Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/EbM5afLfdFHbkcjG2QKrHrU5Lqo.roa
File: EbM5afLfdFHbkcjG2QKrHrU5Lqo.roa (raw, json)
Hash identifier: Vd2qaxZ5/WPtmB+jyY+/wXau3J4wMHnfJfPqp1OEo1s=
Subject key identifier: 11:B3:39:69:F2:DF:74:51:DB:91:C8:C6:D9:02:AB:1E:B5:39:2E:AA
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018571B9F97325A85D13223A74EFD2E8F0BB
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/EbM5afLfdFHbkcjG2QKrHrU5Lqo.roa
Signing time: Mon 02 Jan 2023 09:04:51 +0000
ROA not before: Mon 02 Jan 2023 09:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 2.188.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f9:73:25:a8:5d:13:22:3a:74:ef:d2:e8:f0:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 09:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11b33969f2df7451db91c8c6d902ab1eb5392eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:96:61:87:84:9f:e4:c0:e3:fe:1d:f9:1b:d0:
63:e2:25:66:9b:2a:44:87:02:52:85:65:be:0f:ef:
bb:25:e0:d1:1e:e4:29:18:7e:5e:8a:55:de:55:cf:
4a:e0:c1:01:44:62:ab:5a:c4:e3:03:42:c5:07:69:
9e:2f:a0:50:07:d0:e6:61:5a:b4:fd:97:21:69:3b:
2d:d3:b2:05:52:2c:a1:36:48:4c:f5:d9:3a:c8:1d:
d1:09:1a:ad:3a:e2:7c:03:85:7a:2c:58:6c:cb:9b:
77:28:5d:eb:6d:2d:c3:21:fb:15:9f:bf:8e:ca:63:
4f:c7:12:68:44:a6:1e:1c:f3:61:4f:59:52:3f:e4:
f8:7b:24:fb:08:0e:27:6a:f1:f3:be:01:e5:b3:c1:
99:ca:69:fd:37:58:d9:c0:2a:ae:11:0e:db:f3:e6:
aa:cf:a1:cb:c8:65:35:9e:3d:3f:f3:ce:d1:e2:c2:
36:b6:7e:01:e0:67:4b:d7:36:8b:25:63:60:aa:27:
8d:dd:58:77:f3:b2:ef:60:3a:06:1c:6b:17:ec:6e:
44:57:3a:f1:f3:3b:d1:38:81:74:c2:c0:c5:70:5d:
fe:90:84:aa:e0:23:d5:6b:f2:95:93:33:5b:07:19:
7b:47:24:50:f0:7c:4f:33:e4:90:e8:70:3e:68:fa:
33:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B3:39:69:F2:DF:74:51:DB:91:C8:C6:D9:02:AB:1E:B5:39:2E:AA
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/EbM5afLfdFHbkcjG2QKrHrU5Lqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.239.0/24
Signature Algorithm: sha256WithRSAEncryption
16:50:39:66:fd:50:0c:9d:eb:b0:13:41:6a:b5:7c:5a:77:43:
41:de:a8:3d:7a:09:5e:c7:57:1b:3c:08:41:4c:9c:86:f5:55:
34:1c:7e:3b:38:b6:0f:a1:57:f4:9d:ad:33:4e:43:73:6d:69:
e9:1b:7e:ed:cb:e7:16:7b:a5:18:39:25:8d:21:fe:bb:9e:3c:
24:86:eb:68:66:4c:6e:08:aa:3a:f6:1d:45:34:6c:2c:28:3a:
79:ac:69:5a:e0:36:b6:e8:c6:68:4e:19:63:f4:c0:37:65:37:
bb:b6:4a:0b:18:74:8a:dd:53:f5:f5:4e:19:fc:11:15:11:d2:
08:ad:ae:f8:57:5d:e6:94:9c:07:2c:31:ad:68:93:d7:c6:a5:
69:3b:cf:83:90:b9:11:93:3c:ad:a1:f8:45:19:e4:6b:54:64:
1e:69:d8:8b:de:71:1b:ae:15:63:f6:e3:08:03:45:a3:cb:f4:
e4:75:e6:b4:d1:8d:c0:71:85:a1:cc:d4:1f:d3:78:5e:b7:29:
4b:1f:ba:28:a0:43:2f:16:84:04:08:57:17:60:6d:d6:d7:e6:
40:aa:b6:27:48:be:3f:22:2d:d6:06:db:50:29:b2:45:90:25:
93:97:ae:67:66:4e:81:e6:ed:ee:d1:9e:ca:a8:c3:0e:18:38:
87:10:d6:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxuflzJahdEyI6dO/S6PC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwMTAyMDkwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWIzMzk2OWYyZGY3NDUxZGI5MWM4YzZkOTAyYWIxZWI1MzkyZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJZhh4Sf5MDj/h35G9Bj4iVmmypE
hwJShWW+D++7JeDRHuQpGH5eilXeVc9K4MEBRGKrWsTjA0LFB2meL6BQB9DmYVq0
/ZchaTst07IFUiyhNkhM9dk6yB3RCRqtOuJ8A4V6LFhsy5t3KF3rbS3DIfsVn7+O
ymNPxxJoRKYeHPNhT1lSP+T4eyT7CA4navHzvgHls8GZymn9N1jZwCquEQ7b8+aq
z6HLyGU1nj0/887R4sI2tn4B4GdL1zaLJWNgqieN3Vh387LvYDoGHGsX7G5EVzrx
8zvROIF0wsDFcF3+kISq4CPVa/KVkzNbBxl7RyRQ8HxPM+SQ6HA+aPoznwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBGzOWny33RR25HIxtkCqx61OS6qMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvRWJNNWFmTGZkRkhia2NqRzJRS3JIclU1THFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAArzvMA0G
CSqGSIb3DQEBCwUAA4IBAQAWUDlm/VAMneuwE0FqtXxad0NB3qg9eglex1cbPAhB
TJyG9VU0HH47OLYPoVf0na0zTkNzbWnpG37ty+cWe6UYOSWNIf67njwkhutoZkxu
CKo69h1FNGwsKDp5rGla4Da26MZoThlj9MA3ZTe7tkoLGHSK3VP19U4Z/BEVEdII
ra74V13mlJwHLDGtaJPXxqVpO8+DkLkRkzytofhFGeRrVGQeadiL3nEbrhVj9uMI
A0Wjy/Tkdea00Y3AcYWhzNQf03hetylLH7oooEMvFoQECFcXYG3W1+ZAqrYnSL4/
Ii3WBttQKbJFkCWTl65nZk6B5u3u0Z7KqMMOGDiHENb4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:39 2025 by rpki-client