Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/u1bNzlwyr5hSTLPXcT1VEYRJgeg.roa
File: u1bNzlwyr5hSTLPXcT1VEYRJgeg.roa (raw, json)
Hash identifier: CwieSiddDv0O01FoR9bOMMY0xF6UTYDr23RvWmx2Nro=
Subject key identifier: BB:56:CD:CE:5C:32:AF:98:52:4C:B3:D7:71:3D:55:11:84:49:81:E8
Certificate issuer: /CN=81df1fe520354dd3bb3e9264a76cf53eb07db072
Certificate serial: 0185724C9890CAA45E05029A2BE8C148FA4E
Authority key identifier: 81:DF:1F:E5:20:35:4D:D3:BB:3E:92:64:A7:6C:F5:3E:B0:7D:B0:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gd8f5SA1TdO7PpJkp2z1PrB9sHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/u1bNzlwyr5hSTLPXcT1VEYRJgeg.roa
Signing time: Mon 02 Jan 2023 11:45:00 +0000
ROA not before: Mon 02 Jan 2023 11:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210086
IP address blocks: 85.117.250.0/24 maxlen: 24
85.117.249.0/24 maxlen: 24
85.117.251.0/24 maxlen: 24
85.117.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:98:90:ca:a4:5e:05:02:9a:2b:e8:c1:48:fa:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81df1fe520354dd3bb3e9264a76cf53eb07db072
Validity
Not Before: Jan 2 11:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb56cdce5c32af98524cb3d7713d5511844981e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:07:ad:b4:3e:df:5b:b9:bf:ee:be:20:b0:be:
76:b3:1a:ff:7e:eb:10:17:e2:97:93:0b:9d:dd:cf:
7b:71:ed:24:11:1a:5f:76:a8:03:00:84:9c:17:a9:
2b:9c:dc:14:84:a5:1b:f1:a6:6b:c2:d4:75:fe:14:
77:d0:59:8d:63:f4:8e:0a:4b:07:0b:46:7f:11:b6:
31:f5:26:87:dc:26:98:8b:7e:c4:13:8a:b8:99:02:
84:d3:85:4a:9d:39:60:5b:4f:dc:e0:0f:a1:c3:e4:
87:3e:ca:df:da:df:b9:0b:2f:46:7a:f5:57:86:2c:
4c:73:ab:b6:5f:51:4f:16:51:df:5e:52:ed:c3:dd:
02:0b:d7:61:e5:fb:96:e7:01:eb:c0:7e:ba:a7:5c:
5f:81:07:3a:51:d9:69:82:83:74:fb:77:1f:9b:28:
da:c4:d4:57:ab:c6:35:bd:7c:e5:9c:9b:fe:92:cd:
f7:a0:38:80:a7:28:25:73:9c:00:67:00:42:2b:d5:
e2:7a:99:ad:d8:ed:aa:a1:64:67:45:4d:38:51:e3:
af:74:d3:ea:c5:1e:bb:c9:bd:cf:5f:eb:ef:f2:58:
5a:58:a9:77:38:82:95:b3:92:1e:7c:9b:73:04:35:
8e:6d:11:59:0f:4b:59:0c:4f:b0:a4:8f:64:6b:96:
11:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:56:CD:CE:5C:32:AF:98:52:4C:B3:D7:71:3D:55:11:84:49:81:E8
X509v3 Authority Key Identifier:
keyid:81:DF:1F:E5:20:35:4D:D3:BB:3E:92:64:A7:6C:F5:3E:B0:7D:B0:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gd8f5SA1TdO7PpJkp2z1PrB9sHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/u1bNzlwyr5hSTLPXcT1VEYRJgeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/gd8f5SA1TdO7PpJkp2z1PrB9sHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.248.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:49:0c:14:dd:e3:d9:e6:8f:a5:79:b7:49:f0:ab:0a:f2:3b:
