Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/IU0vxDeIZer9ZD2kQv0LG_-DxqI.roa
File: IU0vxDeIZer9ZD2kQv0LG_-DxqI.roa (raw, json)
Hash identifier: OMMKl8Dmu60NsPPZVGw1og3K0giJ/sW0+L/LyLTK5pc=
Subject key identifier: 21:4D:2F:C4:37:88:65:EA:FD:64:3D:A4:42:FD:0B:1B:FF:83:C6:A2
Certificate issuer: /CN=85bcb81dcd3f29318f403b8481be44ec1ff5502e
Certificate serial: 01856B89FB8AA57386A4CBEDC8369157E92F
Authority key identifier: 85:BC:B8:1D:CD:3F:29:31:8F:40:3B:84:81:BE:44:EC:1F:F5:50:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hby4Hc0_KTGPQDuEgb5E7B_1UC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/IU0vxDeIZer9ZD2kQv0LG_-DxqI.roa
Signing time: Sun 01 Jan 2023 04:14:43 +0000
ROA not before: Sun 01 Jan 2023 04:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3190
IP address blocks: 185.90.40.0/22 maxlen: 22
5.11.0.0/21 maxlen: 21
2a00:ebc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:89:fb:8a:a5:73:86:a4:cb:ed:c8:36:91:57:e9:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85bcb81dcd3f29318f403b8481be44ec1ff5502e
Validity
Not Before: Jan 1 04:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=214d2fc4378865eafd643da442fd0b1bff83c6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a8:8b:0d:ab:a1:ca:3e:2b:95:b7:ec:0d:b4:
78:78:8f:40:23:21:3e:f2:9e:05:66:cc:95:9e:11:
a1:74:43:93:39:49:5d:18:af:83:38:c9:bf:a9:d9:
0b:a4:6f:5a:68:33:e6:9f:53:1c:69:4d:fb:9f:b7:
1e:22:42:6a:92:98:97:9d:72:ee:6c:a3:b4:64:13:
29:46:55:08:13:42:a8:ee:1e:79:1c:0c:5f:9d:c8:
10:37:82:b5:cf:28:e2:ff:3c:6b:45:30:8a:a4:f3:
c1:3d:db:e2:f4:4f:7a:51:31:fb:93:cb:d1:84:a0:
ef:6b:01:7d:18:f5:b6:ac:55:fa:06:63:d6:36:93:
36:c2:d1:2b:f5:01:16:a4:cb:82:4e:b7:82:04:6c:
bd:18:f8:3a:5d:54:22:fc:c5:26:3a:05:d3:41:82:
04:56:34:73:12:b6:cf:58:47:7c:2f:c2:88:14:13:
d7:83:ef:29:9d:59:db:99:1b:8b:c3:69:19:10:34:
62:df:75:d8:50:62:36:41:b4:8f:71:03:0b:8f:6d:
37:b7:de:63:ad:24:4c:ed:43:25:81:04:6c:67:cf:
a8:92:4c:4a:8f:3e:76:5d:b4:c4:f3:67:bf:7d:07:
29:80:bb:b9:89:92:c9:57:a9:c9:9a:d8:94:a7:4e:
07:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4D:2F:C4:37:88:65:EA:FD:64:3D:A4:42:FD:0B:1B:FF:83:C6:A2
X509v3 Authority Key Identifier:
keyid:85:BC:B8:1D:CD:3F:29:31:8F:40:3B:84:81:BE:44:EC:1F:F5:50:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hby4Hc0_KTGPQDuEgb5E7B_1UC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/IU0vxDeIZer9ZD2kQv0LG_-DxqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/hby4Hc0_KTGPQDuEgb5E7B_1UC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.0.0/21
185.90.40.0/22
IPv6:
2a00:ebc0::/32
