Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/0ojf0E16tufHeENOF7k5ZIzobpI.roa
File: 0ojf0E16tufHeENOF7k5ZIzobpI.roa (raw, json)
Hash identifier: U4FclrqbBBsniBlklb9xDprgNFBjWHalTnU8TWYL7r0=
Subject key identifier: D2:88:DF:D0:4D:7A:B6:E7:C7:78:43:4E:17:B9:39:64:8C:E8:6E:92
Certificate issuer: /CN=4b6d7ea41033837f08c28c4742984b82b8f443df
Certificate serial: 0306CD1D
Authority key identifier: 4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/0ojf0E16tufHeENOF7k5ZIzobpI.roa
Signing time: Sat 01 Jan 2022 10:54:04 +0000
ROA not before: Sat 01 Jan 2022 10:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50563
IP address blocks: 85.209.182.0/23 maxlen: 23
85.209.182.0/24 maxlen: 24
85.209.180.0/24 maxlen: 24
85.209.180.0/23 maxlen: 23
85.209.183.0/24 maxlen: 24
85.209.180.0/22 maxlen: 22
85.209.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50777373 (0x306cd1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b6d7ea41033837f08c28c4742984b82b8f443df
Validity
Not Before: Jan 1 10:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d288dfd04d7ab6e7c778434e17b939648ce86e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fe:8d:ae:04:ef:74:e0:53:49:6c:5c:d0:b0:
ef:1e:1b:c0:4a:23:92:6d:b0:73:95:17:ca:a9:7b:
74:b2:de:b3:4d:4a:59:64:4c:c8:4d:5a:98:0c:65:
8d:6c:af:4b:b9:e1:7b:73:58:50:8b:28:cb:d7:21:
82:2c:db:b8:06:b8:7d:33:54:f4:f6:e2:77:c6:f4:
65:4c:73:c7:ee:81:32:34:80:30:5d:15:f2:69:0a:
22:f5:91:30:c2:fa:68:d1:a1:5e:5a:df:38:df:e5:
e0:16:0b:c3:b9:3f:9c:9c:07:b0:a0:8a:03:fd:72:
99:5c:ba:11:ad:0c:0d:36:ab:c7:74:96:ba:f5:6b:
68:0b:5b:b0:bf:70:1c:58:0b:31:50:67:f5:fb:bc:
71:b2:68:b6:29:d8:0e:97:b5:dd:8b:a5:df:00:71:
f6:16:f4:39:06:f8:1f:20:59:c3:7d:68:c9:b7:15:
53:3f:ce:f0:e7:09:41:cb:e8:9b:e8:ad:0f:bc:6b:
3b:63:40:b4:a5:bb:9e:4f:c5:91:f6:ef:85:94:19:
82:92:c4:78:d2:e5:9d:67:fd:51:58:8f:45:7e:af:
2d:31:95:ad:d4:9f:fa:82:23:f0:f9:58:a9:d3:cc:
ad:e1:cc:39:8c:26:4b:59:89:fe:5b:c1:79:4b:50:
31:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:88:DF:D0:4D:7A:B6:E7:C7:78:43:4E:17:B9:39:64:8C:E8:6E:92
X509v3 Authority Key Identifier:
keyid:4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/0ojf0E16tufHeENOF7k5ZIzobpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.180.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:e2:da:c5:08:05:2b:b7:4c:29:d8:d6:7a:cd:a8:ea:43:a5:
b7:92:81:f8:b3:bd:fa:a1:38:e6:04:6b:fd:42:fc:bb:2a:bd:
