Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/20e162-2cbc-4be3-a50c-a286d02532d3/1/I_JftFoTaJWQiGlc9-tCyv9-0FY.roa
File: I_JftFoTaJWQiGlc9-tCyv9-0FY.roa (raw, json)
Hash identifier: 12+whC2FadbiaUVM/wl51IwW0+hh8oVYf/GaRFsp2c0=
Subject key identifier: 23:F2:5F:B4:5A:13:68:95:90:88:69:5C:F7:EB:42:CA:FF:7E:D0:56
Certificate issuer: /CN=896aa1f0ed4596e733f8b62d39e37b8de5085ed7
Certificate serial: 018571831F8C25CA7E4070B80FBF5FA6FD09
Authority key identifier: 89:6A:A1:F0:ED:45:96:E7:33:F8:B6:2D:39:E3:7B:8D:E5:08:5E:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqh8O1Flucz-LYtOeN7jeUIXtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/20e162-2cbc-4be3-a50c-a286d02532d3/1/I_JftFoTaJWQiGlc9-tCyv9-0FY.roa
Signing time: Mon 02 Jan 2023 08:04:56 +0000
ROA not before: Mon 02 Jan 2023 08:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203400
IP address blocks: 185.72.88.0/24 maxlen: 24
185.72.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:1f:8c:25:ca:7e:40:70:b8:0f:bf:5f:a6:fd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896aa1f0ed4596e733f8b62d39e37b8de5085ed7
Validity
Not Before: Jan 2 08:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23f25fb45a1368959088695cf7eb42caff7ed056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cf:27:d1:ca:a0:45:3b:04:73:5f:bf:36:55:
0f:49:e5:23:60:e3:56:0f:74:04:72:42:52:ca:24:
47:6c:e8:23:fc:1f:de:ce:3e:4d:7f:59:41:4f:ef:
a7:52:bb:71:a4:08:45:41:49:87:f7:a2:98:39:2d:
78:8f:48:19:de:a5:a9:bb:06:35:36:7e:0d:ce:cb:
a2:31:cb:24:7b:ad:4b:49:73:0a:d7:77:c1:b0:dd:
98:6a:8f:05:88:62:b7:3d:d1:92:f3:97:58:9e:b7:
b9:51:b1:39:03:11:99:71:47:df:2f:4c:fb:c3:f9:
be:04:93:9b:18:5a:51:36:1d:af:03:b7:3f:fe:20:
73:ed:52:c7:15:9f:26:17:7f:7c:10:52:55:44:38:
08:f7:e2:91:3b:c7:1b:67:2e:b0:ca:3d:d1:67:46:
51:3f:98:de:ff:39:0a:1c:16:2e:a7:c7:2d:ee:7b:
f8:31:9e:da:1e:c7:ef:42:22:36:61:c9:23:78:3c:
7f:d1:ba:25:17:f3:99:d3:71:32:15:e2:d5:50:64:
af:8a:4f:cb:36:d1:57:ea:4b:5a:85:77:d0:e2:77:
78:ef:c8:b0:90:93:db:90:34:1a:a4:49:86:58:83:
7c:23:54:df:7d:c5:2b:e1:11:3e:38:67:21:c6:e2:
7b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F2:5F:B4:5A:13:68:95:90:88:69:5C:F7:EB:42:CA:FF:7E:D0:56
X509v3 Authority Key Identifier:
keyid:89:6A:A1:F0:ED:45:96:E7:33:F8:B6:2D:39:E3:7B:8D:E5:08:5E:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqh8O1Flucz-LYtOeN7jeUIXtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/20e162-2cbc-4be3-a50c-a286d02532d3/1/I_JftFoTaJWQiGlc9-tCyv9-0FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/20e162-2cbc-4be3-a50c-a286d02532d3/1/iWqh8O1Flucz-LYtOeN7jeUIXtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.88.0/23
