Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/Iw9OFCiSB3Gld7sqPGDN2qP2vhI.roa
File: Iw9OFCiSB3Gld7sqPGDN2qP2vhI.roa (raw, json)
Hash identifier: mA2pTlMZ2fr6nlrhECHhDo2O6k+/+LsSWs/jzwxr7lA=
Subject key identifier: 23:0F:4E:14:28:92:07:71:A5:77:BB:2A:3C:60:CD:DA:A3:F6:BE:12
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0700914B
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/Iw9OFCiSB3Gld7sqPGDN2qP2vhI.roa
Signing time: Tue 21 Jun 2022 08:17:41 +0000
ROA not before: Tue 21 Jun 2022 08:17:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.139.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.136.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117477707 (0x700914b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jun 21 08:17:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=230f4e1428920771a577bb2a3c60cddaa3f6be12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2d:59:17:e5:66:c6:4d:f9:ec:a7:5e:8c:8b:
93:cf:36:ee:5f:1c:20:4f:c1:74:6c:41:fc:0b:c7:
e2:68:a8:eb:e6:25:63:c7:6d:77:16:c1:20:7a:c1:
54:7f:a4:93:10:fd:80:24:0d:a7:ff:be:8c:8e:d3:
ad:50:00:c9:d1:46:1b:90:b6:ca:50:db:08:b0:ca:
42:70:22:eb:07:a4:14:63:67:b3:72:cb:f8:b7:49:
3f:d7:19:87:3d:69:3d:1d:b1:e5:fc:c1:c2:d5:2c:
50:e3:ce:72:7e:f5:5a:a3:d2:98:a5:0f:71:68:f0:
49:ed:ae:21:16:43:27:b2:74:ac:84:28:88:7e:77:
a1:f8:c0:94:c9:58:e1:b0:f1:a9:3c:37:e4:54:06:
99:bf:b7:da:00:a6:34:1b:99:59:80:87:7b:40:40:
2f:39:b6:50:9f:ee:87:90:a7:93:35:6a:02:7f:22:
22:6e:41:e3:c3:f5:7d:55:a9:1f:2d:5f:d1:bf:31:
2b:90:44:4e:5d:98:e4:f3:16:c9:6b:85:01:2e:7c:
d6:2d:a1:dd:82:ff:69:07:f2:62:38:ad:d0:f9:2c:
0a:13:15:1f:99:ec:05:3d:1f:dd:64:7f:00:45:17:
dd:cb:4a:b8:16:34:f7:48:ea:ec:a3:dd:26:66:e3:
dd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:0F:4E:14:28:92:07:71:A5:77:BB:2A:3C:60:CD:DA:A3:F6:BE:12
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/Iw9OFCiSB3Gld7sqPGDN2qP2vhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/32
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:b5:57:7e:94:7c:6d:68:0f:c6:7c:c9:95:13:c2:75:92:d6:
c5:f2:36:0e:48:fb:45:6c:30:6f:15:a1:4e:66:aa:4c:e6:e2:
33:a6:7a:0b:8d:26:59:de:43:ef:ac:ac:76:44:4b:d2:7b:0c:
95:0c:ae:8e:55:39:9a:87:f8:df:b1:12:24:d7:cb:b2:46:71:
c9:cd:d3:a2:c2:0d:21:51:c9:3c:ae:4b:61:5c:f6:35:b3:be:
bc:7e:1e:bc:e0:8d:3b:58:ab:c9:ac:a8:4d:7c:d1:eb:34:37:
39:b5:0f:41:17:52:88:ae:7e:b4:17:6e:6d:a8:5b:47:9c:8b:
b3:6f:c5:c6:10:96:f3:f7:e9:ba:53:47:5b:12:db:32:51:0e:
c8:bc:7f:74:2d:19:9c:26:9b:fa:14:71:3d:4b:aa:79:de:53:
a0:dc:d8:9d:7b:1f:31:73:c2:32:fe:cf:5c:c7:5a:1b:61:3c:
90:27:42:2a:e5:a3:33:67:bc:6f:ba:55:89:c7:53:90:80:41:
db:0e:c1:4c:3f:65:f3:2a:00:bf:c2:e4:fa:71:5d:a1:fc:23:
3c:67:91:2c:b7:42:d7:99:07:ae:7c:aa:75:93:7d:74:a3:13:
44:cd:c2:26:50:b7:36:d0:80:ce:44:95:c1:bc:de:44:32:13:
e9:2c:6a:b8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBwCRSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzM4ZWY0MWIyYzAxMDVhOTFjY2JiOWM4OTMzN2ZhZWIxMjlmZjg0MB4XDTIyMDYy
MTA4MTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjMwZjRlMTQyODky
MDc3MWE1NzdiYjJhM2M2MGNkZGFhM2Y2YmUxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUtWRflZsZN+eynXoyLk8827l8cIE/BdGxB/AvH4mio6+Yl
Y8dtdxbBIHrBVH+kkxD9gCQNp/++jI7TrVAAydFGG5C2ylDbCLDKQnAi6wekFGNn
s3LL+LdJP9cZhz1pPR2x5fzBwtUsUOPOcn71WqPSmKUPcWjwSe2uIRZDJ7J0rIQo
iH53ofjAlMlY4bDxqTw35FQGmb+32gCmNBuZWYCHe0BALzm2UJ/uh5CnkzVqAn8i
Im5B48P1fVWpHy1f0b8xK5BETl2Y5PMWyWuFAS581i2h3YL/aQfyYjit0PksChMV
H5nsBT0f3WR/AEUX3ctKuBY090jq7KPdJmbj3YUCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQjD04UKJIHcaV3uyo8YM3ao/a+EjAfBgNVHSMEGDAWgBSDOO9BssAQWpHM
u5yJM3+usSn/hDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2d6anZRYkxBRUZxUnpMdWNpVE5fcnJFcF80US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNDBkOTk2LWEyY2QtNDFmMS1hNzM4LTI4ZmM3Nzk2Nzc2My8x
L0l3OU9GQ2lTQjNHbGQ3c3FQR0ROMnFQMnZoSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
NDBkOTk2LWEyY2QtNDFmMS1hNzM4LTI4ZmM3Nzk2Nzc2My8xL2d6anZRYkxBRUZx
UnpMdWNpVE5fcnJFcF80US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAlvEiAMEAG3EhQMEAMO2CDAUBAIA
AjAOAwUAKgSGgAMFACoJ1cAwDQYJKoZIhvcNAQELBQADggEBAHy1V36UfG1oD8Z8
yZUTwnWS1sXyNg5I+0VsMG8VoU5mqkzm4jOmeguNJlneQ++srHZES9J7DJUMro5V
OZqH+N+xEiTXy7JGccnN06LCDSFRyTyuS2Fc9jWzvrx+HrzgjTtYq8msqE180es0
Nzm1D0EXUoiufrQXbm2oW0eci7NvxcYQlvP36bpTR1sS2zJRDsi8f3QtGZwmm/oU
cT1LqnneU6Dc2J17HzFzwjL+z1zHWhthPJAnQirlozNnvG+6VYnHU5CAQdsOwUw/
ZfMqAL/C5PpxXaH8IzxnkSy3QteZB658qnWTfXSjE0TNwiZQtzbQgM5ElcG83kQy
E+ksarg=
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:28:58 2025 by rpki-client