6Vd1z3RbF/c78sER/yfaErK9qAqIq8AeOLb4=
Subject key identifier: 7A:CF:35:A6:3E:82:46:F8:A9:68:D6:4E:C1:68:F2:6C:22:AB:78:B9
Certificate issuer: /CN=b77627cafe755785750bde5ba49e6c1091bf4247
Certificate serial: 6A9B59
Authority key identifier: B7:76:27:CA:FE:75:57:85:75:0B:DE:5B:A4:9E:6C:10:91:BF:42:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3Ynyv51V4V1C95bpJ5sEJG_Qkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/es81pj6CRvipaNZOwWjybCKreLk.roa
Signing time: Tue 15 Mar 2022 17:08:16 +0000
ROA not before: Tue 15 Mar 2022 17:08:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209302
IP address blocks: 85.209.251.0/24 maxlen: 24
85.209.250.0/24 maxlen: 24
85.209.248.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6986585 (0x6a9b59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b77627cafe755785750bde5ba49e6c1091bf4247
Validity
Not Before: Mar 15 17:08:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7acf35a63e8246f8a968d64ec168f26c22ab78b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:27:57:1f:f3:38:9d:20:2d:13:90:53:91:6d:
df:4b:bf:8d:3a:72:a0:0c:a3:73:33:36:8e:ca:7b:
63:7f:12:2d:f7:39:86:96:87:fa:6a:f5:5a:0b:b6:
fc:04:77:d0:30:c5:8d:30:7d:f9:49:62:70:81:58:
a2:a7:b1:34:7a:54:2e:f3:1f:19:57:49:7e:41:38:
a2:e6:c9:7b:24:59:19:9d:d2:94:f3:50:76:9a:bd:
95:24:5b:5d:37:28:84:ba:e7:df:71:47:2c:77:36:
51:b4:38:36:d7:ed:7a:8d:8c:eb:c6:24:a0:2c:77:
71:7e:af:d5:1f:08:6c:ed:2e:d2:2c:eb:b0:c6:12:
09:2d:cf:12:4d:75:ad:b8:8a:d6:52:28:4e:8f:8b:
87:54:78:51:db:2a:eb:0e:49:d7:a1:94:85:94:02:
38:36:a6:77:d4:db:1e:25:d8:dc:58:1b:90:81:57:
08:e9:6a:90:69:fd:c1:18:6c:ad:66:60:91:78:50:
a9:e0:6f:20:91:a6:cf:38:be:33:88:86:25:14:1e:
53:a4:99:69:e9:87:43:66:bc:a4:5a:f5:0a:e9:97:
41:c5:b0:58:bc:bc:c2:cf:0a:97:20:07:7d:a3:e8:
9f:59:c1:2b:81:f7:fb:31:25:ed:5a:6e:0e:9e:f1:
0c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CF:35:A6:3E:82:46:F8:A9:68:D6:4E:C1:68:F2:6C:22:AB:78:B9
X509v3 Authority Key Identifier:
keyid:B7:76:27:CA:FE:75:57:85:75:0B:DE:5B:A4:9E:6C:10:91:BF:42:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3Ynyv51V4V1C95bpJ5sEJG_Qkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/es81pj6CRvipaNZOwWjybCKreLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/t3Ynyv51V4V1C95bpJ5sEJG_Qkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.248.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:62:51:8d:a9:a1:c6:c4:83:32:75:39:b4:26:85:f9:7d:47:
