Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/iceI2vQ9fsB6pRjwMbK6Mx0Pfss.roa
File: iceI2vQ9fsB6pRjwMbK6Mx0Pfss.roa (raw, json)
Hash identifier: JgzG6vvjKaIiJZh8sjCKLlzFRwAoTXvkT/z7L46Ei58=
Subject key identifier: 89:C7:88:DA:F4:3D:7E:C0:7A:A5:18:F0:31:B2:BA:33:1D:0F:7E:CB
Certificate issuer: /CN=b930da21518184145f6d7621b5a13bd54035ac83
Certificate serial: 11C9BCCC
Authority key identifier: B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/iceI2vQ9fsB6pRjwMbK6Mx0Pfss.roa
Signing time: Sat 01 Jan 2022 05:54:51 +0000
ROA not before: Sat 01 Jan 2022 05:54:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6855
IP address blocks: 185.152.28.0/22 maxlen: 22
2a07:7d40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298433740 (0x11c9bccc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b930da21518184145f6d7621b5a13bd54035ac83
Validity
Not Before: Jan 1 05:54:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89c788daf43d7ec07aa518f031b2ba331d0f7ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f0:96:df:24:b9:e4:2f:20:a0:58:3e:2f:f4:
31:85:f1:7d:db:ac:9e:cc:a7:be:71:73:80:98:0b:
4e:ca:83:b5:5b:8b:a4:29:c7:64:69:53:47:2c:6d:
91:50:d6:e3:fa:8e:ea:9a:9e:e9:a5:5d:ef:52:9b:
f2:7d:8b:3c:f3:40:c2:c2:d2:43:76:51:92:19:a4:
fa:a2:d0:c0:97:30:45:46:b9:52:53:6f:ae:8b:cd:
8e:1d:ea:5e:b4:b6:78:a4:57:42:dd:e3:b1:d4:b2:
2d:9f:ce:ca:42:7f:6c:01:26:af:0f:92:5d:29:30:
3d:fb:b9:91:69:5b:8c:ab:8b:bf:6d:02:01:c0:7e:
df:1a:6e:60:70:1b:55:c6:e6:82:af:e5:f8:27:c3:
7d:8f:69:15:26:5f:0f:3f:00:9b:18:21:1c:ce:9c:
88:15:a7:bf:79:2c:29:16:9d:3a:a4:4b:b2:ee:0f:
cb:1e:1f:7b:ae:88:eb:5c:e4:ea:70:58:c3:c4:1f:
f8:42:b7:17:e8:28:65:7d:57:78:7c:fe:15:73:13:
ef:78:50:b3:40:38:24:c2:25:7e:bf:e3:37:a8:26:
e7:9a:f4:08:8d:84:ba:c1:4e:8d:21:75:69:1a:a2:
61:e2:80:a7:70:71:d4:0e:9a:38:c8:02:f8:5a:34:
1a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C7:88:DA:F4:3D:7E:C0:7A:A5:18:F0:31:B2:BA:33:1D:0F:7E:CB
X509v3 Authority Key Identifier:
keyid:B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/iceI2vQ9fsB6pRjwMbK6Mx0Pfss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/uTDaIVGBhBRfbXYhtaE71UA1rIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.28.0/22
IPv6:
2a07:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
53:89:32:d4:35:df:c6:d1:a9:d7:a4:9b:84:c9:65:bf:c4:d7:
fc:4a:cf:04:4e:25:14:56:15:17:48:dc:7a:4a:c7:10:28:42:
