Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/8t6Bzb0RIsC72ei9L__ouBAr_KY.roa
File: 8t6Bzb0RIsC72ei9L__ouBAr_KY.roa (raw, json)
Hash identifier: d9JvIgP8lkP2scbA1MXcGh5XpS5EDg2pO/8G/jOqmbk=
Subject key identifier: F2:DE:81:CD:BD:11:22:C0:BB:D9:E8:BD:2F:FF:E8:B8:10:2B:FC:A6
Certificate issuer: /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial: 01856C9CB6D5445FCB01588FFC5A3E78A9BE
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/8t6Bzb0RIsC72ei9L__ouBAr_KY.roa
Signing time: Sun 01 Jan 2023 09:14:47 +0000
ROA not before: Sun 01 Jan 2023 09:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58075
IP address blocks: 37.235.80.0/21 maxlen: 24
45.154.44.0/22 maxlen: 24
185.43.20.0/22 maxlen: 24
185.21.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:b6:d5:44:5f:cb:01:58:8f:fc:5a:3e:78:a9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
Validity
Not Before: Jan 1 09:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2de81cdbd1122c0bbd9e8bd2fffe8b8102bfca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:57:97:62:5d:76:86:7d:2d:e4:e1:11:72:8f:
60:38:67:e4:90:38:d1:f7:bf:b3:10:07:d7:c6:2d:
71:62:3e:57:0d:57:31:17:30:a8:4e:f0:76:7b:f9:
47:40:53:fe:1b:7c:19:13:63:b2:b4:91:d2:50:6f:
b6:9a:c9:92:dd:bb:42:af:fd:90:ce:60:6a:b2:e2:
23:ab:65:00:9b:7b:37:8f:ba:0a:d7:60:81:f5:8e:
d3:f6:7b:79:b5:4e:ad:9f:69:68:11:84:4f:9a:cb:
40:bd:81:91:bb:a5:c8:11:72:d4:05:f7:02:ac:ff:
28:9e:53:a7:c3:8e:04:25:3e:82:a1:0f:77:d4:fc:
ac:4a:0d:50:23:94:9f:94:1a:91:74:d9:f6:f7:f0:
05:27:d4:47:82:38:4b:74:55:3f:14:fa:62:b2:66:
1f:03:0f:a3:b6:3d:ab:db:fc:a8:51:44:e4:5d:7b:
6f:cc:3f:58:51:61:51:09:1c:f0:55:ac:23:00:e8:
3e:09:e7:8e:6a:40:f2:b5:a7:0d:41:ce:ec:12:27:
b7:39:6a:2f:3f:54:4e:b1:f0:48:f5:45:a5:58:42:
24:7e:c7:b6:28:b8:24:32:04:31:e2:d0:0d:f3:6b:
2a:82:bc:2a:73:b3:dd:44:f4:ed:3e:e4:41:61:f3:
ed:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DE:81:CD:BD:11:22:C0:BB:D9:E8:BD:2F:FF:E8:B8:10:2B:FC:A6
X509v3 Authority Key Identifier:
keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/8t6Bzb0RIsC72ei9L__ouBAr_KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.80.0/21
45.154.44.0/22
185.21.52.0/22
185.43.20.0/22
Signature Algorithm: sha256WithRSAEncryption
23:a0:68:d3:3e:42:6d:64:aa:bf:ae:74:9c:44:fe:75:8a:fe:
45:37:42:ee:fa:7c:dd:88:58:b4:72:67:cb:7e:4f:94:72:d8:
aa:81:d0:b9:22:0e:7a:bb:57:2c:6a:0a:25:e3:24:9f:28:34:
c1:4f:58:f2:61:28:ed:67:bd:38:db:30:ae:76:ba:ec:58:0f:
33:b5:31:8b:2e:00:3b:7f:52:d2:9e:cd:ac:3e:f1:e8:ec:91:
10:a7:59:57:8b:da:7a:86:d7:ce:24:b7:d3:c8:d3:cf:d8:7f:
5a:51:b5:64:67:bf:7e:e4:c2:e5:76:04:ab:a6:74:cc:21:53:
26:f1:ef:e0:8d:d6:31:1b:39:76:a9:83:73:04:73:68:95:46:
5b:86:63:91:dd:8c:39:f9:8a:26:97:f5:73:21:cc:9f:a2:7f:
ea:51:78:03:de:71:78:92:9b:37:85:89:a6:e3:f6:11:a0:56:
6a:8b:78:e4:99:2f:cc:9a:4d:9b:00:94:80:02:d3:5e:93:42:
53:8a:6d:d6:17:cf:00:81:b7:28:f3:d9:5b:4a:3b:25:8d:59:
23:73:d5:1e:92:03:85:af:57:34:4e:8b:40:21:00:2f:2d:54:
95:28:8a:17:59:2f:51:4e:8e:96:68:2e:65:45:98:6b:81:6e:
78:a3:b0:0b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsnLbVRF/LAViP/Fo+eKm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjMwMTAxMDkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRlODFjZGJkMTEyMmMwYmJkOWU4YmQyZmZmZThiODEwMmJmY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1eXYl12hn0t5OERco9gOGfkkDjR
97+zEAfXxi1xYj5XDVcxFzCoTvB2e/lHQFP+G3wZE2OytJHSUG+2msmS3btCr/2Q
zmBqsuIjq2UAm3s3j7oK12CB9Y7T9nt5tU6tn2loEYRPmstAvYGRu6XIEXLUBfcC
rP8onlOnw44EJT6CoQ931PysSg1QI5SflBqRdNn29/AFJ9RHgjhLdFU/FPpismYf
Aw+jtj2r2/yoUUTkXXtvzD9YUWFRCRzwVawjAOg+CeeOakDytacNQc7sEie3OWov
P1ROsfBI9UWlWEIkfse2KLgkMgQx4tAN82sqgrwqc7PdRPTtPuRBYfPt8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPLegc29ESLAu9novS//6LgQK/ymMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvOHQ2QnpiMFJJc0M3MmVpOUxfX291QkFyX0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJetQAwQC
LZosAwQCuRU0AwQCuSsUMA0GCSqGSIb3DQEBCwUAA4IBAQAjoGjTPkJtZKq/rnSc
RP51iv5FN0Lu+nzdiFi0cmfLfk+UctiqgdC5Ig56u1csagol4ySfKDTBT1jyYSjt
Z7042zCudrrsWA8ztTGLLgA7f1LSns2sPvHo7JEQp1lXi9p6htfOJLfTyNPP2H9a
UbVkZ79+5MLldgSrpnTMIVMm8e/gjdYxGzl2qYNzBHNolUZbhmOR3Yw5+Yoml/Vz
Icyfon/qUXgD3nF4kps3hYmm4/YRoFZqi3jkmS/Mmk2bAJSAAtNek0JTim3WF88A
gbco89lbSjsljVkjc9UekgOFr1c0TotAIQAvLVSVKIoXWS9RTo6WaC5lRZhrgW54
o7AL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:45 2025 by rpki-client