Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/8vdntlSZsyliB4THtPZPSoz3AYo.roa
File: 8vdntlSZsyliB4THtPZPSoz3AYo.roa (raw, json)
Hash identifier: njwEGKGSh5e4DacZsgjJsvzZ2KdrNAjTuDfG6+LmLJY=
Subject key identifier: F2:F7:67:B6:54:99:B3:29:62:07:84:C7:B4:F6:4F:4A:8C:F7:01:8A
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 018A8671A81E523B537D84373B39C6541F9D
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/8vdntlSZsyliB4THtPZPSoz3AYo.roa
Signing time: Mon 11 Sep 2023 22:51:50 +0000
ROA not before: Mon 11 Sep 2023 22:51:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 194.0.207.0/24 maxlen: 24
185.213.169.0/24 maxlen: 24
185.213.171.0/24 maxlen: 24
185.213.170.0/24 maxlen: 24
2a0b:8b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:86:71:a8:1e:52:3b:53:7d:84:37:3b:39:c6:54:1f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Sep 11 22:51:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2f767b65499b329620784c7b4f64f4a8cf7018a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:02:75:e0:e7:a1:0c:7a:fd:d8:68:bf:14:f6:
ee:6d:13:6b:f3:ef:44:2d:18:18:47:0e:f0:0a:69:
57:57:c5:28:06:70:ae:2b:33:bf:1a:d4:04:f5:f7:
56:2e:ee:4e:59:18:9e:1f:7a:a3:2c:d7:1b:b9:00:
26:aa:35:a2:37:73:4c:63:37:6b:c5:8e:53:45:e6:
d3:4b:f3:8e:af:33:9d:c5:e5:22:9c:e6:fd:bf:59:
2c:d0:ac:93:40:3f:7d:52:fc:25:60:d7:6e:9f:1e:
4f:39:a7:85:55:d9:3d:cc:64:ac:19:5a:b7:00:3b:
20:19:38:10:9f:89:63:b2:81:11:d8:22:65:70:ba:
42:e5:f7:46:fa:2e:92:50:3b:0f:c5:ea:e9:63:22:
db:f8:26:bf:81:0f:47:c0:47:3f:f0:dc:24:74:7b:
1c:19:33:e9:90:c1:af:68:dc:f8:1c:5b:b2:a4:8f:
77:d9:31:75:1b:1e:d4:0f:b0:53:f5:bf:b5:7f:06:
18:52:d5:1e:37:6c:29:42:c6:79:1c:03:10:e6:db:
79:89:92:c2:dd:73:49:8d:3f:5a:9c:1f:d0:01:3a:
d7:23:8c:ed:61:6b:aa:52:88:66:c5:aa:7b:7e:dc:
6e:7f:c8:55:c2:35:25:64:3d:dd:d4:ef:5e:84:0c:
1e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F7:67:B6:54:99:B3:29:62:07:84:C7:B4:F6:4F:4A:8C:F7:01:8A
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/8vdntlSZsyliB4THtPZPSoz3AYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.169.0-185.213.171.255
194.0.207.0/24
IPv6:
2a0b:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
15:ea:91:f8:ee:d3:c4:ae:f4:aa:e8:b5:8c:53:2e:10:01:2c:
57:c4:f7:46:5e:6a:f8:c0:14:94:28:0b:5f:dd:ca:c1:6e:28:
01:ed:f5:7a:bd:b9:90:92:ac:6b:be:16:b3:fe:f2:f1:5d:ab:
f1:3c:7c:7d:b3:19:f1:70:1f:69:f7:83:64:ac:01:b8:c0:94:
59:45:e4:00:3c:5a:49:0f:df:3e:e5:54:68:1b:b5:98:8b:46:
52:0a:6d:f5:79:13:b3:d5:4b:a6:19:84:be:67:ed:83:8b:2f:
77:05:cd:cc:41:f4:2c:d5:6a:60:d2:c1:06:58:63:35:2d:4c:
59:95:1b:11:db:aa:97:ef:63:78:79:8f:9d:32:56:58:3c:7d:
f8:ab:9e:e7:4f:55:a7:19:86:ce:a3:2b:4a:c4:12:71:40:c4:
56:87:5e:ba:f9:cf:9d:40:16:7b:d0:4b:69:4b:f1:53:ad:cf:
80:a8:f0:fc:db:7f:11:71:11:a5:9a:7c:02:10:d6:be:e6:0f:
61:1a:48:d0:9d:72:4a:83:35:51:90:19:b9:f2:b0:05:13:2d:
c2:5a:f2:1b:99:57:8d:aa:31:96:a0:81:6d:a3:0f:1c:6c:04:
cf:4e:d9:be:c1:35:5f:9c:4c:c7:42:93:3f:4e:f6:fe:e9:e8:
da:31:18:5b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYqGcageUjtTfYQ3OznGVB+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjMwOTExMjI1MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmY3NjdiNjU0OTliMzI5NjIwNzg0YzdiNGY2NGY0YThjZjcwMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwJ14OehDHr92Gi/FPbubRNr8+9E
LRgYRw7wCmlXV8UoBnCuKzO/GtQE9fdWLu5OWRieH3qjLNcbuQAmqjWiN3NMYzdr
xY5TRebTS/OOrzOdxeUinOb9v1ks0KyTQD99UvwlYNdunx5POaeFVdk9zGSsGVq3
ADsgGTgQn4ljsoER2CJlcLpC5fdG+i6SUDsPxerpYyLb+Ca/gQ9HwEc/8NwkdHsc
GTPpkMGvaNz4HFuypI932TF1Gx7UD7BT9b+1fwYYUtUeN2wpQsZ5HAMQ5tt5iZLC
3XNJjT9anB/QATrXI4ztYWuqUohmxap7ftxuf8hVwjUlZD3d1O9ehAwemwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPL3Z7ZUmbMpYgeEx7T2T0qM9wGKMB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvOHZkbnRsU1pzeWxpQjRUSHRQWlBTb3ozQVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC51akD
BAK51agDBADCAM8wDQQCAAIwBwMFAyoLi0AwDQYJKoZIhvcNAQELBQADggEBABXq
kfju08Su9KrotYxTLhABLFfE90ZeavjAFJQoC1/dysFuKAHt9Xq9uZCSrGu+FrP+
8vFdq/E8fH2zGfFwH2n3g2SsAbjAlFlF5AA8WkkP3z7lVGgbtZiLRlIKbfV5E7PV
S6YZhL5n7YOLL3cFzcxB9CzVamDSwQZYYzUtTFmVGxHbqpfvY3h5j50yVlg8ffir
nudPVacZhs6jK0rEEnFAxFaHXrr5z51AFnvQS2lL8VOtz4Co8PzbfxFxEaWafAIQ
1r7mD2EaSNCdckqDNVGQGbnysAUTLcJa8huZV42qMZaggW2jDxxsBM9O2b7BNV+c
TMdCkz9O9v7p6NoxGFs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:32 2025 by rpki-client