Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/sMs6P-c0DP9fFy6FD9r-AuV-VOk.roa
File: sMs6P-c0DP9fFy6FD9r-AuV-VOk.roa (raw, json)
Hash identifier: 0ro+WZ1+zqAgwUuOlDvVluAG0bLhCP7DevNHqPjLtuE=
Subject key identifier: B0:CB:3A:3F:E7:34:0C:FF:5F:17:2E:85:0F:DA:FE:02:E5:7E:54:E9
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0189D6EC9F66A627CEB463C484F3B1E4C10E
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/sMs6P-c0DP9fFy6FD9r-AuV-VOk.roa
Signing time: Tue 08 Aug 2023 20:52:58 +0000
ROA not before: Tue 08 Aug 2023 20:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 85.153.56.0/24 maxlen: 24
85.115.204.0/24 maxlen: 24
85.115.207.0/24 maxlen: 24
85.153.7.0/24 maxlen: 24
85.153.6.0/24 maxlen: 24
85.153.8.0/24 maxlen: 24
85.153.125.0/24 maxlen: 24
85.153.124.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.119.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.126.0/24 maxlen: 24
85.153.68.0/22 maxlen: 22
85.153.66.0/24 maxlen: 24
85.153.65.0/24 maxlen: 24
85.153.67.0/24 maxlen: 24
85.153.75.0/24 maxlen: 24
85.153.73.0/24 maxlen: 24
85.153.72.0/24 maxlen: 24
85.153.74.0/24 maxlen: 24
85.153.83.0/24 maxlen: 24
85.153.82.0/24 maxlen: 24
85.153.84.0/22 maxlen: 22
85.153.80.0/24 maxlen: 24
85.153.81.0/24 maxlen: 24
85.153.88.0/22 maxlen: 22
85.153.92.0/24 maxlen: 24
85.153.93.0/24 maxlen: 24
85.153.95.0/24 maxlen: 24
85.153.94.0/24 maxlen: 24
85.153.104.0/22 maxlen: 22
85.153.108.0/22 maxlen: 22
85.153.113.0/24 maxlen: 24
85.153.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d6:ec:9f:66:a6:27:ce:b4:63:c4:84:f3:b1:e4:c1:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Aug 8 20:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0cb3a3fe7340cff5f172e850fdafe02e57e54e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:fc:63:19:14:3f:21:98:e5:4e:e3:91:4d:
bc:3e:23:e4:1e:ec:e6:db:a5:76:4a:fc:e3:fa:12:
42:e5:97:0b:16:d7:72:84:8c:75:47:22:98:94:81:
b7:45:e2:90:9e:07:3a:db:de:94:ad:31:78:91:5d:
3f:eb:88:7f:40:ec:dd:a7:6c:34:10:bc:12:4c:8d:
89:57:2f:fb:0d:d4:aa:ac:06:45:93:b1:5d:fd:4f:
f8:0f:58:3f:3a:a1:11:b0:c5:23:a5:ed:26:7f:15:
d9:97:56:3b:1d:ba:e9:ab:99:51:3a:77:e1:e3:d2:
b3:53:68:9c:4a:1d:74:5e:d6:11:25:cc:07:e5:59:
52:a1:33:31:7f:42:31:0a:83:10:ee:25:c6:8a:ea:
1d:ec:1f:82:ad:16:42:1b:9e:4e:11:7a:54:e7:72:
20:8a:8e:e6:88:e2:19:58:6f:db:3e:e3:23:e3:01:
1e:38:75:f7:21:9a:c4:36:c0:23:3c:91:3e:b2:68:
09:26:c7:ff:4a:8f:a2:f6:55:29:98:e7:4e:9d:d7:
d8:ff:99:93:ea:ee:a7:fe:c7:ef:ff:14:59:70:09:
07:f4:db:1a:9f:bc:ab:65:98:eb:38:ec:b9:e4:83:
84:7a:d9:95:4d:f9:07:ad:86:ac:36:41:fc:a4:33:
