Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/iscDyW5GA0vEUHoBQfgmKrymOV4.roa
File: iscDyW5GA0vEUHoBQfgmKrymOV4.roa (raw, json)
Hash identifier: hTIfKQXjlbm2Bzn46YY+ed6KFLLXr0doTpNztB+Nlcg=
Subject key identifier: 8A:C7:03:C9:6E:46:03:4B:C4:50:7A:01:41:F8:26:2A:BC:A6:39:5E
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185F2D375575E386D8DB82E27A81C1CA123
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/iscDyW5GA0vEUHoBQfgmKrymOV4.roa
Signing time: Fri 27 Jan 2023 10:43:42 +0000
ROA not before: Fri 27 Jan 2023 10:43:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209456
IP address blocks: 185.22.25.0/24 maxlen: 24
2a02:330:9::/48 maxlen: 48
2a02:330:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:d3:75:57:5e:38:6d:8d:b8:2e:27:a8:1c:1c:a1:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 27 10:43:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ac703c96e46034bc4507a0141f8262abca6395e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:88:61:40:1c:e3:60:39:a4:cd:8a:10:2d:d6:
fb:1b:45:9c:d9:62:a8:fd:07:49:15:b1:c0:05:a5:
b8:17:43:1d:3b:83:92:ac:17:bb:53:d0:81:3f:5a:
e5:1d:fc:3e:c0:65:3d:78:40:3a:3b:ee:b3:93:f6:
a7:95:16:01:a8:90:c4:72:72:5a:23:c0:44:94:38:
fa:c9:f2:95:9e:72:d8:72:dc:d8:96:b0:ab:6f:4b:
f9:aa:5c:9e:8e:b6:6f:a2:67:df:f9:80:51:59:5c:
de:ed:66:75:91:06:77:89:d4:aa:64:f6:3e:42:b0:
14:3b:f6:3c:b9:13:2f:11:b0:41:86:b0:68:27:be:
b5:e8:f2:8b:99:b1:aa:47:15:f7:cf:5f:d2:43:20:
ed:e3:4c:0a:1d:48:0a:7c:5b:c8:87:fd:1c:41:8a:
05:db:ff:94:f3:b9:a6:63:df:1b:40:37:45:16:4d:
b2:c2:ce:d3:e0:83:5f:23:2a:bf:6c:70:bc:84:ef:
d1:4a:5a:87:8a:66:52:16:5b:eb:01:36:84:3b:8f:
fb:f7:fe:f4:d3:47:87:a0:f0:b6:5f:f5:0f:96:1d:
cb:44:fa:96:98:64:ed:22:52:ad:eb:e2:b6:9b:66:
dd:1a:a5:a3:10:d6:0c:bf:30:41:b6:da:84:5a:dd:
38:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C7:03:C9:6E:46:03:4B:C4:50:7A:01:41:F8:26:2A:BC:A6:39:5E
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/iscDyW5GA0vEUHoBQfgmKrymOV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.25.0/24
IPv6:
2a02:330:8::/47
Signature Algorithm: sha256WithRSAEncryption
26:60:bf:90:b4:d4:3d:9e:fb:e4:3b:18:68:fb:6a:fa:8d:68:
25:70:e0:92:80:89:54:0f:5c:21:d4:3f:d7:f7:48:28:4b:27:
c3:55:e3:e5:15:49:54:b6:e8:b0:21:ea:55:1d:42:6c:52:59:
34:c3:e4:76:96:44:78:19:b4:3f:9f:e5:f1:20:9b:08:58:20:
ab:42:e4:b3:93:8c:30:ce:d5:6d:a1:fa:aa:1a:57:8d:ee:82:
14:d1:ae:51:c2:2a:23:a6:73:30:48:1e:90:f7:3c:74:c7:d3:
f4:bb:a1:07:25:12:a6:f6:70:13:cf:c9:f1:85:be:67:02:51:
83:e9:c6:12:05:15:f8:9e:d7:4d:6f:38:72:3c:eb:b2:48:92:
27:ce:a7:95:37:63:84:94:77:30:a1:d2:ff:6a:bc:b9:e8:3d:
39:ef:61:ab:04:b7:38:c2:9a:1f:7f:6e:8e:db:fe:5f:35:68:
89:2e:5a:8c:25:0d:a1:5d:c3:8a:af:3e:a9:59:a2:70:c4:9d:
11:5d:99:76:33:c5:91:dd:22:8c:2e:56:95:65:b6:99:dc:9e:
c7:0e:c2:ee:4f:34:a7:d5:49:06:74:52:a1:a1:89:d3:a2:d3:
9f:66:23:16:5b:72:99:af:10:40:c8:14:de:8c:77:64:58:35:
54:1a:f1:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXy03VXXjhtjbguJ6gcHKEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTI3MTA0MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWM3MDNjOTZlNDYwMzRiYzQ1MDdhMDE0MWY4MjYyYWJjYTYzOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzohhQBzjYDmkzYoQLdb7G0Wc2WKo
/QdJFbHABaW4F0MdO4OSrBe7U9CBP1rlHfw+wGU9eEA6O+6zk/anlRYBqJDEcnJa
I8BElDj6yfKVnnLYctzYlrCrb0v5qlyejrZvomff+YBRWVze7WZ1kQZ3idSqZPY+
QrAUO/Y8uRMvEbBBhrBoJ7616PKLmbGqRxX3z1/SQyDt40wKHUgKfFvIh/0cQYoF
2/+U87mmY98bQDdFFk2yws7T4INfIyq/bHC8hO/RSlqHimZSFlvrATaEO4/79/70
00eHoPC2X/UPlh3LRPqWmGTtIlKt6+K2m2bdGqWjENYMvzBBttqEWt048QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIrHA8luRgNLxFB6AUH4Jiq8pjleMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvaXNjRHlXNUdBMHZFVUhvQlFmZ21LcnltT1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuRYZMA8E
AgACMAkDBwEqAgMwAAgwDQYJKoZIhvcNAQELBQADggEBACZgv5C01D2e++Q7GGj7
avqNaCVw4JKAiVQPXCHUP9f3SChLJ8NV4+UVSVS26LAh6lUdQmxSWTTD5HaWRHgZ
tD+f5fEgmwhYIKtC5LOTjDDO1W2h+qoaV43ughTRrlHCKiOmczBIHpD3PHTH0/S7
oQclEqb2cBPPyfGFvmcCUYPpxhIFFfie101vOHI867JIkifOp5U3Y4SUdzCh0v9q
vLnoPTnvYasEtzjCmh9/bo7b/l81aIkuWowlDaFdw4qvPqlZonDEnRFdmXYzxZHd
IowuVpVltpncnscOwu5PNKfVSQZ0UqGhidOi059mIxZbcpmvEEDIFN6Md2RYNVQa
8ZY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:26 2025 by rpki-client