Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/ERm8wkb2_HQs_Koy-Km5n60oPd4.roa
File: ERm8wkb2_HQs_Koy-Km5n60oPd4.roa (raw, json)
Hash identifier: oh732z+InVqI/A/aCSageRCp4UmpAOX41DNdTfNwRwY=
Subject key identifier: 11:19:BC:C2:46:F6:FC:74:2C:FC:AA:32:F8:A9:B9:9F:AD:28:3D:DE
Certificate issuer: /CN=69525a362e87705a1ec022d16560f276d59cee1d
Certificate serial: 01893F98E72915551F792E9B7FB2EA25A378
Authority key identifier: 69:52:5A:36:2E:87:70:5A:1E:C0:22:D1:65:60:F2:76:D5:9C:EE:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVJaNi6HcFoewCLRZWDydtWc7h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/ERm8wkb2_HQs_Koy-Km5n60oPd4.roa
Signing time: Mon 10 Jul 2023 11:38:52 +0000
ROA not before: Mon 10 Jul 2023 11:38:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21263
IP address blocks: 194.0.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3f:98:e7:29:15:55:1f:79:2e:9b:7f:b2:ea:25:a3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69525a362e87705a1ec022d16560f276d59cee1d
Validity
Not Before: Jul 10 11:38:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1119bcc246f6fc742cfcaa32f8a9b99fad283dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a3:34:1d:9d:65:95:84:29:9d:f7:96:51:27:
dd:d5:ad:dd:ad:ba:43:da:7c:35:48:71:55:c6:8e:
2a:62:80:3d:01:28:96:15:71:38:2a:1d:98:c1:b1:
e2:4f:2a:d6:b5:f1:4b:5d:f1:42:65:54:51:62:2c:
94:d0:e6:0d:f2:5a:6b:3c:70:8a:15:61:a0:7d:f0:
d9:16:f1:ed:11:b9:22:25:64:5d:52:4d:a4:0d:91:
75:84:5f:d5:0d:74:8a:df:20:8c:99:24:c8:10:cc:
38:f8:38:ad:83:bf:3e:e5:86:09:8e:61:4d:70:e8:
58:62:ed:43:b5:1c:09:7c:af:71:c0:f3:d3:65:ec:
16:31:c5:66:a7:88:59:f0:bc:6d:ad:6e:cc:91:fc:
86:5d:df:4d:54:e8:bb:e3:b7:63:d1:fa:b6:88:51:
57:cf:44:e7:aa:9c:04:0d:d3:9b:de:87:e5:9b:e1:
be:c8:85:4b:54:0a:bd:82:00:57:f3:a3:42:24:31:
5c:dc:6a:5e:7e:7f:b0:f9:9e:69:e1:52:67:16:cd:
ef:ef:0b:f1:84:c6:9c:93:1c:8e:0f:0f:d2:6f:49:
0f:09:ca:26:28:b4:f0:d4:35:8a:14:4c:49:16:e2:
ab:ff:8e:6c:15:6a:8b:de:bb:ca:80:69:6c:41:05:
2a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:19:BC:C2:46:F6:FC:74:2C:FC:AA:32:F8:A9:B9:9F:AD:28:3D:DE
X509v3 Authority Key Identifier:
keyid:69:52:5A:36:2E:87:70:5A:1E:C0:22:D1:65:60:F2:76:D5:9C:EE:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVJaNi6HcFoewCLRZWDydtWc7h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/ERm8wkb2_HQs_Koy-Km5n60oPd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/30cd87-f375-4b93-8d39-65d6ca3f49d8/1/aVJaNi6HcFoewCLRZWDydtWc7h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:e1:d8:22:46:d9:d5:0d:86:ed:4d:c1:51:17:48:38:a0:03:
