Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/3d370c-3295-4306-98dc-f698b05ba971/1/ICqWkctIiMSbGKTe5ZODw7ENsBY.roa
File: ICqWkctIiMSbGKTe5ZODw7ENsBY.roa (raw, json)
Hash identifier: yDduVD9JJURFeNIWBIv4qf+B5Nj23nvTcp/lgAv4vSM=
Subject key identifier: 20:2A:96:91:CB:48:88:C4:9B:18:A4:DE:E5:93:83:C3:B1:0D:B0:16
Certificate issuer: /CN=fd818d93e68571f95c45ebc281598c7c98f32577
Certificate serial: 01851A34055B715EB0929BDAB024F2BD69C7
Authority key identifier: FD:81:8D:93:E6:85:71:F9:5C:45:EB:C2:81:59:8C:7C:98:F3:25:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_YGNk-aFcflcRevCgVmMfJjzJXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/3d370c-3295-4306-98dc-f698b05ba971/1/ICqWkctIiMSbGKTe5ZODw7ENsBY.roa
Signing time: Fri 16 Dec 2022 09:11:34 +0000
ROA not before: Fri 16 Dec 2022 09:11:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5602
IP address blocks: 194.28.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:34:05:5b:71:5e:b0:92:9b:da:b0:24:f2:bd:69:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd818d93e68571f95c45ebc281598c7c98f32577
Validity
Not Before: Dec 16 09:11:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=202a9691cb4888c49b18a4dee59383c3b10db016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:36:a7:be:fc:95:1f:d7:f0:f5:24:87:d2:57:
6f:91:3c:16:b5:1b:60:b0:f7:11:4b:2c:65:c1:9b:
97:97:cb:22:c5:47:6f:49:ba:68:32:1d:e1:77:b0:
a3:93:49:00:df:7c:b0:5b:57:5b:6c:05:ce:a8:54:
a2:9e:23:24:d5:ee:bd:35:75:b1:c5:48:0e:08:69:
87:22:a6:b0:61:00:66:8f:52:aa:ce:e5:93:0c:26:
41:ce:b2:0a:4f:f3:1d:dd:cd:d9:8f:51:43:f4:31:
e1:ff:85:ea:86:80:e0:81:79:f7:46:52:98:9e:91:
a5:f2:03:68:27:5a:c3:c8:1e:8e:b4:a0:a2:36:3a:
c2:9f:a5:f6:a4:48:10:e5:bb:f4:37:b1:3a:4d:ed:
00:fe:5a:d2:f1:2f:11:44:6a:b5:49:39:d5:47:21:
45:fd:71:7e:c4:fc:bb:00:fe:09:12:3e:cb:c0:21:
46:a4:5f:a1:9e:87:a4:51:23:6c:f7:bb:9e:3a:0e:
63:aa:c1:12:44:04:8b:f4:5e:38:d8:d0:cf:8d:b1:
07:23:2b:71:97:e4:0e:77:34:3b:42:51:d1:46:08:
13:f0:bf:77:58:4e:e0:3f:2e:93:95:af:f9:d8:4a:
72:dc:9d:36:25:23:cb:d6:f8:7f:fc:91:92:44:b7:
3c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2A:96:91:CB:48:88:C4:9B:18:A4:DE:E5:93:83:C3:B1:0D:B0:16
X509v3 Authority Key Identifier:
keyid:FD:81:8D:93:E6:85:71:F9:5C:45:EB:C2:81:59:8C:7C:98:F3:25:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_YGNk-aFcflcRevCgVmMfJjzJXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3d370c-3295-4306-98dc-f698b05ba971/1/ICqWkctIiMSbGKTe5ZODw7ENsBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3d370c-3295-4306-98dc-f698b05ba971/1/_YGNk-aFcflcRevCgVmMfJjzJXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.116.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:37:df:59:59:5e:1f:8d:a0:6a:d7:39:46:1d:90:ec:90:69:
