Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e8667a-b7fd-4ea8-bae9-6007bbad86d6/1/icqy2uj3HVbuT69mQ3m403iZNdE.roa
File: icqy2uj3HVbuT69mQ3m403iZNdE.roa (raw, json)
Hash identifier: 1Y4E9wC+CfaHLF7hjfsdvWstmrKVkCWcx8AKTx4BsgI=
Subject key identifier: 89:CA:B2:DA:E8:F7:1D:56:EE:4F:AF:66:43:79:B8:D3:78:99:35:D1
Certificate issuer: /CN=f16ea3f0330b2132d0df752f51f0e0bfef3d1bae
Certificate serial: 08FC09B3
Authority key identifier: F1:6E:A3:F0:33:0B:21:32:D0:DF:75:2F:51:F0:E0:BF:EF:3D:1B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8W6j8DMLITLQ33UvUfDgv-89G64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e8667a-b7fd-4ea8-bae9-6007bbad86d6/1/icqy2uj3HVbuT69mQ3m403iZNdE.roa
Signing time: Sat 01 Jan 2022 07:58:17 +0000
ROA not before: Sat 01 Jan 2022 07:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25352
IP address blocks: 91.212.48.0/24 maxlen: 24
195.190.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150735283 (0x8fc09b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f16ea3f0330b2132d0df752f51f0e0bfef3d1bae
Validity
Not Before: Jan 1 07:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89cab2dae8f71d56ee4faf664379b8d3789935d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:43:0d:6f:82:a7:71:44:a8:fb:8d:8c:3c:1b:
81:8c:1d:ed:89:78:45:1b:2a:0e:0a:58:46:b9:23:
5b:b7:ea:2c:08:15:7f:95:aa:9f:59:81:6e:ba:d4:
4c:28:3a:86:c3:4b:16:24:2f:8c:e5:eb:79:34:5b:
35:01:26:3e:22:f7:d7:c6:7f:43:c8:2d:c3:03:1b:
4d:dd:26:be:e0:0c:90:99:79:9a:a3:25:71:91:b7:
4c:73:b8:d6:a4:ac:a1:aa:8e:04:52:6a:c1:a7:d0:
7f:89:5f:92:53:3b:7e:11:eb:b1:f8:9c:7a:62:dc:
db:28:e9:37:99:10:88:9b:cf:96:1b:b0:f2:04:4b:
8c:27:90:d2:b9:2c:80:e8:f8:7f:35:26:0c:1a:1d:
60:b0:3d:d9:9d:43:bc:0f:9d:ad:ca:ad:93:00:7f:
87:ea:19:79:d4:a3:7a:ed:25:40:38:bb:fe:4a:d1:
7f:04:b0:02:99:6d:1e:9a:e0:65:31:fe:59:7e:a4:
34:97:26:03:80:e3:45:c3:ef:48:2e:e9:a4:c9:8e:
80:e5:7d:3e:5e:14:24:04:6a:8a:8a:3b:e7:cc:1a:
3b:d2:98:05:ca:d1:3a:98:02:bf:5c:63:e0:d4:48:
9a:e0:2d:eb:ae:cc:dd:aa:72:4b:eb:40:57:cb:50:
23:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CA:B2:DA:E8:F7:1D:56:EE:4F:AF:66:43:79:B8:D3:78:99:35:D1
X509v3 Authority Key Identifier:
keyid:F1:6E:A3:F0:33:0B:21:32:D0:DF:75:2F:51:F0:E0:BF:EF:3D:1B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8W6j8DMLITLQ33UvUfDgv-89G64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e8667a-b7fd-4ea8-bae9-6007bbad86d6/1/icqy2uj3HVbuT69mQ3m403iZNdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e8667a-b7fd-4ea8-bae9-6007bbad86d6/1/8W6j8DMLITLQ33UvUfDgv-89G64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.48.0/24
