Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/8edBlGjuFKdC87tOVP0RtAiyrQY.roa
File: 8edBlGjuFKdC87tOVP0RtAiyrQY.roa (raw, json)
Hash identifier: uj9CEspIjBC4PmJvBmNitrdHWg8z5VUNxM+dtVqn514=
Subject key identifier: F1:E7:41:94:68:EE:14:A7:42:F3:BB:4E:54:FD:11:B4:08:B2:AD:06
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 01856CF87A2470EEAD67A4CC5492B3A84BA1
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/8edBlGjuFKdC87tOVP0RtAiyrQY.roa
Signing time: Sun 01 Jan 2023 10:55:01 +0000
ROA not before: Sun 01 Jan 2023 10:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41960
IP address blocks: 45.129.144.0/22 maxlen: 24
185.249.40.0/22 maxlen: 24
2a0e:5b40::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:7a:24:70:ee:ad:67:a4:cc:54:92:b3:a8:4b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Jan 1 10:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1e7419468ee14a742f3bb4e54fd11b408b2ad06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ce:2b:44:4c:93:c2:60:fa:61:d3:e5:29:6e:
91:aa:11:3a:62:c3:1e:58:98:ae:58:e6:fa:ee:90:
d3:55:cb:7a:ee:1e:42:2e:98:f2:76:9d:cb:ae:71:
e4:d2:e4:e5:68:e9:39:67:69:0e:78:f0:b2:0f:3e:
5d:7a:36:58:89:02:bd:ee:aa:04:36:33:22:5e:24:
63:ee:9d:e7:36:a8:c2:45:02:62:02:bb:82:21:10:
f0:55:93:d6:32:1f:15:5f:7e:77:7a:f9:c3:b2:8c:
ff:8e:3e:12:49:1f:5b:40:bf:f8:ee:17:8b:35:bf:
a7:65:ce:19:4d:1b:3b:40:d2:1b:46:75:96:81:f4:
4e:17:93:4d:4c:b9:fa:a8:eb:5f:7e:e4:26:98:f5:
65:e8:83:10:01:0f:c4:17:cf:22:64:5a:78:29:38:
b4:76:e6:93:e1:68:25:cc:62:59:94:4a:3c:47:5d:
3e:fe:0b:4d:3a:bd:ad:6a:11:fe:53:bf:53:35:c0:
e9:98:71:73:a1:a4:f2:bd:d4:9b:8d:cd:dc:3f:59:
57:0a:84:9b:b8:af:2e:5f:04:d9:9a:06:c9:2f:52:
2f:36:f9:f8:e9:69:a4:cf:5e:1e:81:12:58:6d:00:
2c:f6:57:39:47:81:8c:54:60:68:1d:3a:81:50:c5:
2f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E7:41:94:68:EE:14:A7:42:F3:BB:4E:54:FD:11:B4:08:B2:AD:06
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/8edBlGjuFKdC87tOVP0RtAiyrQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.144.0/22
185.249.40.0/22
IPv6:
2a0e:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
44:73:02:a3:a1:03:53:43:c3:c8:42:ee:b9:47:dc:94:aa:ae:
04:47:60:45:c2:d5:28:05:0e:f1:da:e8:b0:89:ca:77:5b:ae:
71:5f:38:8c:db:b4:ff:81:e9:4e:c9:55:47:45:14:80:8f:ec:
04:e2:d9:22:02:80:33:e0:2d:66:d6:29:eb:2f:89:b8:bb:c8:
d9:ef:ef:2a:ce:5f:ca:fe:b5:03:5c:43:1d:aa:f3:cd:69:38:
ff:1e:f0:a9:ab:1e:2b:1c:bd:b7:fa:cb:28:fb:c1:d9:16:76:
9e:37:14:5c:82:27:e2:5b:62:fc:19:5d:e3:88:a1:8c:e0:da:
17:4f:d9:99:78:a6:e5:dd:49:95:2f:37:13:7a:1b:41:d3:05:
f5:cd:90:1b:b6:bd:62:78:fa:d0:2f:a6:8b:80:3d:f1:a2:11:
38:5b:c4:32:de:61:21:6f:58:7c:db:ae:76:6f:01:26:35:c5:
e6:93:55:f0:25:66:31:54:a7:95:38:5d:50:b2:8b:c4:ed:eb:
6b:87:a1:ab:fc:ef:f9:e4:8a:d1:cd:5b:41:09:09:34:72:97:
d6:3c:1c:4e:72:23:90:27:9b:7a:a6:26:5a:83:4e:28:86:82:
bb:b8:74:83:78:81:4b:37:aa:27:f5:30:1a:7d:27:9c:ab:7d:
f3:33:5c:c0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVs+HokcO6tZ6TMVJKzqEuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjMwMTAxMTA1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWU3NDE5NDY4ZWUxNGE3NDJmM2JiNGU1NGZkMTFiNDA4YjJhZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm84rREyTwmD6YdPlKW6RqhE6YsMe
WJiuWOb67pDTVct67h5CLpjydp3LrnHk0uTlaOk5Z2kOePCyDz5dejZYiQK97qoE
NjMiXiRj7p3nNqjCRQJiAruCIRDwVZPWMh8VX353evnDsoz/jj4SSR9bQL/47heL
Nb+nZc4ZTRs7QNIbRnWWgfROF5NNTLn6qOtffuQmmPVl6IMQAQ/EF88iZFp4KTi0
duaT4WglzGJZlEo8R10+/gtNOr2tahH+U79TNcDpmHFzoaTyvdSbjc3cP1lXCoSb
uK8uXwTZmgbJL1IvNvn46Wmkz14egRJYbQAs9lc5R4GMVGBoHTqBUMUv/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPHnQZRo7hSnQvO7TlT9EbQIsq0GMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvOGVkQmxHanVGS2RDODd0T1ZQMFJ0QWl5clFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYGQAwQC
ufkoMA0EAgACMAcDBQMqDltAMA0GCSqGSIb3DQEBCwUAA4IBAQBEcwKjoQNTQ8PI
Qu65R9yUqq4ER2BFwtUoBQ7x2uiwicp3W65xXziM27T/gelOyVVHRRSAj+wE4tki
AoAz4C1m1inrL4m4u8jZ7+8qzl/K/rUDXEMdqvPNaTj/HvCpqx4rHL23+sso+8HZ
FnaeNxRcgifiW2L8GV3jiKGM4NoXT9mZeKbl3UmVLzcTehtB0wX1zZAbtr1iePrQ
L6aLgD3xohE4W8Qy3mEhb1h82652bwEmNcXmk1XwJWYxVKeVOF1QsovE7etrh6Gr
/O/55IrRzVtBCQk0cpfWPBxOciOQJ5t6piZag04ohoK7uHSDeIFLN6on9TAafSec
q33zM1zA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:38 2025 by rpki-client