Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/mN8pwIFDqDPQoG5c73sLTu111vw.roa
File: mN8pwIFDqDPQoG5c73sLTu111vw.roa (raw, json)
Hash identifier: Gf8lTWCOqef4/VTmurpDe08L3UU28pVEr+Fe3bmqb0s=
Subject key identifier: 98:DF:29:C0:81:43:A8:33:D0:A0:6E:5C:EF:7B:0B:4E:ED:75:D6:FC
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 0185896D05BCBDFF7FF43B5EB2E86E08BF84
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/mN8pwIFDqDPQoG5c73sLTu111vw.roa
Signing time: Fri 06 Jan 2023 23:31:41 +0000
ROA not before: Fri 06 Jan 2023 23:31:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213354
IP address blocks: 194.15.112.0/24 maxlen: 24
194.15.113.0/24 maxlen: 24
185.248.192.0/23 maxlen: 23
185.248.194.0/23 maxlen: 23
91.228.68.0/22 maxlen: 22
2a11:9c00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:89:6d:05:bc:bd:ff:7f:f4:3b:5e:b2:e8:6e:08:bf:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Jan 6 23:31:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98df29c08143a833d0a06e5cef7b0b4eed75d6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8d:02:f0:15:32:04:07:ba:22:ee:93:2d:06:
16:d1:f7:6b:e3:5f:f0:ef:54:71:00:b9:7b:79:a0:
f8:b1:47:4a:ce:7e:7f:c5:c8:f8:e5:9c:d4:73:0c:
0e:d6:07:11:99:42:a1:31:9d:13:b5:0d:71:a1:90:
81:1f:53:42:eb:89:3e:be:90:ae:07:c4:45:91:95:
a1:6a:37:60:e5:af:99:b9:32:d2:f7:05:1f:1e:ce:
13:fb:39:1c:9e:80:22:95:32:f5:07:a0:bd:44:c3:
ec:00:0a:f6:33:3b:56:ef:7b:f8:d5:a6:a3:4b:2e:
f0:0f:9c:c6:d1:27:48:c3:42:a5:ff:e0:0c:1c:3e:
38:d0:ba:ec:17:13:5f:ec:e6:6a:ad:18:e1:7b:41:
42:c0:e4:e7:3e:74:62:ad:6c:a2:59:d4:1b:91:7b:
b5:b7:38:b9:14:22:2b:19:9b:5b:51:6d:0b:76:b5:
97:36:4f:e2:b5:47:fa:ce:7e:ea:05:da:9c:27:f1:
14:cf:be:28:d9:83:d3:b0:f6:15:2e:99:71:2a:35:
df:a6:b9:33:13:8d:7d:28:e1:8a:82:33:69:46:19:
ab:6d:bb:54:54:64:16:a7:5c:6d:fe:45:af:e1:63:
2c:e1:b6:5e:ec:d0:16:a2:87:b9:8b:59:c6:70:4e:
97:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DF:29:C0:81:43:A8:33:D0:A0:6E:5C:EF:7B:0B:4E:ED:75:D6:FC
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/mN8pwIFDqDPQoG5c73sLTu111vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.68.0/22
185.248.192.0/22
194.15.112.0/23
IPv6:
2a11:9c00::/40
Signature Algorithm: sha256WithRSAEncryption
5b:b7:4f:9c:9b:d4:c6:b2:1b:89:8c:32:c5:d4:e1:4f:9e:50:
65:43:cc:5c:16:b8:f2:f3:27:b4:cc:5a:28:17:c0:0a:d6:74:
13:b9:96:45:6f:41:0b:9e:34:68:0a:71:d3:e1:f3:a4:3b:74:
91:1c:7d:8e:47:4c:2a:4b:2a:eb:e2:d0:20:df:a2:0a:3d:5e:
b3:3d:8b:53:26:cc:f3:97:0e:b1:fc:c0:3c:07:15:c9:3e:0b:
d3:f7:1c:40:b2:82:42:67:3b:76:c4:62:f9:76:c8:81:6e:8e:
7b:63:31:18:b8:dc:62:13:47:f8:e1:2e:2e:cc:b5:fd:04:f3:
a2:e3:31:9e:7c:86:49:63:cc:fa:1a:65:d0:2f:90:35:0e:43:
64:5c:59:d9:a0:34:23:6d:95:03:52:fd:d0:38:24:2a:32:20:
bc:a1:44:82:d5:51:1d:28:84:97:21:70:ab:63:8f:c0:bf:a0:
28:95:e0:fd:68:3a:26:76:da:01:ab:4b:e2:5d:46:d8:48:bc:
87:c1:d4:44:3b:19:f7:a0:d4:9a:4b:da:85:2f:4b:97:a1:c1:
81:ab:c9:00:fe:ec:27:eb:6b:6e:1e:54:60:da:05:f3:ca:75:
8a:f9:fd:50:ed:18:08:d4:01:77:df:bc:a5:ab:d6:ea:0d:83:
8e:4b:dc:cd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYWJbQW8vf9/9DtesuhuCL+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMTA2MjMzMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRmMjljMDgxNDNhODMzZDBhMDZlNWNlZjdiMGI0ZWVkNzVkNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzI0C8BUyBAe6Iu6TLQYW0fdr41/w
71RxALl7eaD4sUdKzn5/xcj45ZzUcwwO1gcRmUKhMZ0TtQ1xoZCBH1NC64k+vpCu
B8RFkZWhajdg5a+ZuTLS9wUfHs4T+zkcnoAilTL1B6C9RMPsAAr2MztW73v41aaj
Sy7wD5zG0SdIw0Kl/+AMHD440LrsFxNf7OZqrRjhe0FCwOTnPnRirWyiWdQbkXu1
tzi5FCIrGZtbUW0LdrWXNk/itUf6zn7qBdqcJ/EUz74o2YPTsPYVLplxKjXfprkz
E419KOGKgjNpRhmrbbtUVGQWp1xt/kWv4WMs4bZe7NAWooe5i1nGcE6XBwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJjfKcCBQ6gz0KBuXO97C07tddb8MB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvbU44cHdJRkRxRFBRb0c1Yzczc0xUdTExMXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQCW+REAwQC
ufjAAwQBwg9wMA4EAgACMAgDBgAqEZwAADANBgkqhkiG9w0BAQsFAAOCAQEAW7dP
nJvUxrIbiYwyxdThT55QZUPMXBa48vMntMxaKBfACtZ0E7mWRW9BC540aApx0+Hz
pDt0kRx9jkdMKksq6+LQIN+iCj1esz2LUybM85cOsfzAPAcVyT4L0/ccQLKCQmc7
dsRi+XbIgW6Oe2MxGLjcYhNH+OEuLsy1/QTzouMxnnyGSWPM+hpl0C+QNQ5DZFxZ
2aA0I22VA1L90DgkKjIgvKFEgtVRHSiElyFwq2OPwL+gKJXg/Wg6JnbaAatL4l1G
2Ei8h8HURDsZ96DUmkvahS9Ll6HBgavJAP7sJ+trbh5UYNoF88p1ivn9UO0YCNQB
d9+8pavW6g2DjkvczQ==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:04:30 2025 by rpki-client