Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/7bQfgR0xdcYAoSG5w6Oymh073xw.roa
File: 7bQfgR0xdcYAoSG5w6Oymh073xw.roa (raw, json)
Hash identifier: r6L8jNFLFdQ0FAs2kTsTBwaof9c0Vv2Jn6cdlt4FMcQ=
Subject key identifier: ED:B4:1F:81:1D:31:75:C6:00:A1:21:B9:C3:A3:B2:9A:1D:3B:DF:1C
Certificate issuer: /CN=f8ad110d39e95b542df8d2071d9245469a1b9f42
Certificate serial: 0859BEB4
Authority key identifier: F8:AD:11:0D:39:E9:5B:54:2D:F8:D2:07:1D:92:45:46:9A:1B:9F:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/7bQfgR0xdcYAoSG5w6Oymh073xw.roa
Signing time: Sat 01 Jan 2022 11:03:58 +0000
ROA not before: Sat 01 Jan 2022 11:03:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208920
IP address blocks: 85.116.136.0/22 maxlen: 22
45.130.108.0/22 maxlen: 22
185.126.204.0/22 maxlen: 22
2a06:c100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140099252 (0x859beb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad110d39e95b542df8d2071d9245469a1b9f42
Validity
Not Before: Jan 1 11:03:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=edb41f811d3175c600a121b9c3a3b29a1d3bdf1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:71:ad:b4:a1:c8:65:5d:58:e0:f5:1d:75:af:
c0:1c:e4:cc:a8:80:71:c7:31:29:36:c3:92:8a:bb:
f6:f0:f8:44:a4:e0:f7:73:1d:3e:e0:66:11:52:93:
26:05:14:fa:93:54:c2:2b:b3:82:91:f2:07:22:4c:
75:b6:f7:46:50:cf:64:54:8d:51:b0:8d:74:eb:f1:
83:86:bb:0d:32:50:3c:d7:d5:31:9d:bc:9c:9a:d0:
48:32:d8:5a:97:46:0d:a1:d5:d4:6f:c4:18:67:90:
82:74:d6:43:c9:40:25:c6:3f:28:fe:15:22:af:2f:
ee:e2:7f:22:ae:46:6c:10:dd:f0:72:41:33:17:34:
3d:7c:14:b6:16:66:0f:f2:5a:e3:8e:95:f4:7c:7a:
64:ba:04:3c:ad:86:81:c3:5f:89:f4:dd:28:ae:2d:
22:d1:08:96:66:09:9c:0d:8a:ef:b4:11:48:f0:1f:
82:1c:2e:53:69:98:81:e3:b9:14:cb:3d:ef:c1:ca:
d7:8d:27:60:3e:99:12:f3:dc:79:a5:10:5e:56:6c:
99:9d:34:57:0c:6e:b4:9b:93:9c:52:8c:37:7b:b9:
4e:4b:f7:55:9c:93:db:86:b2:17:d7:4f:ef:b1:aa:
5e:63:73:ff:fa:6a:d3:05:da:d1:23:03:20:95:b5:
a7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B4:1F:81:1D:31:75:C6:00:A1:21:B9:C3:A3:B2:9A:1D:3B:DF:1C
X509v3 Authority Key Identifier:
keyid:F8:AD:11:0D:39:E9:5B:54:2D:F8:D2:07:1D:92:45:46:9A:1B:9F:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/7bQfgR0xdcYAoSG5w6Oymh073xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.108.0/22
85.116.136.0/22
185.126.204.0/22
IPv6:
2a06:c100::/29
Signature Algorithm: sha256WithRSAEncryption
3b:a8:54:82:93:fc:90:ab:71:0a:e4:8f:34:da:fa:26:2a:10:
