Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/i1ZTEdWz4yXc2ZEsUnOJlHVXtN8.roa
File: i1ZTEdWz4yXc2ZEsUnOJlHVXtN8.roa (raw, json)
Hash identifier: syKLa2jRLxYO46yRRlY2BrMtlOO2e/GSSn1SdXqVm9g=
Subject key identifier: 8B:56:53:11:D5:B3:E3:25:DC:D9:91:2C:52:73:89:94:75:57:B4:DF
Certificate issuer: /CN=0032534e8d560d73553c632bba10344a7c816614
Certificate serial: 01856D9D45D363B62769E1DC96FC6EAFE738
Authority key identifier: 00:32:53:4E:8D:56:0D:73:55:3C:63:2B:BA:10:34:4A:7C:81:66:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADJTTo1WDXNVPGMruhA0SnyBZhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/i1ZTEdWz4yXc2ZEsUnOJlHVXtN8.roa
Signing time: Sun 01 Jan 2023 13:55:01 +0000
ROA not before: Sun 01 Jan 2023 13:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1820
IP address blocks: 91.202.108.0/22 maxlen: 32
194.246.99.0/24 maxlen: 32
193.110.100.0/23 maxlen: 32
194.28.196.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:45:d3:63:b6:27:69:e1:dc:96:fc:6e:af:e7:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0032534e8d560d73553c632bba10344a7c816614
Validity
Not Before: Jan 1 13:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b565311d5b3e325dcd9912c527389947557b4df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5c:68:eb:69:62:66:b1:6a:f4:9c:fa:a3:7c:
1d:f2:d5:09:7e:02:9e:21:61:40:95:d4:a6:98:0c:
cc:38:8b:3f:f7:89:c4:b0:df:0d:3e:0f:02:ce:95:
17:b9:36:28:a0:68:6f:56:f8:fd:4c:50:64:00:53:
b7:aa:f7:fb:e7:7e:ea:1a:07:71:68:6e:05:20:7e:
07:50:96:4a:42:6e:3e:d8:d9:41:be:5f:20:c2:d5:
98:db:18:fc:39:24:91:33:23:7c:5f:80:fc:19:c0:
d3:48:28:3e:11:68:27:8e:86:cc:ca:fa:49:4d:0c:
a0:e4:89:74:5b:0c:5d:ee:37:9c:91:53:0d:05:02:
2d:c3:1b:18:f0:3c:a9:3d:43:14:12:95:6e:3e:4e:
e7:22:1f:67:06:5a:0e:70:be:2b:41:c1:8a:db:e7:
86:73:fe:26:50:44:96:77:9b:04:40:13:e1:ff:9f:
ce:d9:5f:2b:95:47:5f:86:ec:e9:38:4c:da:43:56:
e7:d1:93:bb:0c:1a:ec:01:7b:c3:9c:67:e9:d0:05:
49:a8:5f:db:87:a3:7d:fd:dd:e9:af:67:d3:37:cf:
99:2f:61:45:3b:61:4e:a2:e4:3b:6d:b7:06:0e:5e:
a1:22:1e:b0:be:b9:95:f0:19:05:0c:f9:36:44:ef:
0c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:56:53:11:D5:B3:E3:25:DC:D9:91:2C:52:73:89:94:75:57:B4:DF
X509v3 Authority Key Identifier:
keyid:00:32:53:4E:8D:56:0D:73:55:3C:63:2B:BA:10:34:4A:7C:81:66:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADJTTo1WDXNVPGMruhA0SnyBZhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/i1ZTEdWz4yXc2ZEsUnOJlHVXtN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/ADJTTo1WDXNVPGMruhA0SnyBZhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.108.0/22
193.110.100.0/23
