Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/IZgWasdk6udFcuIUMs9LAhziCDo.roa
File: IZgWasdk6udFcuIUMs9LAhziCDo.roa (raw, json)
Hash identifier: b1u6maqZmI78Jf1JRSgQ7WXVGc1vap+/80GS5sb4MoI=
Subject key identifier: 21:98:16:6A:C7:64:EA:E7:45:72:E2:14:32:CF:4B:02:1C:E2:08:3A
Certificate issuer: /CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Certificate serial: BEF791
Authority key identifier: B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/IZgWasdk6udFcuIUMs9LAhziCDo.roa
Signing time: Sat 01 Jan 2022 10:03:49 +0000
ROA not before: Sat 01 Jan 2022 10:03:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43824
IP address blocks: 185.99.32.0/24 maxlen: 24
185.99.35.0/24 maxlen: 24
185.99.34.0/24 maxlen: 24
185.99.33.0/24 maxlen: 24
2a0a:c0:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12515217 (0xbef791)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Validity
Not Before: Jan 1 10:03:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2198166ac764eae74572e21432cf4b021ce2083a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:0c:68:d3:ce:82:54:b7:61:2a:67:d9:03:ea:
64:32:16:8d:f4:f5:89:75:9e:b3:d9:dc:a5:ab:7d:
88:70:4e:dd:ec:77:b8:2e:6b:87:20:ff:16:56:f1:
50:a3:5a:d7:e7:a2:57:b6:fc:07:1a:f9:51:11:03:
24:6a:30:83:bc:a6:29:58:a8:ff:00:74:77:49:c3:
da:d2:9f:4e:cd:ba:36:24:6e:04:1b:9d:ba:3e:d4:
ea:fe:5e:be:81:5b:f6:21:89:81:09:6a:93:dd:80:
dd:76:a6:68:9e:a7:36:2c:8b:4b:3c:ce:c0:19:a6:
af:d7:21:2e:3c:0b:fb:ef:1f:0b:af:16:1e:c7:f9:
5f:ae:93:e0:27:48:72:80:11:36:31:db:a1:be:36:
3d:84:dc:bf:08:b0:60:e2:68:fd:99:bf:fe:59:0d:
ad:25:75:64:94:0c:24:a1:6e:ed:c6:f6:93:ea:68:
c6:76:f3:a6:1b:16:bd:ec:0b:88:70:6a:ac:c5:7f:
96:41:29:bb:0f:84:f7:ca:77:78:58:6f:d7:2c:3a:
eb:31:d4:18:33:7b:28:67:5f:b1:fc:3a:da:db:ce:
44:a4:1c:d6:19:41:05:b8:c8:4a:0d:1c:39:61:d9:
a1:b6:c6:92:f3:28:72:44:b5:be:89:f6:a7:95:5b:
d1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:98:16:6A:C7:64:EA:E7:45:72:E2:14:32:CF:4B:02:1C:E2:08:3A
X509v3 Authority Key Identifier:
keyid:B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/IZgWasdk6udFcuIUMs9LAhziCDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.32.0/22
IPv6:
2a0a:c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
27:5c:b1:4e:3e:06:93:59:b0:87:98:5a:2f:dc:ba:0e:e3:70:
4d:9e:b0:f6:06:d1:11:90:7f:b0:0a:86:f5:af:e1:43:36:60:
9a:16:56:16:83:80:f2:a5:eb:5f:05:81:19:ab:81:94:49:4c:
0f:c0:2e:49:59:e2:eb:56:02:40:fd:06:d3:24:ac:49:23:1a:
0a:e8:9c:01:51:29:78:89:b6:18:d2:d9:d0:9b:8b:e4:aa:09:
d4:92:13:75:b7:33:57:44:1e:29:4f:ff:56:65:60:c9:1e:d8:
c8:56:d6:a8:44:88:19:c0:22:48:44:d1:6a:ac:d4:59:f5:43:
20:47:26:1d:2e:25:23:e9:d2:d6:7b:fd:e3:37:45:9b:f4:eb:
5f:46:57:0c:bd:0e:ad:0a:dd:54:cb:60:62:19:10:7d:a0:2c:
24:9b:a4:b5:52:43:7f:f1:4b:f3:c0:94:9a:68:56:f3:e2:d6:
82:96:a9:f9:74:b3:2b:0f:e2:84:1e:1f:fc:87:51:22:95:02:
3d:b2:f6:a8:28:ec:38:9d:01:b0:9d:be:2c:66:8d:36:3b:8d:
e1:e3:c3:ac:bb:92:f5:f9:f1:67:bb:40:22:55:4f:29:12:fe:
c6:46:63:9d:e2:0a:08:f4:d2:ff:7d:e2:3e:bf:b6:fe:96:af:
06:58:20:3d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAL73kTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MjMwYzhmZDAyMDVlY2YwZWY2YjU2ZTAzN2Q1NjI5YjE3YjI3NWVlMB4XDTIyMDEw
MTEwMDM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE5ODE2NmFjNzY0
ZWFlNzQ1NzJlMjE0MzJjZjRiMDIxY2UyMDgzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPYMaNPOglS3YSpn2QPqZDIWjfT1iXWes9ncpat9iHBO3ex3
uC5rhyD/FlbxUKNa1+eiV7b8Bxr5UREDJGowg7ymKVio/wB0d0nD2tKfTs26NiRu
BBuduj7U6v5evoFb9iGJgQlqk92A3XamaJ6nNiyLSzzOwBmmr9chLjwL++8fC68W
Hsf5X66T4CdIcoARNjHbob42PYTcvwiwYOJo/Zm//lkNrSV1ZJQMJKFu7cb2k+po
xnbzphsWvewLiHBqrMV/lkEpuw+E98p3eFhv1yw66zHUGDN7KGdfsfw62tvORKQc
1hlBBbjISg0cOWHZobbGkvMockS1von2p5Vb0dMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQhmBZqx2Tq50Vy4hQyz0sCHOIIOjAfBgNVHSMEGDAWgBSyMMj9AgXs8O9r
VuA31WKbF7J17jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NqRElfUUlGN1BEdmExYmdOOVZpbXhleWRlNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvY2ExNzk3LTYxNmYtNDk3My1iNzQwLWM4YjVkZmM1YTEzZi8x
L0laZ1dhc2RrNnVkRmN1SVVNczlMQWh6aUNEby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
Y2ExNzk3LTYxNmYtNDk3My1iNzQwLWM4YjVkZmM1YTEzZi8xL3NqRElfUUlGN1BE
dmExYmdOOVZpbXhleWRlNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArljIDAPBAIAAjAJAwcAKgoAwP//
MA0GCSqGSIb3DQEBCwUAA4IBAQAnXLFOPgaTWbCHmFov3LoO43BNnrD2BtERkH+w
Cob1r+FDNmCaFlYWg4DypetfBYEZq4GUSUwPwC5JWeLrVgJA/QbTJKxJIxoK6JwB
USl4ibYY0tnQm4vkqgnUkhN1tzNXRB4pT/9WZWDJHtjIVtaoRIgZwCJIRNFqrNRZ
9UMgRyYdLiUj6dLWe/3jN0Wb9OtfRlcMvQ6tCt1Uy2BiGRB9oCwkm6S1UkN/8Uvz
wJSaaFbz4taClqn5dLMrD+KEHh/8h1EilQI9svaoKOw4nQGwnb4sZo02O43h48Os
u5L1+fFnu0AiVU8pEv7GRmOd4goI9NL/feI+v7b+lq8GWCA9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:53 2025 by rpki-client