Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/iCIotd-YsbSORVYjXQZKNFfKeZM.roa
File: iCIotd-YsbSORVYjXQZKNFfKeZM.roa (raw, json)
Hash identifier: I07gmNiUtNCcBygBL09YkJNL+xcRzKbx04gHgzPUKj8=
Subject key identifier: 88:22:28:B5:DF:98:B1:B4:8E:45:56:23:5D:06:4A:34:57:CA:79:93
Certificate issuer: /CN=9c721ac807a326f871bbaa184963cd602b5cc2d6
Certificate serial: 0E41D6BC
Authority key identifier: 9C:72:1A:C8:07:A3:26:F8:71:BB:AA:18:49:63:CD:60:2B:5C:C2:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/iCIotd-YsbSORVYjXQZKNFfKeZM.roa
Signing time: Sat 01 Jan 2022 15:55:30 +0000
ROA not before: Sat 01 Jan 2022 15:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50877
IP address blocks: 159.255.128.0/21 maxlen: 21
185.182.208.0/22 maxlen: 22
2a0a:f980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 239195836 (0xe41d6bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c721ac807a326f871bbaa184963cd602b5cc2d6
Validity
Not Before: Jan 1 15:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=882228b5df98b1b48e4556235d064a3457ca7993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ee:be:f7:71:96:e2:aa:f0:8d:ef:51:70:ec:
09:c2:1a:8d:51:9a:a5:de:59:3a:e9:45:b0:d2:b6:
69:39:9d:d8:67:2a:db:6d:77:f7:7b:b2:55:b9:96:
2f:d0:b5:b7:b2:a5:c9:23:3a:e3:5a:0b:db:3f:28:
15:9e:1a:17:f3:ca:07:86:ec:af:ec:76:fe:f9:36:
3f:08:60:6d:09:cd:83:e8:aa:88:7d:8c:47:b2:40:
d5:dc:40:60:cc:59:8c:56:70:02:23:ef:4c:c0:77:
d6:51:64:06:0e:94:96:6d:06:60:e2:9b:cf:85:05:
2c:b3:dc:e7:0a:66:03:13:66:40:21:bb:d5:2e:13:
ff:40:95:a8:77:f7:c0:79:a1:66:e0:04:cc:16:25:
12:35:8f:7b:5c:9e:0b:2e:fc:8a:00:d0:2e:6b:a8:
12:7b:85:f4:90:e1:1f:b7:9d:e5:0b:38:91:2c:a8:
79:07:ca:d7:54:5a:2e:90:cb:e3:72:ca:d6:6d:6d:
56:cb:50:31:f1:18:fd:bb:75:65:5b:1d:ce:4a:3e:
3d:fc:a6:4b:fc:4d:ff:5a:cc:1a:79:fe:76:91:ce:
68:c3:c3:30:47:26:28:d0:15:4a:43:ce:33:47:6f:
ed:51:62:96:95:09:d3:2b:ab:29:db:73:ec:58:fc:
6a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:22:28:B5:DF:98:B1:B4:8E:45:56:23:5D:06:4A:34:57:CA:79:93
X509v3 Authority Key Identifier:
keyid:9C:72:1A:C8:07:A3:26:F8:71:BB:AA:18:49:63:CD:60:2B:5C:C2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHIayAejJvhxu6oYSWPNYCtcwtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/iCIotd-YsbSORVYjXQZKNFfKeZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/464260-8d7e-4507-b44b-2864707b2b3f/1/nHIayAejJvhxu6oYSWPNYCtcwtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.128.0/21
185.182.208.0/22
IPv6:
2a0a:f980::/29
Signature Algorithm: sha256WithRSAEncryption
