Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/vyBqcDTAa78uDbkdIeDw7BZKceg.roa
File: vyBqcDTAa78uDbkdIeDw7BZKceg.roa (raw, json)
Hash identifier: +IK1mu/2dxMXCp9yiDbBAN7N5G7PrsK6hN6eQ6XOeLU=
Subject key identifier: BF:20:6A:70:34:C0:6B:BF:2E:0D:B9:1D:21:E0:F0:EC:16:4A:71:E8
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0189D6ECA095AECF3C0CF19C002A44280FF6
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/vyBqcDTAa78uDbkdIeDw7BZKceg.roa
Signing time: Tue 08 Aug 2023 20:52:58 +0000
ROA not before: Tue 08 Aug 2023 20:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398373
IP address blocks: 85.153.12.0/22 maxlen: 22
85.153.24.0/22 maxlen: 22
85.153.29.0/24 maxlen: 24
85.153.32.0/24 maxlen: 24
85.153.34.0/24 maxlen: 24
85.153.35.0/24 maxlen: 24
85.153.36.0/22 maxlen: 22
85.153.41.0/24 maxlen: 24
85.153.42.0/24 maxlen: 24
85.153.40.0/24 maxlen: 24
85.153.52.0/22 maxlen: 22
85.153.59.0/24 maxlen: 24
85.153.60.0/22 maxlen: 22
85.153.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d6:ec:a0:95:ae:cf:3c:0c:f1:9c:00:2a:44:28:0f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Aug 8 20:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf206a7034c06bbf2e0db91d21e0f0ec164a71e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:67:1b:29:61:97:69:c7:f0:0f:bd:f1:0c:c4:
95:a3:6f:81:ec:49:64:02:dc:c2:f1:60:a6:cd:13:
b5:bb:bd:61:76:7e:b9:c4:ff:68:7f:94:ea:8a:f7:
9b:7e:e3:42:57:22:14:c5:1b:db:b1:ac:d6:7d:83:
ef:72:4a:2b:a3:0d:39:34:42:6e:23:b5:f9:34:37:
a0:30:8a:23:79:fe:58:ca:ca:e4:75:9b:9f:16:fb:
9f:fa:41:fd:e7:57:25:5d:b7:1d:5f:10:91:32:5d:
d0:c5:5d:d4:d1:7f:81:e8:68:4c:e4:2a:65:8c:ba:
4f:1a:97:2f:c8:4a:54:87:25:c1:47:18:56:b4:15:
af:4a:5a:ab:6e:17:ff:9c:51:cb:b9:86:5c:0b:4a:
5a:e3:3b:d9:20:15:1f:6b:76:ee:02:1a:c1:b1:ad:
cc:bf:eb:cb:8b:90:a3:44:a6:5a:b2:5a:d7:0c:e9:
9c:98:4b:a5:25:1d:de:d5:a9:61:a1:80:65:ea:71:
4c:15:fb:a0:37:4a:32:ab:9f:30:c9:95:71:8d:88:
7a:bb:08:41:1b:25:66:45:cc:2d:6e:5e:81:99:83:
79:78:50:82:2a:ea:a1:27:87:35:bd:86:44:bf:39:
1f:37:30:bf:89:4e:99:ec:21:07:0a:04:ae:18:48:
97:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:20:6A:70:34:C0:6B:BF:2E:0D:B9:1D:21:E0:F0:EC:16:4A:71:E8
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/vyBqcDTAa78uDbkdIeDw7BZKceg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.4.0/24
85.153.12.0/22
85.153.24.0/22
