Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/IYdgxyk8bzrgfUfKMtDiKxUjTc4.roa
File: IYdgxyk8bzrgfUfKMtDiKxUjTc4.roa (raw, json)
Hash identifier: KAPNuveoffkTIOqk8z5ewC7Qyk51QL+1Pew6/KUy11A=
Subject key identifier: 21:87:60:C7:29:3C:6F:3A:E0:7D:47:CA:32:D0:E2:2B:15:23:4D:CE
Certificate issuer: /CN=9416fa6a90ed94e221db69d21fcdda7c66d13c91
Certificate serial: 018AA77977911C2025727C317A17032EB9A0
Authority key identifier: 94:16:FA:6A:90:ED:94:E2:21:DB:69:D2:1F:CD:DA:7C:66:D1:3C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/IYdgxyk8bzrgfUfKMtDiKxUjTc4.roa
Signing time: Mon 18 Sep 2023 08:47:50 +0000
ROA not before: Mon 18 Sep 2023 08:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39180
IP address blocks: 94.231.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:79:77:91:1c:20:25:72:7c:31:7a:17:03:2e:b9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9416fa6a90ed94e221db69d21fcdda7c66d13c91
Validity
Not Before: Sep 18 08:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=218760c7293c6f3ae07d47ca32d0e22b15234dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b9:fb:8a:72:48:5e:7a:60:94:f9:ae:13:04:
82:fc:99:5a:6b:93:8c:f6:9e:7a:2a:7c:c0:52:32:
fc:0b:c2:ac:78:2f:4e:1d:3b:31:dd:a0:9a:5d:f1:
e3:55:78:22:74:17:f2:c3:9b:1b:c6:1d:22:35:38:
db:d6:3e:1c:28:4c:56:64:ee:4b:47:e6:d8:4b:41:
75:fe:dc:4b:39:66:2c:5e:c4:7d:70:f1:3c:b4:f3:
af:65:44:9e:21:7c:6a:80:42:44:65:9c:ec:82:6c:
93:9a:c4:79:e6:4f:dd:fb:ed:e6:d1:9c:75:77:e9:
54:c1:68:2d:d9:12:15:bb:b7:5d:72:8b:d7:b9:26:
b6:0d:13:b1:8e:a0:62:64:f5:13:1d:7a:67:54:b9:
8c:9d:ad:ab:f7:d1:5b:71:94:da:84:95:65:e2:a5:
7e:56:2e:38:8e:67:c3:a7:c0:bb:ba:e7:6c:91:75:
35:04:98:e6:c9:9d:a0:61:fe:a1:dd:c5:0a:dc:de:
cc:30:26:25:1d:1a:a2:77:14:b3:6f:11:cb:a0:43:
de:fb:3a:cb:24:39:96:be:21:ad:a7:5d:fe:ca:e3:
1f:6d:a4:d9:dc:68:ec:18:7b:b1:9e:c0:26:f8:35:
70:14:23:ae:42:f0:9c:2e:1d:2b:a9:27:89:de:94:
04:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:87:60:C7:29:3C:6F:3A:E0:7D:47:CA:32:D0:E2:2B:15:23:4D:CE
X509v3 Authority Key Identifier:
keyid:94:16:FA:6A:90:ED:94:E2:21:DB:69:D2:1F:CD:DA:7C:66:D1:3C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/IYdgxyk8bzrgfUfKMtDiKxUjTc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/lBb6apDtlOIh22nSH83afGbRPJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.206.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:0a:da:f8:b4:1f:7d:eb:2b:38:82:c1:15:59:65:1e:ab:5b:
