Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/ITOASIGbUOQ4BDDEoziCCXs5m5U.roa
File: ITOASIGbUOQ4BDDEoziCCXs5m5U.roa (raw, json)
Hash identifier: rDUmkfsor/7iTgFSu4ZMbR32wfkst622GW1yNt+5spA=
Subject key identifier: 21:33:80:48:81:9B:50:E4:38:04:30:C4:A3:38:82:09:7B:39:9B:95
Certificate issuer: /CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Certificate serial: 01897CA2BB0FFE7B2BAADC69D7637E3BCEF1
Authority key identifier: C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/ITOASIGbUOQ4BDDEoziCCXs5m5U.roa
Signing time: Sat 22 Jul 2023 08:06:26 +0000
ROA not before: Sat 22 Jul 2023 08:06:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42083
IP address blocks: 185.208.100.0/24 maxlen: 24
185.208.101.0/24 maxlen: 24
185.208.102.0/24 maxlen: 24
185.208.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7c:a2:bb:0f:fe:7b:2b:aa:dc:69:d7:63:7e:3b:ce:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Validity
Not Before: Jul 22 08:06:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21338048819b50e4380430c4a33882097b399b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fa:6c:ef:33:15:d5:42:ae:39:33:b7:37:7b:
b8:fc:b5:ec:a4:a0:c4:a2:08:5b:05:69:1f:83:41:
51:61:d4:24:79:7e:26:15:2b:ce:0a:a0:44:2e:4d:
44:f1:3a:47:b1:9e:1e:75:6d:ef:4c:e2:32:ba:b3:
f8:28:c3:26:6e:ae:54:68:1c:01:b3:e8:86:74:d0:
06:8e:52:ba:99:f5:d9:f3:d2:96:27:db:b0:88:26:
9d:13:1e:c9:91:55:6a:17:6a:fd:10:e8:d3:f7:23:
02:33:55:96:ab:0c:09:d9:75:77:ca:3d:a1:45:fb:
94:e8:52:e2:b6:e4:bf:f6:ff:40:4c:9d:0b:b7:69:
80:e4:b8:da:b4:6c:b9:11:bd:b1:e4:37:f6:7f:16:
c1:2b:a0:d6:a7:94:d5:12:2d:cf:8f:14:c4:be:6b:
7f:05:2a:84:7f:5f:62:6d:5d:7f:81:30:fc:fe:c1:
65:a5:e5:f0:fe:0a:82:e0:ae:b5:1f:88:73:7d:a4:
3e:3c:0a:77:55:3b:c6:95:e8:26:53:84:25:89:b2:
e8:56:43:8b:03:4d:d7:34:31:df:2a:e6:e6:9e:b6:
b9:46:3b:35:59:d7:a4:b2:3b:0d:2d:fb:c3:6e:e6:
3c:72:d2:bf:cd:7f:12:21:98:54:92:e9:b3:fd:06:
a1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:33:80:48:81:9B:50:E4:38:04:30:C4:A3:38:82:09:7B:39:9B:95
X509v3 Authority Key Identifier:
keyid:C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/ITOASIGbUOQ4BDDEoziCCXs5m5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.100.0/22
Signature Algorithm: sha256WithRSAEncryption
00:45:46:8c:ae:78:96:aa:0e:ae:c1:d6:0c:91:a6:be:69:d6:
52:75:71:ee:13:b1:df:35:a2:a6:a1:7d:4c:1c:92:16:15:96:
14:2a:b4:b6:26:37:6b:bb:9a:b3:e0:a4:18:48:9b:1a:d7:30:
f4:5c:2f:1e:33:df:a0:10:ac:f4:f6:3b:b9:cd:0b:18:d6:5d:
f2:2d:84:14:09:3e:c3:b9:32:2a:ac:09:da:7d:1c:95:26:6a:
57:56:b8:7b:a2:33:d8:3b:29:ff:5b:8c:da:b9:1b:90:f9:eb:
99:ad:3f:26:18:b7:9a:65:ad:d5:5c:a6:61:79:ad:88:65:a2:
16:07:01:e3:7c:ed:1a:3d:42:3f:d0:6b:c3:ee:4e:40:40:dc:
1a:6f:91:e5:7a:f8:cf:31:e7:04:b6:7e:2f:f9:78:b7:58:6e:
98:59:47:03:c5:23:11:bc:de:3a:d6:b1:9d:a2:e1:18:18:2b:
56:b9:50:b1:4e:13:5e:32:0a:8b:a2:8b:c0:c7:73:77:83:3e:
8f:86:e4:01:c6:09:c6:1c:20:88:1f:bb:ef:fa:36:1b:23:86:
cf:98:3c:2d:f1:f7:69:f7:eb:89:de:5a:31:48:9e:04:90:52:
37:2c:d4:d3:9b:72:df:ca:7a:38:37:65:99:ee:9f:a6:76:2a:
78:11:08:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl8orsP/nsrqtxp12N+O87xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODhhMDc5ZTRjZWI2YmIyNGMyM2M1MjcxZTQ1ODNlMWNm
MmY5YTkwHhcNMjMwNzIyMDgwNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTMzODA0ODgxOWI1MGU0MzgwNDMwYzRhMzM4ODIwOTdiMzk5Yjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/ps7zMV1UKuOTO3N3u4/LXspKDE
oghbBWkfg0FRYdQkeX4mFSvOCqBELk1E8TpHsZ4edW3vTOIyurP4KMMmbq5UaBwB
s+iGdNAGjlK6mfXZ89KWJ9uwiCadEx7JkVVqF2r9EOjT9yMCM1WWqwwJ2XV3yj2h
RfuU6FLituS/9v9ATJ0Lt2mA5LjatGy5Eb2x5Df2fxbBK6DWp5TVEi3PjxTEvmt/
BSqEf19ibV1/gTD8/sFlpeXw/gqC4K61H4hzfaQ+PAp3VTvGlegmU4QlibLoVkOL
A03XNDHfKubmnra5Rjs1WdeksjsNLfvDbuY8ctK/zX8SIZhUkumz/QahuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEzgEiBm1DkOAQwxKM4ggl7OZuVMB8GA1UdIwQY
MBaAFMWIoHnkzra7JMI8UnHkWD4c8vmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTIt
MTdlZGI5OGJiYjA4LzEvSVRPQVNJR2JVT1E0QkRERW96aUNDWHM1bTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTItMTdlZGI5OGJiYjA4
LzEveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudBkMA0G
CSqGSIb3DQEBCwUAA4IBAQAARUaMrniWqg6uwdYMkaa+adZSdXHuE7HfNaKmoX1M
HJIWFZYUKrS2Jjdru5qz4KQYSJsa1zD0XC8eM9+gEKz09ju5zQsY1l3yLYQUCT7D
uTIqrAnafRyVJmpXVrh7ojPYOyn/W4zauRuQ+euZrT8mGLeaZa3VXKZhea2IZaIW
BwHjfO0aPUI/0GvD7k5AQNwab5HlevjPMecEtn4v+Xi3WG6YWUcDxSMRvN461rGd
ouEYGCtWuVCxThNeMgqLoovAx3N3gz6PhuQBxgnGHCCIH7vv+jYbI4bPmDwt8fdp
9+uJ3loxSJ4EkFI3LNTTm3Lfyno4N2WZ7p+mdip4EQi8
-----END CERTIFICATE-----
Generated at Tue May 13 20:16:22 2025 by rpki-client