a7:e0:40:17:98:17:d3:b3:2e:87:99:51:53:45:52:e8:c6:74:
ea:bc:64:c3:df:1c:16:00:a7:0b:ba:d4:6d:35:d1:de:40:22:
38:73:3a:53:dd:05:53:d9:c9:ba:3a:bc:bb:44:db:30:0d:f0:
3f:74:29:30:22:6b:44:b9:f6:4c:97:c2:a1:c7:88:f5:b9:52:
87:30:f4:3c:2c:82:f9:22:fd:30:b9:8a:ce:ef:20:96:0b:b2:
8a:da:c4:8a:bf:fb:72:9f:27:ca:1f:58:44:d7:cc:f9:4d:88:
77:19:ac:01:b0:0a:17:1c:bc:2e:01:d9:08:e5:dd:f7:13:92:
ed:da:d9:1a:7d:57:f3:b1:98:f0:82:1f:a4:b1:a7:da:00:47:
68:a3:dc:13:5b:a2:5c:eb:42:d0:4b:1f:4f:d1:e2:00:ee:0f:
36:54:d7:c5:35:db:73:d1:0f:49:73:53:ac:43:46:61:fa:e4:
06:52:d2:d6:11:97:f2:00:5e:f7:5e:e1:f3:b1:bd:37:e5:d8:
75:ce:48:4f:d7:52:5d:67:3a:c7:a3:b5:30:e5:be:a0:0b:4e:
e0:fb:a9:d1:e5:36:56:46:25:fc:cc:62:23:b0:c5:8c:00:3d:
90:57:bc:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUaNAVbcV6wkpvasCTyvWnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkODE4ZDkzZTY4NTcxZjk1YzQ1ZWJjMjgxNTk4YzdjOThm
MzI1NzcwHhcNMjIxMjE2MDkxMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDJhOTY5MWNiNDg4OGM0OWIxOGE0ZGVlNTkzODNjM2IxMGRiMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjanvvyVH9fw9SSH0ldvkTwWtRtg
sPcRSyxlwZuXl8sixUdvSbpoMh3hd7Cjk0kA33ywW1dbbAXOqFSiniMk1e69NXWx
xUgOCGmHIqawYQBmj1KqzuWTDCZBzrIKT/Md3c3Zj1FD9DHh/4XqhoDggXn3RlKY
npGl8gNoJ1rDyB6OtKCiNjrCn6X2pEgQ5bv0N7E6Te0A/lrS8S8RRGq1STnVRyFF
/XF+xPy7AP4JEj7LwCFGpF+hnoekUSNs97ueOg5jqsESRASL9F442NDPjbEHIytx
l+QOdzQ7QlHRRggT8L93WE7gPy6Tla/52Epy3J02JSPL1vh//JGSRLc8ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAqlpHLSIjEmxik3uWTg8OxDbAWMB8GA1UdIwQY
MBaAFP2BjZPmhXH5XEXrwoFZjHyY8yV3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1lHTmstYUZjZmxjUmV2Q2dWbU1mSmp6SlhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8zZDM3MGMtMzI5NS00MzA2LTk4ZGMt
ZjY5OGIwNWJhOTcxLzEvSUNxV2tjdElpTVNiR0tUZTVaT0R3N0VOc0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8zZDM3MGMtMzI5NS00MzA2LTk4ZGMtZjY5OGIwNWJhOTcx
LzEvX1lHTmstYUZjZmxjUmV2Q2dWbU1mSmp6SlhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwhx0MA0G
CSqGSIb3DQEBCwUAA4IBAQBeN99ZWV4fjaBq1zlGHZDskGmn4EAXmBfTsy6HmVFT
RVLoxnTqvGTD3xwWAKcLutRtNdHeQCI4czpT3QVT2cm6Ory7RNswDfA/dCkwImtE
ufZMl8Khx4j1uVKHMPQ8LIL5Iv0wuYrO7yCWC7KK2sSKv/tynyfKH1hE18z5TYh3
GawBsAoXHLwuAdkI5d33E5Lt2tkafVfzsZjwgh+ksafaAEdoo9wTW6Jc60LQSx9P
0eIA7g82VNfFNdtz0Q9Jc1OsQ0Zh+uQGUtLWEZfyAF73XuHzsb035dh1zkhP11Jd
ZzrHo7Uw5b6gC07g+6nR5TZWRiX8zGIjsMWMAD2QV7yW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:13 2025 by rpki-client