Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/irpSTpkm8treqcenIEaOktqVzjg.roa
File: irpSTpkm8treqcenIEaOktqVzjg.roa (raw, json)
Hash identifier: HNdbZQUeuFwd5CeGcLcUEYDcyRae7vkjvhC2jNYY2Yw=
Subject key identifier: 8A:BA:52:4E:99:26:F2:DA:DE:A9:C7:A7:20:46:8E:92:DA:95:CE:38
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 35C8D0F4
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/irpSTpkm8treqcenIEaOktqVzjg.roa
Signing time: Thu 27 Jan 2022 17:45:08 +0000
ROA not before: Thu 27 Jan 2022 17:45:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 192.109.201.0/24 maxlen: 24
192.109.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 902353140 (0x35c8d0f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 27 17:45:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8aba524e9926f2dadea9c7a720468e92da95ce38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:7b:53:6f:e3:d8:3f:f0:73:e7:1c:3b:e7:61:
b1:1c:d1:b9:a4:56:c9:2f:10:03:9f:75:45:41:05:
23:af:ff:72:69:0b:98:35:39:a0:67:94:7b:36:01:
7a:02:ca:16:9f:7d:c1:70:38:18:8d:d3:17:ad:b8:
a7:c6:ad:9a:14:3a:0e:9f:60:0f:b7:c3:98:d6:53:
c6:5d:11:44:4f:9d:d7:aa:f5:f5:ab:b8:e7:71:bb:
5b:bb:46:e4:e2:b6:98:40:76:8e:81:79:22:2a:31:
d9:2e:61:f8:29:0b:41:2b:3d:37:a6:7e:af:48:29:
64:99:0a:6f:70:d8:ca:b3:4a:8c:e1:f0:3a:1b:73:
ca:01:83:c9:30:5a:33:e5:4a:ad:6c:13:32:61:25:
15:e5:79:36:f2:99:a9:2f:84:45:d1:14:88:8e:29:
0f:46:24:bd:99:ed:a5:d4:23:75:d8:7a:64:a9:b7:
71:03:16:34:bf:93:91:20:4b:2c:ff:49:29:2f:b8:
ab:f6:c4:f7:95:c8:18:e3:26:d7:ac:99:b2:c5:2d:
71:10:a9:e2:61:c9:9b:ef:6a:35:c6:70:89:d0:cc:
ad:c5:fd:a6:cc:81:e9:86:73:07:da:0c:32:d9:58:
62:8b:cd:dc:c1:6f:d5:73:7e:59:0a:14:79:50:cf:
94:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BA:52:4E:99:26:F2:DA:DE:A9:C7:A7:20:46:8E:92:DA:95:CE:38
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/irpSTpkm8treqcenIEaOktqVzjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.200.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:31:c1:21:c6:a5:ab:0a:f3:0b:69:fa:ea:5a:99:29:e3:38:
7e:e4:b5:92:fa:48:29:90:3f:cf:da:be:38:47:75:cf:4f:e0:
78:8e:9a:fd:e0:a3:88:73:1e:be:66:53:23:69:76:cd:20:9d:
bc:a7:56:11:6a:8d:72:43:76:a8:41:85:5e:d0:bb:89:18:ba:
8f:f4:dc:d2:2d:bb:4a:0c:ce:0a:f4:b4:d3:d1:29:2f:b6:98:
3a:87:c5:0a:01:44:95:13:c4:3a:37:ed:9b:a0:e6:4f:99:6f:
d1:2a:6b:a5:ae:1a:0c:8d:9f:17:bf:51:e5:3e:1c:44:dd:fc:
24:38:ca:d4:b0:5f:63:22:89:05:88:6e:9e:3d:a5:7c:29:05:
89:cf:0c:10:e3:96:d4:a2:af:07:ac:b1:b8:f5:15:cb:7c:84:
87:1a:96:6e:0e:3b:22:a7:1b:43:98:32:5a:76:21:f2:69:21:
56:59:f6:b2:d9:81:e3:6d:e5:16:77:15:d3:87:bb:74:f7:2e:
f1:23:f0:5b:39:46:ef:73:6b:b4:c5:44:ff:98:7b:fa:da:d3:
7a:18:17:47:d7:a2:fe:3f:ef:94:48:0f:24:d0:e2:37:95:09:
45:8c:07:68:b6:d1:e7:3d:1c:95:e3:56:4c:be:20:d3:8d:57:
5d:bf:ad:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENcjQ9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWY1YTEwZTRmZDI2NTVhZGJiYjQwZWRlMThiMjYxNWFjNTU4ZWE5MB4XDTIyMDEy
NzE3NDUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFiYTUyNGU5OTI2
ZjJkYWRlYTljN2E3MjA0NjhlOTJkYTk1Y2UzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPN7U2/j2D/wc+ccO+dhsRzRuaRWyS8QA591RUEFI6//cmkL
mDU5oGeUezYBegLKFp99wXA4GI3TF624p8atmhQ6Dp9gD7fDmNZTxl0RRE+d16r1
9au453G7W7tG5OK2mEB2joF5Iiox2S5h+CkLQSs9N6Z+r0gpZJkKb3DYyrNKjOHw
OhtzygGDyTBaM+VKrWwTMmElFeV5NvKZqS+ERdEUiI4pD0YkvZntpdQjddh6ZKm3
cQMWNL+TkSBLLP9JKS+4q/bE95XIGOMm16yZssUtcRCp4mHJm+9qNcZwidDMrcX9
psyB6YZzB9oMMtlYYovN3MFv1XN+WQoUeVDPlEMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKulJOmSby2t6px6cgRo6S2pXOODAfBgNVHSMEGDAWgBRB9aEOT9JlWtu7
QO3hiyYVrFWOqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FmV2hEa19TWlZyYnUwRHQ0WXNtRmF4Vmpxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvOGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8x
L2lycFNUcGttOHRyZXFjZW5JRWFPa3RxVnpqZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
OGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8xL1FmV2hEa19TWlZy
YnUwRHQ0WXNtRmF4Vmpxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcBtyDANBgkqhkiG9w0BAQsFAAOC
AQEAPzHBIcalqwrzC2n66lqZKeM4fuS1kvpIKZA/z9q+OEd1z0/geI6a/eCjiHMe
vmZTI2l2zSCdvKdWEWqNckN2qEGFXtC7iRi6j/Tc0i27SgzOCvS009EpL7aYOofF
CgFElRPEOjftm6DmT5lv0Sprpa4aDI2fF79R5T4cRN38JDjK1LBfYyKJBYhunj2l
fCkFic8MEOOW1KKvB6yxuPUVy3yEhxqWbg47IqcbQ5gyWnYh8mkhVln2stmB423l
FncV04e7dPcu8SPwWzlG73NrtMVE/5h7+trTehgXR9ei/j/vlEgPJNDiN5UJRYwH
aLbR5z0cleNWTL4g041XXb+tXw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:42 2025 by rpki-client