Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/IV6N3sqO7mcPtXfvRR65i2FBF44.roa
File: IV6N3sqO7mcPtXfvRR65i2FBF44.roa (raw, json)
Hash identifier: xiU422TVbPDUhCaxYeF7fM5JUX4AiP6jqE6GcboF4Zk=
Subject key identifier: 21:5E:8D:DE:CA:8E:EE:67:0F:B5:77:EF:45:1E:B9:8B:61:41:17:8E
Certificate issuer: /CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Certificate serial: 0185A5522E9054F3C4563E3B438106E63FE8
Authority key identifier: C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/IV6N3sqO7mcPtXfvRR65i2FBF44.roa
Signing time: Thu 12 Jan 2023 09:31:44 +0000
ROA not before: Thu 12 Jan 2023 09:31:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13280
IP address blocks: 213.191.224.0/19 maxlen: 24
95.83.192.0/18 maxlen: 24
89.204.160.0/19 maxlen: 24
89.204.160.0/20 maxlen: 24
31.200.128.0/18 maxlen: 24
95.83.229.0/24 maxlen: 24
62.40.32.0/19 maxlen: 24
89.204.192.0/18 maxlen: 24
80.233.0.0/17 maxlen: 24
92.251.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:52:2e:90:54:f3:c4:56:3e:3b:43:81:06:e6:3f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Validity
Not Before: Jan 12 09:31:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=215e8ddeca8eee670fb577ef451eb98b6141178e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4a:1a:fe:88:3e:64:23:ac:39:89:67:36:39:
38:a9:6f:8d:d3:8d:64:d3:d1:3d:32:b4:65:15:70:
4d:81:a9:05:b6:31:33:00:d0:33:2c:6f:79:04:54:
7c:4b:52:bd:d5:84:e5:2e:a4:60:62:39:e9:80:51:
9a:8f:37:53:e9:ba:d6:2f:20:35:1a:58:9b:92:a1:
64:fe:3f:2b:36:36:f8:10:b9:7a:6c:a6:ad:c7:01:
46:61:c1:6e:bb:ff:38:95:5e:35:ac:f8:33:1b:01:
46:7f:60:d6:63:e8:f9:67:0e:9d:99:05:f9:36:07:
59:d0:51:cd:5a:11:29:fa:77:68:6d:ee:2d:8b:7b:
5f:3a:e9:7d:b4:f0:e7:b0:c8:cd:32:f2:06:ac:97:
42:24:7e:58:e8:f7:e5:16:b9:ac:5c:10:1b:67:b8:
d8:ae:6d:95:4a:55:c6:68:eb:a2:b0:6d:d1:1b:b3:
87:97:3c:0a:27:eb:a7:1e:1b:e2:2e:20:b2:f7:cb:
cb:c5:6e:9f:3c:87:7f:1d:ec:48:73:32:71:59:ca:
7c:a8:37:50:49:9d:c1:e8:97:1c:6d:79:93:cf:8f:
1f:de:67:72:33:7a:ed:30:eb:b4:6d:68:38:d3:b8:
79:2c:52:39:41:54:52:e8:11:ac:bd:30:cf:5a:2d:
fd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5E:8D:DE:CA:8E:EE:67:0F:B5:77:EF:45:1E:B9:8B:61:41:17:8E
X509v3 Authority Key Identifier:
keyid:C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/IV6N3sqO7mcPtXfvRR65i2FBF44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.128.0/18
62.40.32.0/19
80.233.0.0/17
89.204.160.0-89.204.255.255
92.251.240.0/21
95.83.192.0/18
