Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/IArLPo-ebxQMV8zcpHZR3sLQus4.roa
File: IArLPo-ebxQMV8zcpHZR3sLQus4.roa (raw, json)
Hash identifier: 1z0OnFqj1ykz6z0oXRPkKG7krf0v9mHaYbWj4hedBiI=
Subject key identifier: 20:0A:CB:3E:8F:9E:6F:14:0C:57:CC:DC:A4:76:51:DE:C2:D0:BA:CE
Certificate issuer: /CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Certificate serial: 018746A7CC74E13EC196F6B68B3FF625DACD
Authority key identifier: C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/IArLPo-ebxQMV8zcpHZR3sLQus4.roa
Signing time: Mon 03 Apr 2023 10:26:54 +0000
ROA not before: Mon 03 Apr 2023 10:26:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13280
IP address blocks: 95.83.192.0/18 maxlen: 24
89.204.160.0/19 maxlen: 24
89.204.160.0/20 maxlen: 24
31.200.128.0/18 maxlen: 24
89.204.192.0/18 maxlen: 24
92.251.240.0/21 maxlen: 24
185.60.124.0/22 maxlen: 24
213.191.224.0/19 maxlen: 24
178.167.128.0/17 maxlen: 24
95.83.229.0/24 maxlen: 24
92.251.128.0/17 maxlen: 24
62.40.32.0/19 maxlen: 24
80.233.0.0/17 maxlen: 24
83.136.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:a7:cc:74:e1:3e:c1:96:f6:b6:8b:3f:f6:25:da:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Validity
Not Before: Apr 3 10:26:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=200acb3e8f9e6f140c57ccdca47651dec2d0bace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a1:4e:5f:0b:62:bb:02:8d:81:2f:e2:a8:5d:
62:b3:8a:f5:9e:2e:7a:71:dc:aa:e4:f6:fd:87:1c:
01:a1:ec:a1:79:e8:e3:03:6d:32:de:90:47:09:8e:
88:cb:84:50:14:cb:fe:7e:fd:48:09:de:52:4e:85:
0a:72:9f:da:fa:2a:1c:7f:a7:2e:f9:fa:e5:d2:b3:
9d:69:d9:9f:62:78:4d:78:65:e9:94:f4:27:c0:7f:
1e:32:2f:92:ea:87:21:5d:45:3e:b8:be:58:fc:bd:
d9:52:ce:35:c4:d0:1d:56:8c:11:cc:a4:b8:87:6e:
1b:16:73:43:92:2b:7e:06:28:62:3b:e2:a5:46:da:
fd:2f:e2:70:79:54:71:42:7c:77:f5:e9:b3:52:55:
22:c2:b3:c1:7e:e0:b2:fe:7e:ad:5e:0f:3d:6b:fe:
5e:93:20:56:00:e8:8b:f9:06:85:59:e6:59:22:3b:
07:8f:e2:53:4f:90:07:e6:2e:6f:57:90:4c:9a:0c:
0c:08:d9:d7:92:e3:07:36:e0:d4:a0:8c:fd:f8:02:
c1:49:6a:a5:91:3a:e9:cd:d1:5b:f7:86:32:b6:1b:
cb:cc:ab:66:b6:07:c0:c0:85:04:e8:28:66:21:ad:
eb:dc:4b:3f:8a:b3:0a:e9:24:ce:6b:47:a7:ea:55:
bf:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0A:CB:3E:8F:9E:6F:14:0C:57:CC:DC:A4:76:51:DE:C2:D0:BA:CE
X509v3 Authority Key Identifier:
keyid:C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/IArLPo-ebxQMV8zcpHZR3sLQus4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.128.0/18
62.40.32.0/19
80.233.0.0/17
83.136.40.0/21
89.204.160.0-89.204.255.255