c8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:CB:3A:3F:E7:34:0C:FF:5F:17:2E:85:0F:DA:FE:02:E5:7E:54:E9
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/sMs6P-c0DP9fFy6FD9r-AuV-VOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.204.0/24
85.115.207.0/24
85.153.6.0-85.153.8.255
85.153.56.0/24
85.153.65.0-85.153.75.255
85.153.80.0/20
85.153.104.0/21
85.153.113.0/24
85.153.118.0-85.153.126.255
Signature Algorithm: sha256WithRSAEncryption
61:01:96:8d:b1:9d:b4:93:66:41:fc:ee:c6:3b:fa:67:d3:2e:
2c:1e:92:d9:e3:11:8d:31:e4:3c:83:0d:9d:88:66:2a:88:71:
d4:d7:01:0e:fc:ee:2f:1b:39:01:ff:b2:6d:36:df:a0:b0:51:
30:c8:b3:95:46:a4:04:7a:2b:81:5b:86:47:82:a2:c0:7c:c5:
2a:fb:2a:7f:88:34:ce:3d:84:71:ab:23:b3:61:4d:21:1f:74:
dd:3e:f7:11:b2:c1:e1:ce:53:16:5d:86:08:39:1c:b6:21:64:
59:46:0a:43:59:98:15:d3:ee:a7:77:ac:07:b2:d6:99:7d:69:
db:10:20:c3:fc:30:e0:0b:90:ca:00:4a:11:59:44:9c:b2:a4:
94:ef:3d:a5:48:75:d3:3e:78:5b:10:28:66:1a:94:f8:3f:e6:
ae:cb:19:00:42:46:1f:a1:80:f6:5b:cf:33:a1:aa:b3:d2:b0:
95:c0:71:44:cd:cf:41:7c:0e:f1:13:de:81:99:c1:48:ea:f3:
65:14:4f:6b:db:88:6e:78:a1:69:b1:38:2b:c4:9a:1e:97:f0:
0e:01:bb:5c:e2:97:29:eb:e8:7e:f5:a4:ea:e1:68:05:c9:5a:
ee:f1:fb:51:21:c4:15:7e:d9:85:d6:19:38:75:e7:15:6f:f6:
8f:67:84:3d
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYnW7J9mpifOtGPEhPOx5MEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwODA4MjA1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGNiM2EzZmU3MzQwY2ZmNWYxNzJlODUwZmRhZmUwMmU1N2U1NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1T8YxkUPyGY5U7jkU28PiPkHuzm
26V2Svzj+hJC5ZcLFtdyhIx1RyKYlIG3ReKQngc6296UrTF4kV0/64h/QOzdp2w0
ELwSTI2JVy/7DdSqrAZFk7Fd/U/4D1g/OqERsMUjpe0mfxXZl1Y7Hbrpq5lROnfh
49KzU2icSh10XtYRJcwH5VlSoTMxf0IxCoMQ7iXGiuod7B+CrRZCG55OEXpU53Ig
io7miOIZWG/bPuMj4wEeOHX3IZrENsAjPJE+smgJJsf/So+i9lUpmOdOndfY/5mT
6u6n/sfv/xRZcAkH9Nsan7yrZZjrOOy55IOEetmVTfkHrYasNkH8pDPIxQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLDLOj/nNAz/XxcuhQ/a/gLlflTpMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvc01zNlAtYzBEUDlmRnk2RkQ5ci1BdVYtVk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAVXPMAwQA
VXPPMAwDBAFVmQYDBABVmQgDBABVmTgwDAMEAFWZQQMEAlWZSAMEBFWZUAMEA1WZ
aAMEAFWZcTAMAwQBVZl2AwQAVZl+MA0GCSqGSIb3DQEBCwUAA4IBAQBhAZaNsZ20
k2ZB/O7GO/pn0y4sHpLZ4xGNMeQ8gw2diGYqiHHU1wEO/O4vGzkB/7JtNt+gsFEw
yLOVRqQEeiuBW4ZHgqLAfMUq+yp/iDTOPYRxqyOzYU0hH3TdPvcRssHhzlMWXYYI
ORy2IWRZRgpDWZgV0+6nd6wHstaZfWnbECDD/DDgC5DKAEoRWUScsqSU7z2lSHXT
PnhbEChmGpT4P+auyxkAQkYfoYD2W88zoaqz0rCVwHFEzc9BfA7xE96BmcFI6vNl
FE9r24hueKFpsTgrxJoel/AOAbtc4pcp6+h+9aTq4WgFyVru8ftRIcQVftmF1hk4
decVb/aPZ4Q9
-----END CERTIFICATE-----
Generated at Wed May 14 15:35:52 2025 by rpki-client