Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/y-Y89JwdhPqVRr3ES8OjI6fSebc.roa
File: y-Y89JwdhPqVRr3ES8OjI6fSebc.roa (raw, json)
Hash identifier: nbGubP3ZYuwpTvcGmV88+8r/rXGqj0mfPnCzs4m+UyY=
Subject key identifier: CB:E6:3C:F4:9C:1D:84:FA:95:46:BD:C4:4B:C3:A3:23:A7:D2:79:B7
Certificate issuer: /CN=ba76706d3e08813db8b2776628af846518e26dd2
Certificate serial: 0B71E413
Authority key identifier: BA:76:70:6D:3E:08:81:3D:B8:B2:77:66:28:AF:84:65:18:E2:6D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/unZwbT4IgT24sndmKK-EZRjibdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/y-Y89JwdhPqVRr3ES8OjI6fSebc.roa
Signing time: Sat 01 Jan 2022 09:55:51 +0000
ROA not before: Sat 01 Jan 2022 09:55:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203205
IP address blocks: 185.125.8.0/24 maxlen: 24
185.125.8.0/22 maxlen: 22
185.125.11.0/24 maxlen: 24
185.125.10.0/24 maxlen: 24
185.125.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192013331 (0xb71e413)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba76706d3e08813db8b2776628af846518e26dd2
Validity
Not Before: Jan 1 09:55:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbe63cf49c1d84fa9546bdc44bc3a323a7d279b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:de:d3:d3:49:0a:d9:7d:e7:96:4f:3d:10:94:
7b:34:c6:45:c9:73:60:e3:98:36:9e:d4:ea:bd:99:
bd:c5:93:ea:4a:b5:85:37:53:04:6b:a6:81:60:4a:
26:e9:4e:ce:b7:93:a2:74:be:92:0d:df:64:88:28:
40:e1:4a:b2:a3:00:81:15:71:64:cd:55:d7:a1:61:
ff:a8:13:49:f2:b8:6a:9f:0d:0b:52:32:67:53:94:
dd:81:0b:ac:f6:8e:2c:74:4f:06:72:58:d0:48:c9:
a8:15:6b:bd:4b:4c:42:19:03:0b:d0:7e:17:89:df:
09:bd:0b:d1:ba:1e:72:e7:1e:10:c3:bf:1c:c3:be:
66:1e:36:4e:8e:9e:7e:9d:be:1d:57:e5:b4:74:cd:
39:fb:35:18:f8:31:5e:2b:f9:f2:c8:45:00:1a:e8:
b9:2a:68:c0:88:8d:52:57:c3:65:0e:2a:d0:98:73:
46:aa:63:1c:73:b1:b4:89:3d:82:2d:05:5d:5b:9f:
f3:93:a3:4f:d1:dd:07:5a:55:39:10:da:d3:90:52:
7d:a9:06:6d:1f:fa:ec:df:15:e5:8c:b4:0e:eb:4c:
d8:1b:49:81:66:5f:64:8e:fa:1d:3d:59:d4:cb:27:
8d:03:b1:81:22:c6:4e:fd:17:c9:3d:f6:ab:bd:de:
8f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E6:3C:F4:9C:1D:84:FA:95:46:BD:C4:4B:C3:A3:23:A7:D2:79:B7
X509v3 Authority Key Identifier:
keyid:BA:76:70:6D:3E:08:81:3D:B8:B2:77:66:28:AF:84:65:18:E2:6D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/unZwbT4IgT24sndmKK-EZRjibdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/y-Y89JwdhPqVRr3ES8OjI6fSebc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/unZwbT4IgT24sndmKK-EZRjibdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.8.0/22
