Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/IUKmtPxxOEibVK3S-RWxmSjDIvg.roa
File: IUKmtPxxOEibVK3S-RWxmSjDIvg.roa (raw, json)
Hash identifier: tuwSfjBCJHJXgrdNw64EuNeCq7ECn/iC6lsaoOhK6qc=
Subject key identifier: 21:42:A6:B4:FC:71:38:48:9B:54:AD:D2:F9:15:B1:99:28:C3:22:F8
Certificate issuer: /CN=492a8e482a81d90c45c4d90ac668a3f2245c0d6d
Certificate serial: 01856EC228172F539C37ABC1C70DAA7DC048
Authority key identifier: 49:2A:8E:48:2A:81:D9:0C:45:C4:D9:0A:C6:68:A3:F2:24:5C:0D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSqOSCqB2QxFxNkKxmij8iRcDW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/IUKmtPxxOEibVK3S-RWxmSjDIvg.roa
Signing time: Sun 01 Jan 2023 19:14:56 +0000
ROA not before: Sun 01 Jan 2023 19:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201259
IP address blocks: 185.60.32.0/24 maxlen: 24
185.60.32.0/22 maxlen: 22
185.60.33.0/24 maxlen: 24
185.60.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:28:17:2f:53:9c:37:ab:c1:c7:0d:aa:7d:c0:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=492a8e482a81d90c45c4d90ac668a3f2245c0d6d
Validity
Not Before: Jan 1 19:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2142a6b4fc7138489b54add2f915b19928c322f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:94:6a:4a:bc:0f:ce:d0:d1:68:37:b6:7b:e4:
a1:49:15:f7:28:34:19:f5:c4:b0:f5:93:be:c6:2c:
74:c5:73:12:a1:65:08:78:86:b0:97:00:af:d7:06:
fe:3e:14:18:9b:5d:0f:ef:42:8f:29:52:b7:05:9b:
31:53:a3:ee:82:aa:75:9f:b2:b3:05:28:99:01:2e:
07:83:ca:39:90:12:4a:d6:be:30:88:f7:34:09:c7:
53:33:da:eb:0d:98:3a:c4:fd:17:c2:2c:b6:89:35:
e3:3d:a5:f0:c4:1b:26:41:d9:c2:57:2d:9b:b8:09:
13:2a:18:8b:ae:53:52:cc:13:c4:3a:8d:83:53:28:
c1:20:4e:86:43:cb:90:74:9a:ee:6f:ad:a7:41:01:
eb:4d:21:76:a3:ae:27:f7:7f:b4:cf:bc:d7:54:1f:
79:55:34:20:d8:ec:f9:21:05:65:52:56:4c:9e:42:
74:dd:f1:85:73:0f:7c:a2:76:b6:75:a3:8d:1c:f9:
09:dd:eb:da:62:14:4b:92:d9:0d:79:3f:4d:a8:18:
a5:fc:46:42:fa:15:18:93:6e:8a:18:1b:7a:6c:da:
4b:65:8e:8e:9a:61:24:fe:50:d4:52:34:ce:a0:fe:
02:17:44:71:4c:0c:b4:b2:1e:5f:94:48:59:36:cb:
12:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:42:A6:B4:FC:71:38:48:9B:54:AD:D2:F9:15:B1:99:28:C3:22:F8
X509v3 Authority Key Identifier:
keyid:49:2A:8E:48:2A:81:D9:0C:45:C4:D9:0A:C6:68:A3:F2:24:5C:0D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSqOSCqB2QxFxNkKxmij8iRcDW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/IUKmtPxxOEibVK3S-RWxmSjDIvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/SSqOSCqB2QxFxNkKxmij8iRcDW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.32.0/22
