Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/67335c-362c-47af-9fb9-12c6b0fd7f73/1/IUAg_ev9arDA0YHYnpHQyUejXGs.roa
File: IUAg_ev9arDA0YHYnpHQyUejXGs.roa (raw, json)
Hash identifier: zXyHeCi9ra0d8JGOcEuhFtT35UeOqOv1dUy9bTGs5F4=
Subject key identifier: 21:40:20:FD:EB:FD:6A:B0:C0:D1:81:D8:9E:91:D0:C9:47:A3:5C:6B
Certificate issuer: /CN=c7db9986c053ab7948a12c3d0c84ceeb93a6d63d
Certificate serial: 09952DEE
Authority key identifier: C7:DB:99:86:C0:53:AB:79:48:A1:2C:3D:0C:84:CE:EB:93:A6:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x9uZhsBTq3lIoSw9DITO65Om1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/67335c-362c-47af-9fb9-12c6b0fd7f73/1/IUAg_ev9arDA0YHYnpHQyUejXGs.roa
Signing time: Sat 01 Jan 2022 08:54:41 +0000
ROA not before: Sat 01 Jan 2022 08:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61001
IP address blocks: 185.19.40.0/22 maxlen: 22
185.19.40.0/24 maxlen: 24
185.19.41.0/24 maxlen: 24
2a04:1000::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160771566 (0x9952dee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7db9986c053ab7948a12c3d0c84ceeb93a6d63d
Validity
Not Before: Jan 1 08:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=214020fdebfd6ab0c0d181d89e91d0c947a35c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:95:d2:0a:22:85:09:00:40:41:7d:87:2b:4b:
5a:da:b4:95:58:93:fa:08:52:4d:bb:9f:54:e3:cc:
4a:5d:01:e8:cd:4f:0a:6e:0e:7c:2d:7b:fc:27:5c:
b3:98:0d:37:65:e0:ba:7d:43:70:f7:bb:83:72:5a:
44:e4:70:4b:1d:ae:a7:2a:d7:b2:4d:cd:44:06:1c:
cc:75:e0:c5:c6:98:66:28:81:5b:3c:dc:63:82:05:
f6:55:7b:91:22:79:33:02:ec:55:50:7c:04:e4:01:
ff:48:05:0d:20:c9:b1:98:c6:14:3f:49:9c:5f:d7:
db:d7:db:ce:29:0e:f7:fc:05:5a:ff:92:cf:17:63:
78:92:22:2d:9e:b1:c5:14:aa:e5:fc:b6:55:6a:a2:
90:d5:19:6c:2e:d0:4a:97:82:97:27:d9:66:91:51:
6d:ad:13:25:76:e4:a2:70:c0:ad:82:0b:c3:98:38:
9c:bf:a3:1d:30:01:d4:7c:7d:0a:09:44:bd:77:18:
0f:c7:d2:d8:24:3c:65:50:19:55:38:3e:fb:80:39:
b5:96:52:77:1d:e9:e1:2b:02:06:26:74:c6:75:4a:
51:8f:58:12:7b:43:22:21:72:4e:02:fa:db:a8:2e:
61:67:c1:d3:cc:f9:96:60:b7:5c:1c:6f:61:94:29:
d9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:40:20:FD:EB:FD:6A:B0:C0:D1:81:D8:9E:91:D0:C9:47:A3:5C:6B
X509v3 Authority Key Identifier:
keyid:C7:DB:99:86:C0:53:AB:79:48:A1:2C:3D:0C:84:CE:EB:93:A6:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x9uZhsBTq3lIoSw9DITO65Om1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/67335c-362c-47af-9fb9-12c6b0fd7f73/1/IUAg_ev9arDA0YHYnpHQyUejXGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/67335c-362c-47af-9fb9-12c6b0fd7f73/1/x9uZhsBTq3lIoSw9DITO65Om1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.40.0/22
