Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/hTjgIDe3UzjQhwXqlDJLOq3zhbc.roa
File: hTjgIDe3UzjQhwXqlDJLOq3zhbc.roa (raw, json)
Hash identifier: V3FKpXLRO1BRALICHh1HLDOmAWvCAxvG7Dxw+MnbPOo=
Subject key identifier: 85:38:E0:20:37:B7:53:38:D0:87:05:EA:94:32:4B:3A:AD:F3:85:B7
Certificate issuer: /CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Certificate serial: 0185720C73724F1F5BC906639B8AE7A38ACA
Authority key identifier: 97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/hTjgIDe3UzjQhwXqlDJLOq3zhbc.roa
Signing time: Mon 02 Jan 2023 10:34:56 +0000
ROA not before: Mon 02 Jan 2023 10:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51405
IP address blocks: 85.208.4.0/22 maxlen: 24
2a09:8840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:73:72:4f:1f:5b:c9:06:63:9b:8a:e7:a3:8a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Validity
Not Before: Jan 2 10:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8538e02037b75338d08705ea94324b3aadf385b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fa:ec:fe:dc:a3:2a:c2:ed:be:2c:3c:22:b0:
2d:45:04:1e:77:7f:6b:6b:db:64:0e:c5:16:72:7c:
29:88:df:ea:59:db:85:3f:ce:15:0e:42:d9:02:71:
2f:24:5d:6a:37:75:2f:da:aa:e1:cd:0f:c9:56:bb:
f4:9b:a4:3e:d2:d7:d4:c3:1d:75:dd:63:4d:33:87:
2c:1e:5d:c4:32:02:35:b7:5c:93:b4:16:73:9e:04:
b7:78:c8:17:90:4f:2f:de:45:c5:80:1c:5e:80:33:
e9:a3:5b:fd:da:e0:5d:47:f0:a6:c1:da:da:aa:e4:
9d:ce:2a:3e:76:79:5f:66:32:24:6a:37:02:a7:6e:
f8:df:ec:5c:f8:fd:66:a9:83:23:b0:43:d4:ab:de:
c8:2e:ec:f6:00:76:e2:ad:ba:0c:51:2b:85:aa:23:
66:e6:d0:6a:33:59:60:89:70:0c:32:57:70:a2:d7:
d8:e6:de:5e:c5:e9:1b:7d:71:6f:9e:9c:9d:40:31:
12:02:d6:33:54:b7:00:b5:a7:3b:a2:f6:72:9f:2f:
07:25:6e:ab:cd:5d:e1:04:eb:6d:1a:d2:68:3a:a6:
be:66:8c:5f:3d:f6:44:6c:90:7d:98:cf:8b:e3:52:
e0:18:ba:aa:03:46:6c:ef:93:8a:8f:74:d0:19:9f:
db:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:38:E0:20:37:B7:53:38:D0:87:05:EA:94:32:4B:3A:AD:F3:85:B7
X509v3 Authority Key Identifier:
keyid:97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/hTjgIDe3UzjQhwXqlDJLOq3zhbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.4.0/22
IPv6:
2a09:8840::/29
Signature Algorithm: sha256WithRSAEncryption
4c:f4:51:cb:f6:5b:58:f0:06:1d:fa:b5:75:f6:af:af:5e:e7:
e7:30:80:91:6e:c2:fe:8b:e4:77:1f:3b:6a:ac:64:92:3e:c4:
e6:5c:c5:e5:04:a9:b2:46:98:3a:f5:3c:22:d4:a3:00:d7:92:
5b:d5:b8:ac:27:c7:d7:32:87:f4:0e:1a:3e:b8:3f:db:9a:5e:
dd:36:ec:65:dc:11:bd:d8:7e:ae:a4:7c:f4:c6:71:90:77:40:
d2:ad:3e:a3:95:38:92:89:b8:cc:55:55:ef:08:2b:31:4f:db:
4b:c6:df:1b:73:5d:eb:42:1b:6f:ff:b5:b5:de:ca:41:37:65:
30:c9:f7:25:58:78:b7:82:5a:a6:3c:f6:bc:e9:5f:13:1a:f8:
bc:46:df:d4:f6:ce:d4:ab:38:a1:d6:a9:a0:41:f2:4d:05:b9:
0c:0e:89:87:b9:fb:9d:38:03:2a:16:18:2d:30:e9:9e:8c:21:
a8:73:fe:84:6c:77:04:0c:7d:85:a1:f8:75:a9:c9:e7:12:34:
c0:8d:77:4b:d8:39:59:35:d7:72:a0:63:bb:95:18:ba:04:cb:
89:65:25:fb:17:09:90:74:86:90:5b:b7:c4:a5:37:08:c6:c8:
d9:8c:8e:22:05:ba:ce:78:00:1c:77:75:cd:70:bc:d0:16:87:
37:e5:dc:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyDHNyTx9byQZjm4rno4rKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWM3OGIzMDVmYjQ5Y2JkNDAwNWQ0NDI3YzFmNjJjNmE0
NTVhNjgwHhcNMjMwMTAyMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM4ZTAyMDM3Yjc1MzM4ZDA4NzA1ZWE5NDMyNGIzYWFkZjM4NWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPrs/tyjKsLtviw8IrAtRQQed39r
a9tkDsUWcnwpiN/qWduFP84VDkLZAnEvJF1qN3Uv2qrhzQ/JVrv0m6Q+0tfUwx11
3WNNM4csHl3EMgI1t1yTtBZzngS3eMgXkE8v3kXFgBxegDPpo1v92uBdR/Cmwdra
quSdzio+dnlfZjIkajcCp2743+xc+P1mqYMjsEPUq97ILuz2AHbirboMUSuFqiNm
5tBqM1lgiXAMMldwotfY5t5exekbfXFvnpydQDESAtYzVLcAtac7ovZyny8HJW6r
zV3hBOttGtJoOqa+ZoxfPfZEbJB9mM+L41LgGLqqA0Zs75OKj3TQGZ/bPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIU44CA3t1M40IcF6pQySzqt84W3MB8GA1UdIwQY
MBaAFJcceLMF+0nL1ABdRCfB9ixqRVpoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEt
MWMyNzU4NjUxZWZhLzEvaFRqZ0lEZTNVempRaHdYcWxESkxPcTN6aGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEtMWMyNzU4NjUxZWZh
LzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdAEMA0E
AgACMAcDBQMqCYhAMA0GCSqGSIb3DQEBCwUAA4IBAQBM9FHL9ltY8AYd+rV19q+v
XufnMICRbsL+i+R3HztqrGSSPsTmXMXlBKmyRpg69Twi1KMA15Jb1bisJ8fXMof0
Dho+uD/bml7dNuxl3BG92H6upHz0xnGQd0DSrT6jlTiSibjMVVXvCCsxT9tLxt8b
c13rQhtv/7W13spBN2UwyfclWHi3glqmPPa86V8TGvi8Rt/U9s7Uqzih1qmgQfJN
BbkMDomHufudOAMqFhgtMOmejCGoc/6EbHcEDH2Fofh1qcnnEjTAjXdL2DlZNddy
oGO7lRi6BMuJZSX7FwmQdIaQW7fEpTcIxsjZjI4iBbrOeAAcd3XNcLzQFoc35dyZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:47 2025 by rpki-client