Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/1iBQP88ahxJzRZJbAG4pYGmIIe4.roa
File: 1iBQP88ahxJzRZJbAG4pYGmIIe4.roa (raw, json)
Hash identifier: MFfKyirHnd1L/xdAQifNt8e6RITHc2BDxYLKPneC6x8=
Subject key identifier: D6:20:50:3F:CF:1A:87:12:73:45:92:5B:00:6E:29:60:69:88:21:EE
Certificate issuer: /CN=89e4bf59877a3b2ef14f5f120a6750dc14939c6b
Certificate serial: 0187C4114EC039A255F439B5405ABA9A9827
Authority key identifier: 89:E4:BF:59:87:7A:3B:2E:F1:4F:5F:12:0A:67:50:DC:14:93:9C:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/1iBQP88ahxJzRZJbAG4pYGmIIe4.roa
Signing time: Thu 27 Apr 2023 18:54:41 +0000
ROA not before: Thu 27 Apr 2023 18:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50643
IP address blocks: 195.191.200.0/23 maxlen: 24
2001:678:b4c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c4:11:4e:c0:39:a2:55:f4:39:b5:40:5a:ba:9a:98:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89e4bf59877a3b2ef14f5f120a6750dc14939c6b
Validity
Not Before: Apr 27 18:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d620503fcf1a87127345925b006e2960698821ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4d:6c:82:52:cf:3e:39:5d:23:98:77:a0:89:
8a:47:28:d0:26:33:2a:d2:01:19:a4:4a:71:03:17:
60:da:7a:39:00:25:ae:81:9d:1d:5b:2c:b8:ed:27:
a0:47:b5:51:c4:16:d5:ae:cc:8b:7e:bf:26:68:41:
ba:26:89:9d:c9:ee:82:c3:a5:74:3c:cf:8e:22:e1:
f2:f6:8c:24:e2:2e:1f:9c:66:e3:58:7b:af:aa:1d:
73:11:73:75:06:1b:86:00:ad:3d:11:40:36:71:e0:
0b:87:94:d4:5e:ea:0d:d0:34:bb:b7:4d:ff:0b:45:
c3:a3:31:7a:20:12:bd:9e:19:67:a0:fc:fd:05:1b:
79:01:30:d6:09:a3:9f:12:ac:e8:ea:00:e8:d3:84:
8c:6b:77:48:40:02:bc:ba:62:62:2c:30:2b:e5:bd:
42:12:53:7c:86:64:87:a8:c9:8e:89:7e:07:52:00:
c7:99:91:87:71:c1:2d:75:79:d9:b8:e8:83:ff:9c:
4f:b2:2b:b3:2b:88:ca:2c:09:b8:ec:fd:bc:6d:cb:
b2:2f:2f:fd:f7:49:c1:ac:18:d5:3b:61:52:54:98:
6f:aa:92:dd:76:1a:77:93:8e:b6:41:af:dd:d6:e6:
9d:d3:fd:7f:6a:52:a9:54:b9:a9:12:05:50:c9:57:
37:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:20:50:3F:CF:1A:87:12:73:45:92:5B:00:6E:29:60:69:88:21:EE
X509v3 Authority Key Identifier:
keyid:89:E4:BF:59:87:7A:3B:2E:F1:4F:5F:12:0A:67:50:DC:14:93:9C:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/1iBQP88ahxJzRZJbAG4pYGmIIe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.200.0/23
IPv6:
2001:678:b4c::/48
Signature Algorithm: sha256WithRSAEncryption
98:66:8f:72:a7:5b:e6:99:67:58:cb:d3:49:8f:a2:43:11:ae:
17:66:66:96:2d:5e:46:2f:43:c5:53:d8:f8:28:0c:6e:22:f2:
85:98:41:20:a7:6e:f3:3f:f7:05:6a:cd:e3:70:b7:d1:59:da:
13:df:02:4c:8c:e5:36:f5:b1:0a:80:a3:c6:69:32:32:c8:93:
66:dc:c5:29:33:7b:39:09:41:d1:4f:74:91:15:90:3a:93:c4:
d7:ce:89:33:64:b9:6b:a8:3e:f8:b7:3c:be:c1:0a:56:21:eb:
da:5e:46:1a:66:04:88:ef:67:f2:f6:59:a5:c1:24:9d:9f:69:
e4:bb:32:c8:d4:d2:1b:d8:eb:88:e7:dd:2e:7d:a8:08:be:3e:
d7:44:c8:5b:0b:60:b2:3c:00:fc:d1:07:44:20:5c:e6:a5:3f:
14:01:ef:69:fb:f0:1d:f8:74:d8:3a:9c:0d:fa:71:3a:9b:c7:
45:18:a2:bb:48:3c:e5:9f:ef:b4:4b:5c:e0:c6:fe:16:9b:0e:
29:70:df:4a:36:29:94:0c:52:c9:d2:eb:e5:d7:3a:5f:2c:6b:
f1:59:ad:3c:29:1d:bd:7f:a3:c5:69:b1:c5:bb:b8:2f:9f:ec:
23:4a:33:7b:1d:02:3c:f1:08:f9:01:d5:45:80:4a:98:14:c1:
85:cf:e9:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfEEU7AOaJV9Dm1QFq6mpgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZTRiZjU5ODc3YTNiMmVmMTRmNWYxMjBhNjc1MGRjMTQ5
MzljNmIwHhcNMjMwNDI3MTg1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjIwNTAzZmNmMWE4NzEyNzM0NTkyNWIwMDZlMjk2MDY5ODgyMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk1sglLPPjldI5h3oImKRyjQJjMq
0gEZpEpxAxdg2no5ACWugZ0dWyy47SegR7VRxBbVrsyLfr8maEG6Jomdye6Cw6V0
PM+OIuHy9owk4i4fnGbjWHuvqh1zEXN1BhuGAK09EUA2ceALh5TUXuoN0DS7t03/
C0XDozF6IBK9nhlnoPz9BRt5ATDWCaOfEqzo6gDo04SMa3dIQAK8umJiLDAr5b1C
ElN8hmSHqMmOiX4HUgDHmZGHccEtdXnZuOiD/5xPsiuzK4jKLAm47P28bcuyLy/9
90nBrBjVO2FSVJhvqpLddhp3k462Qa/d1uad0/1/alKpVLmpEgVQyVc3cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNYgUD/PGocSc0WSWwBuKWBpiCHuMB8GA1UdIwQY
MBaAFInkv1mHejsu8U9fEgpnUNwUk5xrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWVTX1dZZDZPeTd4VDE4U0NtZFEzQlNUbkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8wNzViYzEtMmI1NS00MGIxLTk5MGUt
MjNiYjQyMDNlYjU3LzEvMWlCUVA4OGFoeEp6UlpKYkFHNHBZR21JSWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8wNzViYzEtMmI1NS00MGIxLTk5MGUtMjNiYjQyMDNlYjU3
LzEvaWVTX1dZZDZPeTd4VDE4U0NtZFEzQlNUbkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw7/IMA8E
AgACMAkDBwAgAQZ4C0wwDQYJKoZIhvcNAQELBQADggEBAJhmj3KnW+aZZ1jL00mP
okMRrhdmZpYtXkYvQ8VT2PgoDG4i8oWYQSCnbvM/9wVqzeNwt9FZ2hPfAkyM5Tb1
sQqAo8ZpMjLIk2bcxSkzezkJQdFPdJEVkDqTxNfOiTNkuWuoPvi3PL7BClYh69pe
RhpmBIjvZ/L2WaXBJJ2faeS7MsjU0hvY64jn3S59qAi+PtdEyFsLYLI8APzRB0Qg
XOalPxQB72n78B34dNg6nA36cTqbx0UYortIPOWf77RLXODG/habDilw30o2KZQM
UsnS6+XXOl8sa/FZrTwpHb1/o8VpscW7uC+f7CNKM3sdAjzxCPkB1UWASpgUwYXP
6ag=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:45 2025 by rpki-client