IPv6:
2a04:1000::/29
Signature Algorithm: sha256WithRSAEncryption
76:57:39:b8:8f:40:2b:4e:68:d1:ea:7f:2e:75:bd:67:35:b0:
5d:8e:af:58:af:34:c3:6b:a5:83:e5:28:bc:8f:b7:6f:9b:b3:
26:30:5b:29:0d:33:c6:fc:25:57:07:58:e6:08:b1:52:29:8d:
54:66:3f:8a:56:be:62:eb:0a:ca:19:b6:30:4d:75:c5:e9:14:
00:fc:4f:7d:d1:67:04:7c:67:3b:96:ed:78:60:04:a7:25:d9:
e0:55:09:56:00:1a:13:ef:8e:98:e3:50:d9:1b:73:4f:79:bc:
20:d0:39:90:26:91:80:fb:ae:58:a0:3e:ab:5f:57:d6:e4:4c:
f8:64:29:89:ef:7c:d4:66:03:34:c9:91:dd:73:cc:b6:0f:a7:
63:98:fd:75:33:1f:ba:ec:b2:93:30:6b:77:27:26:33:10:a3:
6f:2a:c6:0a:54:2b:99:e8:a5:4b:8e:26:82:de:f6:d2:d1:93:
25:15:cb:a2:97:a9:b7:60:cb:09:1f:a8:08:bd:9a:04:17:fc:
43:b7:3c:cf:2e:aa:3e:50:bb:97:99:1f:cb:55:0f:b6:e2:f2:
72:8f:d5:bf:b3:b7:d6:b7:9c:2c:2a:35:89:7e:c7:79:76:37:
b8:71:38:b8:d4:2b:bb:1b:e8:a7:48:20:84:a9:f0:20:43:94:
b8:66:e7:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECZUt7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
N2RiOTk4NmMwNTNhYjc5NDhhMTJjM2QwYzg0Y2VlYjkzYTZkNjNkMB4XDTIyMDEw
MTA4NTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE0MDIwZmRlYmZk
NmFiMGMwZDE4MWQ4OWU5MWQwYzk0N2EzNWM2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGV0goihQkAQEF9hytLWtq0lViT+ghSTbufVOPMSl0B6M1P
Cm4OfC17/Cdcs5gNN2Xgun1DcPe7g3JaRORwSx2upyrXsk3NRAYczHXgxcaYZiiB
WzzcY4IF9lV7kSJ5MwLsVVB8BOQB/0gFDSDJsZjGFD9JnF/X29fbzikO9/wFWv+S
zxdjeJIiLZ6xxRSq5fy2VWqikNUZbC7QSpeClyfZZpFRba0TJXbkonDArYILw5g4
nL+jHTAB1Hx9CglEvXcYD8fS2CQ8ZVAZVTg++4A5tZZSdx3p4SsCBiZ0xnVKUY9Y
EntDIiFyTgL626guYWfB08z5lmC3XBxvYZQp2bcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQhQCD96/1qsMDRgdiekdDJR6NcazAfBgNVHSMEGDAWgBTH25mGwFOreUih
LD0MhM7rk6bWPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g5dVpoc0JUcTNsSW9TdzlESVRPNjVPbTFqMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvNjczMzVjLTM2MmMtNDdhZi05ZmI5LTEyYzZiMGZkN2Y3My8x
L0lVQWdfZXY5YXJEQTBZSFlucEhReVVlalhHcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
NjczMzVjLTM2MmMtNDdhZi05ZmI5LTEyYzZiMGZkN2Y3My8xL3g5dVpoc0JUcTNs
SW9TdzlESVRPNjVPbTFqMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkTKDANBAIAAjAHAwUDKgQQADAN
BgkqhkiG9w0BAQsFAAOCAQEAdlc5uI9AK05o0ep/LnW9ZzWwXY6vWK80w2ulg+Uo
vI+3b5uzJjBbKQ0zxvwlVwdY5gixUimNVGY/ila+YusKyhm2ME11xekUAPxPfdFn
BHxnO5bteGAEpyXZ4FUJVgAaE++OmONQ2RtzT3m8INA5kCaRgPuuWKA+q19X1uRM
+GQpie981GYDNMmR3XPMtg+nY5j9dTMfuuyykzBrdycmMxCjbyrGClQrmeilS44m
gt720tGTJRXLopept2DLCR+oCL2aBBf8Q7c8zy6qPlC7l5kfy1UPtuLyco/Vv7O3
1recLCo1iX7HeXY3uHE4uNQruxvop0gghKnwIEOUuGbnGA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:02 2025 by rpki-client