Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a0e8e3-a4e7-4a9e-b798-04e1fa808426/1/Rq9SrBrZ7difBaNJUrZyVptRzN8.roa
File: Rq9SrBrZ7difBaNJUrZyVptRzN8.roa (raw, json)
Hash identifier: SHpC6xB1eWzV5ySLbJcf8R1zj79UUwgvh8ZF9bJL7ew=
Subject key identifier: 46:AF:52:AC:1A:D9:ED:D8:9F:05:A3:49:52:B6:72:56:9B:51:CC:DF
Certificate issuer: /CN=b01a59d0a61aa6174438988cc83598dbfea5a998
Certificate serial: 0294DFA1
Authority key identifier: B0:1A:59:D0:A6:1A:A6:17:44:38:98:8C:C8:35:98:DB:FE:A5:A9:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBpZ0KYaphdEOJiMyDWY2_6lqZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a0e8e3-a4e7-4a9e-b798-04e1fa808426/1/Rq9SrBrZ7difBaNJUrZyVptRzN8.roa
Signing time: Sat 01 Jan 2022 11:56:04 +0000
ROA not before: Sat 01 Jan 2022 11:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209348
IP address blocks: 85.208.228.0/24 maxlen: 24
85.208.231.0/24 maxlen: 24
85.208.229.0/24 maxlen: 24
85.208.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43311009 (0x294dfa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b01a59d0a61aa6174438988cc83598dbfea5a998
Validity
Not Before: Jan 1 11:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46af52ac1ad9edd89f05a34952b672569b51ccdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a2:f6:a8:eb:57:81:93:42:e2:c1:04:45:a6:
c3:02:b8:d2:14:be:02:a9:e5:bf:e7:12:52:74:39:
16:a9:5c:b2:e8:65:d1:b3:d9:84:03:12:77:46:59:
4e:bc:59:0d:e7:0c:67:2e:f5:ab:17:5a:b9:5b:17:
4a:15:e5:b5:75:08:06:66:f5:1e:b9:f4:b5:f7:48:
64:1c:ca:98:64:d7:13:85:b6:b6:2a:09:56:df:35:
03:f8:88:2f:65:e0:64:79:4b:0c:f6:4a:ec:3a:a4:
99:c0:50:bf:aa:f7:39:cb:fd:9d:ee:05:40:a7:09:
b3:95:47:92:de:f3:a3:90:05:59:6f:16:15:ae:e5:
35:e3:67:57:9f:5e:9c:4e:76:40:70:6d:f3:95:0e:
27:51:86:f9:d0:00:06:80:fe:83:79:8c:65:bf:a4:
d0:8d:fb:9d:c7:56:f4:9d:ee:8f:bc:77:0e:18:40:
92:99:6b:30:ec:2f:a3:9e:80:e8:5d:99:b9:a4:e7:
88:b3:11:1f:c7:bd:06:7a:7b:e0:35:fd:13:21:25:
03:f5:ee:ef:c5:a4:54:cf:e6:fc:cc:c8:44:2e:69:
f6:6a:8b:9e:b0:ba:65:6b:a5:7c:79:3c:2b:4a:2a:
50:04:27:09:42:51:06:43:65:8c:43:a0:a3:9d:6f:
ca:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AF:52:AC:1A:D9:ED:D8:9F:05:A3:49:52:B6:72:56:9B:51:CC:DF
X509v3 Authority Key Identifier:
keyid:B0:1A:59:D0:A6:1A:A6:17:44:38:98:8C:C8:35:98:DB:FE:A5:A9:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBpZ0KYaphdEOJiMyDWY2_6lqZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a0e8e3-a4e7-4a9e-b798-04e1fa808426/1/Rq9SrBrZ7difBaNJUrZyVptRzN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a0e8e3-a4e7-4a9e-b798-04e1fa808426/1/sBpZ0KYaphdEOJiMyDWY2_6lqZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.228.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:75:04:9e:91:50:9b:ff:d1:e9:12:1f:68:6a:60:d6:c1:05:
