Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3bd13d-fe95-486f-80ef-f073548352bf/1/geYeZ0r0dQRQ9b8bro1wGlyDcpA.roa
File: geYeZ0r0dQRQ9b8bro1wGlyDcpA.roa (raw, json)
Hash identifier: HJZxY1SfymnDR79TsVduQCheeNbnuj6qDl+0XjRPY4s=
Subject key identifier: 81:E6:1E:67:4A:F4:75:04:50:F5:BF:1B:AE:8D:70:1A:5C:83:72:90
Certificate issuer: /CN=3d2384b784f197ea03dac2feda7895fc4b740729
Certificate serial: 018570F0921CFCACE8F75F0381BFCBCEF060
Authority key identifier: 3D:23:84:B7:84:F1:97:EA:03:DA:C2:FE:DA:78:95:FC:4B:74:07:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PSOEt4Txl-oD2sL-2niV_Et0Byk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/3bd13d-fe95-486f-80ef-f073548352bf/1/geYeZ0r0dQRQ9b8bro1wGlyDcpA.roa
Signing time: Mon 02 Jan 2023 05:24:52 +0000
ROA not before: Mon 02 Jan 2023 05:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206626
IP address blocks: 185.85.56.0/24 maxlen: 24
185.85.57.0/24 maxlen: 24
185.85.56.0/22 maxlen: 22
185.85.58.0/24 maxlen: 24
185.85.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:92:1c:fc:ac:e8:f7:5f:03:81:bf:cb:ce:f0:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d2384b784f197ea03dac2feda7895fc4b740729
Validity
Not Before: Jan 2 05:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81e61e674af4750450f5bf1bae8d701a5c837290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:34:31:f8:82:00:6d:fe:db:5d:69:43:35:02:
97:1d:a0:14:e9:ba:7a:32:0b:3c:5a:30:78:57:fc:
45:47:86:16:6e:2a:a7:92:82:c5:ec:19:20:b7:34:
b5:26:19:cd:c8:a3:14:94:1f:33:17:dc:c4:8e:04:
92:58:28:6a:45:d0:20:c0:e8:ca:4d:d3:f0:21:a8:
79:93:03:90:dc:4b:be:ea:e2:88:04:05:c9:c1:67:
b9:0c:f1:89:83:69:8b:56:ba:80:fb:e3:01:06:0d:
64:5f:59:9b:68:0a:55:f1:22:af:00:64:09:7b:4f:
79:4d:ab:1e:97:17:22:8f:29:97:df:be:84:7d:9d:
8e:89:97:44:f5:1a:0d:39:a2:02:c8:e3:6a:4b:3f:
65:09:48:7c:fc:7c:12:e1:05:26:70:aa:75:15:02:
65:80:6e:20:c5:b6:05:d6:1b:8e:a6:3b:74:5c:5c:
31:5c:02:89:22:06:80:8e:23:9d:29:24:49:14:b0:
c1:b1:0f:e7:47:ea:d5:2b:b9:28:db:9b:11:b8:68:
65:a9:15:a3:f2:99:b2:10:e7:87:e7:86:b4:b8:a4:
88:c5:ce:3a:fe:b1:22:f2:80:9e:b2:df:24:7d:d4:
89:cb:49:05:d6:2d:f2:2d:51:be:d2:51:a0:b4:27:
0d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E6:1E:67:4A:F4:75:04:50:F5:BF:1B:AE:8D:70:1A:5C:83:72:90
X509v3 Authority Key Identifier:
keyid:3D:23:84:B7:84:F1:97:EA:03:DA:C2:FE:DA:78:95:FC:4B:74:07:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PSOEt4Txl-oD2sL-2niV_Et0Byk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3bd13d-fe95-486f-80ef-f073548352bf/1/geYeZ0r0dQRQ9b8bro1wGlyDcpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3bd13d-fe95-486f-80ef-f073548352bf/1/PSOEt4Txl-oD2sL-2niV_Et0Byk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.56.0/22
