Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/Iwnt_HFc_ORzrM2vj29ikpKhiiI.roa
File: Iwnt_HFc_ORzrM2vj29ikpKhiiI.roa (raw, json)
Hash identifier: 8ViqP01L3GJDqIKkwjkNQ7ReFZ/aMzdgsBAF3+qvAcc=
Subject key identifier: 23:09:ED:FC:71:5C:FC:E4:73:AC:CD:AF:8F:6F:62:92:92:A1:8A:22
Certificate issuer: /CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Certificate serial: 01873B04ACFB0A91CABBA6DE7C58705CD4CE
Authority key identifier: 8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/Iwnt_HFc_ORzrM2vj29ikpKhiiI.roa
Signing time: Sat 01 Apr 2023 04:12:54 +0000
ROA not before: Sat 01 Apr 2023 04:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203924
IP address blocks: 185.216.120.0/24 maxlen: 24
185.216.120.0/22 maxlen: 22
85.117.252.0/23 maxlen: 23
85.117.252.0/22 maxlen: 22
85.117.254.0/23 maxlen: 23
185.113.144.0/22 maxlen: 22
185.146.36.0/22 maxlen: 22
193.105.0.0/24 maxlen: 24
2a0b:b640::/29 maxlen: 29
2a07:4d00::/30 maxlen: 30
2a07:4d00::/29 maxlen: 29
2a06:6a40::/29 maxlen: 29
2a07:4d04::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3b:04:ac:fb:0a:91:ca:bb:a6:de:7c:58:70:5c:d4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Validity
Not Before: Apr 1 04:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2309edfc715cfce473accdaf8f6f629292a18a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fc:60:ba:f8:84:5e:de:fc:6d:32:23:49:bc:
8f:41:86:2a:45:d9:fb:cf:e9:7f:1d:4b:e1:87:3d:
43:72:d6:16:46:b8:f9:4e:56:55:2f:71:7e:21:86:
12:7c:cd:27:f4:0c:32:71:57:0d:c5:b7:ab:ce:07:
ad:11:5a:83:d5:dd:33:91:8e:c4:45:4d:a5:c2:25:
b5:48:c4:ef:3b:ab:c5:ba:74:c9:73:f1:5a:68:7e:
16:1c:1c:ff:db:d6:90:01:5a:bc:6a:fc:d2:74:ad:
cc:f5:82:6a:0c:d2:37:16:08:34:fe:fb:e3:41:25:
0f:c7:cd:67:a1:fd:9e:0f:02:a7:99:a1:5e:18:ce:
fe:c0:bf:b6:a3:68:a3:91:af:c2:af:b2:38:01:d1:
94:79:f5:79:20:ba:5e:35:8c:0c:3c:60:82:34:37:
f8:d7:ae:d5:4f:20:06:a1:67:22:c6:6f:76:c3:87:
b6:1a:88:0d:cf:4a:0f:67:58:8a:96:02:ba:1f:57:
1a:e7:23:bb:0b:c3:02:e9:81:19:bf:33:14:6d:3a:
22:1b:67:46:ad:ac:bd:f6:d2:f3:6b:e0:5f:a1:a7:
a7:57:e3:cb:0f:d1:c0:a2:b6:6b:99:bd:24:d2:4e:
a1:ee:9d:c4:99:d7:60:5e:8c:0b:0f:2a:ca:a6:a7:
8a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:09:ED:FC:71:5C:FC:E4:73:AC:CD:AF:8F:6F:62:92:92:A1:8A:22
X509v3 Authority Key Identifier:
keyid:8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/Iwnt_HFc_ORzrM2vj29ikpKhiiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/j5D2t16RPyeC7VSetyFyxZzEevE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.252.0/22
185.113.144.0/22