85.153.29.0/24
85.153.32.0/24
85.153.34.0-85.153.42.255
85.153.52.0/22
85.153.59.0-85.153.63.255
Signature Algorithm: sha256WithRSAEncryption
73:b0:11:6f:96:e5:f7:42:10:9b:82:93:73:a7:dc:18:96:62:
dc:ae:5d:66:a4:23:49:32:d0:24:d9:a7:82:30:72:18:9c:d2:
90:ac:72:d8:72:7b:5f:97:02:93:00:0b:4c:62:1e:2f:45:b9:
92:7a:5b:28:b4:7c:1c:0a:e1:53:c3:c8:2c:9b:78:dc:ac:5a:
83:f3:2b:ec:e5:4c:9d:c9:81:be:17:b7:cf:c4:90:f3:13:3d:
52:b4:1b:2b:99:ea:62:46:5f:2c:f7:d6:34:3d:e7:e4:12:9c:
03:17:66:d0:68:83:6f:2f:58:ff:1b:5b:53:31:44:43:b6:c2:
f1:70:8f:49:a4:59:03:f8:51:7a:5c:ea:05:66:af:f3:02:ab:
78:c0:f6:3d:9a:34:37:55:0a:cc:97:05:38:95:e6:69:9c:72:
7c:7b:b2:43:d1:e0:56:0c:af:66:00:16:8f:c7:c0:41:fa:e9:
ef:be:ad:31:33:ff:b9:76:df:0c:b3:27:3a:1d:62:0f:1b:71:
1e:fd:0b:ac:75:0a:69:fd:b1:ae:9a:cc:11:dd:03:25:a1:48:
b7:d8:a7:12:32:4f:63:14:f8:79:51:e6:fa:51:29:9f:71:eb:
3a:9c:9e:a9:0f:70:9c:94:3a:22:95:c2:92:2e:9d:ef:4b:d3:
df:80:dc:2f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYnW7KCVrs88DPGcACpEKA/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwODA4MjA1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjIwNmE3MDM0YzA2YmJmMmUwZGI5MWQyMWUwZjBlYzE2NGE3MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGcbKWGXacfwD73xDMSVo2+B7Elk
AtzC8WCmzRO1u71hdn65xP9of5TqivebfuNCVyIUxRvbsazWfYPvckorow05NEJu
I7X5NDegMIojef5YysrkdZufFvuf+kH951clXbcdXxCRMl3QxV3U0X+B6GhM5Cpl
jLpPGpcvyEpUhyXBRxhWtBWvSlqrbhf/nFHLuYZcC0pa4zvZIBUfa3buAhrBsa3M
v+vLi5CjRKZaslrXDOmcmEulJR3e1alhoYBl6nFMFfugN0oyq58wyZVxjYh6uwhB
GyVmRcwtbl6BmYN5eFCCKuqhJ4c1vYZEvzkfNzC/iU6Z7CEHCgSuGEiX2QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFL8ganA0wGu/Lg25HSHg8OwWSnHoMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvdnlCcWNEVEFhNzh1RGJrZEllRHc3QlpLY2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAVZkEAwQC
VZkMAwQCVZkYAwQAVZkdAwQAVZkgMAwDBAFVmSIDBABVmSoDBAJVmTQwDAMEAFWZ
OwMEBlWZADANBgkqhkiG9w0BAQsFAAOCAQEAc7ARb5bl90IQm4KTc6fcGJZi3K5d
ZqQjSTLQJNmngjByGJzSkKxy2HJ7X5cCkwALTGIeL0W5knpbKLR8HArhU8PILJt4
3Kxag/Mr7OVMncmBvhe3z8SQ8xM9UrQbK5nqYkZfLPfWND3n5BKcAxdm0GiDby9Y
/xtbUzFEQ7bC8XCPSaRZA/hRelzqBWav8wKreMD2PZo0N1UKzJcFOJXmaZxyfHuy
Q9HgVgyvZgAWj8fAQfrp776tMTP/uXbfDLMnOh1iDxtxHv0LrHUKaf2xrprMEd0D
JaFIt9inEjJPYxT4eVHm+lEpn3HrOpyeqQ9wnJQ6IpXCki6d70vT34DcLw==
-----END CERTIFICATE-----
Generated at Wed May 14 15:44:44 2025 by rpki-client