Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/Rf6dJTYwrEosSiDHb_P0pVBPOIE.roa
File: Rf6dJTYwrEosSiDHb_P0pVBPOIE.roa (raw, json)
Hash identifier: x4NdbRW2FkDGPhDAjetrfShdS6so81uddv4JArTEtUE=
Subject key identifier: 45:FE:9D:25:36:30:AC:4A:2C:4A:20:C7:6F:F3:F4:A5:50:4F:38:81
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 01856F824195283ECCCF25AD3494A3EA4C73
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/Rf6dJTYwrEosSiDHb_P0pVBPOIE.roa
Signing time: Sun 01 Jan 2023 22:44:45 +0000
ROA not before: Sun 01 Jan 2023 22:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39401
IP address blocks: 85.217.232.0/24 maxlen: 24
85.217.233.0/24 maxlen: 24
85.217.230.0/24 maxlen: 24
85.217.231.0/24 maxlen: 24
85.217.228.0/24 maxlen: 24
85.217.229.0/24 maxlen: 24
85.217.227.0/24 maxlen: 24
85.217.240.0/22 maxlen: 24
85.217.240.0/24 maxlen: 24
85.217.237.0/24 maxlen: 24
85.217.235.0/24 maxlen: 24
85.217.236.0/24 maxlen: 24
85.217.234.0/24 maxlen: 24
85.217.244.0/23 maxlen: 24
85.217.244.0/24 maxlen: 24
85.217.245.0/24 maxlen: 24
85.217.242.0/24 maxlen: 24
85.217.243.0/24 maxlen: 24
85.217.241.0/24 maxlen: 24
85.217.246.0/24 maxlen: 24
85.217.249.0/24 maxlen: 24
85.217.248.0/24 maxlen: 24
85.217.247.0/24 maxlen: 24
85.217.225.0/24 maxlen: 24
85.217.226.0/24 maxlen: 24
85.217.224.0/24 maxlen: 24
85.217.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:41:95:28:3e:cc:cf:25:ad:34:94:a3:ea:4c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Jan 1 22:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45fe9d253630ac4a2c4a20c76ff3f4a5504f3881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:24:c1:55:40:89:e5:04:e5:5c:02:66:d3:e9:
7c:12:d8:84:e5:2e:3c:dc:fb:86:50:72:aa:aa:f2:
0b:3c:8a:cb:d2:df:96:00:be:e4:d4:40:8b:d9:81:
81:97:e4:74:64:2b:1c:80:fa:1e:97:90:34:d4:dc:
de:b9:99:df:9b:8f:9a:03:e8:ed:2f:ac:25:a5:69:
35:f0:99:cf:d4:4d:ff:43:37:a0:56:48:18:e0:6e:
10:6e:54:25:e4:c1:ec:d3:10:5e:c3:c1:9e:91:3e:
90:d2:55:db:99:e9:1f:9e:7b:39:d0:96:39:59:6b:
19:5c:47:1a:ac:a9:bf:28:ac:30:ed:87:24:0d:d1:
90:94:33:ed:cf:04:49:7c:6c:fd:e4:6d:62:33:6b:
42:f0:20:ec:17:d7:2a:9a:52:51:9f:a2:55:6b:c1:
1c:8b:f1:7a:6a:4d:3a:90:53:ec:16:b1:a7:e3:18:
9d:06:96:cc:65:03:54:07:a9:28:9a:92:3f:86:30:
9e:20:53:6b:85:64:87:e8:54:44:2e:85:22:7f:c4:
62:b2:25:df:73:d1:e0:05:54:50:39:71:9a:07:2c:
46:b2:76:16:a8:67:0b:cc:77:69:93:fd:05:ec:6c:
63:f4:65:b3:36:77:2c:fb:af:49:f5:ac:35:89:00:
20:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:FE:9D:25:36:30:AC:4A:2C:4A:20:C7:6F:F3:F4:A5:50:4F:38:81
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/Rf6dJTYwrEosSiDHb_P0pVBPOIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.224.0-85.217.249.255
Signature Algorithm: sha256WithRSAEncryption
9e:53:e9:a5:65:3e:e7:09:82:6d:a4:b6:cf:19:ff:83:ba:50:
73:aa:fe:b9:91:84:f7:59:32:eb:5b:da:02:0c:18:2a:30:bb:
ca:a5:ec:13:0e:ef:83:da:c6:75:d5:c6:10:35:ef:a4:47:4c:
49:ce:e2:00:f8:3c:c5:48:ca:a3:2a:e1:d0:3a:5e:f8:26:9e:
27:24:9d:9b:50:cf:b2:76:f6:f2:f9:fc:25:19:f2:91:45:3d:
0b:58:30:11:10:57:71:27:7d:dc:e2:9b:71:cb:9e:3a:75:c7:
e5:d3:7b:5d:4c:1b:26:ef:bc:bd:b6:4b:a0:83:1e:41:b3:d5:
fe:60:6d:d1:87:cd:44:c1:c5:2e:8a:16:50:8a:9c:0b:36:8a:
60:74:b4:55:d6:f2:e5:52:76:5b:0c:14:bb:89:7f:ea:92:0e:
00:3a:47:8b:97:82:34:e0:94:cd:04:6a:60:c4:19:a5:41:8f:
f3:e6:cc:9a:2e:37:35:fb:83:4a:1c:cc:ab:28:a5:78:cf:69:
86:e9:14:22:8f:9e:17:32:5a:f5:5e:40:43:be:18:3c:fb:17:
fc:54:99:f3:0e:77:cb:69:82:4b:ef:b6:73:22:a8:bc:17:c8:
15:75:2d:ca:d7:f7:36:d1:07:cd:97:9b:01:2a:a5:86:31:ed:
bf:eb:b5:99
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvgkGVKD7MzyWtNJSj6kxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjMwMTAxMjI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWZlOWQyNTM2MzBhYzRhMmM0YTIwYzc2ZmYzZjRhNTUwNGYzODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yTBVUCJ5QTlXAJm0+l8EtiE5S48
3PuGUHKqqvILPIrL0t+WAL7k1ECL2YGBl+R0ZCscgPoel5A01NzeuZnfm4+aA+jt
L6wlpWk18JnP1E3/QzegVkgY4G4QblQl5MHs0xBew8GekT6Q0lXbmekfnns50JY5
WWsZXEcarKm/KKww7YckDdGQlDPtzwRJfGz95G1iM2tC8CDsF9cqmlJRn6JVa8Ec
i/F6ak06kFPsFrGn4xidBpbMZQNUB6kompI/hjCeIFNrhWSH6FRELoUif8RisiXf
c9HgBVRQOXGaByxGsnYWqGcLzHdpk/0F7Gxj9GWzNncs+69J9aw1iQAgjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEX+nSU2MKxKLEogx2/z9KVQTziBMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvUmY2ZEpUWXdyRW9zU2lESGJfUDBwVkJQT0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVV2eAD
BAFV2fgwDQYJKoZIhvcNAQELBQADggEBAJ5T6aVlPucJgm2kts8Z/4O6UHOq/rmR
hPdZMutb2gIMGCowu8ql7BMO74PaxnXVxhA176RHTEnO4gD4PMVIyqMq4dA6Xvgm
nicknZtQz7J29vL5/CUZ8pFFPQtYMBEQV3Enfdzim3HLnjp1x+XTe11MGybvvL22
S6CDHkGz1f5gbdGHzUTBxS6KFlCKnAs2imB0tFXW8uVSdlsMFLuJf+qSDgA6R4uX
gjTglM0EamDEGaVBj/PmzJouNzX7g0oczKsopXjPaYbpFCKPnhcyWvVeQEO+GDz7
F/xUmfMOd8tpgkvvtnMiqLwXyBV1LcrX9zbRB82XmwEqpYYx7b/rtZk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:22 2025 by rpki-client