Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/IJAymgwWF1Dr1IZpUJB9EvdI1qE.roa
File: IJAymgwWF1Dr1IZpUJB9EvdI1qE.roa (raw, json)
Hash identifier: iid6ZQVhI0MQ/qHPTLHT4sAC1q395kgtL8XSL3L10+g=
Subject key identifier: 20:90:32:9A:0C:16:17:50:EB:D4:86:69:50:90:7D:12:F7:48:D6:A1
Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Certificate serial: 162AD56F
Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/IJAymgwWF1Dr1IZpUJB9EvdI1qE.roa
Signing time: Sat 01 Jan 2022 14:06:21 +0000
ROA not before: Sat 01 Jan 2022 14:06:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48283
IP address blocks: 194.0.30.0/24 maxlen: 24
194.0.31.0/24 maxlen: 24
194.0.28.0/24 maxlen: 24
194.0.29.0/24 maxlen: 24
2001:678:38::/48 maxlen: 48
2001:678:30::/48 maxlen: 48
2001:678:2c::/48 maxlen: 48
2001:678:34::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 371905903 (0x162ad56f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Validity
Not Before: Jan 1 14:06:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2090329a0c161750ebd4866950907d12f748d6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0a:6d:b0:fa:9c:cb:a3:96:bb:02:89:3f:c8:
2d:2b:f4:ad:dd:91:46:2f:4a:c8:94:fc:1e:dd:a6:
ec:be:6f:ca:74:37:2a:ef:6f:68:a8:2e:a0:9a:74:
c9:b9:18:7b:ba:67:ab:6a:34:f0:3b:bb:58:83:75:
a6:42:74:10:f1:a3:d0:4e:53:2a:43:22:01:26:fb:
90:b0:9e:09:fe:34:d1:ec:45:03:93:9d:4d:73:cd:
f0:04:70:97:f2:ba:45:ad:51:a2:6e:ce:b2:23:d2:
ab:03:c8:bb:bf:a7:45:c4:7e:ab:91:20:af:7e:78:
f8:80:60:40:30:32:ef:ac:d6:0e:08:e8:e4:46:d8:
a1:e4:21:56:a5:1b:2a:b6:72:33:d4:fb:32:48:27:
e2:13:4f:1d:92:f0:6c:99:b7:a0:1b:42:b4:b5:6f:
58:82:53:1a:79:27:e5:a1:81:28:ab:f1:f0:2e:0c:
f8:94:c5:4e:5c:be:c5:42:c2:d6:bc:c1:6e:d1:9e:
9f:3a:bb:68:aa:4c:95:48:44:f8:a8:6d:91:5f:89:
60:7a:e0:fa:10:d7:4e:fb:e8:de:a5:f2:8d:3a:81:
00:f5:35:22:6f:63:90:d4:52:03:51:fd:b9:28:32:
1a:aa:e2:23:6f:12:e8:06:0d:13:ee:67:75:48:ef:
07:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:90:32:9A:0C:16:17:50:EB:D4:86:69:50:90:7D:12:F7:48:D6:A1
X509v3 Authority Key Identifier:
keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/IJAymgwWF1Dr1IZpUJB9EvdI1qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.28.0/22
IPv6:
2001:678:2c::/48
2001:678:30::/48
2001:678:34::/48
2001:678:38::/48
Signature Algorithm: sha256WithRSAEncryption
95:10:2e:74:e6:83:a0:fc:f4:7b:33:e0:6f:ba:01:8d:d4:8e:
39:5c:72:99:ab:db:55:81:3f:d9:1a:65:38:67:6b:27:cd:7b:
