Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/v-IXrE3R9eR0bhpFpCoGuKm6_40.roa
File: v-IXrE3R9eR0bhpFpCoGuKm6_40.roa (raw, json)
Hash identifier: I88re54PS+bwq98/7jGyFwrijGVizUuYxSu3HHn5tCY=
Subject key identifier: BF:E2:17:AC:4D:D1:F5:E4:74:6E:1A:45:A4:2A:06:B8:A9:BA:FF:8D
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 0184E37C5D04AC6D28D4BF08CC8F69BE592B
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/v-IXrE3R9eR0bhpFpCoGuKm6_40.roa
Signing time: Mon 05 Dec 2022 18:11:29 +0000
ROA not before: Mon 05 Dec 2022 18:11:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60253
IP address blocks: 92.205.192.0/20 maxlen: 24
2a00:116a::/40 maxlen: 48
2a00:116a:100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:7c:5d:04:ac:6d:28:d4:bf:08:cc:8f:69:be:59:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Dec 5 18:11:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfe217ac4dd1f5e4746e1a45a42a06b8a9baff8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:55:fb:3d:2b:f5:95:21:7c:dd:3b:17:8a:58:
a7:af:ea:5a:11:1e:a3:b6:62:3d:be:81:fd:14:b5:
13:cc:6b:87:3a:c4:bc:a4:79:c2:05:07:a1:bf:04:
47:14:6d:77:ed:b4:71:10:4e:e3:fc:22:69:ef:26:
97:7b:82:7a:1d:9e:e9:e2:9a:dd:0e:7b:56:b3:32:
94:95:0f:1b:8d:8f:97:20:9f:68:03:03:72:47:90:
02:84:00:0a:21:b4:34:78:75:c3:21:b2:a7:1a:5f:
f6:a8:49:59:fc:67:a0:60:b9:53:30:ca:cb:50:f7:
06:ce:49:0c:74:61:7e:cd:30:fa:a3:02:00:25:6a:
49:fb:b1:66:1a:ae:17:80:09:ac:94:ab:0d:5f:10:
e2:11:dc:83:7e:33:09:a2:fe:41:6e:ad:9d:f6:76:
34:2e:e5:db:64:33:9f:08:15:8f:14:7f:13:24:f1:
ab:b3:6e:46:16:e0:e0:36:37:83:d9:65:b1:3d:3b:
b3:52:09:8a:d6:72:90:fa:07:aa:87:1e:b1:d5:fd:
06:fb:3f:54:a8:b5:bf:d0:b8:de:71:ec:37:ba:81:
7e:ad:b5:b8:c5:64:6e:32:15:84:8d:5d:4a:26:40:
3b:ce:7f:07:7d:99:f2:2e:4a:03:2a:ca:a3:c4:17:
85:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E2:17:AC:4D:D1:F5:E4:74:6E:1A:45:A4:2A:06:B8:A9:BA:FF:8D
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/v-IXrE3R9eR0bhpFpCoGuKm6_40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.205.192.0/20
IPv6:
2a00:116a::/39
Signature Algorithm: sha256WithRSAEncryption
21:36:29:05:1f:68:b9:cd:09:40:fe:2a:3a:da:14:ac:c2:7a:
95:73:42:c8:49:ac:74:1e:a9:b6:14:15:8e:9d:e1:46:7f:f8:
be:72:82:1e:8e:4e:84:8b:8a:72:f9:12:f0:f9:c0:f6:ee:ab:
1a:80:0e:60:ca:ab:df:ed:32:b4:a9:53:ae:da:ff:b6:3d:89:
ab:cd:77:9b:f7:ca:46:12:d5:d9:35:fb:c3:7a:3b:c4:52:31:
97:52:5b:26:f4:11:18:cc:6e:4f:65:4a:12:c2:27:3d:42:e5:
ea:f5:b1:b5:47:4c:6a:77:15:23:61:5d:70:4b:3f:4c:b5:d7:
cf:6f:f8:f2:f0:00:01:6d:a5:75:79:49:57:84:2b:7d:f7:bb:
ea:8b:e8:a5:b7:a1:36:49:1a:3f:97:20:73:6b:22:f8:bc:33:
bf:63:db:a7:05:3f:87:99:cd:74:be:4a:fa:ec:80:eb:ed:ff:
61:75:4a:47:20:4f:d5:44:71:2e:15:06:73:11:8a:bc:e5:d1:
0b:70:c7:1a:c6:a3:63:0f:f7:da:59:3f:b3:d2:51:9e:be:62:
a8:c1:dc:38:11:a1:5e:c7:e4:e1:0d:43:bd:41:58:57:41:48:
bb:5b:3a:fd:dc:33:69:b3:77:9b:c3:26:79:3c:1c:47:bd:63:
33:e9:92:69
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYTjfF0ErG0o1L8IzI9pvlkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjIxMjA1MTgxMTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmUyMTdhYzRkZDFmNWU0NzQ2ZTFhNDVhNDJhMDZiOGE5YmFmZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1X7PSv1lSF83TsXilinr+paER6j
tmI9voH9FLUTzGuHOsS8pHnCBQehvwRHFG137bRxEE7j/CJp7yaXe4J6HZ7p4prd
DntWszKUlQ8bjY+XIJ9oAwNyR5AChAAKIbQ0eHXDIbKnGl/2qElZ/GegYLlTMMrL
UPcGzkkMdGF+zTD6owIAJWpJ+7FmGq4XgAmslKsNXxDiEdyDfjMJov5Bbq2d9nY0
LuXbZDOfCBWPFH8TJPGrs25GFuDgNjeD2WWxPTuzUgmK1nKQ+geqhx6x1f0G+z9U
qLW/0Ljecew3uoF+rbW4xWRuMhWEjV1KJkA7zn8HfZnyLkoDKsqjxBeFbwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFL/iF6xN0fXkdG4aRaQqBripuv+NMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvdi1JWHJFM1I5ZVIwYmhwRnBDb0d1S202XzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEXM3AMA4E
AgACMAgDBgEqABFqADANBgkqhkiG9w0BAQsFAAOCAQEAITYpBR9ouc0JQP4qOtoU
rMJ6lXNCyEmsdB6pthQVjp3hRn/4vnKCHo5OhIuKcvkS8PnA9u6rGoAOYMqr3+0y
tKlTrtr/tj2Jq813m/fKRhLV2TX7w3o7xFIxl1JbJvQRGMxuT2VKEsInPULl6vWx
tUdMancVI2FdcEs/TLXXz2/48vAAAW2ldXlJV4Qrffe76ovopbehNkkaP5cgc2si
+Lwzv2PbpwU/h5nNdL5K+uyA6+3/YXVKRyBP1URxLhUGcxGKvOXRC3DHGsajYw/3
2lk/s9JRnr5iqMHcOBGhXsfk4Q1DvUFYV0FIu1s6/dwzabN3m8MmeTwcR71jM+mS
aQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:38 2025 by rpki-client