Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/Z6LfCOrFVX5CplEx_D2m7NxKISg.roa
File: Z6LfCOrFVX5CplEx_D2m7NxKISg.roa (raw, json)
Hash identifier: KFXJ0A0t0xNhVO3Nye7WadADgPZWId+o2Myk0k0FfG4=
Subject key identifier: 67:A2:DF:08:EA:C5:55:7E:42:A6:51:31:FC:3D:A6:EC:DC:4A:21:28
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 01856E01CDAC327D7C7BCDC0AC2F19EA054F
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/Z6LfCOrFVX5CplEx_D2m7NxKISg.roa
Signing time: Sun 01 Jan 2023 15:44:49 +0000
ROA not before: Sun 01 Jan 2023 15:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 85.116.10.0/24 maxlen: 24
85.116.8.0/24 maxlen: 24
85.116.12.0/23 maxlen: 23
46.248.100.0/24 maxlen: 24
82.136.7.0/24 maxlen: 24
82.136.16.0/22 maxlen: 22
82.136.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:cd:ac:32:7d:7c:7b:cd:c0:ac:2f:19:ea:05:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Jan 1 15:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67a2df08eac5557e42a65131fc3da6ecdc4a2128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bb:6e:f2:4a:dd:8a:1a:2b:5e:36:b0:d9:fe:
d5:f4:ac:2d:18:22:72:35:bb:3c:c7:5e:20:ac:3f:
c0:ce:a3:e6:39:00:a3:66:41:96:4b:27:0d:3d:5b:
66:58:58:25:75:cc:35:fe:e7:99:35:ce:c8:ec:65:
26:a7:02:38:5d:fe:3e:91:29:c7:f8:c3:1b:a7:67:
87:55:f5:36:15:63:7f:d5:7c:11:b3:ca:e3:fa:76:
a6:db:19:4a:11:a1:a9:97:2a:3a:a5:eb:28:a8:90:
e9:a9:81:44:f5:a7:ad:bb:bb:4e:ef:0d:30:4c:0e:
ac:4b:d0:39:e8:fa:bc:53:1e:5e:02:75:86:fe:de:
f6:7d:5f:33:7f:98:61:43:56:4f:94:f3:fc:7c:8e:
8b:3b:d9:15:88:b9:6f:3b:4f:38:bf:b4:a4:8f:33:
4c:14:fb:68:fc:9b:fa:25:ab:8f:ec:80:37:5a:ac:
0e:50:4f:80:5b:bd:f1:65:22:67:a6:97:03:ae:89:
56:ef:1c:af:af:e1:5c:a2:d6:85:85:78:f0:62:bf:
25:d1:43:9a:02:43:a6:43:69:56:9b:e1:04:7a:2a:
29:15:19:0e:00:c8:d6:98:65:94:40:e7:9f:5d:e7:
14:33:17:d3:ea:1b:43:ea:2d:f3:4c:32:09:ae:df:
a9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A2:DF:08:EA:C5:55:7E:42:A6:51:31:FC:3D:A6:EC:DC:4A:21:28
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/Z6LfCOrFVX5CplEx_D2m7NxKISg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.100.0/24
82.136.7.0/24
82.136.12.0-82.136.19.255
85.116.8.0/24
85.116.10.0/24
85.116.12.0/23
Signature Algorithm: sha256WithRSAEncryption
82:15:2d:7d:99:de:af:a9:1e:7b:2a:db:ae:bc:db:16:56:80:
bb:f0:65:de:7a:3e:7b:20:c2:62:40:18:02:e1:dd:a9:68:5e:
f7:d7:89:2e:dd:34:1f:da:db:b2:ed:57:ce:bc:eb:b4:a0:c7:
c7:5b:cb:21:7d:85:85:3c:24:c8:f9:df:6e:ae:e6:d8:d6:47:
87:c6:e8:aa:64:05:13:db:c7:6d:95:20:a1:80:36:3d:9d:d8:
16:30:e4:e4:79:57:76:ec:7d:99:ae:4d:d2:11:03:ed:09:0f:
8f:ea:85:f8:0d:da:04:74:f6:d2:c9:5e:0a:81:86:ea:92:51:
09:78:61:d0:fe:dd:ec:29:32:76:12:1c:3e:f2:2f:2e:5f:20:
78:c9:4e:36:9b:1a:fa:1e:f2:4f:f2:b3:7a:7f:02:93:37:f9:
24:5e:a6:bb:19:ad:e4:8d:00:93:fc:78:8f:d4:66:2b:43:33:
33:20:64:4b:2a:e0:3c:6d:de:4c:27:4d:8c:34:74:62:2e:bf:
b2:ec:24:37:c2:e8:34:fc:9f:36:0a:51:27:fc:6e:ff:ca:e5:
9b:5f:03:04:5e:b6:5b:5a:b5:ef:26:ec:c4:bd:42:08:ab:ff:
43:56:15:30:f2:ee:24:96:4f:03:76:ee:c1:e0:31:b2:62:ba:
8a:b6:fd:a5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVuAc2sMn18e83ArC8Z6gVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjMwMTAxMTU0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2EyZGYwOGVhYzU1NTdlNDJhNjUxMzFmYzNkYTZlY2RjNGEyMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrtu8krdihorXjaw2f7V9KwtGCJy
Nbs8x14grD/AzqPmOQCjZkGWSycNPVtmWFgldcw1/ueZNc7I7GUmpwI4Xf4+kSnH
+MMbp2eHVfU2FWN/1XwRs8rj+nam2xlKEaGplyo6pesoqJDpqYFE9aetu7tO7w0w
TA6sS9A56Pq8Ux5eAnWG/t72fV8zf5hhQ1ZPlPP8fI6LO9kViLlvO084v7SkjzNM
FPto/Jv6JauP7IA3WqwOUE+AW73xZSJnppcDrolW7xyvr+FcotaFhXjwYr8l0UOa
AkOmQ2lWm+EEeiopFRkOAMjWmGWUQOefXecUMxfT6htD6i3zTDIJrt+pqQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGei3wjqxVV+QqZRMfw9puzcSiEoMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvWjZMZkNPckZWWDVDcGxFeF9EMm03TnhLSVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALvhkAwQA
UogHMAwDBAJSiAwDBAJSiBADBABVdAgDBABVdAoDBAFVdAwwDQYJKoZIhvcNAQEL
BQADggEBAIIVLX2Z3q+pHnsq26682xZWgLvwZd56PnsgwmJAGALh3aloXvfXiS7d
NB/a27LtV86867Sgx8dbyyF9hYU8JMj5326u5tjWR4fG6KpkBRPbx22VIKGANj2d
2BYw5OR5V3bsfZmuTdIRA+0JD4/qhfgN2gR09tLJXgqBhuqSUQl4YdD+3ewpMnYS
HD7yLy5fIHjJTjabGvoe8k/ys3p/ApM3+SReprsZreSNAJP8eI/UZitDMzMgZEsq
4Dxt3kwnTYw0dGIuv7LsJDfC6DT8nzYKUSf8bv/K5ZtfAwRetltate8m7MS9Qgir
/0NWFTDy7iSWTwN27sHgMbJiuoq2/aU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:31 2025 by rpki-client