Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/iTsOOLbkhRIwTSjuPS9sb9hdI1s.roa
File: iTsOOLbkhRIwTSjuPS9sb9hdI1s.roa (raw, json)
Hash identifier: 5XjFXyyCXlqSuL3KLvQNc7oOKoMhVt04u6pgdnuvLDM=
Subject key identifier: 89:3B:0E:38:B6:E4:85:12:30:4D:28:EE:3D:2F:6C:6F:D8:5D:23:5B
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 01856F26E4AF844F864F0891AC9DC5AD637A
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/iTsOOLbkhRIwTSjuPS9sb9hdI1s.roa
Signing time: Sun 01 Jan 2023 21:04:57 +0000
ROA not before: Sun 01 Jan 2023 21:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1836
IP address blocks: 82.211.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e4:af:84:4f:86:4f:08:91:ac:9d:c5:ad:63:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jan 1 21:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=893b0e38b6e48512304d28ee3d2f6c6fd85d235b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8e:2b:f7:b9:08:c0:2f:07:7b:00:b3:8a:17:
45:d2:b7:a9:ec:d5:31:5f:f3:19:cc:3e:73:42:a3:
38:a5:bc:36:49:2f:36:1f:94:e8:f3:b3:2e:8f:a6:
d1:e0:b0:fa:43:4a:8c:c9:f6:11:12:39:15:cb:20:
15:1a:0b:3a:6d:51:b6:3b:b1:bb:ff:6a:d9:1c:f0:
1b:55:f0:06:42:11:a1:c4:a1:8b:1e:98:59:82:cc:
e6:d3:84:c5:4f:1f:a9:47:36:3d:6c:8c:e0:18:57:
48:18:18:a1:b4:ad:ee:19:47:98:71:30:fe:17:60:
bc:e0:8b:e7:95:f6:e0:c7:c6:26:e2:0c:29:3e:bf:
48:b9:c6:30:3c:ec:22:f3:c8:82:cf:12:4b:42:ae:
77:17:7c:ea:c5:d5:f8:3e:0f:ea:ab:d0:8e:7d:8e:
80:eb:bf:64:53:0d:c1:76:42:b2:b4:29:8d:37:20:
d5:a9:a8:84:94:c9:50:2a:4d:ce:a5:d7:0a:8a:27:
88:61:d3:0c:23:36:06:4c:f9:18:8f:e8:ce:cd:dc:
79:7e:c0:bb:3b:68:c0:5b:f0:df:96:70:f2:e9:b6:
7c:0c:72:cf:97:c1:75:05:a0:64:7e:33:3c:80:14:
20:d1:99:29:0a:cf:da:83:4c:4a:f7:91:10:22:e1:
10:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3B:0E:38:B6:E4:85:12:30:4D:28:EE:3D:2F:6C:6F:D8:5D:23:5B
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/iTsOOLbkhRIwTSjuPS9sb9hdI1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.211.17.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:cf:9a:ec:d0:97:35:1e:ab:4f:41:7f:0d:59:c0:da:2c:a6:
8f:66:8a:5d:3a:f4:35:fc:b5:3b:cb:36:53:12:ab:10:ce:ba:
0e:7b:84:f2:69:9c:03:0d:21:21:b2:c0:be:4c:ce:6b:e6:66:
6f:d5:de:6b:59:4c:6f:09:84:04:a2:7b:a7:4f:98:4c:d7:f4:
49:db:32:11:47:ef:62:da:55:cc:ca:ec:d2:72:1a:43:90:4c:
51:34:dc:9c:8a:c4:95:fa:3a:2d:06:70:ba:b3:85:62:01:26:
13:9e:eb:22:35:15:94:bc:3b:0d:9e:3b:fa:fc:2b:de:00:a7:
a8:90:46:24:b4:e9:63:b8:e9:30:77:75:c5:f9:9a:a5:12:91:
9a:1a:4d:70:00:e0:8b:5b:9f:35:83:2d:e2:58:af:65:7f:5c:
9f:d0:3e:7e:1f:27:4c:3d:1e:4d:3d:a7:cc:bb:fe:77:0c:98:
3a:0a:87:5b:d5:03:cd:f1:fd:3c:7d:88:3b:e7:f9:95:26:d9:
06:7b:b1:0d:73:e4:ee:68:c9:d1:75:3b:09:35:4d:5c:15:a8:
b8:d4:bf:13:e3:f0:6b:4e:56:78:43:99:7e:14:e1:d3:20:c0:
fc:1b:b2:3b:62:e2:59:ca:17:fe:3b:35:c4:da:88:57:02:ae:
88:2f:6d:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJuSvhE+GTwiRrJ3FrWN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjMwMTAxMjEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTNiMGUzOGI2ZTQ4NTEyMzA0ZDI4ZWUzZDJmNmM2ZmQ4NWQyMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxY4r97kIwC8HewCzihdF0rep7NUx
X/MZzD5zQqM4pbw2SS82H5To87Muj6bR4LD6Q0qMyfYREjkVyyAVGgs6bVG2O7G7
/2rZHPAbVfAGQhGhxKGLHphZgszm04TFTx+pRzY9bIzgGFdIGBihtK3uGUeYcTD+
F2C84Ivnlfbgx8Ym4gwpPr9IucYwPOwi88iCzxJLQq53F3zqxdX4Pg/qq9COfY6A
679kUw3BdkKytCmNNyDVqaiElMlQKk3OpdcKiieIYdMMIzYGTPkYj+jOzdx5fsC7
O2jAW/DflnDy6bZ8DHLPl8F1BaBkfjM8gBQg0ZkpCs/ag0xK95EQIuEQiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIk7Dji25IUSME0o7j0vbG/YXSNbMB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvaVRzT09MYmtoUkl3VFNqdVBTOXNiOWhkSTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUtMRMA0G
CSqGSIb3DQEBCwUAA4IBAQDGz5rs0Jc1HqtPQX8NWcDaLKaPZopdOvQ1/LU7yzZT
EqsQzroOe4TyaZwDDSEhssC+TM5r5mZv1d5rWUxvCYQEonunT5hM1/RJ2zIRR+9i
2lXMyuzSchpDkExRNNycisSV+jotBnC6s4ViASYTnusiNRWUvDsNnjv6/CveAKeo
kEYktOljuOkwd3XF+ZqlEpGaGk1wAOCLW581gy3iWK9lf1yf0D5+HydMPR5NPafM
u/53DJg6Codb1QPN8f08fYg75/mVJtkGe7ENc+TuaMnRdTsJNU1cFai41L8T4/Br
TlZ4Q5l+FOHTIMD8G7I7YuJZyhf+OzXE2ohXAq6IL21l
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:29 2025 by rpki-client