Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/Igske-mS3uTcjOxrWDzpvL3fY-w.roa
File: Igske-mS3uTcjOxrWDzpvL3fY-w.roa (raw, json)
Hash identifier: wJMkqB9AL+iAF6iEOv8VHUrJgaDlFxCMFvbMETUlL9g=
Subject key identifier: 22:0B:24:7B:E9:92:DE:E4:DC:8C:EC:6B:58:3C:E9:BC:BD:DF:63:EC
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 37809170
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/Igske-mS3uTcjOxrWDzpvL3fY-w.roa
Signing time: Sat 30 Apr 2022 10:02:51 +0000
ROA not before: Sat 30 Apr 2022 10:02:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/20 maxlen: 20
37.32.120.0/24 maxlen: 24
185.49.96.0/23 maxlen: 23
185.49.96.0/24 maxlen: 24
185.49.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 931172720 (0x37809170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Apr 30 10:02:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=220b247be992dee4dc8cec6b583ce9bcbddf63ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:22:4b:d7:e9:91:f4:3f:42:9c:ec:96:83:dc:
cc:58:b9:d9:dc:25:e4:18:41:60:75:5d:54:0f:9c:
fd:e9:08:fa:35:9e:b3:ce:a5:1a:39:c8:29:65:dd:
a0:d1:ff:df:15:b6:87:02:b7:a0:d0:6a:09:32:7a:
67:d9:e9:67:ed:a7:2d:b4:aa:97:ff:57:84:fa:b4:
73:30:b5:2e:56:51:87:3b:83:f8:d2:62:dd:91:86:
cf:53:ad:15:e8:9c:02:bf:bd:cf:15:ab:98:8d:f5:
8d:4a:72:a5:34:db:42:17:88:ec:9b:14:e2:e0:be:
b6:2f:a3:63:3e:e3:b2:bf:bc:11:1e:58:62:95:d8:
61:4e:a6:39:ea:91:4c:54:64:f5:07:65:b2:9e:a5:
1d:83:6f:be:01:37:27:be:1d:83:e9:2e:3d:f1:0b:
e7:d1:15:4c:48:06:62:45:a2:8b:cd:e9:77:2c:dd:
bb:6b:86:7c:13:44:96:02:aa:ab:a3:f2:6d:8e:4a:
e9:77:9d:2c:56:61:eb:12:43:06:f8:2e:37:11:88:
fa:b7:2c:0e:05:92:3e:5d:75:f4:fa:a8:35:6f:99:
93:70:03:b0:e8:e3:80:4d:bb:4c:6b:40:7c:ba:31:
68:9b:2f:2f:5b:da:44:34:41:7f:bc:2d:fe:dc:97:
4c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0B:24:7B:E9:92:DE:E4:DC:8C:EC:6B:58:3C:E9:BC:BD:DF:63:EC
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/Igske-mS3uTcjOxrWDzpvL3fY-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
Signature Algorithm: sha256WithRSAEncryption
67:a8:56:04:e3:fd:61:6a:3d:1e:2c:58:08:43:d3:8a:2f:4b:
b1:f5:be:2d:eb:69:26:12:b1:da:58:c0:39:ee:24:03:b6:1e:
4e:84:b7:52:ca:fc:b8:9c:e3:e6:80:8e:48:e7:8f:94:54:23:
e8:ae:be:51:df:24:d2:49:c7:f0:75:6d:43:c0:29:d3:2e:67:
44:22:58:b4:60:6e:87:46:60:4b:67:aa:5b:ac:85:28:c1:fa:
e1:9b:1c:6e:79:40:0e:27:01:e3:79:6e:cb:59:95:25:ae:fe:
bb:0e:14:7f:10:4a:14:5d:50:ac:0b:b8:a9:a6:ae:e7:c9:ae:
59:ec:40:81:f5:af:4e:17:80:37:4f:47:a7:6f:db:40:0a:b0:
76:39:7b:9d:48:b8:31:06:0b:f5:1b:ab:bf:b9:65:be:fb:54:
22:93:82:af:47:aa:bd:1c:12:ea:58:2b:07:b3:9d:a7:29:d6:
3e:29:a2:9a:2f:12:5f:48:9e:1d:b8:df:3c:00:c1:76:aa:63:
11:3c:6d:d3:2d:87:ef:d7:3d:18:62:d0:71:ec:88:ce:66:f3:
90:1a:46:91:a7:c6:ac:aa:99:24:e7:a8:fa:87:27:49:26:49:
16:f8:9b:26:69:f4:1f:55:da:37:19:48:8f:02:e6:bf:75:1a:
cd:cf:53:22
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEN4CRcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzAyMDI5NzgzOWM3MzkwZGYyMDI1MWE1YzA5MzBlNmE2NzJiZWUzMB4XDTIyMDQz
MDEwMDI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjIwYjI0N2JlOTky
ZGVlNGRjOGNlYzZiNTgzY2U5YmNiZGRmNjNlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJciS9fpkfQ/QpzsloPczFi52dwl5BhBYHVdVA+c/ekI+jWe
s86lGjnIKWXdoNH/3xW2hwK3oNBqCTJ6Z9npZ+2nLbSql/9XhPq0czC1LlZRhzuD
+NJi3ZGGz1OtFeicAr+9zxWrmI31jUpypTTbQheI7JsU4uC+ti+jYz7jsr+8ER5Y
YpXYYU6mOeqRTFRk9Qdlsp6lHYNvvgE3J74dg+kuPfEL59EVTEgGYkWii83pdyzd
u2uGfBNElgKqq6PybY5K6XedLFZh6xJDBvguNxGI+rcsDgWSPl119PqoNW+Zk3AD
sOjjgE27TGtAfLoxaJsvL1vaRDRBf7wt/tyXTJUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQiCyR76ZLe5NyM7GtYPOm8vd9j7DAfBgNVHSMEGDAWgBQcAgKXg5xzkN8g
JRpcCTDmpnK+4zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hBSUNsNE9jYzVEZklDVWFYQWt3NXFaeXZ1TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvNzk3MzNmLTUzMzItNDUxYi04NmFmLTE0MmEyYjk4ZjRjOC8x
L0lnc2tlLW1TM3VUY2pPeHJXRHpwdkwzZlktdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
Nzk3MzNmLTUzMzItNDUxYi04NmFmLTE0MmEyYjk4ZjRjOC8xL0hBSUNsNE9jYzVE
ZklDVWFYQWt3NXFaeXZ1TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBCUgcAMEArkxYDANBgkqhkiG9w0B
AQsFAAOCAQEAZ6hWBOP9YWo9HixYCEPTii9LsfW+LetpJhKx2ljAOe4kA7YeToS3
Usr8uJzj5oCOSOePlFQj6K6+Ud8k0knH8HVtQ8Ap0y5nRCJYtGBuh0ZgS2eqW6yF
KMH64ZscbnlADicB43luy1mVJa7+uw4UfxBKFF1QrAu4qaau58muWexAgfWvTheA
N09Hp2/bQAqwdjl7nUi4MQYL9Rurv7llvvtUIpOCr0eqvRwS6lgrB7OdpynWPimi
mi8SX0ieHbjfPADBdqpjETxt0y2H79c9GGLQceyIzmbzkBpGkafGrKqZJOeo+ocn
SSZJFvibJmn0H1XaNxlIjwLmv3Uazc9TIg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:39 2025 by rpki-client