Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/iec8DO3SBKR6Nk0JCD1BTgfzf7o.roa
File: iec8DO3SBKR6Nk0JCD1BTgfzf7o.roa (raw, json)
Hash identifier: TvYX56LKC/qYxKbYPJRaq3l15j5ZLe7Xa8QqY1XOa+M=
Subject key identifier: 89:E7:3C:0C:ED:D2:04:A4:7A:36:4D:09:08:3D:41:4E:07:F3:7F:BA
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018570152FC6E1AA4F4655F69FB07042F733
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/iec8DO3SBKR6Nk0JCD1BTgfzf7o.roa
Signing time: Mon 02 Jan 2023 01:25:14 +0000
ROA not before: Mon 02 Jan 2023 01:25:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198414
IP address blocks: 185.25.148.0/22 maxlen: 24
185.5.96.0/22 maxlen: 24
193.17.184.0/24 maxlen: 24
91.234.146.0/24 maxlen: 24
91.239.66.0/23 maxlen: 24
91.228.196.0/22 maxlen: 24
185.180.204.0/22 maxlen: 24
185.201.112.0/22 maxlen: 24
185.193.112.0/22 maxlen: 22
91.237.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:2f:c6:e1:aa:4f:46:55:f6:9f:b0:70:42:f7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 2 01:25:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89e73c0cedd204a47a364d09083d414e07f37fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f3:be:cf:d9:52:4e:c1:0a:29:ad:1c:a2:3b:
06:45:89:01:da:1f:47:20:0f:1f:da:ac:98:df:25:
a0:d5:a0:43:a4:27:0d:ef:d4:e7:e5:9c:7c:48:7d:
45:89:bc:86:db:63:0a:54:87:1b:f8:8f:16:6a:53:
ed:0e:bd:08:f4:d1:c1:76:5e:47:a6:8d:b0:c5:6e:
d3:d5:d0:b6:21:17:26:0c:8c:b9:1b:bf:b3:02:3f:
0d:a8:25:f8:3c:57:f2:31:35:6d:87:eb:b4:7b:f3:
f3:38:c5:8a:f3:ec:80:f2:9a:0e:55:65:ca:e6:5c:
45:be:98:dc:0e:62:c1:01:c2:f1:19:3f:aa:bc:23:
01:d6:35:9b:af:35:06:73:54:a5:e0:93:23:08:88:
67:1e:01:19:c1:1a:f0:75:3c:e8:ad:2d:88:c1:b1:
d3:e2:0a:59:bd:dd:2b:db:dd:4a:ee:1e:22:79:29:
7b:31:19:66:1f:75:7f:53:96:4a:fc:22:57:0f:3c:
e8:b7:ce:30:75:25:34:2a:6e:92:31:47:32:95:99:
6c:8c:16:8c:cb:7c:91:0a:cc:a2:68:f6:66:63:44:
e3:f7:77:d8:be:2d:08:94:70:02:9d:dd:97:a1:dc:
e0:1d:01:67:30:75:5a:d3:ef:66:4c:fe:06:c0:39:
20:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E7:3C:0C:ED:D2:04:A4:7A:36:4D:09:08:3D:41:4E:07:F3:7F:BA
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/iec8DO3SBKR6Nk0JCD1BTgfzf7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.196.0/22
91.234.146.0/24
91.237.52.0/24
91.239.66.0/23
185.5.96.0/22
185.25.148.0/22
185.180.204.0/22
185.193.112.0/22
185.201.112.0/22
193.17.184.0/24
Signature Algorithm: sha256WithRSAEncryption
01:6e:84:a6:8c:81:4d:5f:4a:67:dc:b9:5d:1b:57:9d:10:c0:
7e:27:48:e1:27:af:56:ee:e0:f3:60:3d:23:52:75:40:7a:5f:
02:0b:77:ba:ce:2e:10:12:d5:d2:76:16:51:5a:6c:9e:79:18:
9f:d6:e5:13:c5:3c:6e:b7:e3:48:d3:7c:a8:3d:4d:7b:8e:41:
35:d3:b1:8d:5e:ae:d1:30:f5:93:84:a2:1c:07:c5:a2:af:c9:
1f:b3:99:ce:75:48:86:3c:00:95:d1:0c:a1:1a:54:47:4f:42:
a6:fc:d0:35:66:7c:cd:47:c4:da:ee:2a:cc:8c:28:6c:31:95:
29:a7:41:8d:92:25:02:4e:02:ec:77:82:17:a2:6b:d3:84:dd:
12:6f:09:74:68:e5:68:6c:63:80:fd:63:ec:e6:02:c4:c5:e5:
b7:7c:97:1a:6a:23:a0:c3:cc:19:c4:4d:b2:ba:77:29:07:8b:
64:bf:67:37:37:93:bf:e6:f7:91:1a:08:aa:16:90:9e:ff:a5:
ed:9f:0e:6e:52:a9:1d:d0:75:da:38:da:c4:3c:c0:f3:76:54:
cc:a1:8d:11:96:02:cb:ad:1b:8f:bd:b0:42:8a:2f:3c:bb:22:
77:59:8a:25:94:db:21:9a:d4:91:70:92:14:bd:47:df:76:32:
b0:a0:89:eb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVwFS/G4apPRlX2n7BwQvczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwMTAyMDEyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWU3M2MwY2VkZDIwNGE0N2EzNjRkMDkwODNkNDE0ZTA3ZjM3ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPO+z9lSTsEKKa0cojsGRYkB2h9H
IA8f2qyY3yWg1aBDpCcN79Tn5Zx8SH1FibyG22MKVIcb+I8WalPtDr0I9NHBdl5H
po2wxW7T1dC2IRcmDIy5G7+zAj8NqCX4PFfyMTVth+u0e/PzOMWK8+yA8poOVWXK
5lxFvpjcDmLBAcLxGT+qvCMB1jWbrzUGc1Sl4JMjCIhnHgEZwRrwdTzorS2IwbHT
4gpZvd0r291K7h4ieSl7MRlmH3V/U5ZK/CJXDzzot84wdSU0Km6SMUcylZlsjBaM
y3yRCsyiaPZmY0Tj93fYvi0IlHACnd2XodzgHQFnMHVa0+9mTP4GwDkgZQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFInnPAzt0gSkejZNCQg9QU4H83+6MB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvaWVjOERPM1NCS1I2TmswSkNEMUJUZ2Z6ZjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCW+TEAwQA
W+qSAwQAW+00AwQBW+9CAwQCuQVgAwQCuRmUAwQCubTMAwQCucFwAwQCuclwAwQA
wRG4MA0GCSqGSIb3DQEBCwUAA4IBAQABboSmjIFNX0pn3LldG1edEMB+J0jhJ69W
7uDzYD0jUnVAel8CC3e6zi4QEtXSdhZRWmyeeRif1uUTxTxut+NI03yoPU17jkE1
07GNXq7RMPWThKIcB8Wir8kfs5nOdUiGPACV0QyhGlRHT0Km/NA1ZnzNR8Ta7irM
jChsMZUpp0GNkiUCTgLsd4IXomvThN0Sbwl0aOVobGOA/WPs5gLExeW3fJcaaiOg
w8wZxE2yuncpB4tkv2c3N5O/5veRGgiqFpCe/6Xtnw5uUqkd0HXaONrEPMDzdlTM
oY0RlgLLrRuPvbBCii88uyJ3WYollNshmtSRcJIUvUffdjKwoInr
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:18:29 2025 by rpki-client