Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/630362-290f-46bc-8446-6a7c3ba31410/1/IXkJm_cBNAsR2BN_nlcXufawEuE.roa
File: IXkJm_cBNAsR2BN_nlcXufawEuE.roa (raw, json)
Hash identifier: SWGs4vsy2SDIwZL4WX8c5r6P41qkygI3linw+1ZESZc=
Subject key identifier: 21:79:09:9B:F7:01:34:0B:11:D8:13:7F:9E:57:17:B9:F6:B0:12:E1
Certificate issuer: /CN=f8a41594a92a9ae05c65a04f803d411a4f88423f
Certificate serial: 03750B2D
Authority key identifier: F8:A4:15:94:A9:2A:9A:E0:5C:65:A0:4F:80:3D:41:1A:4F:88:42:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KQVlKkqmuBcZaBPgD1BGk-IQj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/630362-290f-46bc-8446-6a7c3ba31410/1/IXkJm_cBNAsR2BN_nlcXufawEuE.roa
Signing time: Fri 04 Mar 2022 10:07:23 +0000
ROA not before: Fri 04 Mar 2022 10:07:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211957
IP address blocks: 185.235.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58002221 (0x3750b2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a41594a92a9ae05c65a04f803d411a4f88423f
Validity
Not Before: Mar 4 10:07:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2179099bf701340b11d8137f9e5717b9f6b012e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7e:3e:9b:4e:51:4e:12:b9:ca:84:b9:49:64:
d5:b0:ef:54:d0:74:b1:c1:49:45:d2:3e:75:7e:29:
55:58:58:78:ad:d5:91:08:62:96:81:2d:e1:69:df:
8e:ea:6f:ce:af:e6:51:71:a8:58:53:70:83:13:f2:
69:41:a1:6b:c7:c1:56:f8:eb:52:ab:54:b9:c0:63:
7a:1e:b6:a7:6c:0c:23:c0:1b:22:c9:88:32:ca:cf:
bd:3b:91:8d:7e:70:7f:f6:b1:c7:d7:4d:77:38:cc:
f3:39:f0:02:41:3c:70:68:2c:f4:90:fe:a7:9e:d8:
33:36:46:85:a0:57:32:b6:ef:72:54:80:69:f2:e6:
95:27:37:ab:64:6e:6e:9e:13:dc:59:91:f5:79:64:
a5:f9:9a:1c:62:d0:bb:97:d8:f5:a8:a1:62:46:8f:
dd:31:0a:8d:bb:42:ba:22:4a:76:66:1e:22:08:cf:
65:d6:36:39:ee:5e:81:fb:61:b9:40:9e:d0:96:93:
9c:0d:90:6e:ba:75:91:b6:22:af:e5:cc:9a:1e:1e:
b5:f3:9b:0d:d1:ff:25:31:76:57:4c:b8:8e:d6:fb:
da:a5:9c:05:bf:aa:20:de:12:42:85:bb:21:47:17:
10:b4:c9:ea:1d:6c:79:bc:fb:f4:55:12:41:59:50:
8a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:79:09:9B:F7:01:34:0B:11:D8:13:7F:9E:57:17:B9:F6:B0:12:E1
X509v3 Authority Key Identifier:
keyid:F8:A4:15:94:A9:2A:9A:E0:5C:65:A0:4F:80:3D:41:1A:4F:88:42:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KQVlKkqmuBcZaBPgD1BGk-IQj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/630362-290f-46bc-8446-6a7c3ba31410/1/IXkJm_cBNAsR2BN_nlcXufawEuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/630362-290f-46bc-8446-6a7c3ba31410/1/1-KQVlKkqmuBcZaBPgD1BGk-IQj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.8.0/24
