Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/IiBC97gHyf9zyu7y0ltPxFqteYU.roa
File: IiBC97gHyf9zyu7y0ltPxFqteYU.roa (raw, json)
Hash identifier: NC1jZcRn21m0QoRO+lxbPI5N/FUd0IPJJUr6H2hDSZM=
Subject key identifier: 22:20:42:F7:B8:07:C9:FF:73:CA:EE:F2:D2:5B:4F:C4:5A:AD:79:85
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 01856F8B9057B7B64E350737CE752BD0B1E6
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/IiBC97gHyf9zyu7y0ltPxFqteYU.roa
Signing time: Sun 01 Jan 2023 22:54:55 +0000
ROA not before: Sun 01 Jan 2023 22:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210092
IP address blocks: 185.190.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:90:57:b7:b6:4e:35:07:37:ce:75:2b:d0:b1:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 1 22:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=222042f7b807c9ff73caeef2d25b4fc45aad7985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f2:73:d0:4e:99:0b:19:bb:a3:ca:1e:7e:17:
00:99:87:7c:0f:9d:97:f9:c4:13:6f:e1:c1:1d:06:
fd:79:f8:63:55:50:4c:3c:d3:1e:3f:60:e0:08:dc:
ea:cb:a5:4c:85:46:be:f5:91:2f:a3:f7:75:18:0b:
55:c0:08:b6:74:85:25:e1:c9:b8:a6:59:d8:eb:47:
c6:5c:8e:71:fd:73:34:e2:5f:f0:be:67:b0:e5:af:
a0:a5:29:e9:b8:c5:d1:50:62:46:00:51:18:81:68:
b7:80:0d:e4:d8:fa:ef:90:88:64:c3:d2:47:27:a7:
f9:a4:91:9d:3a:b5:b0:30:b6:42:37:40:98:ab:5d:
de:03:76:34:a6:43:6d:ba:c0:93:00:58:83:5f:6d:
4f:5f:a2:95:4a:14:0c:90:71:76:3f:84:e6:7a:c1:
01:f4:2e:f6:d2:22:b9:d3:54:cc:fe:db:27:0d:b3:
42:69:5e:84:af:99:c1:e2:66:85:7f:cd:e0:4e:c5:
c1:b5:35:19:8a:c1:d5:6c:da:de:4e:86:45:92:e0:
67:c0:25:54:3d:ac:53:a4:0c:c6:85:23:49:59:ae:
d9:57:b1:e6:1b:51:86:3f:ad:cf:43:63:3a:fc:ee:
b4:fe:57:ae:4a:dc:a8:47:11:6d:77:ad:d3:57:8e:
b2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:20:42:F7:B8:07:C9:FF:73:CA:EE:F2:D2:5B:4F:C4:5A:AD:79:85
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/IiBC97gHyf9zyu7y0ltPxFqteYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.150.0/24
Signature Algorithm: sha256WithRSAEncryption
92:b5:1d:ee:55:91:9d:5c:6f:70:89:71:79:1d:25:71:29:be:
8d:e2:5b:75:eb:13:82:9f:ed:ca:ad:c9:e9:ef:fb:5c:bc:3b:
69:57:97:5d:70:23:4e:7e:97:27:f6:24:1c:79:0d:d3:7f:a6:
91:f4:00:cf:89:cc:44:64:bd:57:05:71:69:bd:fb:d3:e1:f1:
20:d5:14:81:49:52:63:1e:2a:da:57:c5:d4:da:b6:66:ee:bd:
c7:a8:6f:46:bb:56:6b:36:da:59:37:fa:f6:22:c3:fd:08:3c:
5c:49:8e:6e:8c:82:9f:60:0d:8b:7e:e4:21:11:2c:78:d9:10:
5e:41:72:d0:78:6e:d2:45:bb:fb:0b:d2:30:11:72:69:0f:0b:
d4:01:45:3c:8c:85:81:03:28:63:bc:67:a2:ac:bd:f0:f3:48:
a0:92:3a:c8:11:90:95:98:b3:94:66:a2:94:dc:c9:b7:41:82:
91:0e:40:6e:c5:66:df:8b:a9:ec:71:e5:81:98:c6:36:fa:12:
41:e5:d0:b6:e6:79:53:b6:1b:04:42:af:d5:76:d2:a7:38:7b:
8a:55:3b:4c:f9:8b:a3:44:06:4d:5b:b7:3f:d9:0c:36:f0:e6:
72:55:25:16:04:6a:4d:1a:70:71:8e:47:3d:43:4a:eb:78:b7:
a9:fe:d3:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi5BXt7ZONQc3znUr0LHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjMwMTAxMjI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjIwNDJmN2I4MDdjOWZmNzNjYWVlZjJkMjViNGZjNDVhYWQ3OTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPJz0E6ZCxm7o8oefhcAmYd8D52X
+cQTb+HBHQb9efhjVVBMPNMeP2DgCNzqy6VMhUa+9ZEvo/d1GAtVwAi2dIUl4cm4
plnY60fGXI5x/XM04l/wvmew5a+gpSnpuMXRUGJGAFEYgWi3gA3k2PrvkIhkw9JH
J6f5pJGdOrWwMLZCN0CYq13eA3Y0pkNtusCTAFiDX21PX6KVShQMkHF2P4TmesEB
9C720iK501TM/tsnDbNCaV6Er5nB4maFf83gTsXBtTUZisHVbNreToZFkuBnwCVU
PaxTpAzGhSNJWa7ZV7HmG1GGP63PQ2M6/O60/leuStyoRxFtd63TV46yBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIgQve4B8n/c8ru8tJbT8RarXmFMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvSWlCQzk3Z0h5Zjl6eXU3eTBsdFB4RnF0ZVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub6WMA0G
CSqGSIb3DQEBCwUAA4IBAQCStR3uVZGdXG9wiXF5HSVxKb6N4lt16xOCn+3Krcnp
7/tcvDtpV5ddcCNOfpcn9iQceQ3Tf6aR9ADPicxEZL1XBXFpvfvT4fEg1RSBSVJj
HiraV8XU2rZm7r3HqG9Gu1ZrNtpZN/r2IsP9CDxcSY5ujIKfYA2LfuQhESx42RBe
QXLQeG7SRbv7C9IwEXJpDwvUAUU8jIWBAyhjvGeirL3w80igkjrIEZCVmLOUZqKU
3Mm3QYKRDkBuxWbfi6nsceWBmMY2+hJB5dC25nlTthsEQq/VdtKnOHuKVTtM+Yuj
RAZNW7c/2Qw28OZyVSUWBGpNGnBxjkc9Q0rreLep/tNG
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:57:58 2025 by rpki-client