Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/IXPYwI8opAlanCJBEMTQRDj8rmw.roa
File: IXPYwI8opAlanCJBEMTQRDj8rmw.roa (raw, json)
Hash identifier: 9C7L/ZFSDVT4wadCRuUW4lpSaIVaT13FvGXNm9z9V9g=
Subject key identifier: 21:73:D8:C0:8F:28:A4:09:5A:9C:22:41:10:C4:D0:44:38:FC:AE:6C
Certificate issuer: /CN=870a207f8d0fd26330bcd59fa8473549dc92dee9
Certificate serial: 018571F0F7646ED35FE7DECAD37DB2B739FC
Authority key identifier: 87:0A:20:7F:8D:0F:D2:63:30:BC:D5:9F:A8:47:35:49:DC:92:DE:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwogf40P0mMwvNWfqEc1SdyS3uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/IXPYwI8opAlanCJBEMTQRDj8rmw.roa
Signing time: Mon 02 Jan 2023 10:04:55 +0000
ROA not before: Mon 02 Jan 2023 10:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44319
IP address blocks: 185.255.172.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:f7:64:6e:d3:5f:e7:de:ca:d3:7d:b2:b7:39:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870a207f8d0fd26330bcd59fa8473549dc92dee9
Validity
Not Before: Jan 2 10:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2173d8c08f28a4095a9c224110c4d04438fcae6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c2:60:06:b6:cf:7f:56:89:11:7a:f5:d8:8f:
90:61:ef:4c:96:d4:9f:d2:a7:43:67:69:7c:e0:ee:
33:63:69:1b:1f:ac:d9:44:18:45:08:dd:ae:a8:c2:
d5:6b:29:41:69:c9:cd:67:2b:d5:0b:27:5e:fc:c5:
65:0e:36:76:40:4c:2c:97:18:c3:f5:1d:cd:9e:7c:
76:ac:b7:a8:bc:2e:ad:cc:93:ad:ed:cc:47:91:38:
b1:37:5d:ff:76:46:97:c3:b9:86:d3:de:54:ab:3a:
ee:ef:d4:7e:9e:91:d5:ba:a8:cd:0a:3a:84:de:7a:
0c:d7:e9:52:1c:9a:5c:19:19:0e:92:00:db:2b:a3:
5d:9c:b2:cc:a7:82:6d:9c:ba:6a:26:08:c3:44:45:
9f:c6:c2:81:8c:b1:a0:e0:bb:d7:9e:b9:92:41:26:
25:25:31:ae:ef:e1:8f:54:10:a7:76:63:17:98:6d:
59:75:74:27:c7:ab:03:7c:a2:a0:21:07:2a:c4:78:
5a:32:d7:7d:6d:79:59:ae:67:e9:c5:1d:72:05:bb:
3d:22:94:ed:c6:49:7d:de:06:f8:a0:ca:a6:fa:f7:
01:bb:10:20:13:88:3f:1e:6b:a0:dd:3b:88:97:f0:
d3:c4:32:f8:7e:7b:62:41:54:e4:50:46:a5:ed:38:
ae:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:73:D8:C0:8F:28:A4:09:5A:9C:22:41:10:C4:D0:44:38:FC:AE:6C
X509v3 Authority Key Identifier:
keyid:87:0A:20:7F:8D:0F:D2:63:30:BC:D5:9F:A8:47:35:49:DC:92:DE:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwogf40P0mMwvNWfqEc1SdyS3uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/IXPYwI8opAlanCJBEMTQRDj8rmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0bdb78-7e63-470e-a39d-f00a1938881f/1/hwogf40P0mMwvNWfqEc1SdyS3uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.172.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:6e:4e:dd:3a:92:38:87:6c:2f:95:65:a7:aa:76:7e:47:27:
