Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/3pGjyTiRLwVBgxem8Z6wUlHl-kI.roa
File: 3pGjyTiRLwVBgxem8Z6wUlHl-kI.roa (raw, json)
Hash identifier: 7BBazYerWc5y2/P7PqLAKNCc3y5Q5/l/scxBgabtnwc=
Subject key identifier: DE:91:A3:C9:38:91:2F:05:41:83:17:A6:F1:9E:B0:52:51:E5:FA:42
Certificate issuer: /CN=494d0eaf80250ab8248989be71a4039718d6935a
Certificate serial: 01856DD4070C937ACF10BE7D5B57BC99A36B
Authority key identifier: 49:4D:0E:AF:80:25:0A:B8:24:89:89:BE:71:A4:03:97:18:D6:93:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/3pGjyTiRLwVBgxem8Z6wUlHl-kI.roa
Signing time: Sun 01 Jan 2023 14:54:50 +0000
ROA not before: Sun 01 Jan 2023 14:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42275
IP address blocks: 85.208.68.0/22 maxlen: 24
2a09:8340::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:07:0c:93:7a:cf:10:be:7d:5b:57:bc:99:a3:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=494d0eaf80250ab8248989be71a4039718d6935a
Validity
Not Before: Jan 1 14:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de91a3c938912f05418317a6f19eb05251e5fa42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cc:5e:c5:5a:7c:26:63:c5:de:16:47:8a:85:
29:c1:6e:ed:59:00:9d:18:4a:ec:02:27:c8:08:47:
ec:ad:b6:e5:f9:d5:63:ca:ef:1f:f0:1b:a0:6f:3a:
c4:38:67:28:d3:d0:cd:f1:d0:d0:b0:3f:d2:70:13:
78:4f:10:22:f3:f0:f7:6c:e8:1b:b0:59:8e:eb:fd:
8b:c5:87:40:c5:b5:43:2f:92:0e:65:fe:fb:15:04:
5e:79:c8:a0:96:f1:3b:31:2a:9e:bc:9f:03:33:d8:
80:54:b1:fb:f9:11:95:e6:cc:13:a2:61:4e:9b:ff:
08:8c:fa:a0:19:c5:6b:a0:1d:4c:c8:ae:80:c2:59:
42:c0:93:97:1b:c4:91:78:0d:6d:e0:9e:e6:fc:66:
06:44:b0:63:7c:64:82:b1:11:21:21:56:09:d8:22:
34:9e:14:6a:f5:f1:c4:a5:fd:52:f8:5f:e9:59:f9:
22:70:2f:28:55:76:54:f0:c2:0f:97:e7:33:02:0e:
7b:63:a0:7f:57:42:4a:56:19:f4:5a:cd:3b:04:25:
e5:19:0e:5c:9c:4a:4f:17:53:2d:cb:fe:fb:e8:93:
f0:d8:30:c5:a4:de:91:5a:36:4c:23:39:41:f2:6d:
13:cf:96:2a:09:38:1d:7a:14:47:c1:a3:58:3e:d1:
35:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:91:A3:C9:38:91:2F:05:41:83:17:A6:F1:9E:B0:52:51:E5:FA:42
X509v3 Authority Key Identifier:
keyid:49:4D:0E:AF:80:25:0A:B8:24:89:89:BE:71:A4:03:97:18:D6:93:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/3pGjyTiRLwVBgxem8Z6wUlHl-kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/SU0Or4AlCrgkiYm-caQDlxjWk1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.68.0/22
IPv6:
2a09:8340::/29
Signature Algorithm: sha256WithRSAEncryption
2b:00:d4:f1:db:3a:01:b1:c2:19:0a:0b:dd:c3:e5:6a:50:8e:
