Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/2pwmvqprFHmyvis_gc1HNej0qmc.roa
File: 2pwmvqprFHmyvis_gc1HNej0qmc.roa (raw, json)
Hash identifier: mdafGsGUbFNl5NmPVI/ukRGMcEO4Wpkl6jGSOW/pD5c=
Subject key identifier: DA:9C:26:BE:AA:6B:14:79:B2:BE:2B:3F:81:CD:47:35:E8:F4:AA:67
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 018BA8BA7E6B6605BFFB30110F61FF8B4565
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/2pwmvqprFHmyvis_gc1HNej0qmc.roa
Signing time: Tue 07 Nov 2023 07:41:16 +0000
ROA not before: Tue 07 Nov 2023 07:41:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212833
IP address blocks: 188.215.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:ba:7e:6b:66:05:bf:fb:30:11:0f:61:ff:8b:45:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Nov 7 07:41:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da9c26beaa6b1479b2be2b3f81cd4735e8f4aa67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:34:92:c2:ff:d8:3e:1b:4d:bf:a8:77:92:d3:
f1:a8:6f:29:c3:1e:d4:17:78:fc:7e:6a:d0:f5:c2:
5f:05:c5:d8:53:fc:09:89:b3:21:17:c3:b5:bd:7d:
7d:5b:db:16:ad:40:c4:22:82:36:67:62:6b:bc:0d:
cf:9f:69:1b:f8:ee:ed:21:6e:83:13:c3:8e:81:c8:
9f:d6:1b:48:11:53:5a:f7:34:bb:43:a8:f1:83:a2:
ce:cb:42:c2:ce:34:9b:1d:a6:a0:e1:d6:ae:bc:58:
d2:93:8e:f9:ed:7e:17:e1:56:9a:0e:0c:66:eb:4d:
c5:cc:b3:ff:fd:a2:a1:ee:a9:db:64:f4:90:71:5b:
4f:89:12:cc:ac:e1:a4:39:76:4a:8b:5c:5b:9f:62:
2f:32:d0:30:c7:78:2a:d7:f0:97:ab:e0:cd:b6:65:
a4:65:bd:88:b5:24:1a:9c:44:7b:9a:f9:ef:c6:6d:
4f:cc:bc:47:ba:e6:b7:ea:d5:4f:ce:fc:9a:94:dc:
71:f9:fe:e8:6d:61:50:0c:f7:20:cf:cd:e5:cf:e5:
8b:96:c5:df:eb:61:a4:e3:3a:79:46:25:9c:32:ab:
d0:55:3f:e3:56:ef:72:bb:b1:9f:fd:a1:2f:f1:d2:
44:51:41:7f:7a:15:5f:ac:64:ae:41:a1:ed:da:b6:
cc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9C:26:BE:AA:6B:14:79:B2:BE:2B:3F:81:CD:47:35:E8:F4:AA:67
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/2pwmvqprFHmyvis_gc1HNej0qmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.215.224.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:32:15:03:4f:38:93:75:62:35:ea:bf:a8:e7:e5:1a:fd:a8:
74:0c:b8:73:75:72:73:f3:19:d7:5d:92:ea:89:a8:7f:23:fa:
d0:dd:85:76:02:9e:46:55:a3:17:2a:7b:b9:7b:b9:df:bc:1b:
84:9c:b3:c2:7a:07:14:e9:92:c1:bb:b4:c4:42:b9:19:f2:2f:
22:4d:a8:c1:df:1a:9c:ab:da:62:bf:e3:38:27:02:3d:c3:47:
c8:0c:c0:f9:cd:9c:45:2e:3f:44:bc:1e:c9:ca:af:60:5c:8e:
fb:47:2b:15:ca:97:cc:39:c4:68:2b:48:4e:24:8d:71:78:0d:
dc:b4:95:b1:bc:0e:ac:25:d3:cd:3e:16:bc:c8:77:ff:83:6a:
88:88:94:49:1f:25:de:5a:b9:e6:01:fa:ff:f8:c5:6e:e3:86:
56:88:0b:0e:6f:aa:e2:f4:d6:14:d8:d5:65:e7:92:2c:a6:81:
88:80:9b:9d:aa:f3:e9:94:5d:0a:76:66:1a:dc:08:a0:54:56:
bb:f7:50:6f:15:d6:d8:40:e9:65:7b:4d:3f:1b:c5:8f:c8:f2:
9e:64:2a:24:21:44:3a:fb:b7:28:48:80:62:d4:f9:71:5a:3f:
f7:52:c1:6c:01:0b:8d:0e:fd:07:dd:ae:1e:6d:70:20:4b:99:
0c:30:93:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuoun5rZgW/+zARD2H/i0VlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjMxMTA3MDc0MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTljMjZiZWFhNmIxNDc5YjJiZTJiM2Y4MWNkNDczNWU4ZjRhYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DSSwv/YPhtNv6h3ktPxqG8pwx7U
F3j8fmrQ9cJfBcXYU/wJibMhF8O1vX19W9sWrUDEIoI2Z2JrvA3Pn2kb+O7tIW6D
E8OOgcif1htIEVNa9zS7Q6jxg6LOy0LCzjSbHaag4dauvFjSk4757X4X4VaaDgxm
603FzLP//aKh7qnbZPSQcVtPiRLMrOGkOXZKi1xbn2IvMtAwx3gq1/CXq+DNtmWk
Zb2ItSQanER7mvnvxm1PzLxHuua36tVPzvyalNxx+f7obWFQDPcgz83lz+WLlsXf
62Gk4zp5RiWcMqvQVT/jVu9yu7Gf/aEv8dJEUUF/ehVfrGSuQaHt2rbMQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqcJr6qaxR5sr4rP4HNRzXo9KpnMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvMnB3bXZxcHJGSG15dmlzX2djMUhOZWowcW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNfgMA0G
CSqGSIb3DQEBCwUAA4IBAQC8MhUDTziTdWI16r+o5+Ua/ah0DLhzdXJz8xnXXZLq
iah/I/rQ3YV2Ap5GVaMXKnu5e7nfvBuEnLPCegcU6ZLBu7TEQrkZ8i8iTajB3xqc
q9piv+M4JwI9w0fIDMD5zZxFLj9EvB7Jyq9gXI77RysVypfMOcRoK0hOJI1xeA3c
tJWxvA6sJdPNPha8yHf/g2qIiJRJHyXeWrnmAfr/+MVu44ZWiAsOb6ri9NYU2NVl
55IspoGIgJudqvPplF0KdmYa3AigVFa791BvFdbYQOlle00/G8WPyPKeZCokIUQ6
+7coSIBi1PlxWj/3UsFsAQuNDv0H3a4ebXAgS5kMMJO8
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:40:21 2025 by rpki-client