3b:6e:53:e9:0c:1d:39:ff:fc:83:a5:2f:d6:87:f4:c4:6f:6c:
ff:8f:e9:de:e1:74:34:4f:72:4e:76:e7:12:35:30:2a:94:b2:
6b:e0:c0:bf:95:a3:40:44:0e:1b:72:3d:0e:7f:f8:e3:48:27:
10:1d:72:a2:87:4a:ad:ab:f7:19:62:1b:c5:38:a2:29:e3:c8:
b8:ea:dc:73:38:9b:2c:26:da:f6:84:6d:b8:4b:c0:ac:ac:b4:
e5:dc:f3:4e:75:d9:bc:44:03:25:18:9d:cb:1e:56:2c:4a:03:
c6:3a:49:e6:d7:2c:52:bc:d0:88:1e:b5:47:67:19:30:25:2e:
b7:5a:2f:05:b6:d9:75:91:51:c1:35:5f:82:dc:c4:9c:e2:e3:
2e:2d:ba:32:96:2d:af:82:2a:29:50:08:de:b5:9b:97:94:d6:
7c:44:e5:9e:42:00:7b:79:d8:0c:41:1a:1e:c7:57:83:7b:ee:
bc:00:6b:b8:ea:26:fd:0c:77:a9:da:7a:f3:2e:2f:3c:b8:2d:
b2:e5:2e:d3:43:7c:5d:36:83:86:c8:d8:79:8d:e2:f5:3b:ba:
30:da:23:12
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAwbNHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjZkN2VhNDEwMzM4MzdmMDhjMjhjNDc0Mjk4NGI4MmI4ZjQ0M2RmMB4XDTIyMDEw
MTEwNTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI4OGRmZDA0ZDdh
YjZlN2M3Nzg0MzRlMTdiOTM5NjQ4Y2U4NmU5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKj+ja4E73TgU0lsXNCw7x4bwEojkm2wc5UXyql7dLLes01K
WWRMyE1amAxljWyvS7nhe3NYUIsoy9chgizbuAa4fTNU9Pbid8b0ZUxzx+6BMjSA
MF0V8mkKIvWRMML6aNGhXlrfON/l4BYLw7k/nJwHsKCKA/1ymVy6Ea0MDTarx3SW
uvVraAtbsL9wHFgLMVBn9fu8cbJotinYDpe13Yul3wBx9hb0OQb4HyBZw31oybcV
Uz/O8OcJQcvom+itD7xrO2NAtKW7nk/FkfbvhZQZgpLEeNLlnWf9UViPRX6vLTGV
rdSf+oIj8PlYqdPMreHMOYwmS1mJ/lvBeUtQMcECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTSiN/QTXq258d4Q04XuTlkjOhukjAfBgNVHSMEGDAWgBRLbX6kEDODfwjC
jEdCmEuCuPRD3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MyMS1wQkF6ZzM4SXdveEhRcGhMZ3JqMFE5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvMWQwNjgxLWZlMjAtNDdhMy05NGRmLTVlZTg3MjFjMWNmYy8x
LzBvamYwRTE2dHVmSGVFTk9GN2s1Wkl6b2JwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
MWQwNjgxLWZlMjAtNDdhMy05NGRmLTVlZTg3MjFjMWNmYy8xL1MyMS1wQkF6ZzM4
SXdveEhRcGhMZ3JqMFE5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXRtDANBgkqhkiG9w0BAQsFAAOC
AQEALuLaxQgFK7dMKdjWes2o6kOlt5KB+LO9+qE45gRr/UL8uyq9O25T6QwdOf/8
g6Uv1of0xG9s/4/p3uF0NE9yTnbnEjUwKpSya+DAv5WjQEQOG3I9Dn/440gnEB1y
oodKrav3GWIbxTiiKePIuOrcczibLCba9oRtuEvArKy05dzzTnXZvEQDJRidyx5W
LEoDxjpJ5tcsUrzQiB61R2cZMCUut1ovBbbZdZFRwTVfgtzEnOLjLi26MpYtr4Iq
KVAI3rWbl5TWfETlnkIAe3nYDEEaHsdXg3vuvABruOom/Qx3qdp68y4vPLgtsuUu
00N8XTaDhsjYeY3i9Tu6MNojEg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:29 2025 by rpki-client