Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/bThqEhtk_G-GoCteOCswnHkuR78.roa
File: bThqEhtk_G-GoCteOCswnHkuR78.roa (raw, json)
Hash identifier: S9etA5JVkelxn2lDvTQS+mG1vc/NtXhiDG/1MX0hetc=
Subject key identifier: 6D:38:6A:12:1B:64:FC:6F:86:A0:2B:5E:38:2B:30:9C:79:2E:47:BF
Certificate issuer: /CN=494d0eaf80250ab8248989be71a4039718d6935a
Certificate serial: 08C396AD
Authority key identifier: 49:4D:0E:AF:80:25:0A:B8:24:89:89:BE:71:A4:03:97:18:D6:93:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/bThqEhtk_G-GoCteOCswnHkuR78.roa
Signing time: Sat 01 Jan 2022 06:03:11 +0000
ROA not before: Sat 01 Jan 2022 06:03:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42275
IP address blocks: 85.208.68.0/22 maxlen: 24
2a09:8340::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147035821 (0x8c396ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=494d0eaf80250ab8248989be71a4039718d6935a
Validity
Not Before: Jan 1 06:03:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d386a121b64fc6f86a02b5e382b309c792e47bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b7:9b:98:90:f2:f4:88:0c:6f:ae:43:53:ae:
47:16:dd:85:da:f3:41:15:a6:d0:ed:79:09:eb:24:
0f:72:ab:cb:a0:85:c9:f2:c5:79:11:6a:47:75:4c:
ab:78:a0:95:48:9c:e2:08:10:1a:cf:83:f7:3e:24:
cc:92:84:31:25:33:1d:05:05:49:87:d9:6e:14:c2:
66:5a:89:1a:c2:8c:96:d9:2a:6d:19:c9:aa:40:21:
c3:32:08:a8:d4:6e:01:e0:3c:be:92:24:d8:5f:57:
8b:fc:45:38:c1:fb:4a:9e:5a:8f:99:a8:c0:ca:fb:
c7:03:22:2b:50:89:2e:5e:fe:b4:b4:e9:f6:0b:14:
69:fa:0a:e9:9f:1f:35:ec:cc:0d:d8:e1:90:36:43:
92:9f:49:77:ba:1f:c9:c4:88:88:57:88:9c:49:4e:
1b:5b:73:ca:7b:03:ab:2a:5e:a9:1d:13:3d:eb:c9:
51:fa:c2:e1:4c:cf:1c:3d:58:63:b0:f9:9b:9b:69:
55:04:7b:01:02:bb:cc:01:db:27:be:dd:41:fa:d0:
23:e6:ea:3d:96:d0:18:51:36:81:21:93:e1:5d:19:
28:99:a0:57:32:e4:ee:39:c2:57:30:ce:cc:d7:91:
a4:6f:a6:e8:88:30:f4:6d:e8:42:74:b6:2e:7e:cc:
58:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:38:6A:12:1B:64:FC:6F:86:A0:2B:5E:38:2B:30:9C:79:2E:47:BF
X509v3 Authority Key Identifier:
keyid:49:4D:0E:AF:80:25:0A:B8:24:89:89:BE:71:A4:03:97:18:D6:93:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/bThqEhtk_G-GoCteOCswnHkuR78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/SU0Or4AlCrgkiYm-caQDlxjWk1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.68.0/22
IPv6:
2a09:8340::/29
Signature Algorithm: sha256WithRSAEncryption
40:4a:89:06:6d:d4:d6:35:c5:00:f7:d1:a0:b2:92:ca:39:bf:
