Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/qryA80x50loduNUTNf6CdR86MVw.roa
File: qryA80x50loduNUTNf6CdR86MVw.roa (raw, json)
Hash identifier: xdtNkGz9dPRS9sdzAnc25R1TKqbQ/CpHJprDXfIybGs=
Subject key identifier: AA:BC:80:F3:4C:79:D2:5A:1D:B8:D5:13:35:FE:82:75:1F:3A:31:5C
Certificate issuer: /CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Certificate serial: 09447B70
Authority key identifier: 97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/qryA80x50loduNUTNf6CdR86MVw.roa
Signing time: Sat 01 Jan 2022 14:57:13 +0000
ROA not before: Sat 01 Jan 2022 14:57:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51405
IP address blocks: 85.208.4.0/22 maxlen: 24
2a09:8840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155482992 (0x9447b70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Validity
Not Before: Jan 1 14:57:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aabc80f34c79d25a1db8d51335fe82751f3a315c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e6:f2:54:53:e0:e1:67:79:1e:4b:c6:4a:6c:
e6:c0:53:02:ef:cc:fe:8f:29:e5:f2:1e:d8:e1:66:
15:46:b9:60:9d:f8:06:84:f9:e5:02:67:a4:61:25:
45:a8:a4:9e:a9:b9:d2:1e:0c:d0:ed:e4:fc:8d:a8:
a2:bc:19:6e:f8:c6:2d:43:31:a2:2b:6b:5c:cf:73:
02:b0:0b:50:f1:b3:83:e0:8d:fa:1c:17:93:84:2a:
fc:8f:79:34:ce:25:0f:0f:34:71:e8:89:46:44:0c:
85:1f:20:65:35:b7:75:27:a6:16:19:1c:8c:bc:32:
ca:2d:7f:18:5c:46:00:fe:72:1d:0c:28:66:57:94:
15:ad:eb:7e:f5:ca:09:fa:af:89:ac:a3:af:ea:68:
b7:1f:2f:96:5e:81:ed:50:5e:77:77:16:ce:03:ae:
bf:0e:b5:75:11:8a:29:52:a3:c4:ba:9b:cb:10:c9:
4e:3c:e9:26:dd:e0:08:42:8b:f6:15:e1:49:48:5e:
f5:e3:32:bc:c0:58:a6:9b:6f:9b:a7:5e:67:6e:05:
e4:a0:0a:4f:5f:35:d4:4e:3e:2b:47:a1:75:94:22:
d1:75:89:45:90:b2:9c:06:7e:50:1e:08:81:1c:09:
ab:6f:f6:3e:c5:89:ee:84:a9:0a:b4:20:f1:df:88:
f2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:BC:80:F3:4C:79:D2:5A:1D:B8:D5:13:35:FE:82:75:1F:3A:31:5C
X509v3 Authority Key Identifier:
keyid:97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/qryA80x50loduNUTNf6CdR86MVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.4.0/22
IPv6:
2a09:8840::/29
Signature Algorithm: sha256WithRSAEncryption
4c:e0:2a:19:4d:1d:b6:55:06:92:07:63:8e:36:4d:59:6b:65:
f7:f5:2b:d3:a0:e2:c9:0d:6b:37:ce:3e:da:28:67:d6:9c:6c:
7d:ab:e8:45:a8:4e:c0:12:f9:a8:d2:b7:2f:49:1b:d8:32:d7:
e1:bd:16:a7:50:73:9f:bb:18:6f:94:51:ce:54:37:47:cc:95:
ad:fa:6b:76:5c:bc:2d:27:c1:02:ef:27:56:af:53:05:0d:cd:
e7:69:6c:ad:ff:64:31:78:1e:c2:34:0a:ff:61:6c:3c:4f:31:
fe:55:c3:62:b5:d1:11:37:a1:6b:fe:21:59:fd:38:d0:82:8d:
f4:a1:f5:d4:28:cb:e1:ec:63:81:83:58:4f:99:33:be:11:90:
f8:b6:fa:c5:40:3f:fa:02:8a:d2:37:45:d4:8c:a4:27:4e:c5:
3c:82:3f:e9:2e:2e:97:2a:37:cf:62:45:0c:d2:24:ed:fd:bb:
dd:85:22:95:48:b7:c3:14:11:22:7a:e7:be:e9:3c:13:29:00:
16:f0:ea:a6:94:91:f2:26:0e:c9:51:97:9b:ad:b8:da:aa:09:
93:08:e0:f2:f4:75:39:85:db:aa:bb:fc:3e:bd:d8:98:43:bc:
65:37:34:6e:d5:1f:8a:e8:06:ba:e7:fa:27:6b:ed:43:7d:d3:
f1:f0:d4:82
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECUR7cDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzFjNzhiMzA1ZmI0OWNiZDQwMDVkNDQyN2MxZjYyYzZhNDU1YTY4MB4XDTIyMDEw
MTE0NTcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFiYzgwZjM0Yzc5
ZDI1YTFkYjhkNTEzMzVmZTgyNzUxZjNhMzE1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIvm8lRT4OFneR5Lxkps5sBTAu/M/o8p5fIe2OFmFUa5YJ34
BoT55QJnpGElRaiknqm50h4M0O3k/I2oorwZbvjGLUMxoitrXM9zArALUPGzg+CN
+hwXk4Qq/I95NM4lDw80ceiJRkQMhR8gZTW3dSemFhkcjLwyyi1/GFxGAP5yHQwo
ZleUFa3rfvXKCfqviayjr+potx8vll6B7VBed3cWzgOuvw61dRGKKVKjxLqbyxDJ
TjzpJt3gCEKL9hXhSUhe9eMyvMBYpptvm6deZ24F5KAKT1811E4+K0ehdZQi0XWJ
RZCynAZ+UB4IgRwJq2/2PsWJ7oSpCrQg8d+I8vMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSqvIDzTHnSWh241RM1/oJ1HzoxXDAfBgNVHSMEGDAWgBSXHHizBftJy9QA
XUQnwfYsakVaaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2x4eDRzd1g3U2N2VUFGMUVKOEgyTEdwRldtZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvZGYzYTE1LTJlNDktNGQ4ZS04NTVhLTFjMjc1ODY1MWVmYS8x
L3FyeUE4MHg1MGxvZHVOVVROZjZDZFI4Nk1Wdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
ZGYzYTE1LTJlNDktNGQ4ZS04NTVhLTFjMjc1ODY1MWVmYS8xL2x4eDRzd1g3U2N2
VUFGMUVKOEgyTEdwRldtZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlXQBDANBAIAAjAHAwUDKgmIQDAN
BgkqhkiG9w0BAQsFAAOCAQEATOAqGU0dtlUGkgdjjjZNWWtl9/Ur06DiyQ1rN84+
2ihn1pxsfavoRahOwBL5qNK3L0kb2DLX4b0Wp1Bzn7sYb5RRzlQ3R8yVrfprdly8
LSfBAu8nVq9TBQ3N52lsrf9kMXgewjQK/2FsPE8x/lXDYrXRETeha/4hWf040IKN
9KH11CjL4exjgYNYT5kzvhGQ+Lb6xUA/+gKK0jdF1IykJ07FPII/6S4ulyo3z2JF
DNIk7f273YUilUi3wxQRInrnvuk8EykAFvDqppSR8iYOyVGXm6242qoJkwjg8vR1
OYXbqrv8Pr3YmEO8ZTc0btUfiugGuuf6J2vtQ33T8fDUgg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:22 2025 by rpki-client