Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/iBTdGH19pJ99uq0_qrrj2TESGL8.roa
File: iBTdGH19pJ99uq0_qrrj2TESGL8.roa (raw, json)
Hash identifier: /9yEO0SOs/LXz6wSyLWfsprpu5LZpljgkteprpTK2d8=
Subject key identifier: 88:14:DD:18:7D:7D:A4:9F:7D:BA:AD:3F:AA:BA:E3:D9:31:12:18:BF
Certificate issuer: /CN=f826ffe96cdc41efaa8bfb3125862d6594be9827
Certificate serial: 0184E73153C23CDF7900130212DB14513766
Authority key identifier: F8:26:FF:E9:6C:DC:41:EF:AA:8B:FB:31:25:86:2D:65:94:BE:98:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/iBTdGH19pJ99uq0_qrrj2TESGL8.roa
Signing time: Tue 06 Dec 2022 11:28:00 +0000
ROA not before: Tue 06 Dec 2022 11:28:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207592
IP address blocks: 134.76.0.0/16 maxlen: 16
195.12.38.0/24 maxlen: 24
134.76.175.0/24 maxlen: 24
2a06:93c0:1::/48 maxlen: 48
2a06:93c0::/29 maxlen: 29
2a06:93c0:2::/48 maxlen: 48
2a06:93c0::/48 maxlen: 48
2a06:93c0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:31:53:c2:3c:df:79:00:13:02:12:db:14:51:37:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f826ffe96cdc41efaa8bfb3125862d6594be9827
Validity
Not Before: Dec 6 11:28:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8814dd187d7da49f7dbaad3faabae3d9311218bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:37:03:24:48:d2:3a:21:28:09:a4:75:ce:38:
68:17:0d:a5:a1:9e:ea:90:44:eb:c2:a6:de:9d:bd:
de:d9:83:e8:1d:d4:4d:0e:80:ca:e2:4a:4a:fb:6c:
03:7f:42:87:2f:e9:25:f9:25:89:74:6a:c5:64:8d:
f2:e6:9b:e2:48:af:99:a3:55:1b:bf:9a:82:88:b8:
b0:5e:9f:b1:b4:6c:a2:f7:6a:e7:71:f1:ca:f8:2e:
6b:c3:10:81:f3:a7:90:4c:7c:86:b0:54:25:58:e6:
13:c6:a8:0a:71:ef:6e:1b:1c:bf:0a:75:83:d8:f2:
be:0a:5f:d3:04:d3:79:bf:f2:26:3b:4a:9c:de:76:
a0:3c:47:f2:6a:c7:5f:d5:05:be:65:ac:89:fa:37:
39:89:5c:fc:61:71:7d:41:c7:e3:84:7e:9e:25:0c:
bf:d5:83:2c:26:d2:f8:8a:75:73:a5:41:8f:64:9e:
1d:6a:81:a8:e3:bd:7d:bd:bb:99:e7:40:98:d7:ac:
de:92:44:32:44:fc:0e:76:f5:67:45:df:ab:92:d1:
5d:ff:47:4a:83:ed:1d:ca:7d:55:21:71:5e:7f:72:
74:63:e1:c9:bf:9a:51:dc:55:a9:ef:ce:8a:33:06:
24:26:3e:4b:09:83:ec:01:71:f7:eb:6c:33:6b:d6:
a0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:14:DD:18:7D:7D:A4:9F:7D:BA:AD:3F:AA:BA:E3:D9:31:12:18:BF
X509v3 Authority Key Identifier:
keyid:F8:26:FF:E9:6C:DC:41:EF:AA:8B:FB:31:25:86:2D:65:94:BE:98:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/iBTdGH19pJ99uq0_qrrj2TESGL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.76.0.0/16
195.12.38.0/24
IPv6:
2a06:93c0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:16:22:b1:9e:b0:0d:c3:d9:b4:1b:23:30:ff:dc:67:09:97:
