Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/izPapRrWNe9T6DWz_hjimSfixIU.roa
File: izPapRrWNe9T6DWz_hjimSfixIU.roa (raw, json)
Hash identifier: HANPLgEuf7iWXs7kzAa9MpguWrAPb0zezQtBC2efgbQ=
Subject key identifier: 8B:33:DA:A5:1A:D6:35:EF:53:E8:35:B3:FE:18:E2:99:27:E2:C4:85
Certificate issuer: /CN=40254d4a767ad099606e442e092f91241a363670
Certificate serial: 0185710C179C4DF25274C5B5EFFF04F99A47
Authority key identifier: 40:25:4D:4A:76:7A:D0:99:60:6E:44:2E:09:2F:91:24:1A:36:36:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCVNSnZ60JlgbkQuCS-RJBo2NnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/izPapRrWNe9T6DWz_hjimSfixIU.roa
Signing time: Mon 02 Jan 2023 05:54:55 +0000
ROA not before: Mon 02 Jan 2023 05:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207864
IP address blocks: 193.22.168.0/24 maxlen: 24
193.22.170.0/24 maxlen: 24
193.22.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:17:9c:4d:f2:52:74:c5:b5:ef:ff:04:f9:9a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40254d4a767ad099606e442e092f91241a363670
Validity
Not Before: Jan 2 05:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b33daa51ad635ef53e835b3fe18e29927e2c485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:93:4d:5e:b9:49:6f:74:5c:9c:0d:23:e5:fe:
73:2d:6c:4d:eb:c3:9e:85:63:af:07:e9:d0:40:b6:
ee:5f:a4:a7:47:43:23:63:8a:5f:55:a4:b2:6b:35:
df:f6:36:19:f9:0b:9e:6d:3b:7a:06:65:67:58:b5:
b0:b6:e1:1d:be:db:70:ae:cf:bb:56:8c:81:8b:7f:
19:b0:3f:d1:67:62:e1:42:c7:25:a5:55:43:3a:cc:
6c:c3:20:4d:42:1c:e8:81:a7:30:99:85:f4:c0:96:
9d:04:1d:3e:9d:f1:9c:14:52:18:16:6e:6a:8f:2a:
62:8f:60:50:f0:90:8b:ef:de:67:43:79:fa:6c:2e:
7c:52:91:78:67:35:51:fa:6a:b1:f3:54:a3:31:d4:
55:34:0d:d3:9a:ee:92:14:7f:e6:8b:4d:6b:b9:30:
a9:1c:16:c7:54:20:35:d6:bf:4d:db:89:18:36:66:
4d:2b:53:59:80:c8:47:d1:57:f7:77:81:3e:ea:c2:
86:68:7d:2a:a9:1b:41:b9:ec:59:04:52:85:91:89:
55:e9:bd:06:59:20:c2:7f:c2:c6:a3:aa:0e:d0:26:
ce:25:75:33:c0:d5:38:2e:cc:8e:aa:d2:d3:15:fe:
6a:b7:d2:5a:d2:16:58:fe:e9:d9:20:c8:73:dd:62:
d6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:33:DA:A5:1A:D6:35:EF:53:E8:35:B3:FE:18:E2:99:27:E2:C4:85
X509v3 Authority Key Identifier:
keyid:40:25:4D:4A:76:7A:D0:99:60:6E:44:2E:09:2F:91:24:1A:36:36:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCVNSnZ60JlgbkQuCS-RJBo2NnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/izPapRrWNe9T6DWz_hjimSfixIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/QCVNSnZ60JlgbkQuCS-RJBo2NnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.108.0/24
193.22.168.0/24