Signature Algorithm: sha256WithRSAEncryption
99:c2:a8:0e:a5:e7:4f:86:17:ec:60:ce:1d:10:ae:89:ef:43:
bc:d0:49:97:a7:0b:ad:ca:48:a0:fb:df:87:5f:70:1a:92:12:
ed:38:73:b9:a4:96:08:39:cf:c9:4d:28:b3:8f:9a:58:64:81:
de:28:c1:74:56:52:7e:cd:55:fc:3a:91:5d:4a:69:d2:ce:66:
3a:00:90:7f:1d:68:a2:c5:93:7c:8b:04:d4:92:80:79:2b:03:
de:ba:31:51:f1:b4:45:9b:9c:cf:da:28:db:a7:33:76:1f:aa:
79:8d:10:45:1b:8c:56:dc:3e:c8:23:62:41:65:0b:ec:02:97:
d3:0a:5e:d2:30:61:a0:b4:dd:0f:59:9b:97:50:fd:af:18:16:
97:b4:65:81:11:b7:31:e6:90:b9:c5:19:73:68:08:a2:80:21:
f7:e3:7d:f1:e2:c1:0a:31:49:bf:df:fb:b0:1b:88:c3:8c:dd:
f5:de:3e:03:c7:58:5e:9d:46:3d:a1:e5:47:bb:ed:20:36:59:
71:39:e1:e1:cd:c5:fd:f9:de:cb:e6:6d:4b:7b:70:0a:2c:53:
8b:7c:a6:e6:9f:28:a9:17:07:fb:0c:45:fe:4e:2d:c4:e3:57:
97:06:16:42:f1:23:ce:00:aa:c8:31:b2:35:72:8c:f3:21:ca:
f4:bf:82:85
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrifuKpXOGpMvtyDaRV+kvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YmNiODFkY2QzZjI5MzE4ZjQwM2I4NDgxYmU0NGVjMWZm
NTUwMmUwHhcNMjMwMTAxMDQxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRkMmZjNDM3ODg2NWVhZmQ2NDNkYTQ0MmZkMGIxYmZmODNjNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6iLDauhyj4rlbfsDbR4eI9AIyE+
8p4FZsyVnhGhdEOTOUldGK+DOMm/qdkLpG9aaDPmn1McaU37n7ceIkJqkpiXnXLu
bKO0ZBMpRlUIE0Ko7h55HAxfncgQN4K1zyji/zxrRTCKpPPBPdvi9E96UTH7k8vR
hKDvawF9GPW2rFX6BmPWNpM2wtEr9QEWpMuCTreCBGy9GPg6XVQi/MUmOgXTQYIE
VjRzErbPWEd8L8KIFBPXg+8pnVnbmRuLw2kZEDRi33XYUGI2QbSPcQMLj203t95j
rSRM7UMlgQRsZ8+okkxKjz52XbTE82e/fQcpgLu5iZLJV6nJmtiUp04HJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCFNL8Q3iGXq/WQ9pEL9Cxv/g8aiMB8GA1UdIwQY
MBaAFIW8uB3NPykxj0A7hIG+ROwf9VAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJ5NEhjMF9LVEdQUUR1RWdiNUU3Ql8xVUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81NjUwNjUtZGE0ZC00Y2JlLTkwNjEt
ODc4MWM0ZmUwMTFmLzEvSVUwdnhEZUlaZXI5WkQya1F2MExHXy1EeHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81NjUwNjUtZGE0ZC00Y2JlLTkwNjEtODc4MWM0ZmUwMTFm
LzEvaGJ5NEhjMF9LVEdQUUR1RWdiNUU3Ql8xVUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBQsAAwQC
uVooMA0EAgACMAcDBQAqAOvAMA0GCSqGSIb3DQEBCwUAA4IBAQCZwqgOpedPhhfs
YM4dEK6J70O80EmXpwutykig+9+HX3AakhLtOHO5pJYIOc/JTSizj5pYZIHeKMF0
VlJ+zVX8OpFdSmnSzmY6AJB/HWiixZN8iwTUkoB5KwPeujFR8bRFm5zP2ijbpzN2
H6p5jRBFG4xW3D7II2JBZQvsApfTCl7SMGGgtN0PWZuXUP2vGBaXtGWBEbcx5pC5
xRlzaAiigCH3433x4sEKMUm/3/uwG4jDjN313j4Dx1henUY9oeVHu+0gNllxOeHh
zcX9+d7L5m1Le3AKLFOLfKbmnyipFwf7DEX+Ti3E41eXBhZC8SPOAKrIMbI1cozz
Icr0v4KF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:45 2025 by rpki-client