Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/i9RxYfePRoJyXIw3Mhx6mHVfCwY.roa
File: i9RxYfePRoJyXIw3Mhx6mHVfCwY.roa (raw, json)
Hash identifier: Y3CI8Nv2Tb4CtuYUqArtUgMtyAmEey278D2VxYYKYos=
Subject key identifier: 8B:D4:71:61:F7:8F:46:82:72:5C:8C:37:32:1C:7A:98:75:5F:0B:06
Certificate issuer: /CN=1acb8a70f909ae3e1fc1dbd6bdc425e08eec81b9
Certificate serial: 085D4386
Authority key identifier: 1A:CB:8A:70:F9:09:AE:3E:1F:C1:DB:D6:BD:C4:25:E0:8E:EC:81:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GsuKcPkJrj4fwdvWvcQl4I7sgbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/i9RxYfePRoJyXIw3Mhx6mHVfCwY.roa
Signing time: Sat 01 Jan 2022 12:56:17 +0000
ROA not before: Sat 01 Jan 2022 12:56:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209211
IP address blocks: 92.118.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140329862 (0x85d4386)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb8a70f909ae3e1fc1dbd6bdc425e08eec81b9
Validity
Not Before: Jan 1 12:56:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bd47161f78f4682725c8c37321c7a98755f0b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2d:c2:b8:e1:54:21:05:69:0e:a6:fd:cd:fe:
0e:2a:d2:73:39:b9:df:32:66:bf:e1:f9:b5:44:fd:
fb:eb:81:77:44:5c:da:29:97:1b:e2:1e:a0:42:37:
18:f4:29:3a:32:96:da:11:69:70:09:cf:b9:25:93:
60:59:dd:0d:b9:14:5d:04:23:f0:74:ab:5a:f2:54:
e8:41:0e:07:c6:cd:24:eb:f0:1f:6c:a1:09:77:3d:
74:4d:cd:3c:be:46:69:40:e0:82:44:d5:74:32:ae:
1b:5b:d6:3b:7e:35:4d:89:17:a4:b1:19:1a:c5:99:
51:d4:44:c2:96:f0:19:a9:ac:c1:51:fb:76:c1:0e:
fb:42:1d:11:19:d5:62:e1:4d:2b:50:0a:bc:fd:89:
03:47:f8:ad:16:3e:ab:48:f5:3f:a0:f7:00:f9:ab:
c0:2e:89:2f:e3:a4:5c:2b:aa:69:31:0d:bf:a7:59:
90:04:d4:2f:a6:e5:b5:f4:b8:c1:a9:db:83:1c:b8:
96:17:ad:a1:90:de:cc:c9:13:cf:ce:26:0b:09:94:
e7:5f:83:1b:26:bb:a4:65:38:ac:f9:35:0d:cb:92:
80:4b:01:b6:16:a3:80:1b:70:bd:17:40:fd:57:bd:
db:fd:4a:7e:68:05:e7:91:5f:d6:94:e1:e0:65:75:
53:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D4:71:61:F7:8F:46:82:72:5C:8C:37:32:1C:7A:98:75:5F:0B:06
X509v3 Authority Key Identifier:
keyid:1A:CB:8A:70:F9:09:AE:3E:1F:C1:DB:D6:BD:C4:25:E0:8E:EC:81:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GsuKcPkJrj4fwdvWvcQl4I7sgbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/i9RxYfePRoJyXIw3Mhx6mHVfCwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/GsuKcPkJrj4fwdvWvcQl4I7sgbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.20.0/22
Signature Algorithm: sha256WithRSAEncryption
