Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/cbd4a7-394d-4c03-bed5-d6b96e88a611/1/8B5fvoePdMnq0wXV3YxBuJ6NHgM.roa
File: 8B5fvoePdMnq0wXV3YxBuJ6NHgM.roa (raw, json)
Hash identifier: Hh++0MzuLcgqeVdJN0rdUXdmIHZoFXRgfRsOGpNerss=
Subject key identifier: F0:1E:5F:BE:87:8F:74:C9:EA:D3:05:D5:DD:8C:41:B8:9E:8D:1E:03
Certificate issuer: /CN=0bf2bbacb474dd6103e89117a6367456964df319
Certificate serial: 01856D6F85828F0EA73A39D978BF0B775A7C
Authority key identifier: 0B:F2:BB:AC:B4:74:DD:61:03:E8:91:17:A6:36:74:56:96:4D:F3:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_K7rLR03WED6JEXpjZ0VpZN8xk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/cbd4a7-394d-4c03-bed5-d6b96e88a611/1/8B5fvoePdMnq0wXV3YxBuJ6NHgM.roa
Signing time: Sun 01 Jan 2023 13:05:03 +0000
ROA not before: Sun 01 Jan 2023 13:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198188
IP address blocks: 185.220.17.0/24 maxlen: 24
185.220.16.0/24 maxlen: 24
185.220.18.0/24 maxlen: 24
185.220.19.0/24 maxlen: 24
31.186.104.0/24 maxlen: 24
31.186.105.0/24 maxlen: 24
31.186.108.0/24 maxlen: 24
31.186.109.0/24 maxlen: 24
31.186.106.0/24 maxlen: 24
31.186.107.0/24 maxlen: 24
31.186.111.0/24 maxlen: 24
31.186.110.0/24 maxlen: 24
2a0b:ea40::/32 maxlen: 32
2a0b:ea41::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:85:82:8f:0e:a7:3a:39:d9:78:bf:0b:77:5a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf2bbacb474dd6103e89117a6367456964df319
Validity
Not Before: Jan 1 13:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f01e5fbe878f74c9ead305d5dd8c41b89e8d1e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ad:56:cc:b5:e8:4d:b9:fa:c8:84:15:b0:6e:
19:b4:fa:d9:2d:c4:02:0f:61:06:29:0f:70:a6:4a:
48:5c:64:d8:7a:5b:b7:bd:22:1a:64:7d:8e:ac:af:
06:d6:32:54:f2:b6:de:db:36:a0:55:c4:cf:e0:0f:
cb:7c:32:51:38:a1:25:b5:12:dc:e9:92:a3:01:05:
03:31:de:25:b0:d8:25:8e:35:04:b1:5b:4d:64:0a:
3c:6b:97:a0:dc:6e:02:88:ba:f7:41:b1:f4:19:ba:
ff:fe:a9:d0:81:5f:f5:ef:39:d4:a9:32:c2:80:7b:
b1:77:c3:dd:dd:61:e1:b7:e9:a0:08:40:b5:e2:f4:
47:a3:5f:4d:40:59:a1:79:75:66:eb:6f:2f:ea:dd:
35:96:ff:a4:cb:63:a0:b4:d5:9c:3a:ee:3c:f0:c6:
c4:01:6c:83:d2:da:e9:bd:ac:3a:ce:23:cf:79:cb:
05:2d:0a:90:14:96:5d:28:d6:00:7d:af:21:b1:44:
fb:5a:92:c5:ec:ae:47:e2:8b:3f:15:92:41:62:9a:
5c:1a:a9:b6:a1:55:0d:ee:1c:c2:9c:5c:be:f9:ac:
9b:94:8b:f4:f1:c8:6f:f0:ac:2c:cb:c9:52:d5:c0:
bc:c5:39:d5:bc:3b:91:36:b4:ef:20:eb:bc:d6:d7:
97:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1E:5F:BE:87:8F:74:C9:EA:D3:05:D5:DD:8C:41:B8:9E:8D:1E:03
X509v3 Authority Key Identifier:
keyid:0B:F2:BB:AC:B4:74:DD:61:03:E8:91:17:A6:36:74:56:96:4D:F3:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_K7rLR03WED6JEXpjZ0VpZN8xk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/cbd4a7-394d-4c03-bed5-d6b96e88a611/1/8B5fvoePdMnq0wXV3YxBuJ6NHgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/cbd4a7-394d-4c03-bed5-d6b96e88a611/1/C_K7rLR03WED6JEXpjZ0VpZN8xk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.104.0/21