97:44:23:0c:bd:a1:5a:44:fb:87:c6:6b:c8:3b:ad:56:ba:f9:
10:e8:1d:98:a1:bc:4b:8e:76:48:d0:15:4e:35:9e:9c:52:79:
65:a8:6c:8f:c4:93:89:95:9c:12:6d:32:89:3b:15:26:4f:e0:
91:52:16:27:88:3a:c5:f7:be:b9:b0:67:4c:57:2a:6b:d0:cb:
7b:e3:dd:86:17:5e:15:72:a9:68:a8:fe:55:1e:c2:b8:bd:cd:
34:6d:36:17:56:68:ba:1e:54:ff:c7:36:4e:fa:9f:76:f9:01:
46:c7:f5:11:88:76:d0:30:01:5b:9d:21:a7:43:fe:ab:51:98:
df:87:43:83:d7:a9:33:fb:19:f0:fd:f8:fb:bc:c5:4c:89:e8:
1f:7d:2f:30:96:c5:18:fe:17:b4:c6:8b:c1:64:c0:78:95:c1:
4b:0c:6a:fd:aa:20:f8:7b:b2:d2:b7:a3:04:25:fa:c0:7f:4e:
f9:8e:ec:ab:05:fa:49:e2:83:60:78:11:8d:9d:f7:e9:3f:0e:
37:9b:e5:27:33:01:5c:b8:e4:3d:5c:ca:77:ef:59:d8:8e:0c:
6c:39:e4:65:d3:35:4c:1a:17:f7:8e:6b:e5:fa:9a:14:50:26:
4e:28:df:e7:3c:dc:c3:2b:fa:9b:db:a2:a0:02:ab:64:e1:e4:
b2:68:5a:0a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDkHWvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YzcyMWFjODA3YTMyNmY4NzFiYmFhMTg0OTYzY2Q2MDJiNWNjMmQ2MB4XDTIyMDEw
MTE1NTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODgyMjI4YjVkZjk4
YjFiNDhlNDU1NjIzNWQwNjRhMzQ1N2NhNzk5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKruvvdxluKq8I3vUXDsCcIajVGapd5ZOulFsNK2aTmd2Gcq
221393uyVbmWL9C1t7KlySM641oL2z8oFZ4aF/PKB4bsr+x2/vk2PwhgbQnNg+iq
iH2MR7JA1dxAYMxZjFZwAiPvTMB31lFkBg6Ulm0GYOKbz4UFLLPc5wpmAxNmQCG7
1S4T/0CVqHf3wHmhZuAEzBYlEjWPe1yeCy78igDQLmuoEnuF9JDhH7ed5Qs4kSyo
eQfK11RaLpDL43LK1m1tVstQMfEY/bt1ZVsdzko+PfymS/xN/1rMGnn+dpHOaMPD
MEcmKNAVSkPOM0dv7VFilpUJ0yurKdtz7Fj8as0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSIIii135ixtI5FViNdBko0V8p5kzAfBgNVHSMEGDAWgBScchrIB6Mm+HG7
qhhJY81gK1zC1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25ISWF5QWVqSnZoeHU2b1lTV1BOWUN0Y3d0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvNDY0MjYwLThkN2UtNDUwNy1iNDRiLTI4NjQ3MDdiMmIzZi8x
L2lDSW90ZC1Zc2JTT1JWWWpYUVpLTkZmS2VaTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
NDY0MjYwLThkN2UtNDUwNy1iNDRiLTI4NjQ3MDdiMmIzZi8xL25ISWF5QWVqSnZo
eHU2b1lTV1BOWUN0Y3d0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA5//gAMEArm20DANBAIAAjAHAwUD
Kgr5gDANBgkqhkiG9w0BAQsFAAOCAQEAl0QjDL2hWkT7h8ZryDutVrr5EOgdmKG8
S452SNAVTjWenFJ5Zahsj8STiZWcEm0yiTsVJk/gkVIWJ4g6xfe+ubBnTFcqa9DL
e+PdhhdeFXKpaKj+VR7CuL3NNG02F1Zouh5U/8c2TvqfdvkBRsf1EYh20DABW50h
p0P+q1GY34dDg9epM/sZ8P34+7zFTInoH30vMJbFGP4XtMaLwWTAeJXBSwxq/aog
+Huy0rejBCX6wH9O+Y7sqwX6SeKDYHgRjZ336T8ON5vlJzMBXLjkPVzKd+9Z2I4M
bDnkZdM1TBoX945r5fqaFFAmTijf5zzcwyv6m9uioAKrZOHksmhaCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:20 2024 by rpki-client on console-ams.rpki-client.org