Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/j8bPfcV2Tp9wjab_VxY9yphCzt4.roa
File: j8bPfcV2Tp9wjab_VxY9yphCzt4.roa (raw, json)
Hash identifier: npvxuxWlGLjzB5ymeWMPWtDsYNtQdqGYJTeSw15dWSQ=
Subject key identifier: 8F:C6:CF:7D:C5:76:4E:9F:70:8D:A6:FF:57:16:3D:CA:98:42:CE:DE
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01888A14B38B8E77E85DC8F75DE93D5F29BE
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/j8bPfcV2Tp9wjab_VxY9yphCzt4.roa
Signing time: Mon 05 Jun 2023 05:43:12 +0000
ROA not before: Mon 05 Jun 2023 05:43:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212025
IP address blocks: 85.158.145.0/24 maxlen: 24
5.10.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:14:b3:8b:8e:77:e8:5d:c8:f7:5d:e9:3d:5f:29:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jun 5 05:43:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fc6cf7dc5764e9f708da6ff57163dca9842cede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bf:96:f0:56:22:05:2c:75:9d:6a:73:92:c7:
f1:c9:50:59:de:4a:96:54:42:d5:c6:42:8f:e5:2a:
57:45:e6:1e:35:8b:ed:14:35:2a:c5:20:94:47:0e:
57:2f:a5:a9:43:d3:a4:8b:4f:4f:d9:7e:b2:b3:f1:
ee:a1:c2:94:17:bb:31:89:be:99:1b:cb:be:d4:0b:
be:2f:0c:6b:11:41:bc:f0:8a:fd:ed:01:f7:06:35:
98:0d:bc:70:98:34:6b:ea:e8:aa:dd:a3:02:c3:15:
9d:b1:21:d0:f2:ef:f1:81:7e:1e:e2:01:79:60:7c:
b7:0e:3d:f2:0d:a4:c6:ed:1b:e1:37:e5:1c:98:8f:
2f:b2:a1:89:19:ec:77:d5:8d:d8:b1:5b:51:66:68:
fc:34:8e:6f:0f:e0:42:c7:d8:84:73:50:37:c6:83:
c8:ca:d3:cb:16:c9:c4:b7:10:7f:55:80:cc:ea:3c:
51:38:97:d1:4a:e0:3f:25:ff:2e:70:e8:9e:c8:72:
82:ae:0e:1b:90:98:61:ff:a3:ff:93:c7:b8:d5:b0:
44:67:2b:66:b6:ab:ee:bc:77:6a:90:6b:24:80:a5:
28:a3:0e:64:db:81:d4:26:6c:ea:a1:5e:38:9f:83:
73:df:a3:ba:f7:d3:45:5d:ab:d0:82:ce:a6:ee:41:
81:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C6:CF:7D:C5:76:4E:9F:70:8D:A6:FF:57:16:3D:CA:98:42:CE:DE
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/j8bPfcV2Tp9wjab_VxY9yphCzt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.249.0/24
85.158.145.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:c0:13:57:f8:ad:ca:37:82:95:e2:6d:f9:b0:af:88:82:21:
d3:48:4e:c2:b7:8d:2b:57:e6:12:49:57:36:14:ed:65:c5:f4:
68:94:30:88:61:1e:99:44:59:f0:79:1e:c7:9c:db:43:59:af:
e4:e7:ee:5b:2d:95:2b:ff:0c:7e:49:5e:2d:83:3b:8c:0e:42:
12:2e:45:87:ac:da:71:9d:9f:df:4a:dd:ab:a8:07:b7:eb:cc:
d9:a3:80:7d:6c:37:3c:a7:f3:42:ba:80:da:6b:64:6e:f4:d4:
1b:7b:f6:a4:7b:53:b6:96:74:e9:40:e9:81:ac:e9:83:ae:57:
12:f0:81:56:86:ee:65:0d:7c:7a:8f:4a:4c:b0:d8:63:7d:28:
c1:a3:03:4d:a8:31:00:11:3b:63:a1:64:18:4f:27:28:05:29:
a9:60:ea:51:08:4a:fe:e4:22:92:6f:47:45:d4:69:be:02:60:
02:f7:b9:71:19:84:4b:f4:f7:51:51:f7:3c:ce:5f:c1:63:a1:
a3:57:3a:7d:41:c1:57:8e:68:2a:a2:15:f4:a7:e3:e5:9a:e6:
f9:df:19:3a:95:5f:d4:6a:3b:f7:5c:2d:95:2a:b8:f3:84:4c:
b7:7f:1a:89:a7:de:3c:77:15:f9:2c:23:14:f4:4e:64:7d:cc:
ea:4a:15:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiKFLOLjnfoXcj3Xek9Xym+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNjA1MDU0MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmM2Y2Y3ZGM1NzY0ZTlmNzA4ZGE2ZmY1NzE2M2RjYTk4NDJjZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr+W8FYiBSx1nWpzksfxyVBZ3kqW
VELVxkKP5SpXReYeNYvtFDUqxSCURw5XL6WpQ9Oki09P2X6ys/HuocKUF7sxib6Z
G8u+1Au+LwxrEUG88Ir97QH3BjWYDbxwmDRr6uiq3aMCwxWdsSHQ8u/xgX4e4gF5
YHy3Dj3yDaTG7RvhN+UcmI8vsqGJGex31Y3YsVtRZmj8NI5vD+BCx9iEc1A3xoPI
ytPLFsnEtxB/VYDM6jxROJfRSuA/Jf8ucOieyHKCrg4bkJhh/6P/k8e41bBEZytm
tqvuvHdqkGskgKUoow5k24HUJmzqoV44n4Nz36O699NFXavQgs6m7kGBdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI/Gz33Fdk6fcI2m/1cWPcqYQs7eMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvajhiUGZjVjJUcDl3amFiX1Z4WTl5cGhDenQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQr5AwQA
VZ6RMA0GCSqGSIb3DQEBCwUAA4IBAQBtwBNX+K3KN4KV4m35sK+IgiHTSE7Ct40r
V+YSSVc2FO1lxfRolDCIYR6ZRFnweR7HnNtDWa/k5+5bLZUr/wx+SV4tgzuMDkIS
LkWHrNpxnZ/fSt2rqAe368zZo4B9bDc8p/NCuoDaa2Ru9NQbe/ake1O2lnTpQOmB
rOmDrlcS8IFWhu5lDXx6j0pMsNhjfSjBowNNqDEAETtjoWQYTycoBSmpYOpRCEr+
5CKSb0dF1Gm+AmAC97lxGYRL9PdRUfc8zl/BY6GjVzp9QcFXjmgqohX0p+Plmub5
3xk6lV/Uajv3XC2VKrjzhEy3fxqJp948dxX5LCMU9E5kfczqShVR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:09 2025 by rpki-client