185.220.16.0/22
IPv6:
2a0b:ea40::/31
Signature Algorithm: sha256WithRSAEncryption
53:51:40:d5:4c:2b:21:82:9f:d7:fc:ff:0c:b4:63:52:16:0f:
35:2c:8f:1a:9a:c3:4a:4f:c3:0e:92:48:9d:64:09:10:c7:b1:
1c:69:64:9f:65:16:e2:de:3e:21:0a:9f:2c:c8:21:63:e4:ff:
9c:93:ee:27:b8:d8:fa:63:98:4f:22:16:d9:17:50:b4:0a:1b:
ac:54:c2:8f:70:e2:57:19:4a:1c:56:81:1f:c6:c0:72:e2:f8:
bb:58:7e:e8:15:de:3e:f7:2d:0f:8c:68:91:52:a3:06:2f:cc:
31:c1:6a:10:73:09:c1:c4:35:cb:40:44:82:d4:7b:78:bf:af:
00:ac:96:ca:8f:24:e1:b2:7f:91:44:59:b1:b2:bf:66:d9:08:
b7:ce:3d:b4:54:01:7b:e6:6d:07:c5:e3:3e:02:af:92:8b:b9:
34:51:1b:cb:31:57:de:10:b7:88:77:77:93:cc:7d:ef:5e:da:
ef:c8:85:32:d3:3c:6e:9e:68:90:50:fd:f9:7d:4b:9a:2c:57:
b6:d1:88:0f:4e:39:6c:2e:f6:f7:47:08:c1:3d:76:32:ed:40:
fe:1c:fa:ac:c4:bd:93:03:25:6d:c0:ea:b1:d7:44:ed:99:a3:
8b:b8:20:a9:67:d5:f6:85:c5:d8:3f:20:eb:19:55:f6:b4:a2:
0d:b7:1b:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtb4WCjw6nOjnZeL8Ld1p8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjJiYmFjYjQ3NGRkNjEwM2U4OTExN2E2MzY3NDU2OTY0
ZGYzMTkwHhcNMjMwMTAxMTMwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDFlNWZiZTg3OGY3NGM5ZWFkMzA1ZDVkZDhjNDFiODllOGQxZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl61WzLXoTbn6yIQVsG4ZtPrZLcQC
D2EGKQ9wpkpIXGTYelu3vSIaZH2OrK8G1jJU8rbe2zagVcTP4A/LfDJROKEltRLc
6ZKjAQUDMd4lsNgljjUEsVtNZAo8a5eg3G4CiLr3QbH0Gbr//qnQgV/17znUqTLC
gHuxd8Pd3WHht+mgCEC14vRHo19NQFmheXVm628v6t01lv+ky2OgtNWcOu488MbE
AWyD0trpvaw6ziPPecsFLQqQFJZdKNYAfa8hsUT7WpLF7K5H4os/FZJBYppcGqm2
oVUN7hzCnFy++ayblIv08chv8Kwsy8lS1cC8xTnVvDuRNrTvIOu81teXuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPAeX76Hj3TJ6tMF1d2MQbiejR4DMB8GA1UdIwQY
MBaAFAvyu6y0dN1hA+iRF6Y2dFaWTfMZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19LN3JMUjAzV0VENkpFWHBqWjBWcFpOOHhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9jYmQ0YTctMzk0ZC00YzAzLWJlZDUt
ZDZiOTZlODhhNjExLzEvOEI1ZnZvZVBkTW5xMHdYVjNZeEJ1SjZOSGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9jYmQ0YTctMzk0ZC00YzAzLWJlZDUtZDZiOTZlODhhNjEx
LzEvQ19LN3JMUjAzV0VENkpFWHBqWjBWcFpOOHhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDH7poAwQC
udwQMA0EAgACMAcDBQEqC+pAMA0GCSqGSIb3DQEBCwUAA4IBAQBTUUDVTCshgp/X
/P8MtGNSFg81LI8amsNKT8MOkkidZAkQx7EcaWSfZRbi3j4hCp8syCFj5P+ck+4n
uNj6Y5hPIhbZF1C0ChusVMKPcOJXGUocVoEfxsBy4vi7WH7oFd4+9y0PjGiRUqMG
L8wxwWoQcwnBxDXLQESC1Ht4v68ArJbKjyThsn+RRFmxsr9m2Qi3zj20VAF75m0H
xeM+Aq+Si7k0URvLMVfeELeId3eTzH3vXtrvyIUy0zxunmiQUP35fUuaLFe20YgP
TjlsLvb3RwjBPXYy7UD+HPqsxL2TAyVtwOqx10TtmaOLuCCpZ9X2hcXYPyDrGVX2
tKINtxt5
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:10 2025 by rpki-client