Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/IgOQ66nJ4bTaq-opWWcouQIjS4A.roa
File: IgOQ66nJ4bTaq-opWWcouQIjS4A.roa (raw, json)
Hash identifier: 6py0vAacumv6SqrekGOdNvFVIF2wpQkBQFzIK6g4cbs=
Subject key identifier: 22:03:90:EB:A9:C9:E1:B4:DA:AB:EA:29:59:67:28:B9:02:23:4B:80
Certificate issuer: /CN=896d5866c35093352e7b9e0762c591e08e50f967
Certificate serial: 018572310A776EDF76286002FF72C929748B
Authority key identifier: 89:6D:58:66:C3:50:93:35:2E:7B:9E:07:62:C5:91:E0:8E:50:F9:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW1YZsNQkzUue54HYsWR4I5Q-Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/IgOQ66nJ4bTaq-opWWcouQIjS4A.roa
Signing time: Mon 02 Jan 2023 11:14:54 +0000
ROA not before: Mon 02 Jan 2023 11:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31308
IP address blocks: 193.151.20.0/24 maxlen: 24
193.151.21.0/24 maxlen: 24
2001:67c:2c91::/48 maxlen: 48
2001:67c:2c90::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:0a:77:6e:df:76:28:60:02:ff:72:c9:29:74:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896d5866c35093352e7b9e0762c591e08e50f967
Validity
Not Before: Jan 2 11:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=220390eba9c9e1b4daabea29596728b902234b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3b:73:68:ba:00:3f:68:80:d7:24:05:ab:d8:
7f:f2:45:42:62:05:17:82:05:70:8d:5d:d8:d2:3a:
4f:f8:73:7a:55:df:88:a4:46:3d:12:8b:fd:41:db:
c4:91:e7:7e:09:43:00:e4:1c:db:25:54:d4:25:55:
46:52:d1:5d:0d:ef:2f:5f:d4:a7:fd:05:8b:8e:14:
b7:da:0e:06:f8:43:e4:4f:c6:ca:bf:30:11:05:dc:
ec:7a:6a:96:b1:03:9d:00:90:dc:3a:ef:3d:bb:da:
b0:93:b9:81:a3:29:71:6b:5d:78:51:38:3e:ea:8c:
92:77:44:d0:f9:20:93:6d:15:91:41:1d:34:c4:75:
41:0c:75:ca:e3:9b:0e:12:d7:80:d4:55:0b:86:92:
3c:18:a5:b5:c0:09:fc:dc:23:31:6e:de:79:1d:43:
83:d7:29:e0:a0:0d:b6:29:98:ff:02:71:e8:09:dc:
d4:e8:73:ce:9e:57:84:b7:52:a4:b1:63:1d:77:bb:
fe:9b:64:e3:63:cb:41:bc:b6:33:51:ca:45:3d:e8:
59:53:db:fa:5d:a2:5d:37:f8:99:68:6c:95:38:b8:
a9:d5:4f:a2:12:3c:67:22:2c:96:18:49:5b:d5:a6:
c7:c5:55:a8:88:c1:83:cc:c2:89:6c:4b:5f:5d:54:
f1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:03:90:EB:A9:C9:E1:B4:DA:AB:EA:29:59:67:28:B9:02:23:4B:80
X509v3 Authority Key Identifier:
keyid:89:6D:58:66:C3:50:93:35:2E:7B:9E:07:62:C5:91:E0:8E:50:F9:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW1YZsNQkzUue54HYsWR4I5Q-Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/IgOQ66nJ4bTaq-opWWcouQIjS4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/iW1YZsNQkzUue54HYsWR4I5Q-Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.20.0/23
IPv6:
2001:67c:2c90::/47
Signature Algorithm: sha256WithRSAEncryption
8d:30:20:a0:e8:42:a4:7f:16:6e:a0:47:f4:cd:bc:a1:eb:f1:
2e:25:41:bb:2e:04:b5:26:20:c6:75:87:80:01:8e:4d:98:27:
03:b3:76:f9:f9:49:33:18:84:b3:a3:02:62:47:d9:36:ac:bb:
77:20:61:d5:23:6b:91:52:58:6e:31:4d:fe:f1:4c:21:49:28:
f0:f1:aa:27:e8:de:30:e8:e3:a2:11:cf:bd:cc:95:69:7a:db:
df:b6:0e:6d:0c:00:5a:d6:c4:b1:45:3c:be:68:0d:79:0b:2f:
a9:83:79:15:0f:7d:d9:7c:2b:62:86:ea:ac:8b:e6:af:b6:85:
d5:9c:c2:2f:da:49:76:98:14:50:5f:55:97:e7:8e:7b:86:8e:
90:51:90:89:2d:ea:85:d0:de:da:28:e8:4f:20:26:f8:5e:65:
98:99:81:00:69:a1:fe:c2:53:10:e1:15:6e:29:0f:2e:37:4c:
23:0b:b6:9b:c7:50:3a:e6:72:4d:7c:26:90:ec:8a:d6:c6:ea:
66:aa:09:97:54:ef:70:10:d6:5b:3f:9b:44:23:5c:9b:a8:8b:
28:ea:02:43:42:5b:4e:31:4a:09:5c:10:5b:f4:0c:07:31:99:
32:2d:08:4e:d5:31:34:0a:36:85:aa:9f:7a:ae:41:10:6a:74:
80:5a:d9:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyMQp3bt92KGAC/3LJKXSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmQ1ODY2YzM1MDkzMzUyZTdiOWUwNzYyYzU5MWUwOGU1
MGY5NjcwHhcNMjMwMTAyMTExNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjAzOTBlYmE5YzllMWI0ZGFhYmVhMjk1OTY3MjhiOTAyMjM0YjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDtzaLoAP2iA1yQFq9h/8kVCYgUX
ggVwjV3Y0jpP+HN6Vd+IpEY9Eov9QdvEked+CUMA5BzbJVTUJVVGUtFdDe8vX9Sn
/QWLjhS32g4G+EPkT8bKvzARBdzsemqWsQOdAJDcOu89u9qwk7mBoylxa114UTg+
6oySd0TQ+SCTbRWRQR00xHVBDHXK45sOEteA1FULhpI8GKW1wAn83CMxbt55HUOD
1yngoA22KZj/AnHoCdzU6HPOnleEt1KksWMdd7v+m2TjY8tBvLYzUcpFPehZU9v6
XaJdN/iZaGyVOLip1U+iEjxnIiyWGElb1abHxVWoiMGDzMKJbEtfXVTxywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCIDkOupyeG02qvqKVlnKLkCI0uAMB8GA1UdIwQY
MBaAFIltWGbDUJM1LnueB2LFkeCOUPlnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVcxWVpzTlFrelV1ZTU0SFlzV1I0STVRLVdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85ZDhmMjEtYjI3Zi00MzVkLWE3YjUt
Nzg0NjI0YTdiNDdlLzEvSWdPUTY2bko0YlRhcS1vcFdXY291UUlqUzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85ZDhmMjEtYjI3Zi00MzVkLWE3YjUtNzg0NjI0YTdiNDdl
LzEvaVcxWVpzTlFrelV1ZTU0SFlzV1I0STVRLVdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwZcUMA8E
AgACMAkDBwEgAQZ8LJAwDQYJKoZIhvcNAQELBQADggEBAI0wIKDoQqR/Fm6gR/TN
vKHr8S4lQbsuBLUmIMZ1h4ABjk2YJwOzdvn5STMYhLOjAmJH2Tasu3cgYdUja5FS
WG4xTf7xTCFJKPDxqifo3jDo46IRz73MlWl629+2Dm0MAFrWxLFFPL5oDXkLL6mD
eRUPfdl8K2KG6qyL5q+2hdWcwi/aSXaYFFBfVZfnjnuGjpBRkIkt6oXQ3too6E8g
JvheZZiZgQBpof7CUxDhFW4pDy43TCMLtpvHUDrmck18JpDsitbG6maqCZdU73AQ
1ls/m0QjXJuoiyjqAkNCW04xSglcEFv0DAcxmTItCE7VMTQKNoWqn3quQRBqdIBa
2cY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:58:34 2025 by rpki-client