bd:29:6f:1e:10:b3:e0:37:5d:68:e3:43:bc:02:ea:8b:ef:26:
af:e7:ab:aa:73:6a:3f:81:d3:69:88:29:db:fb:fc:00:62:30:
ed:5f:9a:77:8a:0f:38:4e:28:70:31:b9:80:5b:b2:81:b4:cb:
72:86:32:e6:fa:97:be:c3:59:eb:96:21:bc:12:e8:02:0a:1e:
b2:7f:8b:2f:3f:2d:82:e0:3c:c6:69:d4:04:f8:30:4e:3a:a3:
75:44:6c:bd:16:8d:0d:f6:bd:2c:fc:17:be:8b:73:dd:21:30:
3b:ac:74:3e:da:f0:25:cd:ef:cb:1e:91:f1:fc:d5:03:9e:e3:
0a:15:fc:33:8d:21:57:e8:9a:b9:3d:9b:09:0c:d3:6f:d3:c5:
59:7b:48:97:32:00:5b:d9:cf:f7:e1:c7:da:81:7b:28:e2:50:
6a:c1:9f:53:26:0d:f7:0f:22:c8:7c:77:75:a2:6f:cd:05:5a:
8c:e2:0c:8e:cb:c2:9b:c7:79:cb:ef:fe:a1:3e:8b:79:c3:a5:
bf:53:2b:13:d2:ca:81:ab:f7:ec:14:90:08:13:a1:01:a0:78:
ef:90:43:f7:52:74:05:07:36:32:d4:f2:aa:c3:00:ef:02:42:
f9:12:f8:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTJiQyqReBQKaK+jBSPpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZGYxZmU1MjAzNTRkZDNiYjNlOTI2NGE3NmNmNTNlYjA3
ZGIwNzIwHhcNMjMwMTAyMTE0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjU2Y2RjZTVjMzJhZjk4NTI0Y2IzZDc3MTNkNTUxMTg0NDk4MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AettD7fW7m/7r4gsL52sxr/fusQ
F+KXkwud3c97ce0kERpfdqgDAIScF6krnNwUhKUb8aZrwtR1/hR30FmNY/SOCksH
C0Z/EbYx9SaH3CaYi37EE4q4mQKE04VKnTlgW0/c4A+hw+SHPsrf2t+5Cy9GevVX
hixMc6u2X1FPFlHfXlLtw90CC9dh5fuW5wHrwH66p1xfgQc6UdlpgoN0+3cfmyja
xNRXq8Y1vXzlnJv+ks33oDiApyglc5wAZwBCK9Xiepmt2O2qoWRnRU04UeOvdNPq
xR67yb3PX+vv8lhaWKl3OIKVs5IefJtzBDWObRFZD0tZDE+wpI9ka5YRKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtWzc5cMq+YUkyz13E9VRGESYHoMB8GA1UdIwQY
MBaAFIHfH+UgNU3Tuz6SZKds9T6wfbByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2Q4ZjVTQTFUZE83UHBKa3AyejFQckI5c0hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hZDk3NWMtMjAxMS00YjljLWFkM2Ut
NTNmMDdiMWY2MjFlLzEvdTFiTnpsd3lyNWhTVExQWGNUMVZFWVJKZ2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hZDk3NWMtMjAxMS00YjljLWFkM2UtNTNmMDdiMWY2MjFl
LzEvZ2Q4ZjVTQTFUZE83UHBKa3AyejFQckI5c0hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVXX4MA0G
CSqGSIb3DQEBCwUAA4IBAQDLSQwU3ePZ5o+lebdJ8KsK8ju9KW8eELPgN11o40O8
AuqL7yav56uqc2o/gdNpiCnb+/wAYjDtX5p3ig84TihwMbmAW7KBtMtyhjLm+pe+
w1nrliG8EugCCh6yf4svPy2C4DzGadQE+DBOOqN1RGy9Fo0N9r0s/Be+i3PdITA7
rHQ+2vAlze/LHpHx/NUDnuMKFfwzjSFX6Jq5PZsJDNNv08VZe0iXMgBb2c/34cfa
gXso4lBqwZ9TJg33DyLIfHd1om/NBVqM4gyOy8Kbx3nL7/6hPot5w6W/UysT0sqB
q/fsFJAIE6EBoHjvkEP3UnQFBzYy1PKqwwDvAkL5Evhq
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:38:33 2025 by rpki-client