99:b3:14:6a:d3:8d:4b:4a:28:ab:ad:42:de:3e:3d:75:af:ce:
2f:00:cd:41:32:47:d5:11:71:2f:55:2e:9d:00:93:50:e0:d3:
5c:e6:8d:f5:2b:1f:25:e1:45:93:f2:cc:28:b3:52:01:03:fc:
42:01:ba:eb:f9:37:c6:6a:87:90:bb:e4:e8:21:89:c6:27:61:
08:5a:e7:d2:08:21:ef:d6:24:c3:b2:e0:ab:fb:8f:8a:55:8e:
3d:f6:89:c6:67:a3:ae:83:11:3c:76:53:c3:4d:16:6f:04:96:
4e:bd:93:79:e9:31:e0:a8:ec:c1:31:63:86:74:17:87:aa:64:
40:fa:19:2a:7d:54:7b:4c:a8:83:c3:d4:13:ca:2a:c6:42:40:
66:24:ed:5d:c3:40:d0:d6:1e:29:6f:d2:2a:59:b1:bb:f1:ec:
93:7e:fb:ed:fa:ca:4f:07:19:eb:fc:8a:ea:67:d4:15:4a:35:
b3:1d:ea:e1:5b:25:a6:e4:da:4c:8c:04:fd:25:ec:3b:8c:5b:
3c:a2:9f:84:eb:03:37:34:80:be:e0:98:dc:1e:28:e4:cd:cc:
56:03:03:10:9e:31:57:31:7b:a2:c8:96:85:59:27:42:0b:5c:
0a:b8:bb:ca
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYTnMVPCPN95ABMCEtsUUTdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjZmZmU5NmNkYzQxZWZhYThiZmIzMTI1ODYyZDY1OTRi
ZTk4MjcwHhcNMjIxMjA2MTEyODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODE0ZGQxODdkN2RhNDlmN2RiYWFkM2ZhYWJhZTNkOTMxMTIxOGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTcDJEjSOiEoCaR1zjhoFw2loZ7q
kETrwqbenb3e2YPoHdRNDoDK4kpK+2wDf0KHL+kl+SWJdGrFZI3y5pviSK+Zo1Ub
v5qCiLiwXp+xtGyi92rncfHK+C5rwxCB86eQTHyGsFQlWOYTxqgKce9uGxy/CnWD
2PK+Cl/TBNN5v/ImO0qc3nagPEfyasdf1QW+ZayJ+jc5iVz8YXF9QcfjhH6eJQy/
1YMsJtL4inVzpUGPZJ4daoGo4719vbuZ50CY16zekkQyRPwOdvVnRd+rktFd/0dK
g+0dyn1VIXFef3J0Y+HJv5pR3FWp786KMwYkJj5LCYPsAXH362wza9agywIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIgU3Rh9faSffbqtP6q649kxEhi/MB8GA1UdIwQY
MBaAFPgm/+ls3EHvqov7MSWGLWWUvpgnMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DYl82V3pjUWUtcWlfc3hKWVl0WlpTLW1DYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIvNmY2ODI2LTFhYWQtNGMzYy1iZDkx
LWNjYTM3ZTJmMjcyOS8xL2lCVGRHSDE5cEo5OXVxMF9xcnJqMlRFU0dMOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjIvNmY2ODI2LTFhYWQtNGMzYy1iZDkxLWNjYTM3ZTJmMjcy
OS8xLzEtQ2JfNld6Y1FlLXFpX3N4SllZdFpaUy1tQ2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMBEEAgABMAsDAwCGTAME
AMMMJjANBAIAAjAHAwUDKgaTwDANBgkqhkiG9w0BAQsFAAOCAQEAThYisZ6wDcPZ
tBsjMP/cZwmXmbMUatONS0ooq61C3j49da/OLwDNQTJH1RFxL1UunQCTUODTXOaN
9SsfJeFFk/LMKLNSAQP8QgG66/k3xmqHkLvk6CGJxidhCFrn0ggh79Ykw7Lgq/uP
ilWOPfaJxmejroMRPHZTw00WbwSWTr2Teekx4KjswTFjhnQXh6pkQPoZKn1Ue0yo
g8PUE8oqxkJAZiTtXcNA0NYeKW/SKlmxu/Hsk3777frKTwcZ6/yK6mfUFUo1sx3q
4VslpuTaTIwE/SXsO4xbPKKfhOsDNzSAvuCY3B4o5M3MVgMDEJ4xVzF7osiWhVkn
QgtcCri7yg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:06 2025 by rpki-client