4f:08:1a:19:e0:d8:87:fe:6e:9a:c9:1f:85:e9:34:24:38:d8:
02:24:21:59:be:28:a5:64:7c:5a:80:ff:bb:f2:7a:b4:07:9a:
ec:67:a1:0b:44:c9:3f:a8:f3:3c:bf:b7:0d:93:b7:8b:8c:b1:
a1:4d:47:1f:ab:2b:82:55:ac:26:fa:9b:97:27:41:e6:1f:4e:
25:ef:20:c1:36:7a:63:28:e9:79:c4:2e:cc:e0:9d:d8:ea:2f:
ed:6c:b1:45:5d:f1:97:06:10:05:1a:fc:5e:de:fa:69:d6:9f:
9b:66:5f:e0:94:35:8a:d3:ea:da:62:93:fb:26:25:26:d8:be:
f9:5d:08:ed:ac:88:85:ff:a9:73:25:e2:81:49:52:6e:33:86:
67:b7:8c:f7:1d:8b:87:d9:d2:ec:34:3d:35:f9:dc:9e:9b:55:
df:8f:35:99:96:10:d2:4b:e4:4a:87:de:04:a1:aa:38:59:07:
36:bb:86:cb:b5:db:bf:90:6a:2a:79:1c:8c:2a:20:40:8d:91:
06:ab:f3:6f:47:de:9c:bf:01:8f:5b:8e:73:cf:c2:54:03:71:
9d:96:13:cd:50:d6:78:c3:41:71:86:a3:36:36:22:39:97:1a:
cd:2e:cf:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqneXeRHCAlcnwxehcDLrmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTZmYTZhOTBlZDk0ZTIyMWRiNjlkMjFmY2RkYTdjNjZk
MTNjOTEwHhcNMjMwOTE4MDg0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTg3NjBjNzI5M2M2ZjNhZTA3ZDQ3Y2EzMmQwZTIyYjE1MjM0ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubn7inJIXnpglPmuEwSC/Jlaa5OM
9p56KnzAUjL8C8KseC9OHTsx3aCaXfHjVXgidBfyw5sbxh0iNTjb1j4cKExWZO5L
R+bYS0F1/txLOWYsXsR9cPE8tPOvZUSeIXxqgEJEZZzsgmyTmsR55k/d++3m0Zx1
d+lUwWgt2RIVu7ddcovXuSa2DROxjqBiZPUTHXpnVLmMna2r99FbcZTahJVl4qV+
Vi44jmfDp8C7uudskXU1BJjmyZ2gYf6h3cUK3N7MMCYlHRqidxSzbxHLoEPe+zrL
JDmWviGtp13+yuMfbaTZ3GjsGHuxnsAm+DVwFCOuQvCcLh0rqSeJ3pQEeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCGHYMcpPG864H1HyjLQ4isVI03OMB8GA1UdIwQY
MBaAFJQW+mqQ7ZTiIdtp0h/N2nxm0TyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJiNmFwRHRsT0loMjJuU0g4M2FmR2JSUEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wMzYyMTMtNzRiMS00MjVjLTllNTYt
N2RlOTEwZTAwYmVkLzEvSVlkZ3h5azhienJnZlVmS010RGlLeFVqVGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wMzYyMTMtNzRiMS00MjVjLTllNTYtN2RlOTEwZTAwYmVk
LzEvbEJiNmFwRHRsT0loMjJuU0g4M2FmR2JSUEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXufOMA0G
CSqGSIb3DQEBCwUAA4IBAQCcCtr4tB996ys4gsEVWWUeq1tPCBoZ4NiH/m6ayR+F
6TQkONgCJCFZviilZHxagP+78nq0B5rsZ6ELRMk/qPM8v7cNk7eLjLGhTUcfqyuC
Vawm+puXJ0HmH04l7yDBNnpjKOl5xC7M4J3Y6i/tbLFFXfGXBhAFGvxe3vpp1p+b
Zl/glDWK0+raYpP7JiUm2L75XQjtrIiF/6lzJeKBSVJuM4Znt4z3HYuH2dLsND01
+dyem1XfjzWZlhDSS+RKh94Eoao4WQc2u4bLtdu/kGoqeRyMKiBAjZEGq/NvR96c
vwGPW45zz8JUA3GdlhPNUNZ4w0FxhqM2NiI5lxrNLs9v
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:58:19 2025 by rpki-client