Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/iRss_KobHkvuxWj6gutxnnxPzT8.roa
File: iRss_KobHkvuxWj6gutxnnxPzT8.roa (raw, json)
Hash identifier: P6lRSedOrtjVcx/cEUPCJhUzRP0n85u3qyU5lNIExnE=
Subject key identifier: 89:1B:2C:FC:AA:1B:1E:4B:EE:C5:68:FA:82:EB:71:9E:7C:4F:CD:3F
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0181EE0CE6EB172103FF8014775B62D94EB4
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/iRss_KobHkvuxWj6gutxnnxPzT8.roa
Signing time: Mon 11 Jul 2022 16:17:11 +0000
ROA not before: Mon 11 Jul 2022 16:17:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212341
IP address blocks: 185.66.178.0/24 maxlen: 24
2a05:900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:0c:e6:eb:17:21:03:ff:80:14:77:5b:62:d9:4e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Jul 11 16:17:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=891b2cfcaa1b1e4beec568fa82eb719e7c4fcd3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fe:33:10:2e:20:ab:ed:a3:01:36:55:91:e7:
aa:fe:f6:5f:ee:1f:84:19:31:14:0f:65:bb:91:de:
c8:75:2b:95:13:4f:f1:5c:84:57:f3:ed:35:1f:fc:
47:b1:7c:56:fd:10:be:89:9c:61:c4:43:99:a3:0f:
69:6c:e0:50:ee:31:d0:2b:8d:23:2f:de:7d:d8:aa:
1a:9f:a2:32:ab:a6:44:0b:6d:d3:61:0e:c7:83:4f:
8b:31:f0:b0:21:e6:d4:9b:0c:f4:fc:d6:d1:0a:f8:
3d:b8:99:8f:20:a4:91:ec:75:f7:6f:d7:05:ea:00:
13:6c:10:c3:cc:b2:9d:f8:20:2d:cc:f3:ac:8e:40:
1d:51:77:e2:99:57:9d:fb:7f:74:2e:57:22:df:19:
9e:1a:7e:d7:6a:c3:4f:23:60:ab:f7:39:b9:11:e5:
3c:cf:23:3f:20:5f:62:b4:2d:f3:e0:db:4a:c5:7d:
64:bb:c3:50:42:65:91:68:a1:ea:c7:e9:03:61:6a:
f5:a5:df:a3:fe:dc:90:4b:dd:ee:7d:a2:f4:77:70:
9c:16:34:f5:a3:cb:55:b3:b4:82:64:00:7f:90:a0:
5f:0b:76:21:7f:9d:10:01:ca:dd:0e:6e:6a:a7:65:
0e:94:70:70:50:55:32:71:57:5e:e3:f0:26:94:b8:
07:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:1B:2C:FC:AA:1B:1E:4B:EE:C5:68:FA:82:EB:71:9E:7C:4F:CD:3F
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/iRss_KobHkvuxWj6gutxnnxPzT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.178.0/24
IPv6:
2a05:900::/29
Signature Algorithm: sha256WithRSAEncryption
61:8a:40:4c:7b:d6:eb:c3:51:fe:0f:b3:e9:36:c9:d0:73:a1:
89:0e:a4:82:12:b8:90:c0:ba:35:ec:32:07:aa:93:03:0e:88:
e5:5a:45:67:96:f0:30:ee:17:fc:12:17:c3:9c:ce:43:fb:c5:
83:35:36:6e:a8:56:42:e4:a7:4d:44:d9:c7:ce:f1:cc:51:c4:
aa:8f:fc:f4:ab:08:bb:a1:db:c0:69:62:30:33:66:5b:e0:83:
95:9b:e6:70:6e:4d:a2:7b:f4:c7:05:fc:c9:09:cc:78:6d:5a:
40:dc:49:6d:9d:18:9c:59:6b:51:c7:04:76:c7:f9:40:c4:4c:
14:90:76:80:ad:ba:df:13:c9:ee:1d:6b:ce:40:36:54:46:b6:
a1:26:95:91:9f:24:2b:fc:9d:9c:22:cd:ec:eb:28:de:5d:04:
71:88:8b:4a:7b:6b:48:21:3c:b1:9d:8b:a5:8b:ef:80:d6:e1:
0a:a8:84:89:ba:e7:93:31:56:c4:76:14:13:2e:cc:cd:55:ca:
9c:f1:de:01:e3:6b:81:a8:ca:33:64:e5:76:f1:01:ab:f0:fb:
f8:4a:54:99:53:68:af:16:42:68:a4:bc:50:fd:8f:00:e4:b7:
48:3a:f5:20:38:34:c8:80:4b:44:33:71:89:77:99:9d:1f:f3:
36:ef:6b:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYHuDObrFyED/4AUd1ti2U60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIwNzExMTYxNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTFiMmNmY2FhMWIxZTRiZWVjNTY4ZmE4MmViNzE5ZTdjNGZjZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv4zEC4gq+2jATZVkeeq/vZf7h+E
GTEUD2W7kd7IdSuVE0/xXIRX8+01H/xHsXxW/RC+iZxhxEOZow9pbOBQ7jHQK40j
L9592Koan6Iyq6ZEC23TYQ7Hg0+LMfCwIebUmwz0/NbRCvg9uJmPIKSR7HX3b9cF
6gATbBDDzLKd+CAtzPOsjkAdUXfimVed+390Llci3xmeGn7XasNPI2Cr9zm5EeU8
zyM/IF9itC3z4NtKxX1ku8NQQmWRaKHqx+kDYWr1pd+j/tyQS93ufaL0d3CcFjT1
o8tVs7SCZAB/kKBfC3Yhf50QAcrdDm5qp2UOlHBwUFUycVde4/AmlLgHGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIkbLPyqGx5L7sVo+oLrcZ58T80/MB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvaVJzc19Lb2JIa3Z1eFdqNmd1dHhubnhQelQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUKyMA0E
AgACMAcDBQMqBQkAMA0GCSqGSIb3DQEBCwUAA4IBAQBhikBMe9brw1H+D7PpNsnQ
c6GJDqSCEriQwLo17DIHqpMDDojlWkVnlvAw7hf8EhfDnM5D+8WDNTZuqFZC5KdN
RNnHzvHMUcSqj/z0qwi7odvAaWIwM2Zb4IOVm+Zwbk2ie/THBfzJCcx4bVpA3Elt
nRicWWtRxwR2x/lAxEwUkHaArbrfE8nuHWvOQDZURrahJpWRnyQr/J2cIs3s6yje
XQRxiItKe2tIITyxnYuli++A1uEKqISJuueTMVbEdhQTLszNVcqc8d4B42uBqMoz
ZOV28QGr8Pv4SlSZU2ivFkJopLxQ/Y8A5LdIOvUgODTIgEtEM3GJd5mdH/M272sD
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:24:31 2025 by rpki-client