Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/u9a7ggdedAgsdt1bbUJX7V1mcRA.roa
File: u9a7ggdedAgsdt1bbUJX7V1mcRA.roa (raw, json)
Hash identifier: o9cGnE08+Z3gktR7tlo/PPwl/jOfwap0WuguPSDj7xY=
Subject key identifier: BB:D6:BB:82:07:5E:74:08:2C:76:DD:5B:6D:42:57:ED:5D:66:71:10
Certificate issuer: /CN=8e0840804c6680c41f21e8726f380b95e69e9447
Certificate serial: 01856E8B0EE5769A9E4A067681772E6E666E
Authority key identifier: 8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/u9a7ggdedAgsdt1bbUJX7V1mcRA.roa
Signing time: Sun 01 Jan 2023 18:14:45 +0000
ROA not before: Sun 01 Jan 2023 18:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21430
IP address blocks: 85.209.124.0/23 maxlen: 23
85.209.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:0e:e5:76:9a:9e:4a:06:76:81:77:2e:6e:66:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e0840804c6680c41f21e8726f380b95e69e9447
Validity
Not Before: Jan 1 18:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbd6bb82075e74082c76dd5b6d4257ed5d667110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:16:0a:f2:bb:d8:e3:1c:67:92:b9:fa:e6:a3:
01:da:ff:23:57:45:05:82:f8:df:aa:b5:c0:29:72:
31:4d:01:6e:4d:c8:26:c4:d2:63:a9:68:3e:62:d3:
f9:7d:82:93:3c:cc:39:76:cc:48:63:0c:d8:97:7c:
17:99:ae:35:cd:8b:41:05:22:ef:5d:67:7b:78:3e:
75:41:98:b4:f9:a9:ce:4c:60:1e:73:28:85:4d:6f:
a6:ea:a0:aa:4e:5a:cf:0a:52:24:c7:09:8b:6a:ac:
ec:2e:83:a3:a8:e1:85:42:06:27:e3:d4:38:e8:15:
01:4b:fc:41:23:4d:0f:11:6d:26:6e:9d:b7:b9:ab:
fe:9a:e9:b4:1b:36:fd:cd:f7:ec:9d:b9:50:b6:83:
4d:2f:fb:13:9e:d3:8e:20:7f:fe:58:7b:1f:e4:aa:
d3:b3:2a:fc:5a:09:07:64:24:7c:3d:41:c4:46:36:
60:59:ba:48:e4:17:76:cb:7a:7d:7a:9b:86:f3:eb:
c2:0c:54:6c:a9:04:7a:00:b5:9d:27:63:8b:9b:f0:
ae:ef:72:2f:fa:c2:47:a9:68:e8:93:4b:0b:35:b7:
53:10:ce:07:fe:3c:98:d5:d6:bd:d6:e9:30:76:1a:
2f:fa:5b:76:60:f2:75:79:6a:d3:27:ca:78:3c:08:
dd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D6:BB:82:07:5E:74:08:2C:76:DD:5B:6D:42:57:ED:5D:66:71:10
X509v3 Authority Key Identifier:
keyid:8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/u9a7ggdedAgsdt1bbUJX7V1mcRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.124.0-85.209.126.255
Signature Algorithm: sha256WithRSAEncryption
39:98:05:4a:40:41:f5:60:2b:f0:57:00:72:33:2c:ed:09:35:
9b:16:98:83:3f:98:5b:28:69:8b:99:4e:7c:8a:b4:f5:bb:17:
14:95:8e:c9:1b:5c:d6:cb:87:07:48:a2:07:83:c8:43:c1:af:
20:9e:3d:26:48:04:2f:54:e3:53:ce:03:66:7c:9b:d3:90:1b:
03:e1:16:1b:da:4f:53:b9:37:f0:b2:f7:f7:7b:86:40:49:82:
d5:e9:fe:f7:65:b7:b8:94:c0:da:5f:09:b8:e8:fb:e4:61:6b:
12:04:37:24:b3:a2:aa:af:a1:b1:23:ae:a4:10:c2:fc:99:01:
4e:6d:b7:c9:14:04:f4:19:d9:e2:1a:be:15:05:d8:35:0a:4c:
fa:a3:72:b2:b8:56:b0:13:e9:9f:e3:bf:76:8a:fb:49:48:02:
65:82:04:02:c9:09:00:df:88:ca:fd:41:c6:29:b2:0a:4d:57:
14:77:1d:8a:0c:13:72:1a:65:c9:aa:fd:82:3d:80:7c:50:11:
70:fd:bc:63:af:f5:4c:da:56:e9:84:b9:f6:79:87:00:73:4f:
64:3e:13:a0:88:33:4b:49:9a:bf:72:98:f5:8f:2a:bd:d4:a4:
b3:39:07:52:d6:41:de:e3:bd:1a:37:13:03:bd:49:b0:92:a8:
93:4d:88:f3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVuiw7ldpqeSgZ2gXcubmZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDg0MDgwNGM2NjgwYzQxZjIxZTg3MjZmMzgwYjk1ZTY5
ZTk0NDcwHhcNMjMwMTAxMTgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ2YmI4MjA3NWU3NDA4MmM3NmRkNWI2ZDQyNTdlZDVkNjY3MTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihYK8rvY4xxnkrn65qMB2v8jV0UF
gvjfqrXAKXIxTQFuTcgmxNJjqWg+YtP5fYKTPMw5dsxIYwzYl3wXma41zYtBBSLv
XWd7eD51QZi0+anOTGAecyiFTW+m6qCqTlrPClIkxwmLaqzsLoOjqOGFQgYn49Q4
6BUBS/xBI00PEW0mbp23uav+mum0Gzb9zffsnblQtoNNL/sTntOOIH/+WHsf5KrT
syr8WgkHZCR8PUHERjZgWbpI5Bd2y3p9epuG8+vCDFRsqQR6ALWdJ2OLm/Cu73Iv
+sJHqWjok0sLNbdTEM4H/jyY1da91ukwdhov+lt2YPJ1eWrTJ8p4PAjd0wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLvWu4IHXnQILHbdW21CV+1dZnEQMB8GA1UdIwQY
MBaAFI4IQIBMZoDEHyHocm84C5XmnpRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYt
YzI3OTk3NTNjODUzLzEvdTlhN2dnZGVkQWdzZHQxYmJVSlg3VjFtY1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYtYzI3OTk3NTNjODUz
LzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJV0XwD
BABV0X4wDQYJKoZIhvcNAQELBQADggEBADmYBUpAQfVgK/BXAHIzLO0JNZsWmIM/
mFsoaYuZTnyKtPW7FxSVjskbXNbLhwdIogeDyEPBryCePSZIBC9U41POA2Z8m9OQ
GwPhFhvaT1O5N/Cy9/d7hkBJgtXp/vdlt7iUwNpfCbjo++RhaxIENySzoqqvobEj
rqQQwvyZAU5tt8kUBPQZ2eIavhUF2DUKTPqjcrK4VrAT6Z/jv3aK+0lIAmWCBALJ
CQDfiMr9QcYpsgpNVxR3HYoME3IaZcmq/YI9gHxQEXD9vGOv9UzaVumEufZ5hwBz
T2Q+E6CIM0tJmr9ymPWPKr3UpLM5B1LWQd7jvRo3EwO9SbCSqJNNiPM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:51 2025 by rpki-client