02:cb:9b:33:3c:8d:fb:c6:83:dd:88:ea:05:24:c7:3b:27:aa:
f0:93:ab:e9:70:91:8c:16:ff:e5:83:3f:71:1d:37:a1:46:82:
98:79:b2:7e:32:2d:0c:79:70:6f:81:cf:3d:1d:7a:fd:b7:06:
c2:bf:db:10:be:37:fc:ee:4e:18:ae:33:b7:e4:be:9e:97:d9:
1b:f0:49:61:72:87:85:78:0e:4b:57:79:1b:47:5e:e4:1e:66:
d0:10:86:ec:1c:30:b0:e7:2e:3d:92:87:51:78:dc:15:61:dd:
fb:01:17:2f:c4:6f:e0:34:0b:15:15:a4:2d:72:b0:31:62:ae:
33:6c:d0:dd:ba:fa:fa:21:9d:b4:64:d7:6d:04:12:95:42:cb:
11:9f:39:67:ff:ea:c5:5a:b1:25:c8:ae:dc:51:1d:96:19:48:
6d:75:41:ba:a1:ac:23:ba:c9:76:17:bf:a7:9f:db:f6:c0:d0:
a4:78:09:e7:4e:38:9a:fd:ba:f3:cc:18:11:10:d7:5e:7d:b3:
2f:02:3e:4d:4f:99:5e:ff:50:11:9b:96:84:e2:29:5a:23:11:
25:15:64:f0:2d:33:94:2b:78:a7:cf:d6:73:87:77:e6:ea:ac:
14:c1:61:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk/mOcpFVUfeS6bf7LqJaN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTI1YTM2MmU4NzcwNWExZWMwMjJkMTY1NjBmMjc2ZDU5
Y2VlMWQwHhcNMjMwNzEwMTEzODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTE5YmNjMjQ2ZjZmYzc0MmNmY2FhMzJmOGE5Yjk5ZmFkMjgzZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKM0HZ1llYQpnfeWUSfd1a3drbpD
2nw1SHFVxo4qYoA9ASiWFXE4Kh2YwbHiTyrWtfFLXfFCZVRRYiyU0OYN8lprPHCK
FWGgffDZFvHtEbkiJWRdUk2kDZF1hF/VDXSK3yCMmSTIEMw4+Ditg78+5YYJjmFN
cOhYYu1DtRwJfK9xwPPTZewWMcVmp4hZ8LxtrW7MkfyGXd9NVOi747dj0fq2iFFX
z0TnqpwEDdOb3oflm+G+yIVLVAq9ggBX86NCJDFc3Gpefn+w+Z5p4VJnFs3v7wvx
hMackxyODw/Sb0kPCcomKLTw1DWKFExJFuKr/45sFWqL3rvKgGlsQQUqtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEZvMJG9vx0LPyqMvipuZ+tKD3eMB8GA1UdIwQY
MBaAFGlSWjYuh3BaHsAi0WVg8nbVnO4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZKYU5pNkhjRm9ld0NMUlpXRHlkdFdjN2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8zMGNkODctZjM3NS00YjkzLThkMzkt
NjVkNmNhM2Y0OWQ4LzEvRVJtOHdrYjJfSFFzX0tveS1LbTVuNjBvUGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8zMGNkODctZjM3NS00YjkzLThkMzktNjVkNmNhM2Y0OWQ4
LzEvYVZKYU5pNkhjRm9ld0NMUlpXRHlkdFdjN2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDcMA0G
CSqGSIb3DQEBCwUAA4IBAQCP4dgiRtnVDYbtTcFRF0g4oAMCy5szPI37xoPdiOoF
JMc7J6rwk6vpcJGMFv/lgz9xHTehRoKYebJ+Mi0MeXBvgc89HXr9twbCv9sQvjf8
7k4YrjO35L6el9kb8ElhcoeFeA5LV3kbR17kHmbQEIbsHDCw5y49kodReNwVYd37
ARcvxG/gNAsVFaQtcrAxYq4zbNDduvr6IZ20ZNdtBBKVQssRnzln/+rFWrElyK7c
UR2WGUhtdUG6oawjusl2F7+nn9v2wNCkeAnnTjia/brzzBgRENdefbMvAj5NT5le
/1ARm5aE4ilaIxElFWTwLTOUK3inz9Zzh3fm6qwUwWGi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:25 2025 by rpki-client