1e:a6:c5:f6:21:ee:fc:2c:b6:3e:3c:3a:f2:bd:f1:ac:cc:e7:
0f:7f:f7:46:73:f5:b6:0d:6a:5e:b4:3e:99:a7:6b:11:41:dc:
91:de:2d:3a:ff:95:22:e0:58:66:e1:50:94:07:ff:73:cc:0d:
aa:9d:0d:25:1e:bb:7a:e3:3b:bc:ce:94:9b:2a:d0:d7:ae:d3:
0a:fa:d2:f0:67:56:b5:57:4c:a3:83:aa:92:b8:db:f8:18:ea:
5f:66:5a:11:f1:63:ff:e5:72:9a:ed:95:e5:52:61:fd:1b:37:
a7:7b:dc:c8:f1:9f:c9:f9:b7:15:6a:76:ef:1c:0e:ab:70:d8:
6e:43:ee:15:6e:10:82:7e:61:10:43:cd:4b:31:28:04:69:c7:
1e:5b:e3:df:ea:f2:6c:b5:20:aa:b9:de:8b:86:a1:21:88:2f:
c1:e3:d1:f5:3f:ad:d8:03:21:f9:4e:d4:6e:16:69:69:05:20:
89:fb:32:f3:a9:0e:4c:62:be:85:9b:ef:11:78:0e:1e:d3:0b:
fd:d3:99:1f:04:c0:30:f1:6a:b8:aa:e2:4f:5c:61:26:69:f9:
63:e1:c2:5d:8e:e9:14:dd:d6:50:bb:80:69:cd:07:c1:d5:a9:
fb:14:0f:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECMOWrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTRkMGVhZjgwMjUwYWI4MjQ4OTg5YmU3MWE0MDM5NzE4ZDY5MzVhMB4XDTIyMDEw
MTA2MDMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQzODZhMTIxYjY0
ZmM2Zjg2YTAyYjVlMzgyYjMwOWM3OTJlNDdiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJS3m5iQ8vSIDG+uQ1OuRxbdhdrzQRWm0O15CeskD3Kry6CF
yfLFeRFqR3VMq3iglUic4ggQGs+D9z4kzJKEMSUzHQUFSYfZbhTCZlqJGsKMltkq
bRnJqkAhwzIIqNRuAeA8vpIk2F9Xi/xFOMH7Sp5aj5mowMr7xwMiK1CJLl7+tLTp
9gsUafoK6Z8fNezMDdjhkDZDkp9Jd7ofycSIiFeInElOG1tzynsDqypeqR0TPevJ
UfrC4UzPHD1YY7D5m5tpVQR7AQK7zAHbJ77dQfrQI+bqPZbQGFE2gSGT4V0ZKJmg
VzLk7jnCVzDOzNeRpG+m6Igw9G3oQnS2Ln7MWHUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRtOGoSG2T8b4agK144KzCceS5HvzAfBgNVHSMEGDAWgBRJTQ6vgCUKuCSJ
ib5xpAOXGNaTWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NVME9yNEFsQ3Jna2lZbS1jYVFEbHhqV2sxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvYzg4NTU1LWFiYjctNGIxMC1hYjY0LTE5YzU0MjdlNDE2Zi8x
L2JUaHFFaHRrX0ctR29DdGVPQ3N3bkhrdVI3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
Yzg4NTU1LWFiYjctNGIxMC1hYjY0LTE5YzU0MjdlNDE2Zi8xL1NVME9yNEFsQ3Jn
a2lZbS1jYVFEbHhqV2sxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlXQRDANBAIAAjAHAwUDKgmDQDAN
BgkqhkiG9w0BAQsFAAOCAQEAQEqJBm3U1jXFAPfRoLKSyjm/HqbF9iHu/Cy2Pjw6
8r3xrMznD3/3RnP1tg1qXrQ+madrEUHckd4tOv+VIuBYZuFQlAf/c8wNqp0NJR67
euM7vM6UmyrQ167TCvrS8GdWtVdMo4Oqkrjb+BjqX2ZaEfFj/+Vymu2V5VJh/Rs3
p3vcyPGfyfm3FWp27xwOq3DYbkPuFW4Qgn5hEEPNSzEoBGnHHlvj3+rybLUgqrne
i4ahIYgvwePR9T+t2AMh+U7UbhZpaQUgifsy86kOTGK+hZvvEXgOHtML/dOZHwTA
MPFquKriT1xhJmn5Y+HCXY7pFN3WULuAac0HwdWp+xQP6w==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:05:05 2025 by rpki-client