92.251.128.0/17
95.83.192.0/18
178.167.128.0/17
185.60.124.0/22
213.191.224.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:2d:3d:16:1e:80:5e:46:96:fe:8b:45:ee:19:0e:9f:6c:71:
bb:e4:c6:73:ff:63:72:ab:aa:78:ca:e5:f7:5a:7e:78:69:c4:
27:28:03:8b:4b:7f:7b:33:48:fa:ec:90:4e:61:71:40:26:14:
4f:83:de:9c:ea:6e:45:f8:fe:8c:b5:6f:fa:2d:0e:ef:e2:ac:
83:cd:e0:db:90:7a:de:97:be:4f:4a:6e:59:61:29:80:71:79:
b2:b8:ce:14:d3:a0:4e:8c:6a:66:e6:2a:42:ce:e7:0c:bb:da:
1f:e2:9e:42:15:09:cc:8a:55:62:6d:01:1c:d4:2e:85:50:f6:
0f:af:ce:34:0f:b6:e1:6e:b1:8b:17:42:32:86:da:a7:57:d7:
d7:f9:78:0e:77:a5:b7:73:d6:73:a4:7b:e7:c1:95:f2:fb:22:
b3:dd:22:12:1e:89:75:4e:f9:45:ae:44:32:a5:56:37:5f:55:
43:9f:ea:c2:cb:fb:62:68:1d:16:14:b8:44:f0:d5:26:74:a0:
eb:0c:86:e1:aa:b8:28:8f:5b:6e:a6:bc:03:2d:b4:ff:55:0e:
44:f7:ef:12:0d:d7:63:aa:13:2f:ad:c1:1d:f4:70:b1:5d:b5:
54:fd:5a:23:28:4c:8c:fa:40:b3:cb:21:6d:22:40:b0:99:63:
fe:ed:8d:17
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYdGp8x04T7Blva2iz/2JdrNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWNmMjYwZDIzMjYzYTdjNmJiNmM1OWMxOWVlYmM2NzU5
YjYwYmUwHhcNMjMwNDAzMTAyNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBhY2IzZThmOWU2ZjE0MGM1N2NjZGNhNDc2NTFkZWMyZDBiYWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqFOXwtiuwKNgS/iqF1is4r1ni56
cdyq5Pb9hxwBoeyheejjA20y3pBHCY6Iy4RQFMv+fv1ICd5SToUKcp/a+iocf6cu
+frl0rOdadmfYnhNeGXplPQnwH8eMi+S6ochXUU+uL5Y/L3ZUs41xNAdVowRzKS4
h24bFnNDkit+BihiO+KlRtr9L+JweVRxQnx39emzUlUiwrPBfuCy/n6tXg89a/5e
kyBWAOiL+QaFWeZZIjsHj+JTT5AH5i5vV5BMmgwMCNnXkuMHNuDUoIz9+ALBSWql
kTrpzdFb94YythvLzKtmtgfAwIUE6ChmIa3r3Es/irMK6STOa0en6lW/PQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFCAKyz6Pnm8UDFfM3KR2Ud7C0LrOMB8GA1UdIwQY
MBaAFMGs8mDSMmOnxrtsWcGe68Z1m2C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEt
ZmZkNjQ2ZDA1ZjY3LzEvSUFyTFBvLWVieFFNVjh6Y3BIWlIzc0xRdXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEtZmZkNjQ2ZDA1ZjY3
LzEvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAATBDAwQGH8iAAwQF
PiggAwQHUOkAAwQDU4goMAsDBAVZzKADAwBZzAMEB1z7gAMEBl9TwAMEB7KngAME
Ark8fAMEBdW/4DANBgkqhkiG9w0BAQsFAAOCAQEACi09Fh6AXkaW/otF7hkOn2xx
u+TGc/9jcquqeMrl91p+eGnEJygDi0t/ezNI+uyQTmFxQCYUT4PenOpuRfj+jLVv
+i0O7+Ksg83g25B63pe+T0puWWEpgHF5srjOFNOgToxqZuYqQs7nDLvaH+KeQhUJ
zIpVYm0BHNQuhVD2D6/ONA+24W6xixdCMobap1fX1/l4Dnelt3PWc6R758GV8vsi
s90iEh6JdU75Ra5EMqVWN19VQ5/qwsv7YmgdFhS4RPDVJnSg6wyG4aq4KI9bbqa8
Ay20/1UORPfvEg3XY6oTL63BHfRwsV21VP1aIyhMjPpAs8shbSJAsJlj/u2NFw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:47:36 2025 by rpki-client