Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/7HdDNvZv9RAonS7DCQ3VNdMaexk.roa
File: 7HdDNvZv9RAonS7DCQ3VNdMaexk.roa (raw, json)
Hash identifier: PtqFTb5E1qTI05Rp6SKbQCDoeK09l1vI3QXOhm4g3Ts=
Subject key identifier: EC:77:43:36:F6:6F:F5:10:28:9D:2E:C3:09:0D:D5:35:D3:1A:7B:19
Certificate issuer: /CN=64a7a6cd583814d393bee2635b545574cc75620c
Certificate serial: 018570FBBE8C7254318F843DEA5BB701961C
Authority key identifier: 64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/7HdDNvZv9RAonS7DCQ3VNdMaexk.roa
Signing time: Mon 02 Jan 2023 05:37:04 +0000
ROA not before: Mon 02 Jan 2023 05:37:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51554
IP address blocks: 185.157.8.0/23 maxlen: 23
185.157.8.0/22 maxlen: 22
185.157.10.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:be:8c:72:54:31:8f:84:3d:ea:5b:b7:01:96:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a7a6cd583814d393bee2635b545574cc75620c
Validity
Not Before: Jan 2 05:37:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec774336f66ff510289d2ec3090dd535d31a7b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:73:13:14:0f:83:a4:76:5c:4a:42:3e:a1:22:
c5:6a:21:cc:93:e7:d6:8d:18:ff:94:71:af:a0:bb:
e4:67:40:cf:6e:da:93:ee:82:99:df:0c:4b:69:c6:
06:a0:9b:44:fb:69:c0:e7:a4:51:91:8f:14:4d:97:
3a:70:a4:bf:77:33:66:2c:f5:fd:9e:c0:16:fa:f6:
05:e4:ee:05:7c:cf:01:ce:eb:e1:49:dd:a2:59:00:
9b:46:5c:81:92:cb:a0:40:9b:63:5d:4f:5d:d2:16:
3b:8b:27:da:6c:9f:35:e7:c4:4c:c9:c5:2b:a7:e1:
80:bf:50:e3:9a:d7:22:58:d5:1b:37:79:8c:dc:7a:
51:00:b8:45:43:cc:7e:ad:ef:b4:48:d0:71:d7:5a:
7a:9f:e2:3e:ad:95:ef:1a:3e:84:0a:0f:3c:84:8f:
3e:83:ab:c5:f2:77:ba:da:fe:f1:15:14:fd:76:55:
e3:c0:8f:13:94:d4:29:e1:89:5a:8f:ed:56:d9:96:
de:6e:9b:6a:38:09:29:e1:f8:c2:31:e3:b3:26:aa:
ff:56:b5:07:e7:89:b6:56:0a:74:e6:0a:79:4d:ea:
32:ed:06:11:8e:d4:3e:08:36:49:31:71:9e:e1:86:
d8:6e:b2:c3:97:f0:e9:f5:a8:6b:9a:d7:a9:19:fe:
69:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:77:43:36:F6:6F:F5:10:28:9D:2E:C3:09:0D:D5:35:D3:1A:7B:19
X509v3 Authority Key Identifier:
keyid:64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/7HdDNvZv9RAonS7DCQ3VNdMaexk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.8.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:31:97:d4:e0:b6:28:a4:85:c6:4f:33:17:e0:14:d5:fd:a1:
d5:d4:26:61:b2:d3:7e:60:83:00:5d:f0:29:cc:60:51:89:a4:
39:c2:88:1f:cf:55:a5:ed:4a:67:73:67:1f:07:fc:67:c5:e2:
c0:46:5e:7f:02:a6:d4:46:50:71:ff:50:48:7a:cb:df:03:ba:
50:d1:44:ee:2c:4d:63:60:ce:4e:5f:97:cf:42:4b:f9:ac:53:
52:f1:c3:00:4d:53:d6:1f:33:b6:2b:8a:44:4e:a1:8e:c6:0f:
cb:d5:da:d1:db:87:c4:5a:c2:60:ea:e7:a2:49:0e:ba:cd:18:
ba:4e:09:a3:14:72:5e:e9:54:df:ad:09:7b:41:b8:d8:a0:b7:
af:62:60:59:6b:91:14:55:30:5c:15:49:8f:e7:d0:9e:1f:fe:
e4:2f:64:c1:37:86:51:b6:27:d1:71:e2:fd:5b:4a:70:a7:46:
9d:f5:45:ef:f2:ca:6a:ed:72:43:d8:35:25:f3:6e:87:94:b0:
cb:79:91:59:dd:bb:0b:9f:9e:5c:fc:ac:2e:c7:c4:ee:c7:32:
5c:c8:76:37:50:2d:a0:ec:a8:c5:c9:c1:a0:fc:e1:47:d8:24:
27:df:4f:6f:25:2f:29:63:a8:a5:1c:8b:82:3b:71:5f:5d:e3:
8e:76:5c:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+76MclQxj4Q96lu3AZYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTdhNmNkNTgzODE0ZDM5M2JlZTI2MzViNTQ1NTc0Y2M3
NTYyMGMwHhcNMjMwMTAyMDUzNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc3NDMzNmY2NmZmNTEwMjg5ZDJlYzMwOTBkZDUzNWQzMWE3YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnMTFA+DpHZcSkI+oSLFaiHMk+fW
jRj/lHGvoLvkZ0DPbtqT7oKZ3wxLacYGoJtE+2nA56RRkY8UTZc6cKS/dzNmLPX9
nsAW+vYF5O4FfM8BzuvhSd2iWQCbRlyBksugQJtjXU9d0hY7iyfabJ8158RMycUr
p+GAv1DjmtciWNUbN3mM3HpRALhFQ8x+re+0SNBx11p6n+I+rZXvGj6ECg88hI8+
g6vF8ne62v7xFRT9dlXjwI8TlNQp4Ylaj+1W2ZbebptqOAkp4fjCMeOzJqr/VrUH
54m2Vgp05gp5Teoy7QYRjtQ+CDZJMXGe4YbYbrLDl/Dp9ahrmtepGf5ppQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOx3Qzb2b/UQKJ0uwwkN1TXTGnsZMB8GA1UdIwQY
MBaAFGSnps1YOBTTk77iY1tUVXTMdWIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYt
NmY1ZDhhNzRhMGU0LzEvN0hkRE52WnY5UkFvblM3RENRM1ZOZE1hZXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYtNmY1ZDhhNzRhMGU0
LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ0IMA0G
CSqGSIb3DQEBCwUAA4IBAQC4MZfU4LYopIXGTzMX4BTV/aHV1CZhstN+YIMAXfAp
zGBRiaQ5wogfz1Wl7Upnc2cfB/xnxeLARl5/AqbURlBx/1BIesvfA7pQ0UTuLE1j
YM5OX5fPQkv5rFNS8cMATVPWHzO2K4pETqGOxg/L1drR24fEWsJg6ueiSQ66zRi6
TgmjFHJe6VTfrQl7QbjYoLevYmBZa5EUVTBcFUmP59CeH/7kL2TBN4ZRtifRceL9
W0pwp0ad9UXv8spq7XJD2DUl826HlLDLeZFZ3bsLn55c/Kwux8TuxzJcyHY3UC2g
7KjFycGg/OFH2CQn309vJS8pY6ilHIuCO3FfXeOOdlzh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:26 2025 by rpki-client