8c:ba:d4:0f:ff:c1:dd:1b:10:0a:7b:59:4f:46:78:be:f0:13:
0f:e4:48:8b:94:89:30:c2:b7:ae:9a:1d:6e:f3:49:9f:fb:f6:
fd:83:18:82:fa:86:c4:fc:06:c9:56:53:f0:24:8c:2c:1d:e4:
35:bf:28:e8:bd:7d:b4:8f:6d:6b:15:bc:e9:1c:9b:8c:d8:d1:
be:b3:68:0f:d1:3d:cd:6b:a4:5a:cc:42:2f:08:73:00:bf:e4:
10:80:97:73:94:65:52:2c:c0:cf:5e:d1:88:eb:2d:4a:8d:6a:
9c:a3:22:35:8e:c6:7d:97:88:e2:eb:b0:0a:0e:7c:8c:87:b3:
2c:9c:b4:8e:42:d3:1e:db:8a:6c:fc:50:dc:23:13:72:3f:7b:
d5:17:30:a2:c7:68:29:a7:e4:ff:3e:bf:3d:07:03:85:5d:c1:
d5:3e:da:78:71:0e:66:2c:55:09:78:48:45:7f:52:c5:16:69:
82:ad:8a:87:d2:ca:e0:9a:7b:ec:c9:f8:fd:21:ca:b3:cf:be:
77:dc:f9:4d:2a:b3:db:2e:c2:0a:66:12:5e:ce:e6:0f:cf:f6:
34:0a:41:73:eb:dc:56:4d:3c:bf:7d:d0:76:93:11:f1:8c:9a:
c6:60:67:22
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDaptZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI3
NzYyN2NhZmU3NTU3ODU3NTBiZGU1YmE0OWU2YzEwOTFiZjQyNDcwHhcNMjIwMzE1
MTcwODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3YWNmMzVhNjNlODI0
NmY4YTk2OGQ2NGVjMTY4ZjI2YzIyYWI3OGI5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsidXH/M4nSAtE5BTkW3fS7+NOnKgDKNzMzaOyntjfxIt9zmG
lof6avVaC7b8BHfQMMWNMH35SWJwgViip7E0elQu8x8ZV0l+QTii5sl7JFkZndKU
81B2mr2VJFtdNyiEuuffcUcsdzZRtDg21+16jYzrxiSgLHdxfq/VHwhs7S7SLOuw
xhIJLc8STXWtuIrWUihOj4uHVHhR2yrrDknXoZSFlAI4NqZ31NseJdjcWBuQgVcI
6WqQaf3BGGytZmCReFCp4G8gkabPOL4ziIYlFB5TpJlp6YdDZrykWvUK6ZdBxbBY
vLzCzwqXIAd9o+ifWcErgff7MSXtWm4OnvEMxQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFHrPNaY+gkb4qWjWTsFo8mwiq3i5MB8GA1UdIwQYMBaAFLd2J8r+dVeFdQve
W6SebBCRv0JHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dDNZbnl2NTFWNFYxQzk1YnBKNXNFSkdfUWtjLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81ZS82MDIxMzctZGQ0MC00ZWY5LWJiMGYtNDQ1N2ZhMjBiY2JhLzEv
ZXM4MXBqNkNSdmlwYU5aT3dXanliQ0tyZUxrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82
MDIxMzctZGQ0MC00ZWY5LWJiMGYtNDQ1N2ZhMjBiY2JhLzEvdDNZbnl2NTFWNFYx
Qzk1YnBKNXNFSkdfUWtjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdH4MA0GCSqGSIb3DQEBCwUAA4IB
AQAOYlGNqaHGxIMydTm0JoX5fUeMutQP/8HdGxAKe1lPRni+8BMP5EiLlIkwwreu
mh1u80mf+/b9gxiC+obE/AbJVlPwJIwsHeQ1vyjovX20j21rFbzpHJuM2NG+s2gP
0T3Na6RazEIvCHMAv+QQgJdzlGVSLMDPXtGI6y1KjWqcoyI1jsZ9l4ji67AKDnyM
h7MsnLSOQtMe24ps/FDcIxNyP3vVFzCix2gpp+T/Pr89BwOFXcHVPtp4cQ5mLFUJ
eEhFf1LFFmmCrYqH0srgmnvsyfj9Icqzz7533PlNKrPbLsIKZhJezuYPz/Y0CkFz
69xWTTy/fdB2kxHxjJrGYGci
-----END CERTIFICATE-----
Generated at Fri Apr 18 08:27:38 2025 by rpki-client