185.146.36.0/22
185.216.120.0/22
193.105.0.0/24
IPv6:
2a06:6a40::/29
2a07:4d00::/29
2a0b:b640::/29
Signature Algorithm: sha256WithRSAEncryption
52:19:79:77:51:be:56:b5:79:41:1b:9a:80:81:c5:1b:00:31:
92:a0:14:3c:42:1e:51:ae:03:ea:0b:e1:09:c8:0d:f2:71:33:
2e:2c:e7:3e:05:0c:6b:d5:6a:64:77:a5:b0:01:b8:d4:4b:94:
9a:bd:6b:de:db:dd:49:9f:ef:d4:22:a6:3f:70:84:db:61:e5:
88:19:03:f6:e0:31:64:b9:da:d5:c9:b2:28:fb:19:13:77:94:
07:8f:2d:59:f0:9e:52:1e:27:5e:7d:1f:e7:5a:1e:2f:75:c2:
8b:f5:fd:db:bb:38:8c:3d:3c:cd:71:ee:50:72:67:3a:f9:00:
47:b4:bc:c0:0a:82:ec:f4:ca:34:5b:62:d9:07:be:d4:50:ba:
8b:70:aa:90:93:3a:0b:ff:59:ea:7d:88:ed:83:8c:57:91:e8:
8b:60:38:41:f9:3c:33:f7:e7:3f:42:3c:32:c7:4a:08:37:b3:
45:2e:6f:da:7f:74:78:8e:e1:e3:db:6d:72:eb:ad:94:9a:26:
62:2e:39:30:07:47:b1:cb:c8:3f:94:7a:53:dd:e1:f5:8a:73:
df:e6:d0:8e:66:e5:91:fd:91:c1:0b:a1:76:68:91:73:3a:af:
67:05:33:ab:cf:2e:6f:d5:41:db:d7:27:da:5d:9f:84:a2:b5:
c9:07:ff:24
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYc7BKz7CpHKu6befFhwXNTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOTBmNmI3NWU5MTNmMjc4MmVkNTQ5ZWI3MjE3MmM1OWNj
NDdhZjEwHhcNMjMwNDAxMDQxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA5ZWRmYzcxNWNmY2U0NzNhY2NkYWY4ZjZmNjI5MjkyYTE4YTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/xguviEXt78bTIjSbyPQYYqRdn7
z+l/HUvhhz1DctYWRrj5TlZVL3F+IYYSfM0n9AwycVcNxberzgetEVqD1d0zkY7E
RU2lwiW1SMTvO6vFunTJc/FaaH4WHBz/29aQAVq8avzSdK3M9YJqDNI3Fgg0/vvj
QSUPx81nof2eDwKnmaFeGM7+wL+2o2ijka/Cr7I4AdGUefV5ILpeNYwMPGCCNDf4
167VTyAGoWcixm92w4e2GogNz0oPZ1iKlgK6H1ca5yO7C8MC6YEZvzMUbToiG2dG
ray99tLza+BfoaenV+PLD9HAorZrmb0k0k6h7p3EmddgXowLDyrKpqeK4QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFCMJ7fxxXPzkc6zNr49vYpKSoYoiMB8GA1UdIwQY
MBaAFI+Q9rdekT8ngu1UnrchcsWcxHrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQt
YzFkMGFjYjc4MTlhLzEvSXdudF9IRmNfT1J6ck0ydmoyOWlrcEtoaWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQtYzFkMGFjYjc4MTlh
LzEvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCVXX8AwQC
uXGQAwQCuZIkAwQCudh4AwQAwWkAMBsEAgACMBUDBQMqBmpAAwUDKgdNAAMFAyoL
tkAwDQYJKoZIhvcNAQELBQADggEBAFIZeXdRvla1eUEbmoCBxRsAMZKgFDxCHlGu
A+oL4QnIDfJxMy4s5z4FDGvVamR3pbABuNRLlJq9a97b3Umf79Qipj9whNth5YgZ
A/bgMWS52tXJsij7GRN3lAePLVnwnlIeJ159H+daHi91wov1/du7OIw9PM1x7lBy
Zzr5AEe0vMAKguz0yjRbYtkHvtRQuotwqpCTOgv/Wep9iO2DjFeR6ItgOEH5PDP3
5z9CPDLHSgg3s0Uub9p/dHiO4ePbbXLrrZSaJmIuOTAHR7HLyD+UelPd4fWKc9/m
0I5m5ZH9kcELoXZokXM6r2cFM6vPLm/VQdvXJ9pdn4SitckH/yQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:01 2025 by rpki-client