c5:07:25:c7:88:08:18:15:3a:a3:01:d9:89:20:3b:24:67:37:
8a:9a:86:1f:cd:28:5d:85:da:2c:6e:b6:4c:75:15:6d:9c:e1:
a4:35:07:21:c7:54:bb:b8:d7:ce:c9:5b:c6:c4:c0:62:0e:eb:
56:57:72:b5:fa:5c:1d:01:20:4a:c4:06:dd:52:69:1e:6e:29:
d3:59:0b:ef:3e:a3:c8:37:93:a1:34:cf:ec:13:c1:52:a0:75:
f7:1d:e2:7a:db:f3:0f:09:81:d1:94:9a:f9:77:3c:c6:4b:6d:
2e:34:bf:36:80:85:78:b3:b7:5e:aa:3d:74:86:5e:60:d3:7a:
55:b0:a9:7a:dc:6a:00:9a:7d:52:49:02:60:47:77:69:70:c9:
93:ab:6e:18:ca:8a:7f:75:c6:8d:fd:a4:3c:5f:15:ac:88:c7:
ab:87:4b:ff:77:d3:9a:c1:7d:73:4f:d4:be:f8:b3:8a:72:ed:
71:78:45:2d:53:b1:e8:f7:ea:cc:63:d7:b8:33:69:9a:57:84:
6b:6f:12:bc:10:1d:07:03:ad:d0:00:41:e5:25:87:f7:c3:72:
94:b2:c9:4d:04:60:dc:d2:82:51:47:29:b5:18:db:e5:c3:e6:
7a:02:c2:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECFm+tDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGFkMTEwZDM5ZTk1YjU0MmRmOGQyMDcxZDkyNDU0NjlhMWI5ZjQyMB4XDTIyMDEw
MTExMDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRiNDFmODExZDMx
NzVjNjAwYTEyMWI5YzNhM2IyOWExZDNiZGYxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhxrbShyGVdWOD1HXWvwBzkzKiAcccxKTbDkoq79vD4RKTg
93MdPuBmEVKTJgUU+pNUwiuzgpHyByJMdbb3RlDPZFSNUbCNdOvxg4a7DTJQPNfV
MZ28nJrQSDLYWpdGDaHV1G/EGGeQgnTWQ8lAJcY/KP4VIq8v7uJ/Iq5GbBDd8HJB
Mxc0PXwUthZmD/Ja446V9Hx6ZLoEPK2GgcNfifTdKK4tItEIlmYJnA2K77QRSPAf
ghwuU2mYgeO5FMs978HK140nYD6ZEvPceaUQXlZsmZ00VwxutJuTnFKMN3u5Tkv3
VZyT24ayF9dP77GqXmNz//pq0wXa0SMDIJW1p9kCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTttB+BHTF1xgChIbnDo7KaHTvfHDAfBgNVHSMEGDAWgBT4rRENOelbVC34
0gcdkkVGmhufQjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtSzBSRFRucFcxUXQtTklISFpKRlJwb2JuMEkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzdiLzYwZTYzYy1lNjNiLTRlMTYtYTVlYi03OWE1YjM5NzhmZjIv
MS83YlFmZ1IweGRjWUFvU0c1dzZPeW1oMDczeHcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdi
LzYwZTYzYy1lNjNiLTRlMTYtYTVlYi03OWE1YjM5NzhmZjIvMS8xLUswUkRUbnBX
MVF0LU5JSEhaSkZScG9ibjBJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYJsAwQCVXSIAwQCuX7MMA0E
AgACMAcDBQMqBsEAMA0GCSqGSIb3DQEBCwUAA4IBAQA7qFSCk/yQq3EK5I802vom
KhDFByXHiAgYFTqjAdmJIDskZzeKmoYfzShdhdosbrZMdRVtnOGkNQchx1S7uNfO
yVvGxMBiDutWV3K1+lwdASBKxAbdUmkebinTWQvvPqPIN5OhNM/sE8FSoHX3HeJ6
2/MPCYHRlJr5dzzGS20uNL82gIV4s7deqj10hl5g03pVsKl63GoAmn1SSQJgR3dp
cMmTq24Yyop/dcaN/aQ8XxWsiMerh0v/d9OawX1zT9S++LOKcu1xeEUtU7Ho9+rM
Y9e4M2maV4RrbxK8EB0HA63QAEHlJYf3w3KUsslNBGDc0oJRRym1GNvlw+Z6AsI0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org