Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/ibYCTRtOnnIlacEc8-Xv6uMI9Bk.roa
File: ibYCTRtOnnIlacEc8-Xv6uMI9Bk.roa (raw, json)
Hash identifier: wkmf3TuZj1uBzoTbN3DykLs2AbUVdpXd2kpJr0W5lrU=
Subject key identifier: 89:B6:02:4D:1B:4E:9E:72:25:69:C1:1C:F3:E5:EF:EA:E3:08:F4:19
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01845D44DFBF12CA00212678D9F3D6299F30
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/ibYCTRtOnnIlacEc8-Xv6uMI9Bk.roa
Signing time: Wed 09 Nov 2022 16:41:45 +0000
ROA not before: Wed 09 Nov 2022 16:41:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 194.15.96.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
188.209.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5d:44:df:bf:12:ca:00:21:26:78:d9:f3:d6:29:9f:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Nov 9 16:41:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89b6024d1b4e9e722569c11cf3e5efeae308f419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d9:2e:b6:d8:fa:d2:82:64:69:a8:2e:ec:49:
78:11:b3:f4:b6:46:8a:8b:f0:c8:61:47:37:18:04:
1b:a3:fc:31:1a:99:e8:af:59:2e:87:fa:d7:90:12:
b5:07:90:83:3b:a0:fe:23:a2:56:ed:e2:15:b7:34:
47:e6:05:82:fe:80:0d:e6:25:34:3a:dc:05:77:98:
c7:f8:18:d7:6c:09:5d:da:3a:95:0d:6b:b4:00:a8:
a2:71:09:a2:e7:c4:42:c3:f4:ed:75:58:a2:4e:4c:
21:4d:a5:c1:ab:4f:10:13:e8:97:24:dd:cd:ea:bd:
14:1a:3c:fe:6e:d9:62:a3:f2:81:1f:71:06:31:6c:
bc:67:78:b8:a2:ca:a9:2a:41:36:39:60:56:b2:c7:
28:10:4d:85:89:10:97:2c:39:55:e7:de:3c:57:9d:
8b:87:d5:d5:06:7a:7a:0c:78:3d:dd:39:c6:bb:46:
93:11:47:a9:ba:2b:40:bb:68:f4:63:9f:43:10:40:
dc:af:81:d1:05:7d:22:b3:40:b1:fc:59:ba:af:5c:
7f:84:71:63:ad:01:f7:c1:76:83:11:00:97:fe:be:
94:2d:d7:8f:83:c6:a4:ff:2c:19:85:07:f1:2c:23:
00:51:e6:5c:05:71:63:3e:a4:fe:4b:f9:f8:ae:46:
d3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B6:02:4D:1B:4E:9E:72:25:69:C1:1C:F3:E5:EF:EA:E3:08:F4:19
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/ibYCTRtOnnIlacEc8-Xv6uMI9Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
188.209.140.0/22
194.15.96.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:b8:69:07:08:ba:1c:5d:a4:99:72:f1:ec:0b:5f:12:31:57:
29:e7:68:9c:b7:1b:d4:1e:54:7f:dd:d9:9b:9a:42:74:73:92:
48:28:4e:b9:d6:05:c7:2a:8d:b1:c1:9d:db:89:4d:29:1e:dc:
89:f2:a6:2b:d8:08:39:f3:e3:2c:58:72:ab:fc:39:dd:4e:9e:
7d:1b:30:b6:01:97:c0:6d:93:ec:83:61:23:b6:b8:da:c4:53:
c9:19:7c:28:bc:f9:da:06:46:ad:df:c1:6c:27:56:e0:08:eb:
cc:bc:a2:1a:68:2b:07:7e:b0:6d:26:76:7b:ce:70:86:77:45:
44:6c:c1:c3:ae:f1:d4:23:2b:d5:55:2d:f7:cf:05:67:f6:3c:
1c:5c:d7:54:7f:59:e5:66:b3:67:01:bc:39:a7:aa:87:08:8c:
6f:46:ba:29:db:2e:6d:0f:bd:57:74:29:f3:da:39:ba:24:f4:
7e:7b:6b:c6:e5:0e:80:21:0a:0a:8d:1c:07:6d:df:49:05:ee:
96:51:c5:9c:b9:42:e5:dc:94:22:48:da:89:c4:11:aa:ee:7e:
b9:0b:3f:e8:9a:57:aa:9c:ea:a3:ff:16:33:0a:34:ba:1d:3b:
3a:b2:8e:bc:eb:df:8b:11:20:30:fc:13:c6:2e:f5:a0:0f:52:
ea:83:cb:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRdRN+/EsoAISZ42fPWKZ8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIxMTA5MTY0MTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI2MDI0ZDFiNGU5ZTcyMjU2OWMxMWNmM2U1ZWZlYWUzMDhmNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdkuttj60oJkaagu7El4EbP0tkaK
i/DIYUc3GAQbo/wxGpnor1kuh/rXkBK1B5CDO6D+I6JW7eIVtzRH5gWC/oAN5iU0
OtwFd5jH+BjXbAld2jqVDWu0AKiicQmi58RCw/TtdViiTkwhTaXBq08QE+iXJN3N
6r0UGjz+btlio/KBH3EGMWy8Z3i4osqpKkE2OWBWsscoEE2FiRCXLDlV5948V52L
h9XVBnp6DHg93TnGu0aTEUepuitAu2j0Y59DEEDcr4HRBX0is0Cx/Fm6r1x/hHFj
rQH3wXaDEQCX/r6ULdePg8ak/ywZhQfxLCMAUeZcBXFjPqT+S/n4rkbT/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIm2Ak0bTp5yJWnBHPPl7+rjCPQZMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvaWJZQ1RSdE9ubklsYWNFYzgtWHY2dU1JOUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCvNGEAwQC
vNGMAwQCwg9gMA0GCSqGSIb3DQEBCwUAA4IBAQCouGkHCLocXaSZcvHsC18SMVcp
52ictxvUHlR/3dmbmkJ0c5JIKE651gXHKo2xwZ3biU0pHtyJ8qYr2Ag58+MsWHKr
/DndTp59GzC2AZfAbZPsg2EjtrjaxFPJGXwovPnaBkat38FsJ1bgCOvMvKIaaCsH
frBtJnZ7znCGd0VEbMHDrvHUIyvVVS33zwVn9jwcXNdUf1nlZrNnAbw5p6qHCIxv
Rrop2y5tD71XdCnz2jm6JPR+e2vG5Q6AIQoKjRwHbd9JBe6WUcWcuULl3JQiSNqJ
xBGq7n65Cz/omleqnOqj/xYzCjS6HTs6so6869+LESAw/BPGLvWgD1Lqg8vp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:14 2023 by rpki-client on console-fra.rpki-client.org