Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/IXhw3qtPlCmmyyczlqjAJ4i2D8Q.roa
File: IXhw3qtPlCmmyyczlqjAJ4i2D8Q.roa (raw, json)
Hash identifier: GEUf+B3YnmYZay5/Wm6kAf7CzOOf9RwHKA3a+m3b7Mg=
Subject key identifier: 21:78:70:DE:AB:4F:94:29:A6:CB:27:33:96:A8:C0:27:88:B6:0F:C4
Certificate issuer: /CN=ad8dd17a768e3b6fbfa7a7009a7007ebe65b45c8
Certificate serial: 034FD688
Authority key identifier: AD:8D:D1:7A:76:8E:3B:6F:BF:A7:A7:00:9A:70:07:EB:E6:5B:45:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY3RenaOO2-_p6cAmnAH6-ZbRcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/IXhw3qtPlCmmyyczlqjAJ4i2D8Q.roa
Signing time: Sat 01 Jan 2022 15:05:09 +0000
ROA not before: Sat 01 Jan 2022 15:05:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211385
IP address blocks: 192.109.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55563912 (0x34fd688)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8dd17a768e3b6fbfa7a7009a7007ebe65b45c8
Validity
Not Before: Jan 1 15:05:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=217870deab4f9429a6cb273396a8c02788b60fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a0:d8:06:9c:db:e7:01:dd:74:21:2b:9d:10:
75:23:b7:55:0e:5d:f1:68:c6:50:61:9b:4d:f0:83:
7a:7b:db:60:c3:f8:29:e3:74:57:9a:d6:24:94:61:
ad:55:5e:6e:f4:ce:a5:03:75:d2:b0:52:13:a4:0e:
06:39:0e:bb:a4:ba:3e:b0:f7:39:1e:cf:2d:bf:6e:
90:d3:7d:71:3a:94:2d:b9:85:f4:84:0f:58:06:48:
95:97:9a:e5:fc:72:37:f5:26:db:e1:f4:f1:1c:b8:
7c:5c:69:c9:71:90:39:5a:f9:de:3f:54:73:2e:7d:
0f:dc:f8:95:c4:54:fd:ea:7b:87:e0:17:2a:10:fd:
41:a6:64:51:5f:46:b3:0a:83:d5:f7:35:71:0e:e6:
6b:7a:28:df:12:b1:9a:ae:b1:4f:9f:c9:b3:a7:ae:
97:48:cf:3f:15:5f:b1:3b:7b:7d:29:26:e4:b4:88:
11:2d:0c:41:66:c6:bf:53:42:ca:c9:b1:b7:bd:fc:
59:74:f4:a4:09:28:87:c2:eb:28:bc:e8:49:f2:22:
8a:f6:9c:dc:d0:5a:8a:c3:7d:08:8d:0d:33:0d:f1:
1a:28:29:94:9b:0a:e6:ca:13:1d:1e:bc:48:54:af:
65:35:16:55:b1:56:86:8d:8c:9f:1d:a8:cf:1d:ed:
9f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:78:70:DE:AB:4F:94:29:A6:CB:27:33:96:A8:C0:27:88:B6:0F:C4
X509v3 Authority Key Identifier:
keyid:AD:8D:D1:7A:76:8E:3B:6F:BF:A7:A7:00:9A:70:07:EB:E6:5B:45:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY3RenaOO2-_p6cAmnAH6-ZbRcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/IXhw3qtPlCmmyyczlqjAJ4i2D8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/rY3RenaOO2-_p6cAmnAH6-ZbRcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.219.0/24
Signature Algorithm: sha256WithRSAEncryption