194.28.196.0/22
194.246.99.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:0a:cf:72:2a:85:12:fc:53:d4:bf:5e:25:c1:50:08:0f:d3:
0f:a2:7e:f8:96:61:01:73:dc:6d:ea:37:6d:05:1d:9f:66:c7:
bd:25:5c:99:c2:30:b0:64:de:e9:c2:da:b5:4e:ea:a4:6a:a2:
33:93:c9:41:31:d8:78:13:7b:2a:97:60:75:eb:b8:e8:08:c0:
4b:ab:06:c8:f3:68:5f:55:d8:fd:24:69:33:a2:17:cd:2e:82:
4c:22:21:44:4c:fb:6c:1b:40:b3:c2:3d:56:de:07:8c:bb:f4:
c2:2e:16:e3:de:4d:48:29:15:e6:12:73:35:f4:ab:60:99:cf:
1c:71:74:52:63:d2:d3:0c:dd:6d:f0:65:0e:71:14:bd:0f:d9:
28:ff:bb:8d:32:a6:f1:09:25:a9:fd:b4:3f:60:13:43:39:1a:
8c:a2:70:cc:a3:20:b7:6b:17:74:e6:c4:fb:42:73:cb:5e:8f:
f9:42:2c:4e:22:82:8d:da:0b:0a:fa:56:49:a3:ff:e4:b2:ae:
8a:1d:62:13:5f:62:2a:e4:bd:9f:e2:29:a3:74:df:05:91:4a:
05:bb:b6:51:50:f8:47:09:ed:15:ea:e4:0b:22:b2:e8:f5:02:
44:ff:ff:dc:85:a4:2e:ec:d0:8b:99:d8:41:63:49:92:65:0a:
70:c3:0b:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtnUXTY7YnaeHclvxur+c4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMzI1MzRlOGQ1NjBkNzM1NTNjNjMyYmJhMTAzNDRhN2M4
MTY2MTQwHhcNMjMwMTAxMTM1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjU2NTMxMWQ1YjNlMzI1ZGNkOTkxMmM1MjczODk5NDc1NTdiNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylxo62liZrFq9Jz6o3wd8tUJfgKe
IWFAldSmmAzMOIs/94nEsN8NPg8CzpUXuTYooGhvVvj9TFBkAFO3qvf7537qGgdx
aG4FIH4HUJZKQm4+2NlBvl8gwtWY2xj8OSSRMyN8X4D8GcDTSCg+EWgnjobMyvpJ
TQyg5Il0Wwxd7jeckVMNBQItwxsY8DypPUMUEpVuPk7nIh9nBloOcL4rQcGK2+eG
c/4mUESWd5sEQBPh/5/O2V8rlUdfhuzpOEzaQ1bn0ZO7DBrsAXvDnGfp0AVJqF/b
h6N9/d3pr2fTN8+ZL2FFO2FOouQ7bbcGDl6hIh6wvrmV8BkFDPk2RO8MUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFItWUxHVs+Ml3NmRLFJziZR1V7TfMB8GA1UdIwQY
MBaAFAAyU06NVg1zVTxjK7oQNEp8gWYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURKVFRvMVdEWE5WUEdNcnVoQTBTbnlCWmhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9kZWUxZWUtOTM4NC00NWFiLWE3MGEt
NWVhZTZlZDU4Mzc1LzEvaTFaVEVkV3o0eVhjMlpFc1VuT0psSFZYdE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9kZWUxZWUtOTM4NC00NWFiLWE3MGEtNWVhZTZlZDU4Mzc1
LzEvQURKVFRvMVdEWE5WUEdNcnVoQTBTbnlCWmhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8psAwQB
wW5kAwQCwhzEAwQAwvZjMA0GCSqGSIb3DQEBCwUAA4IBAQAaCs9yKoUS/FPUv14l
wVAID9MPon74lmEBc9xt6jdtBR2fZse9JVyZwjCwZN7pwtq1TuqkaqIzk8lBMdh4
E3sql2B167joCMBLqwbI82hfVdj9JGkzohfNLoJMIiFETPtsG0Czwj1W3geMu/TC
Lhbj3k1IKRXmEnM19Ktgmc8ccXRSY9LTDN1t8GUOcRS9D9ko/7uNMqbxCSWp/bQ/
YBNDORqMonDMoyC3axd05sT7QnPLXo/5QixOIoKN2gsK+lZJo//ksq6KHWITX2Iq
5L2f4imjdN8FkUoFu7ZRUPhHCe0V6uQLIrLo9QJE///chaQu7NCLmdhBY0mSZQpw
wwth
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:41 2025 by rpki-client