Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2daf04-4f76-4333-abf0-238e0b7ae284/1/IrI_D3hi5Q0XQyQaU6NB8PQWCAs.roa
File: IrI_D3hi5Q0XQyQaU6NB8PQWCAs.roa (raw, json)
Hash identifier: JUcNY9TlBBPXoSdl8eJsGUXz98tfF4axSirf+2KHWhA=
Subject key identifier: 22:B2:3F:0F:78:62:E5:0D:17:43:24:1A:53:A3:41:F0:F4:16:08:0B
Certificate issuer: /CN=d82e130f6b6bdf6d39280e375df344e6e0a34b3c
Certificate serial: 01857014FC390A37245E632279112BCD517F
Authority key identifier: D8:2E:13:0F:6B:6B:DF:6D:39:28:0E:37:5D:F3:44:E6:E0:A3:4B:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2C4TD2tr3205KA43XfNE5uCjSzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/2daf04-4f76-4333-abf0-238e0b7ae284/1/IrI_D3hi5Q0XQyQaU6NB8PQWCAs.roa
Signing time: Mon 02 Jan 2023 01:25:01 +0000
ROA not before: Mon 02 Jan 2023 01:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50180
IP address blocks: 195.189.166.0/23 maxlen: 23
2001:67c:2ff0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:14:fc:39:0a:37:24:5e:63:22:79:11:2b:cd:51:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82e130f6b6bdf6d39280e375df344e6e0a34b3c
Validity
Not Before: Jan 2 01:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22b23f0f7862e50d1743241a53a341f0f416080b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:04:88:f3:a1:b8:a8:2a:2f:3f:32:2b:46:41:
3d:67:e4:99:3d:65:fc:91:fe:b0:5d:2d:57:59:3a:
65:57:6b:aa:9e:96:ff:dc:d6:0e:f0:dc:ec:91:85:
45:aa:13:fa:49:d8:34:de:1a:ce:d5:66:b9:fc:60:
b5:4b:a6:5d:51:79:f2:42:59:5f:be:c7:7c:ca:c9:
1e:a2:e4:b2:9b:79:61:07:4f:c8:59:fe:4c:99:bd:
a4:27:19:02:75:2a:46:57:db:6a:50:d4:f1:2b:8a:
3d:8f:46:e0:32:21:a1:d7:8e:ec:1d:b4:40:02:22:
76:b9:9f:2a:59:50:0f:44:ac:7b:03:2e:34:8a:40:
3d:1b:ec:4e:bd:89:6a:83:4d:88:7d:94:9b:c8:04:
58:7c:68:98:9b:3e:5a:18:f5:ff:52:f9:38:fd:f3:
03:16:4c:3b:21:80:8d:9e:41:a8:53:a0:b6:aa:f6:
62:0e:4f:84:29:9f:a5:a2:b5:65:22:0f:13:63:b7:
6e:f7:91:79:91:56:63:3a:46:61:dc:dc:52:db:18:
a3:88:d9:d3:3e:bb:c8:e1:4b:29:50:37:4e:c3:09:
32:a1:0a:36:73:ab:2c:c0:99:33:9d:8f:b0:2b:fa:
10:7d:bd:ca:a1:07:82:8b:05:c7:c7:84:a7:09:03:
33:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B2:3F:0F:78:62:E5:0D:17:43:24:1A:53:A3:41:F0:F4:16:08:0B
X509v3 Authority Key Identifier:
keyid:D8:2E:13:0F:6B:6B:DF:6D:39:28:0E:37:5D:F3:44:E6:E0:A3:4B:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2C4TD2tr3205KA43XfNE5uCjSzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2daf04-4f76-4333-abf0-238e0b7ae284/1/IrI_D3hi5Q0XQyQaU6NB8PQWCAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2daf04-4f76-4333-abf0-238e0b7ae284/1/2C4TD2tr3205KA43XfNE5uCjSzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.166.0/23