Signature Algorithm: sha256WithRSAEncryption
86:de:9f:fd:a0:87:94:02:53:70:c7:b8:62:6d:d6:f9:55:5f:
95:66:2e:a4:12:80:d0:16:86:12:00:d3:6e:d1:67:c6:14:5a:
ee:89:3a:15:f8:62:27:40:4a:26:89:38:d7:c6:b1:78:5c:c8:
6a:6a:7b:b7:a6:21:70:f2:83:34:c1:22:81:00:80:a3:d3:54:
95:3e:f3:57:3c:41:1e:c9:b6:b8:3b:46:67:dc:71:f6:d7:77:
b7:62:9d:e1:70:46:95:ab:f3:85:c0:ba:17:38:cb:2a:10:28:
9f:96:e1:43:f2:0e:b6:d2:48:7a:44:16:f4:75:4a:6a:65:2c:
67:0b:49:8b:e2:64:7f:04:c0:21:ee:69:2f:49:ec:82:a5:84:
8b:7a:9b:63:77:33:89:e9:9b:ea:b5:31:b5:47:25:b3:cb:3f:
64:7e:3f:1f:5e:ad:b3:c0:61:ba:99:b5:cc:fb:14:1f:32:11:
2c:37:02:f5:07:cd:46:43:41:12:98:5d:1c:75:29:28:e1:62:
32:0c:32:6f:3d:a3:aa:4b:d1:b2:88:86:50:80:32:57:45:bf:
e7:c9:87:2b:55:be:5c:a9:43:23:57:0b:a4:1b:f2:c9:31:99:
59:30:0f:e3:0c:eb:ef:3a:58:10:ff:df:09:b4:8c:a3:2b:68:
d8:d5:28:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgx+MJcp+QHC4D79fpv0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmFhMWYwZWQ0NTk2ZTczM2Y4YjYyZDM5ZTM3YjhkZTUw
ODVlZDcwHhcNMjMwMTAyMDgwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2YyNWZiNDVhMTM2ODk1OTA4ODY5NWNmN2ViNDJjYWZmN2VkMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM8n0cqgRTsEc1+/NlUPSeUjYONW
D3QEckJSyiRHbOgj/B/ezj5Nf1lBT++nUrtxpAhFQUmH96KYOS14j0gZ3qWpuwY1
Nn4NzsuiMcske61LSXMK13fBsN2Yao8FiGK3PdGS85dYnre5UbE5AxGZcUffL0z7
w/m+BJObGFpRNh2vA7c//iBz7VLHFZ8mF398EFJVRDgI9+KRO8cbZy6wyj3RZ0ZR
P5je/zkKHBYup8ct7nv4MZ7aHsfvQiI2YckjeDx/0bolF/OZ03EyFeLVUGSvik/L
NtFX6ktahXfQ4nd478iwkJPbkDQapEmGWIN8I1TffcUr4RE+OGchxuJ7jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPyX7RaE2iVkIhpXPfrQsr/ftBWMB8GA1UdIwQY
MBaAFIlqofDtRZbnM/i2LTnje43lCF7XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxaDhPMUZsdWN6LUxZdE9lTjdqZVVJWHRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yMGUxNjItMmNiYy00YmUzLWE1MGMt
YTI4NmQwMjUzMmQzLzEvSV9KZnRGb1RhSldRaUdsYzktdEN5djktMEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yMGUxNjItMmNiYy00YmUzLWE1MGMtYTI4NmQwMjUzMmQz
LzEvaVdxaDhPMUZsdWN6LUxZdE9lTjdqZVVJWHRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUhYMA0G
CSqGSIb3DQEBCwUAA4IBAQCG3p/9oIeUAlNwx7hibdb5VV+VZi6kEoDQFoYSANNu
0WfGFFruiToV+GInQEomiTjXxrF4XMhqanu3piFw8oM0wSKBAICj01SVPvNXPEEe
yba4O0Zn3HH213e3Yp3hcEaVq/OFwLoXOMsqECifluFD8g620kh6RBb0dUpqZSxn
C0mL4mR/BMAh7mkvSeyCpYSLeptjdzOJ6ZvqtTG1RyWzyz9kfj8fXq2zwGG6mbXM
+xQfMhEsNwL1B81GQ0ESmF0cdSko4WIyDDJvPaOqS9GyiIZQgDJXRb/nyYcrVb5c
qUMjVwukG/LJMZlZMA/jDOvvOlgQ/98JtIyjK2jY1SiU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:41 2025 by rpki-client