Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/IgcZ3Optto-1oO3L5Us4Rl8U9DQ.roa
File: IgcZ3Optto-1oO3L5Us4Rl8U9DQ.roa (raw, json)
Hash identifier: /GFDK86we0fZ8Tmgcq/2BTexYRjyL9ij4HaH0r5IDOI=
Subject key identifier: 22:07:19:DC:EA:6D:B6:8F:B5:A0:ED:CB:E5:4B:38:46:5F:14:F4:34
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 01877B3AC49C487A4D917ADA2A3281AAEB45
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/IgcZ3Optto-1oO3L5Us4Rl8U9DQ.roa
Signing time: Thu 13 Apr 2023 15:27:41 +0000
ROA not before: Thu 13 Apr 2023 15:27:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35758
IP address blocks: 212.81.40.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:3a:c4:9c:48:7a:4d:91:7a:da:2a:32:81:aa:eb:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Apr 13 15:27:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=220719dcea6db68fb5a0edcbe54b38465f14f434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:95:56:f2:47:90:c3:d1:4b:90:77:8c:34:14:
bf:8b:58:13:79:7c:85:f7:80:31:5c:7d:d5:23:64:
e2:6b:80:b3:db:f0:4e:ea:11:ba:31:27:2b:de:7b:
ff:88:73:6d:01:23:4c:5e:ac:e4:d3:78:db:07:a8:
9e:15:9b:e5:48:ce:a4:99:aa:4f:2b:e7:1c:ce:91:
a7:bb:03:80:c7:31:90:c2:69:8d:00:3f:79:1d:80:
00:d3:63:d4:42:a3:7e:9f:02:b7:84:a9:9d:2b:64:
0f:1c:df:06:dc:27:59:43:6a:ef:97:3f:e6:36:ad:
50:bc:a8:ca:9f:ba:29:af:6c:67:38:45:67:f2:67:
11:d5:06:15:07:ae:3f:5e:3b:ca:34:9f:53:9c:d4:
1f:f8:b4:46:0e:31:3d:c6:3c:5a:20:19:fb:8b:90:
70:07:04:d4:50:e1:18:a3:9e:fa:74:1b:dc:c4:52:
77:96:2e:3c:46:62:08:db:0a:b8:4d:cf:ea:a5:d8:
6b:a3:0d:7a:c0:5f:f8:7a:49:a6:ed:f0:d7:05:80:
72:28:45:c7:1f:72:aa:ee:e2:a8:25:fa:d1:f0:5e:
e1:1f:11:d0:cb:8f:14:30:9f:51:5c:52:8b:a5:99:
8e:56:83:1e:6a:67:06:07:42:6f:e4:70:80:23:c4:
fb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:07:19:DC:EA:6D:B6:8F:B5:A0:ED:CB:E5:4B:38:46:5F:14:F4:34
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/IgcZ3Optto-1oO3L5Us4Rl8U9DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.81.40.0/23
Signature Algorithm: sha256WithRSAEncryption
21:4c:bd:3b:07:26:32:47:f6:a7:33:36:3f:97:dc:4c:6a:fd:
77:4f:e3:5c:32:e9:3c:4b:8a:72:1a:33:c0:66:fd:6f:6f:d8:
84:71:e6:53:db:18:c0:9d:b1:86:87:80:33:f7:96:3a:a4:ea:
d6:bb:2e:a5:e7:98:2c:27:4d:5e:b3:23:0f:f9:d6:90:a7:85:
96:b4:87:6c:0b:77:a0:0c:3e:6c:a1:74:6d:32:b5:f3:7d:c5:
fe:e6:ec:5d:72:c7:70:25:76:a6:0c:be:c2:3e:2c:d9:22:70:
1c:62:9a:6e:51:f6:17:c7:79:cd:eb:a3:f2:91:4f:f7:eb:f9:
77:d2:86:7b:5b:01:b5:d6:f1:9a:f4:0f:2a:cc:8c:69:80:bf:
0c:7d:f1:86:73:01:eb:2b:c5:94:af:83:83:fc:95:e5:3c:ae:
2c:2e:8e:1b:ac:d4:d7:ff:19:ac:91:60:61:29:05:00:d7:69:
e9:45:f1:3d:15:ca:f9:4e:43:1e:60:a3:7e:d1:d4:d8:ce:dd:
ba:d0:0d:b6:32:80:62:4e:f8:ba:f5:32:ac:75:46:41:59:ff:
44:50:6a:f3:f4:3a:78:e0:04:78:ac:6b:88:39:61:2b:22:e4:
d7:0c:63:8e:e2:72:5a:f5:80:03:20:c7:d7:9e:64:ef:05:12:
8a:86:5c:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd7OsScSHpNkXraKjKBqutFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjMwNDEzMTUyNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjA3MTlkY2VhNmRiNjhmYjVhMGVkY2JlNTRiMzg0NjVmMTRmNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpVW8keQw9FLkHeMNBS/i1gTeXyF
94AxXH3VI2Tia4Cz2/BO6hG6MScr3nv/iHNtASNMXqzk03jbB6ieFZvlSM6kmapP
K+cczpGnuwOAxzGQwmmNAD95HYAA02PUQqN+nwK3hKmdK2QPHN8G3CdZQ2rvlz/m
Nq1QvKjKn7opr2xnOEVn8mcR1QYVB64/XjvKNJ9TnNQf+LRGDjE9xjxaIBn7i5Bw
BwTUUOEYo576dBvcxFJ3li48RmII2wq4Tc/qpdhrow16wF/4ekmm7fDXBYByKEXH
H3Kq7uKoJfrR8F7hHxHQy48UMJ9RXFKLpZmOVoMeamcGB0Jv5HCAI8T7GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIHGdzqbbaPtaDty+VLOEZfFPQ0MB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvSWdjWjNPcHR0by0xb08zTDVVczRSbDhVOURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1FEoMA0G
CSqGSIb3DQEBCwUAA4IBAQAhTL07ByYyR/anMzY/l9xMav13T+NcMuk8S4pyGjPA
Zv1vb9iEceZT2xjAnbGGh4Az95Y6pOrWuy6l55gsJ01esyMP+daQp4WWtIdsC3eg
DD5soXRtMrXzfcX+5uxdcsdwJXamDL7CPizZInAcYppuUfYXx3nN66PykU/36/l3
0oZ7WwG11vGa9A8qzIxpgL8MffGGcwHrK8WUr4OD/JXlPK4sLo4brNTX/xmskWBh
KQUA12npRfE9Fcr5TkMeYKN+0dTYzt260A22MoBiTvi69TKsdUZBWf9EUGrz9Dp4
4AR4rGuIOWErIuTXDGOO4nJa9YADIMfXnmTvBRKKhlw9
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:27:19 2025 by rpki-client