Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/8TIFAfNdcLsWlEtE1tMVgylkIg0.roa
File: 8TIFAfNdcLsWlEtE1tMVgylkIg0.roa (raw, json)
Hash identifier: U2H1L7fI6oYJr0dvxpVvhcCbNduCCb4W+IwD8BKFG2M=
Subject key identifier: F1:32:05:01:F3:5D:70:BB:16:94:4B:44:D6:D3:15:83:29:64:22:0D
Certificate issuer: /CN=4f8045ccf50977ebc3066a3ceed8fd32f1f023de
Certificate serial: 01856EA6C7BF5114FA2BB4D548D1AC824D25
Authority key identifier: 4F:80:45:CC:F5:09:77:EB:C3:06:6A:3C:EE:D8:FD:32:F1:F0:23:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4BFzPUJd-vDBmo87tj9MvHwI94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/8TIFAfNdcLsWlEtE1tMVgylkIg0.roa
Signing time: Sun 01 Jan 2023 18:45:01 +0000
ROA not before: Sun 01 Jan 2023 18:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35445
IP address blocks: 85.188.128.0/18 maxlen: 18
85.188.64.0/18 maxlen: 18
2001:67c:191c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:c7:bf:51:14:fa:2b:b4:d5:48:d1:ac:82:4d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8045ccf50977ebc3066a3ceed8fd32f1f023de
Validity
Not Before: Jan 1 18:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1320501f35d70bb16944b44d6d315832964220d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0c:24:64:40:36:7e:5d:05:0b:8a:76:d6:b2:
4d:52:44:44:23:8e:79:10:7b:5f:13:7a:97:7a:c4:
20:36:30:58:3c:88:47:84:86:ab:dd:1e:71:8e:e5:
0c:92:1d:30:10:55:6e:96:a0:65:3d:e0:a3:0f:98:
71:a1:59:a5:32:e4:39:6b:77:c2:e3:28:40:ef:39:
10:08:99:34:55:e9:0b:96:42:c6:20:5a:f2:78:6a:
69:4c:80:9d:d0:59:95:56:b0:29:e4:9a:57:fc:11:
b3:04:e8:7f:04:f2:93:7d:e3:b9:87:52:eb:10:cd:
92:a8:7c:91:6c:27:c3:8b:7e:97:86:fa:09:ec:4b:
bb:fe:78:0a:88:45:ff:65:3d:a0:9d:4a:09:87:24:
35:1b:48:ae:fb:9d:5d:6a:99:2c:7c:2e:cc:92:13:
ad:29:61:85:a9:59:3a:73:14:b1:05:51:7e:9a:73:
31:d6:92:0b:06:4c:9c:2e:48:30:10:70:c8:2f:57:
59:92:b8:a6:45:31:d3:cc:a6:5b:de:13:73:94:9d:
81:25:db:9a:77:f4:c1:4d:b8:8b:e7:fc:b9:2d:99:
84:02:14:0f:7e:8c:bb:a0:28:12:3d:02:fb:1d:bd:
c4:1f:c4:17:68:e2:24:e6:d8:d0:69:42:48:77:18:
d9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:32:05:01:F3:5D:70:BB:16:94:4B:44:D6:D3:15:83:29:64:22:0D
X509v3 Authority Key Identifier:
keyid:4F:80:45:CC:F5:09:77:EB:C3:06:6A:3C:EE:D8:FD:32:F1:F0:23:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4BFzPUJd-vDBmo87tj9MvHwI94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/8TIFAfNdcLsWlEtE1tMVgylkIg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/T4BFzPUJd-vDBmo87tj9MvHwI94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.188.64.0-85.188.191.255
IPv6:
2001:67c:191c::/48