27:93:06:65:fc:61:c5:75:6c:e7:c3:59:4e:cf:23:f0:49:cb:
09:6a:01:63:67:94:87:1a:10:df:49:b0:6d:79:48:34:09:40:
5d:e6:a3:c1:38:97:ec:39:5b:d1:04:a0:a8:f8:81:28:9b:dc:
9a:ac:42:7a:64:89:81:d2:ea:5d:18:95:71:56:86:c9:1e:d0:
d4:2c:7c:af:b2:13:72:29:b2:38:e2:8c:d6:28:27:3f:aa:bb:
f6:9f:02:f4:3d:3c:57:7c:cb:37:22:a3:25:0c:35:4a:a1:f8:
e1:61:5d:97:e4:ad:6e:6f:3f:2d:7c:3d:b5:0c:a9:91:75:c0:
61:d7:18:c1:cc:5b:c6:ec:8d:e4:95:17:19:56:b2:2f:32:a5:
e6:b1:e6:6d:c9:46:16:db:a5:13:e5:62:d1:3a:a9:a0:f4:fa:
06:49:51:73:66:48:99:77:ce:81:58:1d:9d:d9:e3:2e:b7:d1:
9d:6f:ae:57:53:08:7e:35:e7:95:89:f1:08:ec:01:8e:89:5f:
3a:4f:1d:d2:85:a4:b4:9c:f6:28:7c:23:5a:37:39:2a:b3:1d:
5b:42:ee:28:bd:2c:22:0d:0b:34:ee:13:ea:73:c8:fe:68:e0:
27:1e:c8:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt1AcMk3rPEL59W1e8maNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NGQwZWFmODAyNTBhYjgyNDg5ODliZTcxYTQwMzk3MThk
NjkzNWEwHhcNMjMwMTAxMTQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTkxYTNjOTM4OTEyZjA1NDE4MzE3YTZmMTllYjA1MjUxZTVmYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8xexVp8JmPF3hZHioUpwW7tWQCd
GErsAifICEfsrbbl+dVjyu8f8BugbzrEOGco09DN8dDQsD/ScBN4TxAi8/D3bOgb
sFmO6/2LxYdAxbVDL5IOZf77FQReeciglvE7MSqevJ8DM9iAVLH7+RGV5swTomFO
m/8IjPqgGcVroB1MyK6AwllCwJOXG8SReA1t4J7m/GYGRLBjfGSCsREhIVYJ2CI0
nhRq9fHEpf1S+F/pWfkicC8oVXZU8MIPl+czAg57Y6B/V0JKVhn0Ws07BCXlGQ5c
nEpPF1Mty/776JPw2DDFpN6RWjZMIzlB8m0Tz5YqCTgdehRHwaNYPtE1GwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN6Ro8k4kS8FQYMXpvGesFJR5fpCMB8GA1UdIwQY
MBaAFElNDq+AJQq4JImJvnGkA5cY1pNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1UwT3I0QWxDcmdraVltLWNhUURseGpXazFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODg1NTUtYWJiNy00YjEwLWFiNjQt
MTljNTQyN2U0MTZmLzEvM3BHanlUaVJMd1ZCZ3hlbThaNndVbEhsLWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODg1NTUtYWJiNy00YjEwLWFiNjQtMTljNTQyN2U0MTZm
LzEvU1UwT3I0QWxDcmdraVltLWNhUURseGpXazFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdBEMA0E
AgACMAcDBQMqCYNAMA0GCSqGSIb3DQEBCwUAA4IBAQArANTx2zoBscIZCgvdw+Vq
UI4nkwZl/GHFdWznw1lOzyPwScsJagFjZ5SHGhDfSbBteUg0CUBd5qPBOJfsOVvR
BKCo+IEom9yarEJ6ZImB0updGJVxVobJHtDULHyvshNyKbI44ozWKCc/qrv2nwL0
PTxXfMs3IqMlDDVKofjhYV2X5K1ubz8tfD21DKmRdcBh1xjBzFvG7I3klRcZVrIv
MqXmseZtyUYW26UT5WLROqmg9PoGSVFzZkiZd86BWB2d2eMut9Gdb65XUwh+NeeV
ifEI7AGOiV86Tx3ShaS0nPYofCNaNzkqsx1bQu4ovSwiDQs07hPqc8j+aOAnHsjk
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:05:02 2025 by rpki-client