Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/IxxGe3OMbJFj2WdD4kuQsA0RH3w.roa
File: IxxGe3OMbJFj2WdD4kuQsA0RH3w.roa (raw, json)
Hash identifier: zZbd0+Pd7goz96b++1fW9Z3YMFnweo+BZL+A+7+CQUQ=
Subject key identifier: 23:1C:46:7B:73:8C:6C:91:63:D9:67:43:E2:4B:90:B0:0D:11:1F:7C
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 0182D6233B81DEBA28CC8FE872C5A82CC552
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/IxxGe3OMbJFj2WdD4kuQsA0RH3w.roa
Signing time: Thu 25 Aug 2022 17:53:29 +0000
ROA not before: Thu 25 Aug 2022 17:53:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210993
IP address blocks: 185.221.196.0/24 maxlen: 24
185.232.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d6:23:3b:81:de:ba:28:cc:8f:e8:72:c5:a8:2c:c5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Aug 25 17:53:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=231c467b738c6c9163d96743e24b90b00d111f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6f:66:11:52:73:59:05:bf:89:3b:15:10:f1:
71:4b:73:b5:df:5f:57:9d:ec:ff:b0:19:eb:56:65:
70:dd:21:fc:7e:b5:93:1c:86:8c:20:8b:8c:8b:99:
b9:ac:fa:82:ad:ae:86:1a:af:66:6a:bf:60:80:e8:
b1:9c:2e:1a:2c:83:67:52:6d:83:f2:ae:d6:26:98:
36:a6:c9:ec:b5:fb:12:64:43:2d:9a:e6:e3:95:ff:
7f:a4:79:63:91:46:f7:38:a0:71:81:b2:70:a3:ab:
08:ea:c1:e1:36:04:43:eb:b2:96:33:92:9b:64:50:
92:2c:e4:ac:d5:34:d5:92:9c:b2:8a:c6:64:b8:46:
9d:00:f6:9e:9b:37:54:06:db:4c:86:8f:70:e2:0f:
c2:ec:7b:46:03:a1:98:e6:eb:ab:c8:ed:f5:10:41:
f1:0b:77:68:98:c5:2a:ba:31:57:18:3e:3e:7e:44:
44:cc:b1:e6:8a:57:85:a2:69:22:61:83:88:2e:09:
34:a3:33:e8:8b:9e:78:30:26:c2:02:e3:f1:f3:fe:
b0:27:0f:58:2f:1c:51:5b:65:df:c9:9b:a8:eb:82:
2f:be:ad:ad:60:3e:0d:24:75:45:ca:7d:bf:08:3d:
4c:8f:ba:d6:4b:6e:89:05:a0:41:55:48:44:dc:e5:
4d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1C:46:7B:73:8C:6C:91:63:D9:67:43:E2:4B:90:B0:0D:11:1F:7C
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/IxxGe3OMbJFj2WdD4kuQsA0RH3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.196.0/24
185.232.17.0/24
Signature Algorithm: sha256WithRSAEncryption
17:bd:64:16:9b:9e:2d:96:99:2b:e8:52:b9:47:e9:33:a2:ff:
a0:bb:40:21:18:81:4d:6f:2b:28:ec:ec:4e:89:ad:94:c4:bb:
dc:7b:52:cc:7b:e8:8a:9b:6d:bd:a9:b8:c6:8b:f4:b0:95:4b:
32:9c:ab:7b:15:bc:82:c5:51:27:a9:7f:27:60:97:5e:e9:25:
bd:8a:4f:71:a5:11:40:e0:07:51:56:0f:0a:20:76:7b:01:b8:
85:35:ab:65:54:26:c3:9c:ce:c5:70:6f:f9:68:ed:8d:79:a0:
a5:2a:74:f1:b3:45:99:e3:4b:57:2d:7f:24:cd:0d:11:d9:a5:
90:75:67:08:ac:62:22:3d:e3:71:6d:c6:70:0c:78:de:d7:54:
14:6f:b8:ce:a5:a8:bb:53:89:13:cf:94:b1:0a:a2:be:50:44:
f7:9f:74:a5:22:0a:06:69:77:d7:14:2e:43:d0:69:14:fb:e7:
b8:68:89:dc:fa:87:3f:90:6e:a9:99:ac:2f:a0:03:89:5e:75:
a8:77:cd:70:d0:5c:b2:15:74:9f:b0:1e:ac:bd:0b:a1:aa:63:
3c:a5:b4:ca:b0:2e:d8:81:95:fc:68:73:d1:d9:30:7b:e0:dd:
5f:c3:df:cc:bc:58:1c:cb:61:7c:33:5f:a7:3d:68:5d:67:db:
53:ff:1d:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLWIzuB3roozI/ocsWoLMVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjIwODI1MTc1MzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFjNDY3YjczOGM2YzkxNjNkOTY3NDNlMjRiOTBiMDBkMTExZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo29mEVJzWQW/iTsVEPFxS3O1319X
nez/sBnrVmVw3SH8frWTHIaMIIuMi5m5rPqCra6GGq9mar9ggOixnC4aLINnUm2D
8q7WJpg2psnstfsSZEMtmubjlf9/pHljkUb3OKBxgbJwo6sI6sHhNgRD67KWM5Kb
ZFCSLOSs1TTVkpyyisZkuEadAPaemzdUBttMho9w4g/C7HtGA6GY5uuryO31EEHx
C3domMUqujFXGD4+fkREzLHmileFomkiYYOILgk0ozPoi554MCbCAuPx8/6wJw9Y
LxxRW2XfyZuo64Ivvq2tYD4NJHVFyn2/CD1Mj7rWS26JBaBBVUhE3OVNRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCMcRntzjGyRY9lnQ+JLkLANER98MB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvSXh4R2UzT01iSkZqMldkRDRrdVFzQTBSSDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAud3EAwQA
uegRMA0GCSqGSIb3DQEBCwUAA4IBAQAXvWQWm54tlpkr6FK5R+kzov+gu0AhGIFN
byso7OxOia2UxLvce1LMe+iKm229qbjGi/SwlUsynKt7FbyCxVEnqX8nYJde6SW9
ik9xpRFA4AdRVg8KIHZ7AbiFNatlVCbDnM7FcG/5aO2NeaClKnTxs0WZ40tXLX8k
zQ0R2aWQdWcIrGIiPeNxbcZwDHje11QUb7jOpai7U4kTz5SxCqK+UET3n3SlIgoG
aXfXFC5D0GkU++e4aInc+oc/kG6pmawvoAOJXnWod81w0FyyFXSfsB6svQuhqmM8
pbTKsC7YgZX8aHPR2TB74N1fw9/MvFgcy2F8M1+nPWhdZ9tT/x2b
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:39 2025 by rpki-client