Signature Algorithm: sha256WithRSAEncryption
26:67:66:bd:0c:bc:3d:c9:f7:bb:50:8c:4c:bd:02:7e:da:27:
c8:15:a3:be:f6:17:ba:54:91:74:fb:97:f8:9c:78:ff:f6:52:
de:3d:b1:d9:d2:97:a9:39:43:a3:68:51:4a:b6:c0:6c:76:c7:
a1:b1:6e:30:c7:89:e8:e8:d3:0b:eb:bc:d3:36:eb:33:5c:56:
f8:5c:b6:29:48:38:d0:8c:f2:5a:c1:fb:ab:3f:96:c8:09:6b:
19:ca:9e:49:ce:1d:97:30:ee:e0:19:a4:40:89:1e:43:15:c6:
da:b2:1b:b6:67:63:fc:99:c1:f0:03:d0:f0:66:68:61:a9:e8:
d8:6c:d7:4b:41:00:b3:82:3d:35:50:05:7f:02:36:a7:cf:92:
36:4b:08:33:4b:13:d2:18:ca:dc:d9:f4:ad:41:f7:95:ff:40:
c7:8b:ee:2a:3b:eb:1b:af:50:93:31:de:55:64:17:6c:21:c5:
62:58:38:0b:69:f2:e7:b7:2c:62:0b:25:cb:3b:d4:f5:9e:08:
ab:4f:d4:25:81:6d:ec:25:42:d7:87:42:24:66:db:04:4a:03:
3e:e0:1f:3e:97:e8:04:76:d9:f8:60:c5:f9:47:2d:64:e8:4b:
39:17:e0:53:6e:87:d5:1b:79:bc:4c:28:00:ee:0a:96:d3:50:
30:57:b5:e5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC3HkEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTc2NzA2ZDNlMDg4MTNkYjhiMjc3NjYyOGFmODQ2NTE4ZTI2ZGQyMB4XDTIyMDEw
MTA5NTU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JlNjNjZjQ5YzFk
ODRmYTk1NDZiZGM0NGJjM2EzMjNhN2QyNzliNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHe09NJCtl955ZPPRCUezTGRclzYOOYNp7U6r2ZvcWT6kq1
hTdTBGumgWBKJulOzreTonS+kg3fZIgoQOFKsqMAgRVxZM1V16Fh/6gTSfK4ap8N
C1IyZ1OU3YELrPaOLHRPBnJY0EjJqBVrvUtMQhkDC9B+F4nfCb0L0boecuceEMO/
HMO+Zh42To6efp2+HVfltHTNOfs1GPgxXiv58shFABrouSpowIiNUlfDZQ4q0Jhz
RqpjHHOxtIk9gi0FXVuf85OjT9HdB1pVORDa05BSfakGbR/67N8V5Yy0DutM2BtJ
gWZfZI76HT1Z1MsnjQOxgSLGTv0XyT32q73ej7cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTL5jz0nB2E+pVGvcRLw6Mjp9J5tzAfBgNVHSMEGDAWgBS6dnBtPgiBPbiy
d2Yor4RlGOJt0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VuWndiVDRJZ1QyNHNuZG1LSy1FWlJqaWJkSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvNmQ0NzU5LWEwNWUtNDZiYy1iZTU4LTY2OWVlZDJlYzdlYS8x
L3ktWTg5SndkaFBxVlJyM0VTOE9qSTZmU2ViYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
NmQ0NzU5LWEwNWUtNDZiYy1iZTU4LTY2OWVlZDJlYzdlYS8xL3VuWndiVDRJZ1Qy
NHNuZG1LSy1FWlJqaWJkSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl9CDANBgkqhkiG9w0BAQsFAAOC
AQEAJmdmvQy8Pcn3u1CMTL0CftonyBWjvvYXulSRdPuX+Jx4//ZS3j2x2dKXqTlD
o2hRSrbAbHbHobFuMMeJ6OjTC+u80zbrM1xW+Fy2KUg40IzyWsH7qz+WyAlrGcqe
Sc4dlzDu4BmkQIkeQxXG2rIbtmdj/JnB8APQ8GZoYano2GzXS0EAs4I9NVAFfwI2
p8+SNksIM0sT0hjK3Nn0rUH3lf9Ax4vuKjvrG69QkzHeVWQXbCHFYlg4C2ny57cs
YgslyzvU9Z4Iq0/UJYFt7CVC14dCJGbbBEoDPuAfPpfoBHbZ+GDF+UctZOhLORfg
U26H1Rt5vEwoAO4KltNQMFe15Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:22 2025 by rpki-client