Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/iDZPnZYQVvFvFgDRNbyoqsIo2z8.roa
File: iDZPnZYQVvFvFgDRNbyoqsIo2z8.roa (raw, json)
Hash identifier: +tbCikGl1X2Z3ZsIoPi2uk6HqqcHOY/sapvPC8J0TKk=
Subject key identifier: 88:36:4F:9D:96:10:56:F1:6F:16:00:D1:35:BC:A8:AA:C2:28:DB:3F
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 01854949F494A4BD0ACD4A3E7358077235D0
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/iDZPnZYQVvFvFgDRNbyoqsIo2z8.roa
Signing time: Sun 25 Dec 2022 12:37:41 +0000
ROA not before: Sun 25 Dec 2022 12:37:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197579
IP address blocks: 185.92.232.0/22 maxlen: 22
91.223.113.0/24 maxlen: 24
2a13:6b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:49:49:f4:94:a4:bd:0a:cd:4a:3e:73:58:07:72:35:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Dec 25 12:37:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88364f9d961056f16f1600d135bca8aac228db3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:37:ea:22:d5:eb:2c:f4:ca:3a:35:cc:ce:03:
b0:40:4f:f7:2e:62:97:43:32:bc:37:ab:1a:78:0b:
1f:5f:0f:db:38:b6:be:ca:75:e2:4c:6d:46:2c:13:
b8:90:bf:19:b2:62:9b:43:69:77:4a:0d:a0:18:96:
f6:9d:30:5a:f1:29:da:01:37:a7:a4:5d:49:8c:cb:
b6:36:ae:40:eb:9b:03:7a:64:6b:57:fd:c6:2f:d6:
13:01:29:e1:92:f6:ee:ec:51:a2:e9:3b:cc:50:7b:
ff:45:91:d2:f1:a5:1a:b4:eb:cd:9c:d6:1f:3a:7b:
af:ea:a2:56:44:46:38:94:3d:9b:2e:7b:24:aa:98:
f4:0b:35:41:bc:77:dd:da:b7:5d:4f:8d:4b:f0:75:
03:ef:1d:ce:1c:38:14:ed:8b:4d:47:13:48:27:cf:
34:56:62:88:a2:56:4c:4f:60:19:0b:0a:13:c0:f5:
20:fc:3d:69:e7:10:2a:5a:fd:25:0d:41:7d:e3:97:
2c:b1:76:b9:8e:11:d4:4d:3c:1f:26:23:13:1c:6a:
56:fd:7e:a6:8d:aa:01:b5:e9:66:b0:70:21:c4:44:
93:9c:53:42:66:4b:8c:b4:55:c2:fc:c8:b1:a6:dd:
d7:26:07:83:9c:7d:1e:19:71:d7:05:0a:02:fd:b6:
9b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:36:4F:9D:96:10:56:F1:6F:16:00:D1:35:BC:A8:AA:C2:28:DB:3F
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/iDZPnZYQVvFvFgDRNbyoqsIo2z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.113.0/24
185.92.232.0/22
IPv6:
2a13:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
17:0b:9d:95:ae:dc:e5:90:25:94:63:a7:f8:a6:fa:c4:5d:31:
2b:2b:c1:b9:b0:76:c8:3c:84:37:24:ec:24:a8:0f:49:a3:72:
fd:65:d6:3b:05:38:b3:41:01:7b:8a:9b:30:b9:bc:95:01:6a:
d2:ff:cd:58:6c:83:e5:f1:88:5c:3d:2b:63:f1:2b:25:51:78:
1c:bd:28:e7:0d:10:2f:7c:7b:a2:76:5c:31:4e:7c:73:dc:fe:
c0:f8:00:38:d8:28:99:d3:69:42:3f:93:bc:f6:fd:7b:4b:c8:
da:be:54:be:8f:5b:d4:64:ac:03:72:74:63:b7:62:71:d2:11:
c6:04:4e:47:80:76:12:98:52:ff:24:43:60:4d:ab:55:4e:f3:
33:3b:23:07:5d:db:65:b3:af:f4:c1:33:1b:2d:7b:79:0b:17:
2e:30:ba:6b:74:8a:01:06:ea:25:cd:58:9f:fd:6c:aa:c6:f1:
da:cb:22:95:c6:eb:47:9d:1a:95:86:fd:6f:a2:2f:20:d4:0b:
4a:46:aa:76:2f:ea:18:e2:71:a0:62:11:25:65:bf:3d:e5:df:
c2:50:35:ef:5d:ea:dd:d7:6a:11:9f:69:49:f9:13:98:02:aa:
47:b3:94:61:f3:5c:d5:15:c7:1e:71:0a:b4:f2:39:87:dd:18:
da:8d:2d:b7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVJSfSUpL0KzUo+c1gHcjXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjIxMjI1MTIzNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODM2NGY5ZDk2MTA1NmYxNmYxNjAwZDEzNWJjYThhYWMyMjhkYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTfqItXrLPTKOjXMzgOwQE/3LmKX
QzK8N6saeAsfXw/bOLa+ynXiTG1GLBO4kL8ZsmKbQ2l3Sg2gGJb2nTBa8SnaATen
pF1JjMu2Nq5A65sDemRrV/3GL9YTASnhkvbu7FGi6TvMUHv/RZHS8aUatOvNnNYf
Onuv6qJWREY4lD2bLnskqpj0CzVBvHfd2rddT41L8HUD7x3OHDgU7YtNRxNIJ880
VmKIolZMT2AZCwoTwPUg/D1p5xAqWv0lDUF945cssXa5jhHUTTwfJiMTHGpW/X6m
jaoBtelmsHAhxESTnFNCZkuMtFXC/Mixpt3XJgeDnH0eGXHXBQoC/babpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIg2T52WEFbxbxYA0TW8qKrCKNs/MB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvaURaUG5aWVFWdkZ2RmdEUk5ieW9xc0lvMno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW99xAwQC
uVzoMA0EAgACMAcDBQMqE2tAMA0GCSqGSIb3DQEBCwUAA4IBAQAXC52VrtzlkCWU
Y6f4pvrEXTErK8G5sHbIPIQ3JOwkqA9Jo3L9ZdY7BTizQQF7ipswubyVAWrS/81Y
bIPl8YhcPStj8SslUXgcvSjnDRAvfHuidlwxTnxz3P7A+AA42CiZ02lCP5O89v17
S8javlS+j1vUZKwDcnRjt2Jx0hHGBE5HgHYSmFL/JENgTatVTvMzOyMHXdtls6/0
wTMbLXt5CxcuMLprdIoBBuolzVif/WyqxvHayyKVxutHnRqVhv1voi8g1AtKRqp2
L+oY4nGgYhElZb895d/CUDXvXerd12oRn2lJ+ROYAqpHs5Rh81zVFccecQq08jmH
3RjajS23
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:03:56 2025 by rpki-client