40:ff:dc:b8:d4:4f:c9:b5:57:70:c9:d1:d3:cc:f2:b4:a4:68:
2b:49:71:85:75:74:74:95:ab:4e:13:08:51:58:d0:72:58:cb:
2c:bd:39:3c:6b:00:84:e0:df:2d:5d:0a:b5:f7:40:84:b5:d4:
04:b0:5f:44:22:9c:1d:0a:d3:1e:2b:91:ed:e8:c4:15:c9:75:
1c:82:ff:7f:ce:46:03:2f:22:82:f7:17:3b:e6:37:46:3e:0e:
6e:52:7d:ab:ee:44:cb:67:0a:66:01:e0:40:35:18:bc:d5:b7:
93:5f:cb:cb:bd:90:d4:3b:53:ec:94:88:71:e0:97:60:1b:8a:
fd:26:46:37:19:9e:fa:d3:ea:d0:22:2d:11:04:c6:b7:c8:96:
86:68:41:f9:82:67:99:c2:57:b6:1a:1a:d8:54:dc:9c:d1:80:
23:db:53:0d:db:2e:8e:9b:c8:64:b6:63:9d:c4:31:fe:ed:d5:
93:c9:05:c7:b8:28:9c:08:e3:38:15:36:1d:91:d6:6a:22:3b:
1e:ea:0b:b5:44:c6:05:98:47:5f:9b:33:1d:6b:fc:50:28:e3:
be:83:89:8e:7e:a8:15:94:3b:06:cf:93:6f:9e:bd:13:18:99:
8f:35:a6:be
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEApTfoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDFhNTlkMGE2MWFhNjE3NDQzODk4OGNjODM1OThkYmZlYTVhOTk4MB4XDTIyMDEw
MTExNTYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDZhZjUyYWMxYWQ5
ZWRkODlmMDVhMzQ5NTJiNjcyNTY5YjUxY2NkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAISi9qjrV4GTQuLBBEWmwwK40hS+Aqnlv+cSUnQ5Fqlcsuhl
0bPZhAMSd0ZZTrxZDecMZy71qxdauVsXShXltXUIBmb1Hrn0tfdIZBzKmGTXE4W2
tioJVt81A/iIL2XgZHlLDPZK7DqkmcBQv6r3Ocv9ne4FQKcJs5VHkt7zo5AFWW8W
Fa7lNeNnV59enE52QHBt85UOJ1GG+dAABoD+g3mMZb+k0I37ncdW9J3uj7x3DhhA
kplrMOwvo56A6F2ZuaTniLMRH8e9Bnp74DX9EyElA/Xu78WkVM/m/MzIRC5p9mqL
nrC6ZWulfHk8K0oqUAQnCUJRBkNljEOgo51vyicCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRGr1KsGtnt2J8Fo0lStnJWm1HM3zAfBgNVHSMEGDAWgBSwGlnQphqmF0Q4
mIzINZjb/qWpmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NCcFowS1lhcGhkRU9KaU15RFdZMl82bHFaZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvYTBlOGUzLWE0ZTctNGE5ZS1iNzk4LTA0ZTFmYTgwODQyNi8x
L1JxOVNyQnJaN2RpZkJhTkpVclp5VnB0UnpOOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
YTBlOGUzLWE0ZTctNGE5ZS1iNzk4LTA0ZTFmYTgwODQyNi8xL3NCcFowS1lhcGhk
RU9KaU15RFdZMl82bHFaZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXQ5DANBgkqhkiG9w0BAQsFAAOC
AQEApnUEnpFQm//R6RIfaGpg1sEFQP/cuNRPybVXcMnR08zytKRoK0lxhXV0dJWr
ThMIUVjQcljLLL05PGsAhODfLV0KtfdAhLXUBLBfRCKcHQrTHiuR7ejEFcl1HIL/
f85GAy8igvcXO+Y3Rj4OblJ9q+5Ey2cKZgHgQDUYvNW3k1/Ly72Q1DtT7JSIceCX
YBuK/SZGNxme+tPq0CItEQTGt8iWhmhB+YJnmcJXthoa2FTcnNGAI9tTDdsujpvI
ZLZjncQx/u3Vk8kFx7gonAjjOBU2HZHWaiI7HuoLtUTGBZhHX5szHWv8UCjjvoOJ
jn6oFZQ7Bs+Tb569ExiZjzWmvg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:58 2025 by rpki-client