Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/ImbKy1ZLsz3tBD4-Y_UO8DfsYIQ.roa
File: ImbKy1ZLsz3tBD4-Y_UO8DfsYIQ.roa (raw, json)
Hash identifier: GXmzpTw79EUDJxmg8G1G38TDwvcUsFLswBSiC+Cme+c=
Subject key identifier: 22:66:CA:CB:56:4B:B3:3D:ED:04:3E:3E:63:F5:0E:F0:37:EC:60:84
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 018964C88B80E9BEE0FDFFCDCABC1929E319
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/ImbKy1ZLsz3tBD4-Y_UO8DfsYIQ.roa
Signing time: Mon 17 Jul 2023 16:56:51 +0000
ROA not before: Mon 17 Jul 2023 16:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 212.116.252.0/22 maxlen: 24
91.147.116.0/24 maxlen: 24
91.147.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:c8:8b:80:e9:be:e0:fd:ff:cd:ca:bc:19:29:e3:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jul 17 16:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2266cacb564bb33ded043e3e63f50ef037ec6084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3f:80:ae:35:66:e5:8f:fd:9c:a4:8d:62:00:
a0:93:11:eb:96:8d:4c:64:bd:54:c3:1c:e0:ff:f4:
6c:ea:92:e7:87:27:9b:62:11:2c:c2:8f:74:7e:c1:
28:01:fa:9e:4a:99:de:39:eb:f9:8b:f5:4b:f9:a2:
ff:94:e8:f7:55:ec:14:27:70:af:62:75:89:85:20:
aa:8e:c0:f0:7c:db:8f:25:8d:0b:2a:d7:10:6c:91:
e3:df:a5:3a:49:e2:2e:fa:25:fa:8f:2a:74:28:32:
2c:18:ca:e9:f9:15:f0:8c:9d:16:01:c0:7c:e2:ce:
b3:a7:67:b7:65:19:07:b9:2b:80:fd:74:c4:5f:18:
ca:15:98:70:dd:9d:8e:43:2a:66:10:3a:36:b3:f2:
4c:b6:73:eb:e4:e1:b9:5d:29:5a:60:ec:0b:a7:87:
51:4a:8e:85:32:7b:11:53:7d:9a:e2:fa:5f:89:f0:
9f:fe:81:54:35:05:f7:07:54:b7:05:16:7a:42:f6:
91:ca:1c:bb:f2:a5:63:b1:59:b2:f1:bb:e9:70:63:
6c:2a:f2:4f:c5:42:42:b5:38:04:e1:22:9e:52:35:
07:82:ea:ea:a6:05:79:e4:07:12:84:49:3c:c1:b0:
33:10:ca:78:29:20:1f:25:6e:07:bc:e5:d1:58:7b:
b1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:66:CA:CB:56:4B:B3:3D:ED:04:3E:3E:63:F5:0E:F0:37:EC:60:84
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/ImbKy1ZLsz3tBD4-Y_UO8DfsYIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0/24
91.147.118.0/24
212.116.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:f7:cd:5d:24:11:b4:f2:85:06:75:d5:06:b2:9a:17:fa:4e:
8e:13:1b:41:f5:d9:9e:76:55:12:04:d1:0c:ad:6a:ea:16:2f:
6b:15:33:af:cb:63:79:da:4b:b9:5d:9d:0d:8f:c3:16:c8:ab:
46:98:64:ec:f4:5f:42:01:02:79:c7:f2:a5:81:bb:45:fe:42:
6f:98:9b:c5:37:20:08:a7:6c:7f:29:a0:aa:91:6d:f0:75:5d:
d5:a6:b0:81:fe:84:8c:28:c5:ed:2d:a5:ea:c4:e4:91:3c:36:
3d:73:96:f2:7d:34:82:18:24:95:ad:b8:df:70:11:69:8d:6d:
ff:dd:0c:84:18:12:d0:fa:29:d4:60:89:09:89:c2:3a:e5:61:
5a:81:0a:0d:fa:41:9e:49:aa:b2:49:d6:62:2e:e3:a6:9d:cf:
68:7c:d9:52:95:db:db:05:bf:a5:09:9a:fa:3c:e8:e1:f0:24:
3f:8d:15:36:70:17:88:18:ec:d1:4e:4a:63:8c:49:05:d6:51:
3f:b9:c7:15:a7:17:f3:2b:92:47:5a:44:d8:3d:f4:f5:63:36:
d8:96:32:6d:53:02:56:5c:cf:b2:49:7e:c4:ef:88:bd:14:20:
38:25:b3:2d:1c:b7:11:93:37:52:83:4c:b4:60:33:6e:c9:03:
6e:0d:eb:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlkyIuA6b7g/f/NyrwZKeMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwNzE3MTY1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjY2Y2FjYjU2NGJiMzNkZWQwNDNlM2U2M2Y1MGVmMDM3ZWM2MDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD+ArjVm5Y/9nKSNYgCgkxHrlo1M
ZL1Uwxzg//Rs6pLnhyebYhEswo90fsEoAfqeSpneOev5i/VL+aL/lOj3VewUJ3Cv
YnWJhSCqjsDwfNuPJY0LKtcQbJHj36U6SeIu+iX6jyp0KDIsGMrp+RXwjJ0WAcB8
4s6zp2e3ZRkHuSuA/XTEXxjKFZhw3Z2OQypmEDo2s/JMtnPr5OG5XSlaYOwLp4dR
So6FMnsRU32a4vpfifCf/oFUNQX3B1S3BRZ6QvaRyhy78qVjsVmy8bvpcGNsKvJP
xUJCtTgE4SKeUjUHgurqpgV55AcShEk8wbAzEMp4KSAfJW4HvOXRWHuxhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCJmystWS7M97QQ+PmP1DvA37GCEMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvSW1iS3kxWkxzejN0QkQ0LVlfVU84RGZzWUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW5N0AwQA
W5N2AwQC1HT8MA0GCSqGSIb3DQEBCwUAA4IBAQCe981dJBG08oUGddUGspoX+k6O
ExtB9dmedlUSBNEMrWrqFi9rFTOvy2N52ku5XZ0Nj8MWyKtGmGTs9F9CAQJ5x/Kl
gbtF/kJvmJvFNyAIp2x/KaCqkW3wdV3VprCB/oSMKMXtLaXqxOSRPDY9c5byfTSC
GCSVrbjfcBFpjW3/3QyEGBLQ+inUYIkJicI65WFagQoN+kGeSaqySdZiLuOmnc9o
fNlSldvbBb+lCZr6POjh8CQ/jRU2cBeIGOzRTkpjjEkF1lE/uccVpxfzK5JHWkTY
PfT1YzbYljJtUwJWXM+ySX7E74i9FCA4JbMtHLcRkzdSg0y0YDNuyQNuDeup
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:38 2025 by rpki-client