91:88:a5:ea:5b:b6:85:0f:d5:36:73:2c:02:db:42:40:61:ca:
da:83:6c:18:ed:28:1b:ab:9a:76:36:c8:4e:4a:f6:84:5b:e3:
07:9e:c5:b6:66:37:70:07:af:b4:df:79:8e:10:09:df:24:69:
24:54:ba:b2:b1:3e:eb:a8:5b:63:ef:cd:2e:40:82:83:56:3c:
4f:55:c1:4f:38:46:95:34:23:e9:06:cd:2d:56:2c:c7:7e:0a:
4c:00:c7:25:cc:71:59:af:e1:65:cb:51:5f:40:e1:26:e6:ff:
f0:f3:30:94:45:b5:88:a9:ab:4a:6a:c7:3b:71:c9:58:d1:bb:
ae:12:e9:d9:5e:f7:b4:4d:3f:e2:80:a4:00:7f:8e:96:9f:2e:
a5:e5:1c:48:66:0c:43:15:a0:67:a3:e2:1a:62:4a:60:43:27:
cc:e3:21:16:77:b1:6e:a3:1f:62:3c:d0:f9:80:93:4f:0f:2a:
3e:d9:f2:46:f6:16:46:9b:0e:93:80:57:f8:ab:28:20:58:55:
01:b4:de:c6:6b:a3:6f:e5:d0:da:68:2b:28:09:3d:d4:df:6e:
3b:22:ee:93:96:aa:f7:91:a1:4b:d2:dd:3c:ab:b2:b8:62:0d:
0a:18:f0:da:d1:fd:36:8d:c5:97:df:c8:ec:cd:34:29:43:7a:
fa:81:2e:f7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECF1DhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNiOGE3MGY5MDlhZTNlMWZjMWRiZDZiZGM0MjVlMDhlZWM4MWI5MB4XDTIyMDEw
MTEyNTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJkNDcxNjFmNzhm
NDY4MjcyNWM4YzM3MzIxYzdhOTg3NTVmMGIwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUtwrjhVCEFaQ6m/c3+DirSczm53zJmv+H5tUT9++uBd0Rc
2imXG+IeoEI3GPQpOjKW2hFpcAnPuSWTYFndDbkUXQQj8HSrWvJU6EEOB8bNJOvw
H2yhCXc9dE3NPL5GaUDggkTVdDKuG1vWO341TYkXpLEZGsWZUdREwpbwGamswVH7
dsEO+0IdERnVYuFNK1AKvP2JA0f4rRY+q0j1P6D3APmrwC6JL+OkXCuqaTENv6dZ
kATUL6bltfS4wanbgxy4lhetoZDezMkTz84mCwmU51+DGya7pGU4rPk1DcuSgEsB
thajgBtwvRdA/Ve92/1KfmgF55Ff1pTh4GV1U70CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSL1HFh949GgnJcjDcyHHqYdV8LBjAfBgNVHSMEGDAWgBQay4pw+QmuPh/B
29a9xCXgjuyBuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzdUtjUGtKcmo0Zndkdld2Y1FsNEk3c2diay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvYjk0NTZlLTRlNTItNGRlNS1iYmQ2LTYwZGUyMjRjZmE0Yi8x
L2k5UnhZZmVQUm9KeVhJdzNNaHg2bUhWZkN3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
Yjk0NTZlLTRlNTItNGRlNS1iYmQ2LTYwZGUyMjRjZmE0Yi8xL0dzdUtjUGtKcmo0
Zndkdld2Y1FsNEk3c2diay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlx2FDANBgkqhkiG9w0BAQsFAAOC
AQEAkYil6lu2hQ/VNnMsAttCQGHK2oNsGO0oG6uadjbITkr2hFvjB57FtmY3cAev
tN95jhAJ3yRpJFS6srE+66hbY+/NLkCCg1Y8T1XBTzhGlTQj6QbNLVYsx34KTADH
JcxxWa/hZctRX0DhJub/8PMwlEW1iKmrSmrHO3HJWNG7rhLp2V73tE0/4oCkAH+O
lp8upeUcSGYMQxWgZ6PiGmJKYEMnzOMhFnexbqMfYjzQ+YCTTw8qPtnyRvYWRpsO
k4BX+KsoIFhVAbTexmujb+XQ2mgrKAk91N9uOyLuk5aq95GhS9LdPKuyuGINChjw
2tH9No3Fl9/I7M00KUN6+oEu9w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:44 2025 by rpki-client