70:df:d9:28:fb:bc:4d:1e:53:25:22:f4:14:e4:3c:8e:10:0a:
dd:9f:8a:70:26:3b:49:c3:d4:55:fb:c7:f7:3e:2d:60:cc:21:
ec:4e:e2:d5:79:27:67:1b:ad:82:f8:4b:c5:36:e3:65:8c:d3:
a9:1d:a1:2e:62:4e:51:3a:53:cf:35:9a:94:52:86:8f:b5:75:
95:54:cb:3c:e2:3b:3b:39:ae:ed:5a:b7:05:5e:a6:58:6a:6d:
5b:7a:89:79:ff:bd:fd:8b:c1:b4:a1:ca:9b:aa:b8:bf:55:7f:
c6:77:a5:37:63:88:29:7a:00:ed:8f:c3:22:10:b6:48:ad:eb:
7a:52:23:13:97:eb:f2:20:ab:c7:75:b1:f7:02:00:fc:e2:46:
60:c6:c7:bc:2e:e9:ca:38:59:db:be:15:6d:26:86:50:4b:dc:
7c:bf:b3:fb:73:d5:c1:f8:ea:21:64:77:18:05:b7:d6:cc:cc:
7e:fd:08:68:b7:6a:00:7b:b7:62:bf:f3:aa:a5:a7:1c:90:10:
13:c9:62:b5:49:9c:40:08:92:ee:b7:e0:71:fb:5e:db:92:9f:
a0:e5:f2:2e:ec:91:c6:58:cd:0b:b9:a5:db:38:5f:8d:78:a6:
99:ea:96:36:be:43:82:2b:0d:de:ce:d6:bc:40:ae:38:53:31:
51:56:73:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA0/WiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDhkZDE3YTc2OGUzYjZmYmZhN2E3MDA5YTcwMDdlYmU2NWI0NWM4MB4XDTIyMDEw
MTE1MDUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE3ODcwZGVhYjRm
OTQyOWE2Y2IyNzMzOTZhOGMwMjc4OGI2MGZjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqg2Aac2+cB3XQhK50QdSO3VQ5d8WjGUGGbTfCDenvbYMP4
KeN0V5rWJJRhrVVebvTOpQN10rBSE6QOBjkOu6S6PrD3OR7PLb9ukNN9cTqULbmF
9IQPWAZIlZea5fxyN/Um2+H08Ry4fFxpyXGQOVr53j9Ucy59D9z4lcRU/ep7h+AX
KhD9QaZkUV9GswqD1fc1cQ7ma3oo3xKxmq6xT5/Js6eul0jPPxVfsTt7fSkm5LSI
ES0MQWbGv1NCysmxt738WXT0pAkoh8LrKLzoSfIiivac3NBaisN9CI0NMw3xGigp
lJsK5soTHR68SFSvZTUWVbFWho2Mnx2ozx3tn3MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQheHDeq0+UKabLJzOWqMAniLYPxDAfBgNVHSMEGDAWgBStjdF6do47b7+n
pwCacAfr5ltFyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JZM1JlbmFPTzItX3A2Y0FtbkFINi1aYlJjZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvOThiMzViLTk0NWUtNDBjNS1iYjk1LTllYWRkMzUxZmM3OS8x
L0lYaHczcXRQbENtbXl5Y3pscWpBSjRpMkQ4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
OThiMzViLTk0NWUtNDBjNS1iYjk1LTllYWRkMzUxZmM3OS8xL3JZM1JlbmFPTzIt
X3A2Y0FtbkFINi1aYlJjZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBt2zANBgkqhkiG9w0BAQsFAAOC
AQEAcN/ZKPu8TR5TJSL0FOQ8jhAK3Z+KcCY7ScPUVfvH9z4tYMwh7E7i1XknZxut
gvhLxTbjZYzTqR2hLmJOUTpTzzWalFKGj7V1lVTLPOI7Ozmu7Vq3BV6mWGptW3qJ
ef+9/YvBtKHKm6q4v1V/xnelN2OIKXoA7Y/DIhC2SK3relIjE5fr8iCrx3Wx9wIA
/OJGYMbHvC7pyjhZ274VbSaGUEvcfL+z+3PVwfjqIWR3GAW31szMfv0IaLdqAHu3
Yr/zqqWnHJAQE8litUmcQAiS7rfgcfte25KfoOXyLuyRxljNC7ml2zhfjXimmeqW
Nr5DgisN3s7WvECuOFMxUVZzAw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:48 2025 by rpki-client