Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/isKCr_BJpX1BpMqWWmIg1P0vXco.roa
File: isKCr_BJpX1BpMqWWmIg1P0vXco.roa (raw, json)
Hash identifier: mnvQ89ba4bqA6CPyXJuxAncz7cR5HSoXipr91iubNNs=
Subject key identifier: 8A:C2:82:AF:F0:49:A5:7D:41:A4:CA:96:5A:62:20:D4:FD:2F:5D:CA
Certificate issuer: /CN=3d9424b3c8e72f746a59eb199455aa3646a3a457
Certificate serial: 018442F8285627E1AB6AC458411C21A51C33
Authority key identifier: 3D:94:24:B3:C8:E7:2F:74:6A:59:EB:19:94:55:AA:36:46:A3:A4:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZQks8jnL3RqWesZlFWqNkajpFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/isKCr_BJpX1BpMqWWmIg1P0vXco.roa
Signing time: Fri 04 Nov 2022 14:07:50 +0000
ROA not before: Fri 04 Nov 2022 14:07:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202283
IP address blocks: 193.109.238.0/24 maxlen: 24
185.232.220.0/22 maxlen: 22
2a0c:d100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:f8:28:56:27:e1:ab:6a:c4:58:41:1c:21:a5:1c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d9424b3c8e72f746a59eb199455aa3646a3a457
Validity
Not Before: Nov 4 14:07:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ac282aff049a57d41a4ca965a6220d4fd2f5dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d7:90:a0:25:39:32:5e:6f:c2:72:59:0e:64:
6a:c0:4a:d2:37:89:71:d0:57:1d:1c:5b:32:1b:25:
07:a8:51:a9:87:5d:ff:7a:96:89:22:b5:74:c6:bd:
7c:c8:4a:4e:07:e2:10:a9:69:b6:75:55:5d:27:84:
5d:7d:39:45:a2:07:91:6b:34:7d:96:54:5d:21:07:
5b:e8:2a:9b:08:3c:2e:08:3c:2f:68:18:86:96:12:
43:cd:60:0f:5a:cd:6d:d5:11:db:67:60:89:8c:08:
bb:b6:b8:82:81:2a:ed:74:a3:8a:bb:df:99:16:2e:
84:9c:fb:94:75:08:d9:4c:cb:14:61:a6:c7:9b:67:
de:2b:b6:93:3e:ec:19:6a:26:b4:59:10:ba:86:ec:
67:94:40:f4:ba:ab:ea:1d:87:bf:2a:df:4b:ed:e5:
95:4a:2e:83:65:ed:0d:b1:3e:ff:c9:70:e8:00:5b:
b1:01:0c:ca:e7:d8:39:44:f3:c0:13:be:8a:3a:e8:
7e:e2:d3:15:f2:36:a8:a7:d8:37:84:6e:63:c8:e2:
72:3f:ce:cf:7c:7f:95:24:1f:80:79:73:72:04:96:
ef:2a:7e:d5:88:0d:c7:12:a8:8e:7a:68:73:59:74:
8d:cd:bb:34:38:cb:09:03:f5:49:ee:8a:cb:fa:ea:
6a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C2:82:AF:F0:49:A5:7D:41:A4:CA:96:5A:62:20:D4:FD:2F:5D:CA
X509v3 Authority Key Identifier:
keyid:3D:94:24:B3:C8:E7:2F:74:6A:59:EB:19:94:55:AA:36:46:A3:A4:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZQks8jnL3RqWesZlFWqNkajpFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/isKCr_BJpX1BpMqWWmIg1P0vXco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/PZQks8jnL3RqWesZlFWqNkajpFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.220.0/22
193.109.238.0/24
IPv6:
2a0c:d100::/29
Signature Algorithm: sha256WithRSAEncryption
66:c7:af:94:6b:db:b2:64:34:7a:3c:58:4d:f9:b5:fd:9c:44:
0b:bd:29:b2:61:d5:25:99:02:ab:ad:76:5c:f1:17:3c:d1:9b:
15:2c:9c:cf:4f:43:ab:e1:b6:03:a9:9f:6a:04:a6:10:79:99:
b1:99:82:6f:c6:ee:21:78:65:86:4c:ee:87:12:67:b6:42:38:
6b:73:ee:de:c4:41:a0:d2:a3:90:34:e3:4a:70:87:61:51:c1:
f0:0f:de:2a:09:15:02:f7:70:80:ee:15:d0:58:01:f9:f5:19:
0c:10:c9:d9:07:9f:8b:e3:d5:ef:3c:aa:97:a9:56:43:8d:92:
9f:cf:74:67:31:a7:02:4a:a8:11:fa:92:fd:45:2c:db:3a:ca:
cc:17:d2:3c:b3:f4:46:06:8e:1c:f7:98:df:ae:5d:c4:f5:4a:
fb:a2:ec:70:62:e4:e1:f7:12:9c:3f:ba:45:6d:63:a9:13:1c:
33:6d:e3:c2:b9:87:9c:b3:5e:fa:6e:ca:de:9b:7e:ac:1e:2f:
c5:c4:d9:aa:6b:24:02:7d:9c:c7:98:d6:f9:bd:d1:43:bb:f5:
81:91:25:6a:fd:39:56:bd:25:35:27:8b:77:16:e5:07:13:57:
16:4f:a4:ff:63:04:59:47:5b:94:f0:a4:2f:6c:76:62:96:62:
cc:82:67:b0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYRC+ChWJ+GrasRYQRwhpRwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOTQyNGIzYzhlNzJmNzQ2YTU5ZWIxOTk0NTVhYTM2NDZh
M2E0NTcwHhcNMjIxMTA0MTQwNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWMyODJhZmYwNDlhNTdkNDFhNGNhOTY1YTYyMjBkNGZkMmY1ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNeQoCU5Ml5vwnJZDmRqwErSN4lx
0FcdHFsyGyUHqFGph13/epaJIrV0xr18yEpOB+IQqWm2dVVdJ4RdfTlFogeRazR9
llRdIQdb6CqbCDwuCDwvaBiGlhJDzWAPWs1t1RHbZ2CJjAi7triCgSrtdKOKu9+Z
Fi6EnPuUdQjZTMsUYabHm2feK7aTPuwZaia0WRC6huxnlED0uqvqHYe/Kt9L7eWV
Si6DZe0NsT7/yXDoAFuxAQzK59g5RPPAE76KOuh+4tMV8jaop9g3hG5jyOJyP87P
fH+VJB+AeXNyBJbvKn7ViA3HEqiOemhzWXSNzbs0OMsJA/VJ7orL+upqtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIrCgq/wSaV9QaTKllpiINT9L13KMB8GA1UdIwQY
MBaAFD2UJLPI5y90alnrGZRVqjZGo6RXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFpRa3M4am5MM1JxV2VzWmxGV3FOa2FqcEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kZjI5NDctY2QwNS00NDA1LTk0OWEt
NmE4MDMzZGNiZTFjLzEvaXNLQ3JfQkpwWDFCcE1xV1dtSWcxUDB2WGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kZjI5NDctY2QwNS00NDA1LTk0OWEtNmE4MDMzZGNiZTFj
LzEvUFpRa3M4am5MM1JxV2VzWmxGV3FOa2FqcEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuejcAwQA
wW3uMA0EAgACMAcDBQMqDNEAMA0GCSqGSIb3DQEBCwUAA4IBAQBmx6+Ua9uyZDR6
PFhN+bX9nEQLvSmyYdUlmQKrrXZc8Rc80ZsVLJzPT0Or4bYDqZ9qBKYQeZmxmYJv
xu4heGWGTO6HEme2Qjhrc+7exEGg0qOQNONKcIdhUcHwD94qCRUC93CA7hXQWAH5
9RkMEMnZB5+L49XvPKqXqVZDjZKfz3RnMacCSqgR+pL9RSzbOsrMF9I8s/RGBo4c
95jfrl3E9Ur7ouxwYuTh9xKcP7pFbWOpExwzbePCuYecs176bsrem36sHi/FxNmq
ayQCfZzHmNb5vdFDu/WBkSVq/TlWvSU1J4t3FuUHE1cWT6T/YwRZR1uU8KQvbHZi
lmLMgmew
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:05 2025 by rpki-client