Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/1ijn6Rxhr_fm2-z_cduo-schHkM.roa
File: 1ijn6Rxhr_fm2-z_cduo-schHkM.roa (raw, json)
Hash identifier: 0RCeXivt8fgaLWQoA2e2e7dInz1YDZOYGIBZycR/iM0=
Subject key identifier: D6:28:E7:E9:1C:61:AF:F7:E6:DB:EC:FF:71:DB:A8:FA:C7:21:1E:43
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018C4A5B3586B8CE7F6E5C4A8621CC21F402
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/1ijn6Rxhr_fm2-z_cduo-schHkM.roa
Signing time: Fri 08 Dec 2023 16:55:40 +0000
ROA not before: Fri 08 Dec 2023 16:55:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62904
IP address blocks: 152.89.28.0/22 maxlen: 22
193.135.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:5b:35:86:b8:ce:7f:6e:5c:4a:86:21:cc:21:f4:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Dec 8 16:55:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d628e7e91c61aff7e6dbecff71dba8fac7211e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:43:72:0d:c6:7f:0d:03:d3:10:f7:a9:24:
d3:1d:3b:50:9b:df:d9:d5:1f:0c:d3:3f:09:99:58:
1e:50:af:fe:df:2a:0c:0c:b2:c9:3e:76:e0:d3:e6:
21:b2:06:db:9a:fa:fe:ad:49:63:ca:6c:40:ac:4f:
d8:c6:a6:ed:d4:cc:a9:4b:55:d9:47:c5:68:59:9f:
fe:31:16:63:40:6e:cd:31:1a:72:24:ca:4d:b0:93:
57:8b:98:ad:7c:89:77:9e:df:08:6b:3a:e2:68:4f:
36:99:e9:bf:20:13:91:7f:5d:49:67:a0:8a:7a:0a:
40:9b:c2:87:52:5d:4c:ce:63:bf:6c:ab:ee:35:e7:
2a:1a:38:b0:92:1f:93:1f:26:c5:ef:5f:84:ce:61:
fd:db:dd:a8:c2:94:fc:8d:ce:84:a2:05:35:84:b7:
6e:d8:e7:5b:e0:68:9f:e4:7d:e4:3e:aa:22:40:e8:
c9:d9:14:92:a6:3d:73:38:cf:dd:0e:83:74:a1:9c:
87:a0:39:7c:3f:36:96:e6:9d:71:4d:45:c0:ef:e9:
cd:e3:f0:17:4c:a0:3e:98:fb:f6:62:26:fe:89:fb:
d9:ea:99:02:44:fa:59:22:db:26:9b:45:12:ef:56:
e0:da:a9:8a:9d:57:96:49:73:10:a2:27:f0:a7:42:
9e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:28:E7:E9:1C:61:AF:F7:E6:DB:EC:FF:71:DB:A8:FA:C7:21:1E:43
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/1ijn6Rxhr_fm2-z_cduo-schHkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:87:56:6e:ef:d4:bf:60:32:69:03:8c:30:26:af:0a:e9:2c:
5e:02:80:29:7e:27:18:49:8c:78:7e:0e:a5:f6:46:03:73:c7:
3c:12:e9:db:25:24:d4:1e:77:5e:47:cf:3e:15:30:90:08:4a:
f3:7e:1b:cc:97:a7:6c:8b:ad:8a:3c:a8:43:33:1b:cb:a9:60:
b8:29:7e:e7:2d:ea:dc:f3:e2:43:3b:96:86:c9:58:13:b9:13:
0f:93:e0:67:88:e7:21:1c:dc:c3:dc:68:cd:09:f8:94:ae:02:
8b:b8:83:89:b6:fa:5d:12:d6:ad:a9:fc:db:c3:78:9d:91:18:
5e:a8:aa:54:c2:54:cf:ce:6b:b6:6d:d8:a7:d2:5f:ca:65:d2:
39:6e:47:68:73:43:77:80:69:dd:0e:bd:02:6f:aa:18:8c:a2:
7c:27:ec:5c:9d:61:7b:53:9b:cb:08:ce:3d:cf:5c:ce:06:3c:
5f:a7:51:7d:10:dc:29:60:fe:07:f5:94:44:b6:89:6e:85:2c:
63:ca:ac:ab:3c:d8:7b:58:27:63:79:0b:40:33:c2:47:36:63:
1c:bf:32:7d:1e:09:95:56:d9:6c:6c:ad:4f:04:f3:3d:6d:be:
f1:3a:c5:33:24:9e:1d:ef:87:48:30:ef:de:9b:8e:f2:42:00:
bd:65:85:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxKWzWGuM5/blxKhiHMIfQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMxMjA4MTY1NTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjI4ZTdlOTFjNjFhZmY3ZTZkYmVjZmY3MWRiYThmYWM3MjExZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW1Dcg3Gfw0D0xD3qSTTHTtQm9/Z
1R8M0z8JmVgeUK/+3yoMDLLJPnbg0+Yhsgbbmvr+rUljymxArE/Yxqbt1MypS1XZ
R8VoWZ/+MRZjQG7NMRpyJMpNsJNXi5itfIl3nt8IazriaE82mem/IBORf11JZ6CK
egpAm8KHUl1MzmO/bKvuNecqGjiwkh+THybF71+EzmH9292owpT8jc6EogU1hLdu
2Odb4Gif5H3kPqoiQOjJ2RSSpj1zOM/dDoN0oZyHoDl8PzaW5p1xTUXA7+nN4/AX
TKA+mPv2Yib+ifvZ6pkCRPpZItsmm0US71bg2qmKnVeWSXMQoifwp0KeLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNYo5+kcYa/35tvs/3HbqPrHIR5DMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvMWlqbjZSeGhyX2ZtMi16X2NkdW8tc2NoSGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmFkcAwQA
wYeuMA0GCSqGSIb3DQEBCwUAA4IBAQAdh1Zu79S/YDJpA4wwJq8K6SxeAoApficY
SYx4fg6l9kYDc8c8EunbJSTUHndeR88+FTCQCErzfhvMl6dsi62KPKhDMxvLqWC4
KX7nLerc8+JDO5aGyVgTuRMPk+BniOchHNzD3GjNCfiUrgKLuIOJtvpdEtatqfzb
w3idkRheqKpUwlTPzmu2bdin0l/KZdI5bkdoc0N3gGndDr0Cb6oYjKJ8J+xcnWF7
U5vLCM49z1zOBjxfp1F9ENwpYP4H9ZREtoluhSxjyqyrPNh7WCdjeQtAM8JHNmMc
vzJ9HgmVVtlsbK1PBPM9bb7xOsUzJJ4d74dIMO/em47yQgC9ZYV6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:56 2025 by rpki-client