Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/IhYe0Y9ixgXOqCV5IA9LTxxDkD8.roa
File: IhYe0Y9ixgXOqCV5IA9LTxxDkD8.roa (raw, json)
Hash identifier: kIfTHQ3ekFMOAxZQN/Khjl+KOOI5AuWl9fVf4FCDY1k=
Subject key identifier: 22:16:1E:D1:8F:62:C6:05:CE:A8:25:79:20:0F:4B:4F:1C:43:90:3F
Certificate issuer: /CN=cb1d15194278a29aad57ca375f99588b976ef829
Certificate serial: 12EC4783
Authority key identifier: CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/IhYe0Y9ixgXOqCV5IA9LTxxDkD8.roa
Signing time: Sat 01 Jan 2022 16:11:26 +0000
ROA not before: Sat 01 Jan 2022 16:11:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1930
IP address blocks: 192.86.138.0/24 maxlen: 24
192.92.142.0/24 maxlen: 24
192.82.127.0/24 maxlen: 24
192.88.17.0/24 maxlen: 24
192.88.251.0/24 maxlen: 24
192.88.252.0/24 maxlen: 24
192.88.253.0/24 maxlen: 24
192.88.250.0/24 maxlen: 24
192.88.254.0/24 maxlen: 24
192.135.187.0/24 maxlen: 24
192.68.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317474691 (0x12ec4783)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb1d15194278a29aad57ca375f99588b976ef829
Validity
Not Before: Jan 1 16:11:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22161ed18f62c605cea82579200f4b4f1c43903f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f8:0e:b0:0d:22:f7:6d:ac:cc:87:16:f6:7e:
c2:0e:bb:e6:77:f6:ed:b6:d0:4f:3d:31:50:06:5c:
dc:f2:be:5b:72:9b:da:eb:53:36:2d:9b:5c:08:b3:
96:09:84:4b:84:e3:81:9f:b4:f7:e1:1c:27:c0:57:
47:3c:9c:50:fc:8a:80:77:7e:83:6a:4c:cc:52:43:
96:b0:ae:ff:48:fe:1a:ef:4b:8e:4d:2b:d7:a2:db:
10:18:57:81:f7:74:df:9d:5b:2f:52:b3:5a:f3:88:
81:c8:de:9a:68:a9:31:82:cf:16:cd:5f:c3:82:ef:
aa:88:9b:24:d2:7b:0b:5f:58:5c:9d:be:4b:6b:64:
45:6d:25:d5:52:3a:a2:68:a8:88:87:7d:4b:7b:80:
53:ec:9c:d8:43:d8:f2:22:3b:82:7d:a1:6e:66:df:
6a:53:cf:4d:2f:84:bb:c4:0c:41:c2:4d:b0:d0:4c:
ed:51:d2:71:ba:2a:1c:08:b7:cb:a4:30:b6:44:18:
43:be:16:5b:9c:99:c3:f2:c4:49:40:b5:ec:49:5b:
c8:62:7a:0f:70:0b:b7:69:8c:ef:19:0e:8c:72:11:
08:0e:75:56:91:81:b8:95:20:2c:61:75:9e:5c:6f:
b4:28:42:45:5e:10:0e:88:72:b2:bc:3b:de:86:fb:
9b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:16:1E:D1:8F:62:C6:05:CE:A8:25:79:20:0F:4B:4F:1C:43:90:3F
X509v3 Authority Key Identifier:
keyid:CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/IhYe0Y9ixgXOqCV5IA9LTxxDkD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/yx0VGUJ4opqtV8o3X5lYi5du-Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.68.209.0/24
192.82.127.0/24
192.86.138.0/24
192.88.17.0/24
192.88.250.0-192.88.254.255
192.92.142.0/24
192.135.187.0/24
Signature Algorithm: sha256WithRSAEncryption