Signature Algorithm: sha256WithRSAEncryption
8e:b8:17:9c:af:1a:0a:f9:ad:b5:ad:ac:6f:95:c5:be:76:d9:
7e:3a:9e:b7:00:79:28:28:d6:87:f9:10:2d:2d:00:d7:38:a2:
e2:fe:ad:ae:89:be:25:ae:88:05:48:aa:74:3c:2f:8d:93:d5:
af:95:4a:76:73:64:27:14:d4:51:0f:8e:7f:e6:a1:b7:c8:e6:
0b:24:d6:8d:55:0f:11:3b:85:b7:57:da:18:4f:85:98:f6:18:
86:b3:5b:7d:a2:6c:55:65:51:51:41:d3:8a:eb:00:55:90:99:
a6:b9:d3:60:2f:c6:8d:48:42:bb:a5:76:09:01:10:e9:a5:34:
6b:de:9c:c1:ad:c7:25:92:f5:10:f6:93:02:9e:b5:da:b6:a1:
e2:7e:d8:6d:fb:7d:5e:60:c1:28:e7:26:c8:f0:92:bc:a1:17:
9d:92:a7:f5:e1:3a:30:28:35:db:62:ff:a9:5b:8c:74:05:9a:
f0:4f:b9:c6:6a:9b:f0:f9:e3:b1:df:da:ca:78:6a:98:50:9f:
eb:a8:90:00:4f:a8:d3:ca:bb:ac:b9:18:6b:b9:12:5c:50:9f:
f2:8c:05:ac:e3:5b:30:87:ff:21:1a:18:ee:dd:ba:b5:a8:aa:
71:60:06:f8:19:b3:9c:fc:7f:90:b6:eb:a6:af:78:7e:9c:6f:
6f:c3:b3:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVupse/URT6K7TVSNGsgk0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODA0NWNjZjUwOTc3ZWJjMzA2NmEzY2VlZDhmZDMyZjFm
MDIzZGUwHhcNMjMwMTAxMTg0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTMyMDUwMWYzNWQ3MGJiMTY5NDRiNDRkNmQzMTU4MzI5NjQyMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQwkZEA2fl0FC4p21rJNUkREI455
EHtfE3qXesQgNjBYPIhHhIar3R5xjuUMkh0wEFVulqBlPeCjD5hxoVmlMuQ5a3fC
4yhA7zkQCJk0VekLlkLGIFryeGppTICd0FmVVrAp5JpX/BGzBOh/BPKTfeO5h1Lr
EM2SqHyRbCfDi36XhvoJ7Eu7/ngKiEX/ZT2gnUoJhyQ1G0iu+51dapksfC7MkhOt
KWGFqVk6cxSxBVF+mnMx1pILBkycLkgwEHDIL1dZkrimRTHTzKZb3hNzlJ2BJdua
d/TBTbiL5/y5LZmEAhQPfoy7oCgSPQL7Hb3EH8QXaOIk5tjQaUJIdxjZAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEyBQHzXXC7FpRLRNbTFYMpZCINMB8GA1UdIwQY
MBaAFE+ARcz1CXfrwwZqPO7Y/TLx8CPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRCRnpQVUpkLXZEQm1vODd0ajlNdkh3STk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83ZDllMTAtMmMxOS00ZGQ4LWE4MGYt
NDBjODY5N2JiZGU5LzEvOFRJRkFmTmRjTHNXbEV0RTF0TVZneWxrSWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83ZDllMTAtMmMxOS00ZGQ4LWE4MGYtNDBjODY5N2JiZGU5
LzEvVDRCRnpQVUpkLXZEQm1vODd0ajlNdkh3STk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAZVvEAD
BAZVvIAwDwQCAAIwCQMHACABBnwZHDANBgkqhkiG9w0BAQsFAAOCAQEAjrgXnK8a
Cvmtta2sb5XFvnbZfjqetwB5KCjWh/kQLS0A1zii4v6trom+Ja6IBUiqdDwvjZPV
r5VKdnNkJxTUUQ+Of+aht8jmCyTWjVUPETuFt1faGE+FmPYYhrNbfaJsVWVRUUHT
iusAVZCZprnTYC/GjUhCu6V2CQEQ6aU0a96cwa3HJZL1EPaTAp612rah4n7Ybft9
XmDBKOcmyPCSvKEXnZKn9eE6MCg122L/qVuMdAWa8E+5xmqb8Pnjsd/aynhqmFCf
66iQAE+o08q7rLkYa7kSXFCf8owFrONbMIf/IRoY7t26taiqcWAG+BmznPx/kLbr
pq94fpxvb8OzhQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 07:51:33 2025 by rpki-client