Signature Algorithm: sha256WithRSAEncryption
99:83:55:c9:cb:02:bb:9e:c3:11:ca:e5:6f:c3:3a:c9:77:b6:
8e:0a:66:5f:df:78:6d:46:13:1e:0a:cf:c4:94:88:35:a5:51:
c8:62:82:29:34:08:b7:87:01:a8:38:09:12:f9:a2:2b:05:36:
e7:6b:cf:3c:51:82:14:18:ba:1b:33:19:2e:9c:0f:69:c5:85:
06:0d:52:47:e1:05:94:c5:14:44:32:0f:04:45:4f:6e:c6:27:
5b:c1:2f:43:f2:fb:ab:5a:6f:b8:3f:44:b2:c2:34:10:96:58:
cc:50:a9:91:07:85:38:83:d9:c3:55:fd:8a:81:86:30:c2:01:
57:ee:cf:ac:39:d5:d0:e2:98:d1:36:32:70:82:6e:8b:09:b1:
26:13:7f:93:be:83:d6:ec:55:37:0d:21:03:7b:b7:6d:20:15:
ea:9f:90:6a:cc:4c:5d:01:24:8c:32:a3:f3:92:c7:ff:43:a2:
0d:03:64:ee:58:68:6f:83:34:d6:0a:d9:61:d3:66:db:7d:0f:
07:64:41:29:8b:f8:f4:ab:a5:04:34:e3:00:64:5a:31:1e:32:
71:39:de:97:9e:d9:61:00:c9:c8:16:fe:56:0a:6b:91:31:fd:
ef:01:06:0a:70:4b:e6:b1:96:67:ee:78:c0:b3:e1:bf:5f:8e:
96:b0:c0:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8JIc/Kzo918Dgb/LzvBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMjM4NGI3ODRmMTk3ZWEwM2RhYzJmZWRhNzg5NWZjNGI3
NDA3MjkwHhcNMjMwMTAyMDUyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWU2MWU2NzRhZjQ3NTA0NTBmNWJmMWJhZThkNzAxYTVjODM3MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojQx+IIAbf7bXWlDNQKXHaAU6bp6
Mgs8WjB4V/xFR4YWbiqnkoLF7BkgtzS1JhnNyKMUlB8zF9zEjgSSWChqRdAgwOjK
TdPwIah5kwOQ3Eu+6uKIBAXJwWe5DPGJg2mLVrqA++MBBg1kX1mbaApV8SKvAGQJ
e095TaselxcijymX376EfZ2OiZdE9RoNOaICyONqSz9lCUh8/HwS4QUmcKp1FQJl
gG4gxbYF1huOpjt0XFwxXAKJIgaAjiOdKSRJFLDBsQ/nR+rVK7ko25sRuGhlqRWj
8pmyEOeH54a0uKSIxc46/rEi8oCest8kfdSJy0kF1i3yLVG+0lGgtCcNsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHmHmdK9HUEUPW/G66NcBpcg3KQMB8GA1UdIwQY
MBaAFD0jhLeE8ZfqA9rC/tp4lfxLdAcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFNPRXQ0VHhsLW9EMnNMLTJuaVZfRXQwQnlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zYmQxM2QtZmU5NS00ODZmLTgwZWYt
ZjA3MzU0ODM1MmJmLzEvZ2VZZVowcjBkUVJROWI4YnJvMXdHbHlEY3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zYmQxM2QtZmU5NS00ODZmLTgwZWYtZjA3MzU0ODM1MmJm
LzEvUFNPRXQ0VHhsLW9EMnNMLTJuaVZfRXQwQnlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVU4MA0G
CSqGSIb3DQEBCwUAA4IBAQCZg1XJywK7nsMRyuVvwzrJd7aOCmZf33htRhMeCs/E
lIg1pVHIYoIpNAi3hwGoOAkS+aIrBTbna888UYIUGLobMxkunA9pxYUGDVJH4QWU
xRREMg8ERU9uxidbwS9D8vurWm+4P0SywjQQlljMUKmRB4U4g9nDVf2KgYYwwgFX
7s+sOdXQ4pjRNjJwgm6LCbEmE3+TvoPW7FU3DSEDe7dtIBXqn5BqzExdASSMMqPz
ksf/Q6INA2TuWGhvgzTWCtlh02bbfQ8HZEEpi/j0q6UENOMAZFoxHjJxOd6Xntlh
AMnIFv5WCmuRMf3vAQYKcEvmsZZn7njAs+G/X46WsMAc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:49 2025 by rpki-client