b7:06:7c:ad:eb:3e:fc:2b:50:13:1a:d4:e8:7a:f7:f5:6e:90:
0c:9b:5d:b5:4f:25:38:d1:78:28:e5:d7:7e:89:a7:44:0e:f3:
77:2e:46:1c:f2:d7:e3:7f:59:a8:33:2c:0b:64:7f:17:44:86:
df:66:31:0a:d1:2c:16:98:aa:28:e1:9c:61:24:f5:d3:bc:d6:
10:19:b5:64:35:d2:89:8f:36:3d:36:d0:93:9e:00:95:5d:12:
f6:82:85:e1:fb:ba:09:df:47:74:85:06:f9:31:ba:3d:c0:73:
be:33:12:15:39:d1:fb:ad:0c:22:61:38:34:a0:e6:01:9e:2b:
6e:3b:df:0a:0e:e0:48:a5:ea:c0:45:b0:f3:16:87:ea:b2:d1:
b4:db:14:dc:d6:d2:fe:6b:de:ba:8e:a6:16:fd:19:bc:ed:cc:
86:49:40:5a:99:63:7f:22:06:24:33:a7:f0:5d:fd:6d:ab:17:
b4:3e:2f:22:c2:e2:9d:ae:23:14:c1:eb:ee:16:31:c3:0f:e0:
64:c3:e4:57:33:58:26:53:63:f7:c1:d5:5b:61:fc:24:cf:4c:
0e:77:bb:13
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEcm8zDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTMwZGEyMTUxODE4NDE0NWY2ZDc2MjFiNWExM2JkNTQwMzVhYzgzMB4XDTIyMDEw
MTA1NTQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODljNzg4ZGFmNDNk
N2VjMDdhYTUxOGYwMzFiMmJhMzMxZDBmN2VjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIrwlt8kueQvIKBYPi/0MYXxfdusnsynvnFzgJgLTsqDtVuL
pCnHZGlTRyxtkVDW4/qO6pqe6aVd71Kb8n2LPPNAwsLSQ3ZRkhmk+qLQwJcwRUa5
UlNvrovNjh3qXrS2eKRXQt3jsdSyLZ/OykJ/bAEmrw+SXSkwPfu5kWlbjKuLv20C
AcB+3xpuYHAbVcbmgq/l+CfDfY9pFSZfDz8AmxghHM6ciBWnv3ksKRadOqRLsu4P
yx4fe66I61zk6nBYw8Qf+EK3F+goZX1XeHz+FXMT73hQs0A4JMIlfr/jN6gm55r0
CI2EusFOjSF1aRqiYeKAp3Bx1A6aOMgC+Fo0GtUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSJx4ja9D1+wHqlGPAxsrozHQ9+yzAfBgNVHSMEGDAWgBS5MNohUYGEFF9t
diG1oTvVQDWsgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VURGFJVkdCaEJSZmJYWWh0YUU3MVVBMXJJTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvNDcwY2RhLWQwZWMtNDMyMy1hZTliLTk5NGFmNWMzNDQwMi8x
L2ljZUkydlE5ZnNCNnBSandNYks2TXgwUGZzcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
NDcwY2RhLWQwZWMtNDMyMy1hZTliLTk5NGFmNWMzNDQwMi8xL3VURGFJVkdCaEJS
ZmJYWWh0YUU3MVVBMXJJTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmYHDANBAIAAjAHAwUAKgd9QDAN
BgkqhkiG9w0BAQsFAAOCAQEAU4ky1DXfxtGp16SbhMllv8TX/ErPBE4lFFYVF0jc
ekrHEChCtwZ8res+/CtQExrU6Hr39W6QDJtdtU8lONF4KOXXfomnRA7zdy5GHPLX
439ZqDMsC2R/F0SG32YxCtEsFpiqKOGcYST107zWEBm1ZDXSiY82PTbQk54AlV0S
9oKF4fu6Cd9HdIUG+TG6PcBzvjMSFTnR+60MImE4NKDmAZ4rbjvfCg7gSKXqwEWw
8xaH6rLRtNsU3NbS/mveuo6mFv0ZvO3MhklAWpljfyIGJDOn8F39basXtD4vIsLi
na4jFMHr7hYxww/gZMPkVzNYJlNj98HVW2H8JM9MDne7Ew==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:11 2025 by rpki-client