1d:4f:f3:2a:eb:1f:e9:c8:96:5f:d9:f0:90:22:3d:73:27:79:
06:2c:45:24:6d:d6:2b:b5:c6:11:d8:a5:b7:0a:6b:b7:35:1b:
fc:ef:21:70:eb:b2:35:f1:31:c9:61:0b:85:89:22:43:c1:b6:
1e:5e:54:e0:3d:c5:3f:fb:c6:7b:52:30:5c:15:bf:f9:39:cd:
6b:6f:f3:54:e4:f5:84:99:60:bf:65:cb:b7:09:2c:9f:80:7a:
fd:53:c7:57:fc:be:8c:28:fb:f6:b0:58:0d:10:90:6c:44:e1:
ea:b0:69:67:51:14:98:5d:58:5a:af:71:0d:2a:80:5e:f6:8e:
dd:0e:f9:4f:2a:88:73:30:de:86:38:ae:f8:73:64:fd:46:ac:
99:8b:b7:5d:67:3c:69:80:ed:c0:ab:61:94:78:dd:c3:ef:5e:
78:07:6c:4e:91:20:e4:e5:39:ee:d5:49:85:ca:1c:9e:b5:0b:
24:6a:0b:50:9a:c0:67:b0:ea:04:1e:9a:fb:80:a6:0b:ed:68:
bf:67:c5:db:dd:0f:41:47:6e:ed:30:2f:b1:eb:5b:00:5f:d3:
f7:3e:c7:b9:21:4f:0a:dc:05:d1:5b:0e:d7:77:e3:63:cf:71:
9d:96:29:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8PdkbtNf597K032ytzn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGEyMDdmOGQwZmQyNjMzMGJjZDU5ZmE4NDczNTQ5ZGM5
MmRlZTkwHhcNMjMwMTAyMTAwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTczZDhjMDhmMjhhNDA5NWE5YzIyNDExMGM0ZDA0NDM4ZmNhZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsJgBrbPf1aJEXr12I+QYe9MltSf
0qdDZ2l84O4zY2kbH6zZRBhFCN2uqMLVaylBacnNZyvVCyde/MVlDjZ2QEwslxjD
9R3Nnnx2rLeovC6tzJOt7cxHkTixN13/dkaXw7mG095Uqzru79R+npHVuqjNCjqE
3noM1+lSHJpcGRkOkgDbK6NdnLLMp4JtnLpqJgjDREWfxsKBjLGg4LvXnrmSQSYl
JTGu7+GPVBCndmMXmG1ZdXQnx6sDfKKgIQcqxHhaMtd9bXlZrmfpxR1yBbs9IpTt
xkl93gb4oMqm+vcBuxAgE4g/Hmug3TuIl/DTxDL4fntiQVTkUEal7Tiu9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFz2MCPKKQJWpwiQRDE0EQ4/K5sMB8GA1UdIwQY
MBaAFIcKIH+ND9JjMLzVn6hHNUnckt7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdvZ2Y0MFAwbU13dk5XZnFFYzFTZHlTM3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wYmRiNzgtN2U2My00NzBlLWEzOWQt
ZjAwYTE5Mzg4ODFmLzEvSVhQWXdJOG9wQWxhbkNKQkVNVFFSRGo4cm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wYmRiNzgtN2U2My00NzBlLWEzOWQtZjAwYTE5Mzg4ODFm
LzEvaHdvZ2Y0MFAwbU13dk5XZnFFYzFTZHlTM3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf+sMA0G
CSqGSIb3DQEBCwUAA4IBAQDGbk7dOpI4h2wvlWWnqnZ+RycdT/Mq6x/pyJZf2fCQ
Ij1zJ3kGLEUkbdYrtcYR2KW3Cmu3NRv87yFw67I18THJYQuFiSJDwbYeXlTgPcU/
+8Z7UjBcFb/5Oc1rb/NU5PWEmWC/Zcu3CSyfgHr9U8dX/L6MKPv2sFgNEJBsROHq
sGlnURSYXVhar3ENKoBe9o7dDvlPKohzMN6GOK74c2T9RqyZi7ddZzxpgO3Aq2GU
eN3D7154B2xOkSDk5Tnu1UmFyhyetQskagtQmsBnsOoEHpr7gKYL7Wi/Z8Xb3Q9B
R27tMC+x61sAX9P3Pse5IU8K3AXRWw7Xd+Njz3Gdlil3
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:15:19 2025 by rpki-client