Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/8s0LTU6LUeuQuTqVXo0P1c9IFaE.roa
File: 8s0LTU6LUeuQuTqVXo0P1c9IFaE.roa (raw, json)
Hash identifier: S+uON9/8eKNCaAhqeaggb2E9nb64VLkvyD1tUP9e3QA=
Subject key identifier: F2:CD:0B:4D:4E:8B:51:EB:90:B9:3A:95:5E:8D:0F:D5:CF:48:15:A1
Certificate issuer: /CN=cae069b663ee25fd13559101dac1d5032b9fd66e
Certificate serial: D27B6C
Authority key identifier: CA:E0:69:B6:63:EE:25:FD:13:55:91:01:DA:C1:D5:03:2B:9F:D6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuBptmPuJf0TVZEB2sHVAyuf1m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/8s0LTU6LUeuQuTqVXo0P1c9IFaE.roa
Signing time: Sat 01 Jan 2022 12:02:12 +0000
ROA not before: Sat 01 Jan 2022 12:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56346
IP address blocks: 185.131.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13794156 (0xd27b6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cae069b663ee25fd13559101dac1d5032b9fd66e
Validity
Not Before: Jan 1 12:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2cd0b4d4e8b51eb90b93a955e8d0fd5cf4815a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:83:86:46:d7:03:58:44:32:74:17:f5:9f:f9:
c0:c9:11:bb:e3:78:79:20:57:60:f8:d9:c0:08:70:
ff:5d:f8:14:e9:60:4e:51:4b:c5:89:5b:21:17:2d:
cc:4f:04:9d:f5:d2:ea:e5:5b:b5:80:a3:b1:af:f6:
22:6e:70:59:83:57:56:45:b4:90:f4:3b:3b:eb:6f:
20:fe:26:6f:bb:d4:94:50:aa:f9:4d:c8:78:11:c5:
c6:3d:f7:82:ae:8f:e2:a4:c2:9f:3e:4c:1b:38:05:
de:f7:22:85:5d:5a:9c:ea:5e:98:bc:94:ec:02:64:
15:bf:68:86:c2:bb:92:26:57:51:a1:6b:5c:2a:19:
df:82:59:3f:0e:93:a1:f4:b9:f3:fd:7e:40:59:c8:
a5:73:1d:89:f3:f8:d6:67:b2:0f:b5:55:55:89:84:
39:d1:24:84:dc:45:bc:43:7c:58:ac:80:cd:52:e3:
b6:b1:3f:c5:73:ca:9e:f4:26:3b:38:ed:4e:91:aa:
fe:46:19:ff:35:f7:d2:2c:70:c7:01:3d:0e:87:5c:
64:15:c1:54:fb:0a:8c:ee:7b:b0:a9:2d:93:b2:d9:
11:38:f3:14:74:b2:18:33:a0:61:8c:65:27:8d:2a:
c6:01:97:6e:1a:e1:2b:68:ba:df:32:5b:33:34:04:
36:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CD:0B:4D:4E:8B:51:EB:90:B9:3A:95:5E:8D:0F:D5:CF:48:15:A1
X509v3 Authority Key Identifier:
keyid:CA:E0:69:B6:63:EE:25:FD:13:55:91:01:DA:C1:D5:03:2B:9F:D6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuBptmPuJf0TVZEB2sHVAyuf1m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/8s0LTU6LUeuQuTqVXo0P1c9IFaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/yuBptmPuJf0TVZEB2sHVAyuf1m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.252.0/22
Signature Algorithm: sha256WithRSAEncryption