Signature Algorithm: sha256WithRSAEncryption
12:fa:a3:46:cc:f1:17:9d:9a:a7:9c:46:46:b4:c4:be:28:9b:
a6:34:f1:29:c1:1b:cc:ed:84:ea:d6:00:17:e9:9e:b8:41:1a:
6b:e4:e2:3a:60:7b:ca:0e:94:41:c8:52:39:59:14:34:04:08:
b9:0e:30:6b:97:c9:62:cf:6b:e1:7d:b0:0e:64:1f:03:c4:aa:
50:a6:87:ca:83:2b:cb:de:0a:5d:ad:ac:ca:01:a4:62:a8:41:
15:6b:9f:69:0b:61:ae:d5:8d:e9:1e:9e:0e:d1:ba:fc:c6:41:
98:54:74:a1:42:9d:a8:c4:8b:5d:ed:e6:27:0a:b4:3e:b3:4a:
1a:05:b3:cd:e1:93:8e:eb:62:87:ea:da:81:cd:9a:4b:80:26:
19:af:4f:79:98:60:dd:11:26:fb:e9:88:73:a6:72:d2:c7:6a:
9e:63:a4:54:37:bb:43:a5:99:5f:1e:9d:74:07:a5:96:75:96:
b8:fc:77:12:88:2c:a6:54:b6:85:8b:bc:96:97:9d:cd:65:fb:
8e:0d:e6:ba:f4:2c:ec:0e:4b:02:ce:91:10:c6:64:bf:83:bb:
96:7d:91:6c:aa:57:b8:92:7f:4d:b2:66:4e:0c:39:95:96:8a:
87:e8:9b:5a:2a:8e:a8:2b:9e:93:a0:58:c3:a4:ca:01:07:bb:
72:07:66:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwigXL1OcN6vBxw2qfcBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MmE4ZTQ4MmE4MWQ5MGM0NWM0ZDkwYWM2NjhhM2YyMjQ1
YzBkNmQwHhcNMjMwMTAxMTkxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQyYTZiNGZjNzEzODQ4OWI1NGFkZDJmOTE1YjE5OTI4YzMyMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpRqSrwPztDRaDe2e+ShSRX3KDQZ
9cSw9ZO+xix0xXMSoWUIeIawlwCv1wb+PhQYm10P70KPKVK3BZsxU6Pugqp1n7Kz
BSiZAS4Hg8o5kBJK1r4wiPc0CcdTM9rrDZg6xP0Xwiy2iTXjPaXwxBsmQdnCVy2b
uAkTKhiLrlNSzBPEOo2DUyjBIE6GQ8uQdJrub62nQQHrTSF2o64n93+0z7zXVB95
VTQg2Oz5IQVlUlZMnkJ03fGFcw98ona2daONHPkJ3evaYhRLktkNeT9NqBil/EZC
+hUYk26KGBt6bNpLZY6OmmEk/lDUUjTOoP4CF0RxTAy0sh5flEhZNssS+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFCprT8cThIm1St0vkVsZkowyL4MB8GA1UdIwQY
MBaAFEkqjkgqgdkMRcTZCsZoo/IkXA1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NxT1NDcUIyUXhGeE5rS3htaWo4aVJjRFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iOGVhZGYtODAzNy00ZmFlLThkMmMt
ZTBhM2NiZDA0Nzk2LzEvSVVLbXRQeHhPRWliVkszUy1SV3htU2pESXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iOGVhZGYtODAzNy00ZmFlLThkMmMtZTBhM2NiZDA0Nzk2
LzEvU1NxT1NDcUIyUXhGeE5rS3htaWo4aVJjRFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTwgMA0G
CSqGSIb3DQEBCwUAA4IBAQAS+qNGzPEXnZqnnEZGtMS+KJumNPEpwRvM7YTq1gAX
6Z64QRpr5OI6YHvKDpRByFI5WRQ0BAi5DjBrl8liz2vhfbAOZB8DxKpQpofKgyvL
3gpdrazKAaRiqEEVa59pC2Gu1Y3pHp4O0br8xkGYVHShQp2oxItd7eYnCrQ+s0oa
BbPN4ZOO62KH6tqBzZpLgCYZr095mGDdESb76YhzpnLSx2qeY6RUN7tDpZlfHp10
B6WWdZa4/HcSiCymVLaFi7yWl53NZfuODea69CzsDksCzpEQxmS/g7uWfZFsqle4
kn9NsmZODDmVloqH6JtaKo6oK56ToFjDpMoBB7tyB2bd
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:51:07 2025 by rpki-client