30:8a:79:cd:14:57:b9:08:11:7d:9a:b3:dd:97:28:90:b2:35:
6f:64:7e:89:9e:54:dc:0a:6d:0c:e4:38:2c:ca:11:1f:2d:e5:
76:b4:1a:a9:a5:32:b2:ba:85:af:8c:25:f8:40:3b:b8:48:2b:
fa:ac:6c:4f:a9:93:aa:92:fb:09:60:47:4f:42:9c:a2:8f:c4:
a9:0c:d9:c9:b1:a2:d2:ba:18:e2:d0:b4:a9:32:43:4d:96:be:
92:e8:e9:08:55:69:97:37:00:19:12:1b:b4:8a:51:ab:e2:a9:
d0:35:65:1d:2c:91:91:b3:cc:0a:18:df:50:03:28:46:4f:7b:
e6:bb:5e:8b:fb:88:f7:91:92:ba:10:ed:c8:3f:7a:32:d3:ff:
42:57:88:77:87:ea:23:c6:89:5a:96:36:4d:e4:3c:76:b4:28:
39:72:fd:e8:a1:62:5b:82:a7:7c:df:02:3e:25:ac:85:6c:c8:
d9:c4:fc:90:a3:d8:e9:4c:dc:f2:ea:9c:1d:26:90:71:bb:8a:
ea:9e:9b:ad:38:a0:f1:8f:bd:11:4f:45:51:37:74:96:f5:a6:
d6:85:2a:9e:c7:39:f1:7b:69:89:62:df:70:30:d2:ab:16:4c:
ac:0f:d7:02:45:c7:4d:d8:52:3d:5e:20:fa:57:35:5c:05:4d:
b3:a3:9a:30
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEEuxHgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YjFkMTUxOTQyNzhhMjlhYWQ1N2NhMzc1Zjk5NTg4Yjk3NmVmODI5MB4XDTIyMDEw
MTE2MTEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjIxNjFlZDE4ZjYy
YzYwNWNlYTgyNTc5MjAwZjRiNGYxYzQzOTAzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANn4DrANIvdtrMyHFvZ+wg675nf27bbQTz0xUAZc3PK+W3Kb
2utTNi2bXAizlgmES4TjgZ+09+EcJ8BXRzycUPyKgHd+g2pMzFJDlrCu/0j+Gu9L
jk0r16LbEBhXgfd0351bL1KzWvOIgcjemmipMYLPFs1fw4LvqoibJNJ7C19YXJ2+
S2tkRW0l1VI6omioiId9S3uAU+yc2EPY8iI7gn2hbmbfalPPTS+Eu8QMQcJNsNBM
7VHScboqHAi3y6QwtkQYQ74WW5yZw/LESUC17ElbyGJ6D3ALt2mM7xkOjHIRCA51
VpGBuJUgLGF1nlxvtChCRV4QDohysrw73ob7m3sCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBQiFh7Rj2LGBc6oJXkgD0tPHEOQPzAfBgNVHSMEGDAWgBTLHRUZQniimq1X
yjdfmViLl274KTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l4MFZHVUo0b3BxdFY4bzNYNWxZaTVkdS1Day5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvZWIyMzYxLThkMzQtNGZmNC1iM2QxLTFmYjM4NDM1YWY3Ny8x
L0loWWUwWTlpeGdYT3FDVjVJQTlMVHh4RGtEOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
ZWIyMzYxLThkMzQtNGZmNC1iM2QxLTFmYjM4NDM1YWY3Ny8xL3l4MFZHVUo0b3Bx
dFY4bzNYNWxZaTVkdS1Day5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAMBE0QMEAMBSfwMEAMBWigMEAMBY
ETAMAwQBwFj6AwQAwFj+AwQAwFyOAwQAwIe7MA0GCSqGSIb3DQEBCwUAA4IBAQAw
innNFFe5CBF9mrPdlyiQsjVvZH6JnlTcCm0M5DgsyhEfLeV2tBqppTKyuoWvjCX4
QDu4SCv6rGxPqZOqkvsJYEdPQpyij8SpDNnJsaLSuhji0LSpMkNNlr6S6OkIVWmX
NwAZEhu0ilGr4qnQNWUdLJGRs8wKGN9QAyhGT3vmu16L+4j3kZK6EO3IP3oy0/9C
V4h3h+ojxolaljZN5Dx2tCg5cv3ooWJbgqd83wI+JayFbMjZxPyQo9jpTNzy6pwd
JpBxu4rqnputOKDxj70RT0VRN3SW9abWhSqexznxe2mJYt9wMNKrFkysD9cCRcdN
2FI9XiD6VzVcBU2zo5ow
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:39 2024 by rpki-client on console-ams.rpki-client.org