IPv6:
2001:67c:2ff0::/48
Signature Algorithm: sha256WithRSAEncryption
5e:50:50:e2:61:fc:4d:1a:6e:a1:ba:2c:f9:17:1d:18:f7:a8:
e4:c3:75:64:18:d9:cb:95:71:42:88:1a:2b:90:b8:5b:d2:e1:
59:8b:83:95:43:17:94:d4:50:3b:c1:a4:c3:d9:2e:81:d7:14:
c0:81:c0:87:3f:bc:48:40:cd:12:97:6f:42:64:f5:97:e0:cc:
18:15:6b:51:12:a5:b3:e6:19:f9:42:e6:8b:a1:c9:95:7a:ca:
64:51:91:61:3d:5e:16:1a:c6:59:b5:69:39:50:83:2a:d9:45:
10:16:de:17:a6:df:5f:a6:26:cc:2b:fb:cf:26:38:84:d8:9d:
da:65:5c:4b:a3:b4:c0:27:a4:b6:f0:e5:89:76:44:4a:02:87:
41:c4:26:c2:47:1e:da:01:94:3f:e6:af:3b:79:78:7e:96:b3:
e7:4a:af:69:0a:ef:01:1c:f5:ec:0a:63:2e:2b:f2:01:cb:5a:
63:11:17:b3:00:55:8d:ce:1e:2a:2d:5e:b7:f7:7c:03:2c:00:
4a:9d:8e:84:e8:25:fa:67:73:08:10:6a:fc:f6:20:e4:7e:aa:
08:00:ee:0c:8a:b3:56:2e:c8:ea:8f:ba:ba:ba:4f:b5:6a:38:
9d:b8:cd:7c:e7:3c:de:d2:24:54:7e:06:7c:b7:bc:5a:2a:f6:
b6:fe:f7:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwFPw5CjckXmMieRErzVF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmUxMzBmNmI2YmRmNmQzOTI4MGUzNzVkZjM0NGU2ZTBh
MzRiM2MwHhcNMjMwMTAyMDEyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmIyM2YwZjc4NjJlNTBkMTc0MzI0MWE1M2EzNDFmMGY0MTYwODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwSI86G4qCovPzIrRkE9Z+SZPWX8
kf6wXS1XWTplV2uqnpb/3NYO8NzskYVFqhP6Sdg03hrO1Wa5/GC1S6ZdUXnyQllf
vsd8yskeouSym3lhB0/IWf5Mmb2kJxkCdSpGV9tqUNTxK4o9j0bgMiGh147sHbRA
AiJ2uZ8qWVAPRKx7Ay40ikA9G+xOvYlqg02IfZSbyARYfGiYmz5aGPX/Uvk4/fMD
Fkw7IYCNnkGoU6C2qvZiDk+EKZ+lorVlIg8TY7du95F5kVZjOkZh3NxS2xijiNnT
PrvI4UspUDdOwwkyoQo2c6sswJkznY+wK/oQfb3KoQeCiwXHx4SnCQMzSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCKyPw94YuUNF0MkGlOjQfD0FggLMB8GA1UdIwQY
MBaAFNguEw9ra99tOSgON13zRObgo0s8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkM0VEQydHIzMjA1S0E0M1hmTkU1dUNqU3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGFmMDQtNGY3Ni00MzMzLWFiZjAt
MjM4ZTBiN2FlMjg0LzEvSXJJX0QzaGk1UTBYUXlRYVU2TkI4UFFXQ0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yZGFmMDQtNGY3Ni00MzMzLWFiZjAtMjM4ZTBiN2FlMjg0
LzEvMkM0VEQydHIzMjA1S0E0M1hmTkU1dUNqU3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw72mMA8E
AgACMAkDBwAgAQZ8L/AwDQYJKoZIhvcNAQELBQADggEBAF5QUOJh/E0abqG6LPkX
HRj3qOTDdWQY2cuVcUKIGiuQuFvS4VmLg5VDF5TUUDvBpMPZLoHXFMCBwIc/vEhA
zRKXb0Jk9ZfgzBgVa1ESpbPmGflC5ouhyZV6ymRRkWE9XhYaxlm1aTlQgyrZRRAW
3hem31+mJswr+88mOITYndplXEujtMAnpLbw5Yl2REoCh0HEJsJHHtoBlD/mrzt5
eH6Ws+dKr2kK7wEc9ewKYy4r8gHLWmMRF7MAVY3OHiotXrf3fAMsAEqdjoToJfpn
cwgQavz2IOR+qggA7gyKs1YuyOqPurq6T7VqOJ24zXznPN7SJFR+Bny3vFoq9rb+
94E=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:27 2025 by rpki-client