Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/hoOjaTPjcYlFZZZsIvA0fAtmzx8.roa
File: hoOjaTPjcYlFZZZsIvA0fAtmzx8.roa (raw, json)
Hash identifier: /7MeaOijLHvmMmZ31kPbycpHVKzWTSGF9lPZYDUHjvE=
Subject key identifier: 86:83:A3:69:33:E3:71:89:45:65:96:6C:22:F0:34:7C:0B:66:CF:1F
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 0185737180E80229A1B12DD153D0B7E671CA
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/hoOjaTPjcYlFZZZsIvA0fAtmzx8.roa
Signing time: Mon 02 Jan 2023 17:04:56 +0000
ROA not before: Mon 02 Jan 2023 17:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202780
IP address blocks: 185.101.125.0/24 maxlen: 24
185.101.124.0/24 maxlen: 24
185.101.126.0/24 maxlen: 24
185.101.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:80:e8:02:29:a1:b1:2d:d1:53:d0:b7:e6:71:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Jan 2 17:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8683a36933e371894565966c22f0347c0b66cf1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:75:c9:4f:73:d3:bf:cb:fc:5c:0c:41:d5:4b:
cd:b1:1d:2c:9c:e3:b2:75:18:37:d3:5c:80:c6:5b:
36:e5:23:93:80:85:ff:65:06:90:18:ef:53:49:c8:
fb:c1:f6:28:94:ae:00:f3:b2:fb:61:02:89:8f:c5:
af:6a:dc:fe:f5:77:ee:e7:07:5f:f3:cb:55:27:d5:
85:0a:0e:44:98:3f:77:36:3f:a7:2a:55:ff:e5:f5:
bc:68:3b:33:13:03:16:bf:3c:96:11:57:24:6e:a5:
d7:63:c1:89:0a:4a:f3:d4:f9:a7:d4:b3:25:62:96:
06:7c:5a:e7:b4:af:9c:ba:36:19:75:77:8a:c5:f6:
3d:5f:76:59:82:40:db:1e:3f:c8:a4:e0:98:72:a6:
48:a0:5f:8c:ac:70:8e:3d:b9:69:8e:a8:db:3a:be:
72:f4:f0:fd:a2:fb:67:1e:fb:30:77:91:e5:ee:88:
75:05:54:98:83:d0:e3:1f:16:3c:97:83:c0:a9:fa:
f6:1b:3c:09:b7:66:d3:b1:ea:b9:78:d3:52:47:a3:
a5:68:a3:57:b0:3d:b2:da:06:79:f1:29:ef:d3:07:
65:88:0f:b0:3d:db:1a:99:46:7a:fe:77:35:5e:ac:
6f:ce:f4:00:2b:08:1b:91:a3:8b:01:77:77:b0:97:
97:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:83:A3:69:33:E3:71:89:45:65:96:6C:22:F0:34:7C:0B:66:CF:1F
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/hoOjaTPjcYlFZZZsIvA0fAtmzx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.124.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:a8:e2:57:61:08:97:41:88:46:33:ca:9a:8d:65:1c:a2:6b:
43:52:da:7f:31:fa:b3:ee:1b:b9:88:2a:ca:a1:29:dc:43:0f:
79:cd:4a:d2:34:77:64:b8:a6:64:df:c0:90:aa:a9:93:42:24:
60:b6:7c:f9:68:1d:ec:31:9a:08:a7:9b:a0:c7:8c:35:a7:ca:
d3:e7:c3:04:b9:b0:e1:87:f7:59:71:13:15:14:9a:48:32:d2:
3e:c7:ec:22:bb:86:ff:54:9b:ee:ba:94:df:f3:25:d4:22:3f:
fd:02:40:3a:a4:da:9f:18:32:8e:b8:74:99:56:43:00:d5:3d:
a0:f6:8a:ff:7e:e1:6c:09:3e:dc:7b:3d:2d:18:72:60:bb:e3:
6e:c6:f1:4f:21:df:5a:d7:34:fe:dd:ce:4a:fc:98:f1:ae:e7:
18:57:f5:7c:eb:ee:6e:b1:ed:bb:08:ff:a3:e1:3a:04:a7:73:
20:f1:1c:b6:ea:28:ec:92:1a:98:fd:f2:ee:d2:99:69:43:a0:
b3:44:46:ae:30:33:c1:d1:16:3d:d8:a4:ad:b8:56:d7:ba:79:
f9:5e:ed:00:e7:ba:39:af:ac:d0:75:66:22:e6:3d:f3:88:c0:
9e:f8:64:b2:3a:fb:14:50:b9:64:d6:96:80:0e:5a:1a:99:ac:
2c:0f:41:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzcYDoAimhsS3RU9C35nHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjMwMTAyMTcwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjgzYTM2OTMzZTM3MTg5NDU2NTk2NmMyMmYwMzQ3YzBiNjZjZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHXJT3PTv8v8XAxB1UvNsR0snOOy
dRg301yAxls25SOTgIX/ZQaQGO9TScj7wfYolK4A87L7YQKJj8Wvatz+9Xfu5wdf
88tVJ9WFCg5EmD93Nj+nKlX/5fW8aDszEwMWvzyWEVckbqXXY8GJCkrz1Pmn1LMl
YpYGfFrntK+cujYZdXeKxfY9X3ZZgkDbHj/IpOCYcqZIoF+MrHCOPblpjqjbOr5y
9PD9ovtnHvswd5Hl7oh1BVSYg9DjHxY8l4PAqfr2GzwJt2bTseq5eNNSR6OlaKNX
sD2y2gZ58Snv0wdliA+wPdsamUZ6/nc1XqxvzvQAKwgbkaOLAXd3sJeXmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaDo2kz43GJRWWWbCLwNHwLZs8fMB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEvaG9PamFUUGpjWWxGWlpac0l2QTBmQXRteng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWV8MA0G
CSqGSIb3DQEBCwUAA4IBAQC6qOJXYQiXQYhGM8qajWUcomtDUtp/Mfqz7hu5iCrK
oSncQw95zUrSNHdkuKZk38CQqqmTQiRgtnz5aB3sMZoIp5ugx4w1p8rT58MEubDh
h/dZcRMVFJpIMtI+x+wiu4b/VJvuupTf8yXUIj/9AkA6pNqfGDKOuHSZVkMA1T2g
9or/fuFsCT7cez0tGHJgu+NuxvFPId9a1zT+3c5K/JjxrucYV/V86+5use27CP+j
4ToEp3Mg8Ry26ijskhqY/fLu0plpQ6CzREauMDPB0RY92KStuFbXunn5Xu0A57o5
r6zQdWYi5j3ziMCe+GSyOvsUULlk1paADloamawsD0EK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:45 2025 by rpki-client