195.190.128.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:de:df:d1:81:09:60:7c:ba:6b:89:03:e5:2c:60:c0:30:37:
39:58:e4:8d:7a:23:99:99:bc:58:17:1c:4b:64:e0:11:c5:12:
eb:3b:27:7f:29:7a:01:0e:83:4f:e8:9c:1f:a5:07:67:72:1d:
01:9e:8d:1d:88:d5:8a:3a:05:80:f1:50:f1:c1:70:6f:b8:91:
d6:ca:e3:fb:62:0c:f4:54:d7:ff:93:b2:5c:bd:63:e4:03:3f:
6e:54:a8:a4:bb:7c:7a:cb:8f:d8:43:40:26:60:f3:27:b4:fc:
23:31:e6:f5:86:34:e2:99:61:2b:4a:ea:46:e4:a3:94:7c:a5:
a8:97:88:0d:f4:c9:34:6f:44:65:f7:2b:0e:76:2e:41:81:0e:
39:ff:ed:99:5a:54:91:23:1c:cc:79:68:63:a5:0a:5d:4b:07:
13:7b:32:52:fe:62:b1:ef:3e:55:13:83:50:26:99:ca:3e:7e:
e7:d5:5f:f9:c9:dd:40:80:1d:91:04:47:62:ea:25:6c:5a:5d:
11:6a:3d:43:8a:ca:63:9a:14:30:e4:9a:9e:3e:e7:50:f3:d0:
fe:f2:02:2c:b9:24:74:34:02:d9:dc:81:85:b0:0c:6b:cf:15:
00:bb:09:2c:a2:53:0b:44:eb:7a:fd:53:a9:97:e3:d7:86:2c:
ba:32:c3:a3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECPwJszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTZlYTNmMDMzMGIyMTMyZDBkZjc1MmY1MWYwZTBiZmVmM2QxYmFlMB4XDTIyMDEw
MTA3NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODljYWIyZGFlOGY3
MWQ1NmVlNGZhZjY2NDM3OWI4ZDM3ODk5MzVkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJDDW+Cp3FEqPuNjDwbgYwd7Yl4RRsqDgpYRrkjW7fqLAgV
f5Wqn1mBbrrUTCg6hsNLFiQvjOXreTRbNQEmPiL318Z/Q8gtwwMbTd0mvuAMkJl5
mqMlcZG3THO41qSsoaqOBFJqwafQf4lfklM7fhHrsficemLc2yjpN5kQiJvPlhuw
8gRLjCeQ0rksgOj4fzUmDBodYLA92Z1DvA+drcqtkwB/h+oZedSjeu0lQDi7/krR
fwSwApltHprgZTH+WX6kNJcmA4DjRcPvSC7ppMmOgOV9Pl4UJARqioo758waO9KY
BcrROpgCv1xj4NRImuAt667M3apyS+tAV8tQI/UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSJyrLa6PcdVu5Pr2ZDebjTeJk10TAfBgNVHSMEGDAWgBTxbqPwMwshMtDf
dS9R8OC/7z0brjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhXNmo4RE1MSVRMUTMzVXZVZkRndi04OUc2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvZTg2NjdhLWI3ZmQtNGVhOC1iYWU5LTYwMDdiYmFkODZkNi8x
L2ljcXkydWozSFZidVQ2OW1RM200MDNpWk5kRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
ZTg2NjdhLWI3ZmQtNGVhOC1iYWU5LTYwMDdiYmFkODZkNi8xLzhXNmo4RE1MSVRM
UTMzVXZVZkRndi04OUc2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvUMAMEAMO+gDANBgkqhkiG9w0B
AQsFAAOCAQEALN7f0YEJYHy6a4kD5SxgwDA3OVjkjXojmZm8WBccS2TgEcUS6zsn
fyl6AQ6DT+icH6UHZ3IdAZ6NHYjVijoFgPFQ8cFwb7iR1srj+2IM9FTX/5OyXL1j
5AM/blSopLt8esuP2ENAJmDzJ7T8IzHm9YY04plhK0rqRuSjlHylqJeIDfTJNG9E
ZfcrDnYuQYEOOf/tmVpUkSMczHloY6UKXUsHE3syUv5ise8+VRODUCaZyj5+59Vf
+cndQIAdkQRHYuolbFpdEWo9Q4rKY5oUMOSanj7nUPPQ/vICLLkkdDQC2dyBhbAM
a88VALsJLKJTC0Trev1TqZfj14YsujLDow==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:28 2025 by rpki-client