cc:ce:cf:3c:67:ce:fb:63:8d:46:ea:e1:b8:72:c5:98:2f:68:
46:f7:12:00:61:6c:51:12:19:0a:91:d9:9d:0b:a0:9d:58:82:
22:af:ff:f7:43:d8:6e:1f:ea:03:b9:41:9a:89:a2:ff:ed:4c:
bf:bf:87:d6:cf:99:3c:31:01:5d:2c:10:f9:59:37:d8:f4:7b:
02:f6:ba:6d:4e:7d:26:bd:74:3e:db:93:c5:f0:6b:2d:07:a0:
48:91:4b:c3:08:f6:03:43:61:66:11:ea:4a:9d:25:94:80:0b:
f5:7e:42:b6:04:f6:81:53:85:37:02:35:86:08:b0:90:fa:2a:
b8:5f:c4:96:9a:12:1d:16:f1:5d:4b:78:6c:30:0b:95:ef:3a:
30:77:76:7d:43:58:d6:bc:04:ef:bd:64:ba:66:0d:3a:0b:3b:
f2:68:f2:39:97:f9:83:18:da:62:d6:d6:54:7a:52:b5:05:93:
ea:80:ef:0d:cc:3e:f4:9d:65:d8:70:d0:84:07:ac:7d:23:66:
65:47:4a:49:3d:5a:45:96:4c:71:c2:fa:ff:f5:b7:ca:67:b7:
34:84:19:ee
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEFirVbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmMyYjBlZTE4NzkyODQwOTA2NWQxOWVlOWMwODU4ZThjMTdlYTEzMB4XDTIyMDEw
MTE0MDYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA5MDMyOWEwYzE2
MTc1MGViZDQ4NjY5NTA5MDdkMTJmNzQ4ZDZhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgKbbD6nMujlrsCiT/ILSv0rd2RRi9KyJT8Ht2m7L5vynQ3
Ku9vaKguoJp0ybkYe7pnq2o08Du7WIN1pkJ0EPGj0E5TKkMiASb7kLCeCf400exF
A5OdTXPN8ARwl/K6Ra1Rom7OsiPSqwPIu7+nRcR+q5Egr354+IBgQDAy76zWDgjo
5EbYoeQhVqUbKrZyM9T7Mkgn4hNPHZLwbJm3oBtCtLVvWIJTGnkn5aGBKKvx8C4M
+JTFTly+xULC1rzBbtGenzq7aKpMlUhE+KhtkV+JYHrg+hDXTvvo3qXyjTqBAPU1
Im9jkNRSA1H9uSgyGqriI28S6AYNE+5ndUjvB/UCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBQgkDKaDBYXUOvUhmlQkH0S90jWoTAfBgNVHSMEGDAWgBTSwrDuGHkoQJBl
0Z7pwIWOjBfqEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBzS3c3aGg1S0VDUVpkR2U2Y0NGam93WDZoTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvYWJhYzE0LTZlYWItNDk4NS04NjdhLWM4ZTg2M2MxYThkMS8x
L0lKQXltZ3dXRjFEcjFJWnBVSkI5RXZkSTFxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
YWJhYzE0LTZlYWItNDk4NS04NjdhLWM4ZTg2M2MxYThkMS8xLzBzS3c3aGg1S0VD
UVpkR2U2Y0NGam93WDZoTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowDAQCAAEwBgMEAsIAHDAqBAIAAjAkAwcAIAEGeAAs
AwcAIAEGeAAwAwcAIAEGeAA0AwcAIAEGeAA4MA0GCSqGSIb3DQEBCwUAA4IBAQCV
EC505oOg/PR7M+BvugGN1I45XHKZq9tVgT/ZGmU4Z2snzXvMzs88Z877Y41G6uG4
csWYL2hG9xIAYWxREhkKkdmdC6CdWIIir//3Q9huH+oDuUGaiaL/7Uy/v4fWz5k8
MQFdLBD5WTfY9HsC9rptTn0mvXQ+25PF8GstB6BIkUvDCPYDQ2FmEepKnSWUgAv1
fkK2BPaBU4U3AjWGCLCQ+iq4X8SWmhIdFvFdS3hsMAuV7zowd3Z9Q1jWvATvvWS6
Zg06CzvyaPI5l/mDGNpi1tZUelK1BZPqgO8NzD70nWXYcNCEB6x9I2ZlR0pJPVpF
lkxxwvr/9bfKZ7c0hBnu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:41 2025 by rpki-client