85:ed:f0:aa:98:c5:30:c9:d0:6b:2b:50:6e:60:96:30:5a:61:
63:16:40:83:66:b0:dc:07:3a:71:45:91:ab:20:1e:e9:aa:e8:
23:96:6e:10:2c:65:62:d6:80:75:3b:a2:5f:12:1e:74:8b:c5:
62:76:65:af:e9:78:d2:cc:d3:dd:ee:e4:45:c1:ff:85:d9:56:
0c:ce:24:33:0c:f8:db:be:4b:50:45:f4:79:59:ba:e4:f5:e4:
01:bf:09:f7:d1:ff:c3:9b:75:66:9f:33:48:44:67:4f:9f:ec:
66:87:ec:3a:9a:bc:bb:b8:1f:d4:60:3d:89:c1:e9:8e:a5:fd:
c1:05:b9:b9:02:f2:6f:eb:9a:31:9d:e4:3b:80:c6:8e:ec:8f:
c6:72:86:ca:09:7a:e7:77:c6:7e:8c:4d:6d:29:63:5f:b4:1c:
6f:fd:6c:eb:ba:3e:2e:a0:a2:7d:4e:8d:a8:3f:91:0f:2a:d7:
89:f3:55:1e:d2:91:41:cd:47:39:b9:2d:80:7e:5c:ed:97:7a:
f2:1a:55:42:87:2a:63:83:9e:ce:94:78:de:6d:3e:61:a3:85:
b3:65:52:5f:3b:8e:d1:54:f1:90:72:33:69:cd:e2:32:44:c6:
34:d6:f2:3e:4c:91:50:e8:2b:17:f8:77:de:03:79:30:42:bb:
53:98:25:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANJ7bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWUwNjliNjYzZWUyNWZkMTM1NTkxMDFkYWMxZDUwMzJiOWZkNjZlMB4XDTIyMDEw
MTEyMDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJjZDBiNGQ0ZThi
NTFlYjkwYjkzYTk1NWU4ZDBmZDVjZjQ4MTVhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWDhkbXA1hEMnQX9Z/5wMkRu+N4eSBXYPjZwAhw/134FOlg
TlFLxYlbIRctzE8EnfXS6uVbtYCjsa/2Im5wWYNXVkW0kPQ7O+tvIP4mb7vUlFCq
+U3IeBHFxj33gq6P4qTCnz5MGzgF3vcihV1anOpemLyU7AJkFb9ohsK7kiZXUaFr
XCoZ34JZPw6TofS58/1+QFnIpXMdifP41meyD7VVVYmEOdEkhNxFvEN8WKyAzVLj
trE/xXPKnvQmOzjtTpGq/kYZ/zX30ixwxwE9DodcZBXBVPsKjO57sKktk7LZETjz
FHSyGDOgYYxlJ40qxgGXbhrhK2i63zJbMzQENkkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTyzQtNTotR65C5OpVejQ/Vz0gVoTAfBgNVHSMEGDAWgBTK4Gm2Y+4l/RNV
kQHawdUDK5/WbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l1QnB0bVB1SmYwVFZaRUIyc0hWQXl1ZjFtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvZTVmNWY4LTFjYTEtNDIzNC05YTNjLWVjY2VlZWUxMTBhNC8x
LzhzMExUVTZMVWV1UXVUcVZYbzBQMWM5SUZhRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
ZTVmNWY4LTFjYTEtNDIzNC05YTNjLWVjY2VlZWUxMTBhNC8xL3l1QnB0bVB1SmYw
VFZaRUIyc0hWQXl1ZjFtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmD/DANBgkqhkiG9w0BAQsFAAOC
AQEAhe3wqpjFMMnQaytQbmCWMFphYxZAg2aw3Ac6cUWRqyAe6aroI5ZuECxlYtaA
dTuiXxIedIvFYnZlr+l40szT3e7kRcH/hdlWDM4kMwz4275LUEX0eVm65PXkAb8J
99H/w5t1Zp8zSERnT5/sZofsOpq8u7gf1GA9icHpjqX9wQW5uQLyb+uaMZ3kO4DG
juyPxnKGygl653fGfoxNbSljX7Qcb/1s67o+LqCifU6NqD+RDyrXifNVHtKRQc1H
ObktgH5c7Zd68hpVQocqY4OezpR43m0+YaOFs2VSXzuO0VTxkHIzac3iMkTGNNby
PkyRUOgrF/h33gN5MEK7U5glQQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:45 2025 by rpki-client