Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/CIQodhPs4iW1OooedHwYA-vwwRo.roa
File: CIQodhPs4iW1OooedHwYA-vwwRo.roa (raw, json)
Hash identifier: BZ3Y7pFVqVx96+cmrID0ck23OexTuEB3SzJMy7IVoZU=
Subject key identifier: 08:84:28:76:13:EC:E2:25:B5:3A:8A:1E:74:7C:18:03:EB:F0:C1:1A
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 0184379C72A0C19226E7EDC2774D7D25796C
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/CIQodhPs4iW1OooedHwYA-vwwRo.roa
Signing time: Wed 02 Nov 2022 09:11:50 +0000
ROA not before: Wed 02 Nov 2022 09:11:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57888
IP address blocks: 94.250.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:9c:72:a0:c1:92:26:e7:ed:c2:77:4d:7d:25:79:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Nov 2 09:11:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0884287613ece225b53a8a1e747c1803ebf0c11a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:03:88:d7:9d:b3:ec:da:f7:4e:2b:ae:3a:b5:
6d:10:4d:2a:1e:46:a9:ed:b7:63:09:18:25:d2:3b:
d3:d3:8d:7d:1d:b9:b8:8f:b7:4f:49:7d:6f:f2:f0:
ad:03:78:65:09:23:ff:c9:d4:85:a6:5b:bd:b8:85:
8c:c2:49:72:6a:cf:58:8e:cd:7f:d8:77:3b:00:e4:
c5:2f:48:a3:96:55:13:d1:79:d1:cc:86:f8:df:bb:
23:36:06:12:40:9f:cc:8c:78:ff:94:4d:80:85:3c:
a0:f1:38:4f:0d:cb:b5:6c:9b:c1:5c:1d:20:19:61:
d1:10:25:10:1d:c4:4c:81:16:e7:c6:a5:e5:40:de:
fe:6e:bd:e8:9b:5e:65:22:09:17:c7:47:36:41:0a:
13:e0:2c:90:1a:58:31:af:b4:0f:13:6e:a6:6c:23:
c1:ae:7f:24:bb:30:2e:c4:d7:84:d5:99:b0:b3:14:
47:85:77:4f:d1:ba:e1:73:3a:cd:1c:9e:7e:42:98:
b5:99:34:54:5c:2d:49:1e:3e:eb:f0:0b:50:a8:0f:
7e:24:55:36:2e:33:ba:5d:90:24:6c:a6:8e:88:de:
0a:fc:0c:b0:7a:1b:20:b0:d1:54:82:1a:20:4b:30:
3d:13:05:e8:ee:aa:53:42:e5:58:fa:3c:11:30:a4:
76:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:84:28:76:13:EC:E2:25:B5:3A:8A:1E:74:7C:18:03:EB:F0:C1:1A
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/CIQodhPs4iW1OooedHwYA-vwwRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.116.0/22
Signature Algorithm: sha256WithRSAEncryption
89:ba:44:4d:1d:a3:70:44:58:c6:84:e7:9c:a1:7a:83:e9:b0:
92:e1:04:98:fa:72:c4:e9:b3:51:56:a7:24:8f:db:1a:b7:96:
b7:c5:44:64:77:c5:7e:c9:9a:0d:66:25:03:a3:82:c9:e1:66:
7a:4f:c8:16:4b:e7:b6:b2:7e:6a:a2:ff:d3:b0:ce:1b:ef:9e:
07:c3:b0:b1:26:98:ba:34:4a:3b:62:59:49:45:61:55:92:a4:
d7:96:ba:d3:dc:21:08:7b:49:83:dd:16:5f:4d:00:88:72:f1:
05:1a:cf:26:03:ef:73:2a:42:47:08:f8:08:39:d4:98:44:74:
65:72:5b:9c:79:a0:1d:b3:13:fb:b6:93:ee:aa:23:5a:1d:dd:
75:74:f7:f1:8f:63:32:25:16:cf:39:41:6f:c2:dd:45:57:9b:
60:27:dc:d9:4d:d6:0b:b8:42:89:44:df:a6:96:62:46:7c:51:
77:4e:a4:79:f1:33:a4:c7:3b:98:c2:66:0e:e7:a4:a2:a3:06:
be:a0:34:a3:71:6c:e8:31:37:3b:b7:5d:84:ef:ec:52:d1:8d:
8d:8d:7e:81:7e:15:f0:29:47:1c:be:d9:ea:3c:47:0e:32:80:
61:a3:b4:bb:0b:77:ca:97:a6:b8:16:84:5a:f4:0f:14:9b:ed:
ca:c4:3c:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ3nHKgwZIm5+3Cd019JXlsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjIxMTAyMDkxMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg0Mjg3NjEzZWNlMjI1YjUzYThhMWU3NDdjMTgwM2ViZjBjMTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwOI152z7Nr3TiuuOrVtEE0qHkap
7bdjCRgl0jvT0419Hbm4j7dPSX1v8vCtA3hlCSP/ydSFplu9uIWMwklyas9Yjs1/
2Hc7AOTFL0ijllUT0XnRzIb437sjNgYSQJ/MjHj/lE2AhTyg8ThPDcu1bJvBXB0g
GWHRECUQHcRMgRbnxqXlQN7+br3om15lIgkXx0c2QQoT4CyQGlgxr7QPE26mbCPB
rn8kuzAuxNeE1ZmwsxRHhXdP0brhczrNHJ5+Qpi1mTRUXC1JHj7r8AtQqA9+JFU2
LjO6XZAkbKaOiN4K/AywehsgsNFUghogSzA9EwXo7qpTQuVY+jwRMKR25QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiEKHYT7OIltTqKHnR8GAPr8MEaMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvQ0lRb2RoUHM0aVcxT29vZWRId1lBLXZ3d1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXvp0MA0G
CSqGSIb3DQEBCwUAA4IBAQCJukRNHaNwRFjGhOecoXqD6bCS4QSY+nLE6bNRVqck
j9sat5a3xURkd8V+yZoNZiUDo4LJ4WZ6T8gWS+e2sn5qov/TsM4b754Hw7CxJpi6
NEo7YllJRWFVkqTXlrrT3CEIe0mD3RZfTQCIcvEFGs8mA+9zKkJHCPgIOdSYRHRl
cluceaAdsxP7tpPuqiNaHd11dPfxj2MyJRbPOUFvwt1FV5tgJ9zZTdYLuEKJRN+m
lmJGfFF3TqR58TOkxzuYwmYO56Siowa+oDSjcWzoMTc7t12E7+xS0Y2NjX6BfhXw
KUccvtnqPEcOMoBho7S7C3fKl6a4FoRa9A8Um+3KxDwq
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:11 2025 by rpki-client