Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/iKJcPjt8x9KvNKxUHGHhJoaOHdw.roa
File: iKJcPjt8x9KvNKxUHGHhJoaOHdw.roa (raw, json)
Hash identifier: DoMCAwzioRD3HkMczPu7p4r4hAp6YQXyfhQ81U/60bs=
Subject key identifier: 88:A2:5C:3E:3B:7C:C7:D2:AF:34:AC:54:1C:61:E1:26:86:8E:1D:DC
Certificate issuer: /CN=6d08a1f4c385f3a7b62984d53e81665a995410f3
Certificate serial: 01858116047FD1E226B4DBC54BF0BC01E35D
Authority key identifier: 6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/iKJcPjt8x9KvNKxUHGHhJoaOHdw.roa
Signing time: Thu 05 Jan 2023 08:39:41 +0000
ROA not before: Thu 05 Jan 2023 08:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42511
IP address blocks: 194.143.151.0/24 maxlen: 24
194.143.150.0/24 maxlen: 24
194.143.150.0/23 maxlen: 23
109.95.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:81:16:04:7f:d1:e2:26:b4:db:c5:4b:f0:bc:01:e3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d08a1f4c385f3a7b62984d53e81665a995410f3
Validity
Not Before: Jan 5 08:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a25c3e3b7cc7d2af34ac541c61e126868e1ddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:89:59:52:14:41:35:90:21:c2:6d:7f:3e:
b6:7b:6e:08:41:9a:7a:20:57:ef:66:24:4f:ac:f3:
b1:e6:e2:5f:8f:8f:fb:b1:ea:db:0a:c2:ac:0c:d5:
79:2b:83:5f:c6:da:76:35:5e:5b:66:08:1d:64:49:
ef:c6:a3:b1:ae:8c:a6:e2:83:1d:9e:a8:2e:92:8e:
20:b8:37:21:66:d9:2f:96:d1:09:90:87:61:fc:4a:
a7:b1:17:04:50:ea:e8:12:25:1e:a7:25:4e:4a:5f:
86:b6:00:69:42:48:cd:2d:b8:5d:20:74:c5:02:8f:
94:70:87:95:be:50:75:f4:f3:2e:62:59:8d:df:0a:
00:ac:34:7c:30:92:d8:1a:0e:76:6c:12:02:59:ef:
27:f3:e7:e5:87:eb:fe:b7:b2:4e:d9:6d:2b:6f:c6:
89:f5:06:e1:4d:15:49:5d:db:1c:35:77:aa:7b:f1:
a6:6e:8b:6c:21:00:f3:2a:a2:47:8f:d4:a5:4d:07:
b0:cc:b5:7c:8d:ae:ee:34:19:31:4b:7a:19:6b:14:
16:b3:c2:44:6a:c4:5c:3f:dd:1a:55:70:38:f3:74:
99:fa:23:1c:27:25:d7:ad:ea:fc:56:d5:a3:8c:f5:
ca:71:cd:97:7c:87:31:c8:56:ba:8e:c2:e9:55:5f:
1b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A2:5C:3E:3B:7C:C7:D2:AF:34:AC:54:1C:61:E1:26:86:8E:1D:DC
X509v3 Authority Key Identifier:
keyid:6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/iKJcPjt8x9KvNKxUHGHhJoaOHdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.72.0/21
194.143.150.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:69:6a:0c:0e:27:a7:0b:c5:1d:b2:be:c1:a1:af:b7:37:d7:
d7:22:79:74:1a:a3:2c:82:f0:e0:60:34:58:6e:ed:17:af:ed:
60:f9:98:90:9f:99:eb:97:2b:41:e9:70:25:29:25:88:2f:58:
88:31:09:51:17:85:a1:b8:f8:e1:de:8a:24:4b:c3:00:ef:83:
a4:97:f6:07:f5:d7:99:e0:0d:ec:75:66:35:0b:39:79:84:cf:
47:53:8a:dd:2d:6d:5a:8f:f7:30:31:af:0c:55:44:03:1c:6f:
89:d6:cb:97:04:f0:b0:24:b7:09:91:97:6f:c9:de:42:6b:69:
b3:bf:0d:0c:66:59:c9:06:48:79:9d:67:53:33:21:39:de:d5:
9b:15:b9:52:3b:65:5f:48:98:4c:ed:ab:f7:ac:f2:21:f3:ef:
9e:84:e7:de:46:c8:9d:5d:16:4c:78:ad:a9:c7:52:30:f0:f1:
e9:2a:cc:8a:85:a2:04:8e:41:06:f0:f6:57:86:9e:22:d3:c8:
7b:ed:dd:15:cd:ab:e4:75:4c:1a:4a:37:24:28:da:15:d9:7a:
0b:d2:9e:86:ea:63:4b:45:f7:d3:67:b0:58:c5:a1:c0:5b:bc:
08:c6:b4:31:91:be:9e:07:cb:22:b4:89:99:a0:4d:a4:2e:79:
ee:12:16:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWBFgR/0eImtNvFS/C8AeNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDhhMWY0YzM4NWYzYTdiNjI5ODRkNTNlODE2NjVhOTk1
NDEwZjMwHhcNMjMwMTA1MDgzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGEyNWMzZTNiN2NjN2QyYWYzNGFjNTQxYzYxZTEyNjg2OGUxZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8qJWVIUQTWQIcJtfz62e24IQZp6
IFfvZiRPrPOx5uJfj4/7serbCsKsDNV5K4Nfxtp2NV5bZggdZEnvxqOxroym4oMd
nqguko4guDchZtkvltEJkIdh/EqnsRcEUOroEiUepyVOSl+GtgBpQkjNLbhdIHTF
Ao+UcIeVvlB19PMuYlmN3woArDR8MJLYGg52bBICWe8n8+flh+v+t7JO2W0rb8aJ
9QbhTRVJXdscNXeqe/GmbotsIQDzKqJHj9SlTQewzLV8ja7uNBkxS3oZaxQWs8JE
asRcP90aVXA483SZ+iMcJyXXrer8VtWjjPXKcc2XfIcxyFa6jsLpVV8bhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIiiXD47fMfSrzSsVBxh4SaGjh3cMB8GA1UdIwQY
MBaAFG0IofTDhfOntimE1T6BZlqZVBDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEt
NDNhODUyNmQ4MmJiLzEvaUtKY1BqdDh4OUt2Tkt4VUhHSGhKb2FPSGR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEtNDNhODUyNmQ4MmJi
LzEvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbV9IAwQB
wo+WMA0GCSqGSIb3DQEBCwUAA4IBAQBraWoMDienC8Udsr7Boa+3N9fXInl0GqMs
gvDgYDRYbu0Xr+1g+ZiQn5nrlytB6XAlKSWIL1iIMQlRF4WhuPjh3ookS8MA74Ok
l/YH9deZ4A3sdWY1Czl5hM9HU4rdLW1aj/cwMa8MVUQDHG+J1suXBPCwJLcJkZdv
yd5Ca2mzvw0MZlnJBkh5nWdTMyE53tWbFblSO2VfSJhM7av3rPIh8++ehOfeRsid
XRZMeK2px1Iw8PHpKsyKhaIEjkEG8PZXhp4i08h77d0VzavkdUwaSjckKNoV2XoL
0p6G6mNLRffTZ7BYxaHAW7wIxrQxkb6eB8sitImZoE2kLnnuEhaK
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:17 2025 by rpki-client