Signature Algorithm: sha256WithRSAEncryption
67:d1:17:23:5c:41:e2:bf:93:57:f5:f2:a0:b6:10:af:f1:00:
c9:bc:bc:7d:6b:4a:c4:c4:2b:fb:7a:fa:c2:4b:33:a1:a1:ee:
ff:ea:e7:85:f7:5a:9a:db:1e:c8:2b:e1:01:9c:01:c2:37:46:
52:87:bd:b1:0c:de:d6:e8:10:dc:ef:7a:60:01:7d:31:80:47:
08:74:f8:e3:a2:57:37:ac:a7:80:29:c5:5e:a5:44:ab:94:35:
b6:dd:11:be:a2:6e:49:85:a7:36:7e:dc:7f:03:8f:44:d4:62:
9a:2b:ca:d0:5d:db:20:7b:b2:94:6c:5c:cc:78:d2:af:29:dc:
ae:00:05:c1:d2:5c:5e:0e:46:af:f9:08:91:9c:5c:2b:03:5c:
7a:63:21:7a:d2:55:79:77:16:24:03:08:94:46:15:48:f2:7e:
6f:96:cb:17:ec:63:d6:39:df:76:94:65:37:67:15:40:e5:bf:
d2:81:f9:20:bf:40:fb:e2:c1:b4:37:89:75:22:c2:b9:e0:89:
88:96:e0:f0:a1:44:f7:70:74:2d:71:99:1d:4c:f7:09:b7:d9:
fd:bd:24:0d:73:ee:26:49:e2:40:52:c1:90:d5:3d:ca:3a:51:
14:4b:91:b7:d5:b8:4b:34:c7:62:35:52:a1:9e:e1:7c:4d:e2:
c3:29:b0:cf
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEA3ULLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGE0MTU5NGE5MmE5YWUwNWM2NWEwNGY4MDNkNDExYTRmODg0MjNmMB4XDTIyMDMw
NDEwMDcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE3OTA5OWJmNzAx
MzQwYjExZDgxMzdmOWU1NzE3YjlmNmIwMTJlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOl+PptOUU4SucqEuUlk1bDvVNB0scFJRdI+dX4pVVhYeK3V
kQhiloEt4Wnfjupvzq/mUXGoWFNwgxPyaUGha8fBVvjrUqtUucBjeh62p2wMI8Ab
IsmIMsrPvTuRjX5wf/axx9dNdzjM8znwAkE8cGgs9JD+p57YMzZGhaBXMrbvclSA
afLmlSc3q2Rubp4T3FmR9XlkpfmaHGLQu5fY9aihYkaP3TEKjbtCuiJKdmYeIgjP
ZdY2Oe5egfthuUCe0JaTnA2Qbrp1kbYir+XMmh4etfObDdH/JTF2V0y4jtb72qWc
Bb+qIN4SQoW7IUcXELTJ6h1sebz79FUSQVlQimECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQheQmb9wE0CxHYE3+eVxe59rAS4TAfBgNVHSMEGDAWgBT4pBWUqSqa4Fxl
oE+APUEaT4hCPzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtS1FWbEtrcW11QmNaYUJQZ0QxQkdrLUlRajguY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzBhLzYzMDM2Mi0yOTBmLTQ2YmMtODQ0Ni02YTdjM2JhMzE0MTAv
MS9JWGtKbV9jQk5Bc1IyQk5fbmxjWHVmYXdFdUUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBh
LzYzMDM2Mi0yOTBmLTQ2YmMtODQ0Ni02YTdjM2JhMzE0MTAvMS8xLUtRVmxLa3Ft
dUJjWmFCUGdEMUJHay1JUWo4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuesIMA0GCSqGSIb3DQEBCwUA
A4IBAQBn0RcjXEHiv5NX9fKgthCv8QDJvLx9a0rExCv7evrCSzOhoe7/6ueF91qa
2x7IK+EBnAHCN0ZSh72xDN7W6BDc73pgAX0xgEcIdPjjolc3rKeAKcVepUSrlDW2
3RG+om5Jhac2ftx/A49E1GKaK8rQXdsge7KUbFzMeNKvKdyuAAXB0lxeDkav+QiR
nFwrA1x6YyF60lV5dxYkAwiURhVI8n5vlssX7GPWOd92lGU3ZxVA5b/Sgfkgv0D7
4sG0N4l1IsK54ImIluDwoUT3cHQtcZkdTPcJt9n9vSQNc+4mSeJAUsGQ1T3KOlEU
S5G31bhLNMdiNVKhnuF8TeLDKbDP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:50 2025 by rpki-client