213.191.224.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:78:06:79:30:d7:21:3c:3f:63:94:c8:53:01:7f:61:48:9e:
ef:35:08:99:3a:7f:ea:11:37:b5:14:50:22:0e:95:67:6c:4d:
34:c8:0b:1b:65:00:50:f2:70:57:ed:01:cf:38:4c:c7:0d:df:
da:1c:c3:71:e5:af:81:09:e0:93:c9:df:d8:4f:7b:71:a8:10:
ca:97:17:c2:45:4a:10:41:21:45:53:89:b6:95:bc:72:17:51:
01:20:28:38:b1:2a:20:c9:84:91:a1:c7:2c:1f:f7:a9:a3:ce:
b7:8b:d9:69:33:90:89:9e:8b:b7:41:ac:6d:0a:cc:d0:f8:4c:
9f:4c:aa:d4:42:3c:03:7e:41:39:26:c5:0b:f7:34:55:74:57:
c0:a0:ca:8a:a1:50:4f:ee:56:ed:9f:bd:9c:4c:9f:02:c1:14:
fc:8d:2e:6d:6c:53:33:d1:db:e4:de:af:04:94:a3:a0:ba:13:
18:38:09:9d:e9:6c:85:e3:92:7b:f6:b8:c0:d1:b1:ae:73:02:
67:a3:72:09:ab:f0:9d:a1:4c:44:18:bd:03:56:27:a4:c4:5d:
82:7b:f9:15:b0:3b:6f:9e:4d:86:be:5f:1d:97:c8:27:3c:e1:
2a:15:da:63:61:a6:98:01:50:66:ef:19:ae:8e:e7:10:78:16:
7c:fa:be:fc
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYWlUi6QVPPEVj47Q4EG5j/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWNmMjYwZDIzMjYzYTdjNmJiNmM1OWMxOWVlYmM2NzU5
YjYwYmUwHhcNMjMwMTEyMDkzMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTVlOGRkZWNhOGVlZTY3MGZiNTc3ZWY0NTFlYjk4YjYxNDExNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEoa/og+ZCOsOYlnNjk4qW+N041k
09E9MrRlFXBNgakFtjEzANAzLG95BFR8S1K91YTlLqRgYjnpgFGajzdT6brWLyA1
GlibkqFk/j8rNjb4ELl6bKatxwFGYcFuu/84lV41rPgzGwFGf2DWY+j5Zw6dmQX5
NgdZ0FHNWhEp+ndobe4ti3tfOul9tPDnsMjNMvIGrJdCJH5Y6PflFrmsXBAbZ7jY
rm2VSlXGaOuisG3RG7OHlzwKJ+unHhviLiCy98vLxW6fPId/HexIczJxWcp8qDdQ
SZ3B6JccbXmTz48f3mdyM3rtMOu0bWg407h5LFI5QVRS6BGsvTDPWi39XwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFCFejd7Kju5nD7V370UeuYthQReOMB8GA1UdIwQY
MBaAFMGs8mDSMmOnxrtsWcGe68Z1m2C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEt
ZmZkNjQ2ZDA1ZjY3LzEvSVY2TjNzcU83bWNQdFhmdlJSNjVpMkZCRjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEtZmZkNjQ2ZDA1ZjY3
LzEvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAATAxAwQGH8iAAwQF
PiggAwQHUOkAMAsDBAVZzKADAwBZzAMEA1z78AMEBl9TwAMEBdW/4DANBgkqhkiG
9w0BAQsFAAOCAQEAqngGeTDXITw/Y5TIUwF/YUie7zUImTp/6hE3tRRQIg6VZ2xN
NMgLG2UAUPJwV+0BzzhMxw3f2hzDceWvgQngk8nf2E97cagQypcXwkVKEEEhRVOJ
tpW8chdRASAoOLEqIMmEkaHHLB/3qaPOt4vZaTOQiZ6Lt0GsbQrM0PhMn0yq1EI8
A35BOSbFC/c0VXRXwKDKiqFQT+5W7Z+9nEyfAsEU/I0ubWxTM9Hb5N6vBJSjoLoT
GDgJnelsheOSe/a4wNGxrnMCZ6NyCavwnaFMRBi9A1YnpMRdgnv5FbA7b55Nhr5f
HZfIJzzhKhXaY2GmmAFQZu8Zro7nEHgWfPq+/A==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:47:37 2025 by rpki-client