193.22.170.0/24
Signature Algorithm: sha256WithRSAEncryption
35:c7:66:ab:da:b1:f4:81:2f:ea:c5:b0:93:dd:09:8b:7a:c6:
f0:8a:51:79:20:2d:1c:47:44:8d:16:a3:2f:e2:d4:79:ec:f9:
d5:41:40:08:46:38:72:e3:36:8f:fa:34:35:bd:c6:b2:df:e3:
d9:7d:b5:01:43:dd:a8:59:f5:b2:7f:e4:49:bb:b6:d2:f4:36:
6d:b1:ba:c2:60:ef:27:65:43:c1:49:f7:1a:7a:7c:b1:b9:71:
5e:8b:91:65:53:e4:86:5a:42:e1:2f:f1:bb:4d:ab:4c:2d:d1:
fc:c0:3e:1c:22:06:65:f6:e5:0f:17:f6:ec:15:fb:c7:68:f8:
23:6b:24:bc:14:8b:91:f5:06:7a:9b:db:8d:84:8b:ea:a2:5e:
f7:0e:cd:59:51:28:1f:88:d8:05:43:50:4d:e1:25:42:e5:be:
08:84:45:5b:07:2c:53:a0:a6:6d:88:f6:97:a6:ca:52:e5:53:
84:0a:69:42:65:3a:67:b6:04:d6:2b:cb:55:4e:15:de:56:1d:
e5:73:fc:bd:3f:be:e0:3c:0e:64:26:de:12:50:23:21:bd:17:
ab:90:16:8e:1f:a1:27:dd:33:ff:7d:71:5b:a1:a5:ee:6f:6e:
da:68:a7:4f:6b:46:14:be:07:21:6d:1f:5a:27:98:44:dd:23:
39:32:55:58
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxDBecTfJSdMW17/8E+ZpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjU0ZDRhNzY3YWQwOTk2MDZlNDQyZTA5MmY5MTI0MWEz
NjM2NzAwHhcNMjMwMTAyMDU1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMzZGFhNTFhZDYzNWVmNTNlODM1YjNmZTE4ZTI5OTI3ZTJjNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJNNXrlJb3RcnA0j5f5zLWxN68Oe
hWOvB+nQQLbuX6SnR0MjY4pfVaSyazXf9jYZ+QuebTt6BmVnWLWwtuEdvttwrs+7
VoyBi38ZsD/RZ2LhQsclpVVDOsxswyBNQhzogacwmYX0wJadBB0+nfGcFFIYFm5q
jypij2BQ8JCL795nQ3n6bC58UpF4ZzVR+mqx81SjMdRVNA3Tmu6SFH/mi01ruTCp
HBbHVCA11r9N24kYNmZNK1NZgMhH0Vf3d4E+6sKGaH0qqRtBuexZBFKFkYlV6b0G
WSDCf8LGo6oO0CbOJXUzwNU4LsyOqtLTFf5qt9Ja0hZY/unZIMhz3WLW6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIsz2qUa1jXvU+g1s/4Y4pkn4sSFMB8GA1UdIwQY
MBaAFEAlTUp2etCZYG5ELgkvkSQaNjZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNWTlNuWjYwSmxnYmtRdUNTLVJKQm8yTm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lZjZjOGUtM2YwNy00YjNmLWE4N2Ut
YmJlOTEyZWVjNzNlLzEvaXpQYXBScldOZTlUNkRXel9oamltU2ZpeElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lZjZjOGUtM2YwNy00YjNmLWE4N2UtYmJlOTEyZWVjNzNl
LzEvUUNWTlNuWjYwSmxnYmtRdUNTLVJKQm8yTm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRZsAwQA
wRaoAwQAwRaqMA0GCSqGSIb3DQEBCwUAA4IBAQA1x2ar2rH0gS/qxbCT3QmLesbw
ilF5IC0cR0SNFqMv4tR57PnVQUAIRjhy4zaP+jQ1vcay3+PZfbUBQ92oWfWyf+RJ
u7bS9DZtsbrCYO8nZUPBSfcaenyxuXFei5FlU+SGWkLhL/G7TatMLdH8wD4cIgZl
9uUPF/bsFfvHaPgjayS8FIuR9QZ6m9uNhIvqol73Ds1ZUSgfiNgFQ1BN4SVC5b4I
hEVbByxToKZtiPaXpspS5VOECmlCZTpntgTWK8tVThXeVh3lc/y9P77gPA5kJt4S
UCMhvRerkBaOH6En3TP/fXFboaXub27aaKdPa0YUvgchbR9aJ5hE3SM5MlVY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:40 2025 by rpki-client