Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/IEtoiVREKZitGJG3XoO2kHuSi-o.roa
File: IEtoiVREKZitGJG3XoO2kHuSi-o.roa (raw, json)
Hash identifier: 0LNqt7AzK+d1oaetSLEAGbSlX6VdUabIZslpx9Ln8LM=
Subject key identifier: 20:4B:68:89:54:44:29:98:AD:18:91:B7:5E:83:B6:90:7B:92:8B:EA
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018A31699BE1B94228EB750458632D1B6567
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/IEtoiVREKZitGJG3XoO2kHuSi-o.roa
Signing time: Sat 26 Aug 2023 10:35:19 +0000
ROA not before: Sat 26 Aug 2023 10:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4817
IP address blocks: 2.189.242.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:69:9b:e1:b9:42:28:eb:75:04:58:63:2d:1b:65:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Aug 26 10:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=204b688954442998ad1891b75e83b6907b928bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a1:4d:76:5d:db:5b:e7:7f:fd:5c:d2:ee:19:
36:ca:ed:23:3d:a1:b2:62:53:a3:23:9b:52:3b:83:
b2:9b:a9:96:5e:73:5f:24:ea:2f:aa:24:51:ca:37:
09:82:d6:88:69:fa:1f:a2:87:a4:76:e8:72:56:07:
5d:82:bb:9a:6c:2f:61:bf:e0:a5:e4:02:0c:e2:e6:
c7:15:3a:4f:8f:15:d0:7b:0a:66:a9:f1:c3:2b:49:
2a:4b:8f:c1:43:38:75:ce:86:5d:bd:b6:7c:38:b1:
95:ef:93:da:66:b4:ba:e8:b7:7e:50:29:34:c3:24:
a3:d3:85:51:05:ab:22:2a:77:13:9f:dd:27:01:45:
96:e0:c9:a3:b7:29:73:04:55:59:fd:89:33:cc:58:
bf:26:ca:6f:67:69:51:04:59:05:b1:17:62:fd:f9:
c6:18:8b:5c:fe:86:c7:f9:85:23:15:7c:87:19:b6:
5b:88:4e:60:9b:91:81:cd:e4:df:42:fe:0a:f9:ef:
37:e8:f9:89:e6:cb:be:03:64:ce:7f:82:65:8e:8b:
8a:5d:0f:1d:a3:dc:98:b1:e6:0f:d7:16:5e:dd:9c:
4f:d2:2c:e3:99:6a:8d:bc:e0:3c:95:0d:63:b9:1f:
43:46:4e:7c:d4:fa:6f:b7:aa:54:cf:bd:9e:9a:41:
5b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4B:68:89:54:44:29:98:AD:18:91:B7:5E:83:B6:90:7B:92:8B:EA
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/IEtoiVREKZitGJG3XoO2kHuSi-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.242.0/23
Signature Algorithm: sha256WithRSAEncryption
33:2b:bf:35:2e:8d:9a:c0:91:39:cf:bd:02:6c:ab:65:9f:f9:
0a:fd:f4:24:08:f8:a0:01:04:55:4d:a0:8d:ec:f4:a3:b0:0e:
12:8b:cf:73:21:ea:29:f1:2c:fb:11:39:dc:2c:42:4f:22:e0:
4a:7f:58:56:64:17:23:4c:00:63:96:d8:c7:ed:d9:58:10:22:
c4:45:ba:07:5f:a7:ea:07:5e:7e:f7:31:c3:d1:9d:fa:a6:c3:
d3:28:0c:16:ec:c5:a1:71:b9:d8:63:02:ce:ee:0b:93:c2:cb:
9a:27:2b:11:5b:2a:bf:51:b9:2e:ac:d5:7d:39:91:f9:7e:15:
56:cc:c4:69:88:d5:8f:07:e4:6a:37:f6:dd:b9:ce:0e:77:21:
a3:eb:5b:84:4e:59:34:b2:b3:13:14:90:ee:69:4f:97:98:d8:
ba:30:23:03:4e:06:3a:3d:49:ad:f9:1c:f5:69:03:4f:aa:01:
49:a0:8c:00:6d:38:c0:e2:ae:82:b1:8b:1d:a2:b6:15:ed:27:
08:a3:d2:41:ab:0f:08:e6:e4:52:9d:92:86:1f:5f:bc:fb:5a:
92:2d:fe:fc:d7:13:9c:3a:d4:90:87:17:03:0c:27:44:57:39:
00:a6:7b:79:13:3c:51:b0:61:ea:28:b1:91:4d:3f:84:46:53:
c1:5c:9d:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoxaZvhuUIo63UEWGMtG2VnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwODI2MTAzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDRiNjg4OTU0NDQyOTk4YWQxODkxYjc1ZTgzYjY5MDdiOTI4YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaFNdl3bW+d//VzS7hk2yu0jPaGy
YlOjI5tSO4Oym6mWXnNfJOovqiRRyjcJgtaIafofooekduhyVgddgruabC9hv+Cl
5AIM4ubHFTpPjxXQewpmqfHDK0kqS4/BQzh1zoZdvbZ8OLGV75PaZrS66Ld+UCk0
wySj04VRBasiKncTn90nAUWW4MmjtylzBFVZ/YkzzFi/JspvZ2lRBFkFsRdi/fnG
GItc/obH+YUjFXyHGbZbiE5gm5GBzeTfQv4K+e836PmJ5su+A2TOf4JljouKXQ8d
o9yYseYP1xZe3ZxP0izjmWqNvOA8lQ1juR9DRk581Ppvt6pUz72emkFbeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBLaIlURCmYrRiRt16DtpB7kovqMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvSUV0b2lWUkVLWml0R0pHM1hvTzJrSHVTaS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAr3yMA0G
CSqGSIb3DQEBCwUAA4IBAQAzK781Lo2awJE5z70CbKtln/kK/fQkCPigAQRVTaCN
7PSjsA4Si89zIeop8Sz7ETncLEJPIuBKf1hWZBcjTABjltjH7dlYECLERboHX6fq
B15+9zHD0Z36psPTKAwW7MWhcbnYYwLO7guTwsuaJysRWyq/UbkurNV9OZH5fhVW
zMRpiNWPB+RqN/bduc4OdyGj61uETlk0srMTFJDuaU+XmNi6MCMDTgY6PUmt+Rz1
aQNPqgFJoIwAbTjA4q6CsYsdorYV7ScIo9JBqw8I5uRSnZKGH1+8+1qSLf781xOc
OtSQhxcDDCdEVzkApnt5EzxRsGHqKLGRTT+ERlPBXJ2f
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:15 2025 by rpki-client