Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/7Y3fqwOfjLTt6yW551WAmfNTsc0.roa
File: 7Y3fqwOfjLTt6yW551WAmfNTsc0.roa (raw, json)
Hash identifier: eQbo3GAlzls/73i5MYz+xDkH7gjQpDdl5luldOnIv7M=
Subject key identifier: ED:8D:DF:AB:03:9F:8C:B4:ED:EB:25:B9:E7:55:80:99:F3:53:B1:CD
Certificate issuer: /CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Certificate serial: 01857315DED9B57E102A823FF8F3367ED83D
Authority key identifier: E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/7Y3fqwOfjLTt6yW551WAmfNTsc0.roa
Signing time: Mon 02 Jan 2023 15:24:51 +0000
ROA not before: Mon 02 Jan 2023 15:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34941
IP address blocks: 85.118.200.0/21 maxlen: 21
185.112.136.0/22 maxlen: 22
2a06:6180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:de:d9:b5:7e:10:2a:82:3f:f8:f3:36:7e:d8:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Validity
Not Before: Jan 2 15:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed8ddfab039f8cb4edeb25b9e7558099f353b1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:40:df:21:9e:77:2c:58:af:29:79:14:fd:
98:f1:4b:19:83:31:d0:be:7f:1d:e0:60:ec:93:3d:
8d:d9:91:be:cb:11:b6:1a:a1:26:01:ba:9b:a1:d8:
90:3d:56:a3:bb:49:4b:c9:95:29:6a:c9:8c:d5:1f:
eb:d2:a7:2d:46:de:b7:3e:8e:4d:69:57:dd:5b:65:
f0:c3:b6:36:2b:9a:46:09:fc:59:53:ca:eb:a8:6b:
22:33:3b:4d:05:5d:0e:78:74:ab:10:af:59:81:51:
a8:fe:85:f5:d4:12:59:52:82:42:6b:d1:58:e1:de:
b1:45:b1:2e:9f:07:bc:a1:ba:c5:67:59:d4:28:99:
12:62:f0:97:77:42:0f:35:b4:dc:45:3f:16:bd:e3:
10:47:a4:44:1f:0e:64:d8:a7:ea:18:f0:de:c9:af:
e9:c2:99:15:0a:17:ac:84:76:2d:70:5d:3d:d2:2c:
37:27:49:30:4e:d0:a3:6a:66:06:98:93:97:1b:36:
af:92:32:d3:08:37:5d:49:9a:da:f8:99:a5:38:96:
06:c9:4f:b6:dc:61:fe:db:71:e0:f3:74:81:60:0d:
95:40:89:13:38:de:18:0a:30:3d:63:80:e3:11:0d:
fd:e8:05:10:e0:9d:38:1a:e2:6c:15:f9:72:21:79:
3b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:8D:DF:AB:03:9F:8C:B4:ED:EB:25:B9:E7:55:80:99:F3:53:B1:CD
X509v3 Authority Key Identifier:
keyid:E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/7Y3fqwOfjLTt6yW551WAmfNTsc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/4ndTjewu_NLxHMY3GX0dmm_a6dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.200.0/21
185.112.136.0/22
IPv6:
2a06:6180::/29
Signature Algorithm: sha256WithRSAEncryption
43:4e:e7:00:68:0a:f2:7b:78:b8:ae:b6:b8:bf:33:21:e7:a6:
60:60:2d:7b:0d:c0:cd:dc:a9:f1:25:49:5b:7e:bb:c6:b4:51:
11:77:57:05:d0:f7:d9:c4:78:52:5b:d4:06:b1:53:00:23:8d:
49:2f:08:a7:1b:5b:9e:f5:a0:e3:f9:26:61:25:08:96:71:78:
df:37:25:4b:9f:c5:35:96:f4:d5:05:ab:7a:77:cd:d4:96:de:
ae:dd:77:5c:89:c9:6b:aa:f0:2c:d9:c8:31:ca:43:78:95:29:
42:99:5e:d1:48:28:67:37:9a:5c:b1:06:06:2f:c5:fc:b1:0a:
95:cb:4e:d0:0b:13:ae:08:b8:03:a8:cf:7f:36:dd:e9:25:eb:
65:68:9c:4b:03:2e:9c:f9:d1:05:07:44:01:36:76:26:82:a6:
89:35:2f:d9:03:9a:53:a4:25:5d:ab:c8:d1:0e:fe:b8:a3:4c:
64:9b:12:0e:3b:99:4f:0e:b0:d3:71:2e:5e:a7:c0:32:6b:4e:
fe:da:29:ad:74:7c:27:4a:88:a3:4a:50:f7:6d:79:a1:1d:e3:
d9:23:8d:73:58:b8:fa:42:0a:63:eb:c4:41:d9:a6:40:e3:f6:
58:28:0a:4c:8b:16:df:12:34:7d:4b:09:6e:91:14:80:bb:83:
df:53:50:ed
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzFd7ZtX4QKoI/+PM2ftg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNzc1MzhkZWMyZWZjZDJmMTFjYzYzNzE5N2QxZDlhNmZk
YWU5ZDkwHhcNMjMwMTAyMTUyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDhkZGZhYjAzOWY4Y2I0ZWRlYjI1YjllNzU1ODA5OWYzNTNiMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhBA3yGedyxYryl5FP2Y8UsZgzHQ
vn8d4GDskz2N2ZG+yxG2GqEmAbqbodiQPVaju0lLyZUpasmM1R/r0qctRt63Po5N
aVfdW2Xww7Y2K5pGCfxZU8rrqGsiMztNBV0OeHSrEK9ZgVGo/oX11BJZUoJCa9FY
4d6xRbEunwe8obrFZ1nUKJkSYvCXd0IPNbTcRT8WveMQR6REHw5k2KfqGPDeya/p
wpkVCheshHYtcF090iw3J0kwTtCjamYGmJOXGzavkjLTCDddSZra+JmlOJYGyU+2
3GH+23Hg83SBYA2VQIkTON4YCjA9Y4DjEQ396AUQ4J04GuJsFflyIXk7NQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO2N36sDn4y07esluedVgJnzU7HNMB8GA1UdIwQY
MBaAFOJ3U43sLvzS8RzGNxl9HZpv2unZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWIt
ODJlZTJkMmI0Mjg5LzEvN1kzZnF3T2ZqTFR0NnlXNTUxV0FtZk5Uc2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWItODJlZTJkMmI0Mjg5
LzEvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVXbIAwQC
uXCIMA0EAgACMAcDBQMqBmGAMA0GCSqGSIb3DQEBCwUAA4IBAQBDTucAaArye3i4
rra4vzMh56ZgYC17DcDN3KnxJUlbfrvGtFERd1cF0PfZxHhSW9QGsVMAI41JLwin
G1ue9aDj+SZhJQiWcXjfNyVLn8U1lvTVBat6d83Ult6u3XdciclrqvAs2cgxykN4
lSlCmV7RSChnN5pcsQYGL8X8sQqVy07QCxOuCLgDqM9/Nt3pJetlaJxLAy6c+dEF
B0QBNnYmgqaJNS/ZA5pTpCVdq8jRDv64o0xkmxIOO5lPDrDTcS5ep8Aya07+2imt
dHwnSoijSlD3bXmhHePZI41zWLj6Qgpj68RB2aZA4/ZYKApMixbfEjR9SwlukRSA
u4PfU1Dt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:15 2025 by rpki-client