Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/rCK8Qp83UYcw6qlCu_jwdOK16Os.roa
File: rCK8Qp83UYcw6qlCu_jwdOK16Os.roa (raw, json)
Hash identifier: RjFDphLYBVeH0O69rkbkDyUIxZ25zTvc2AzHAeDQngk=
Subject key identifier: AC:22:BC:42:9F:37:51:87:30:EA:A9:42:BB:F8:F0:74:E2:B5:E8:EB
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0B250DC7
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/rCK8Qp83UYcw6qlCu_jwdOK16Os.roa
Signing time: Sat 01 Jan 2022 05:02:30 +0000
ROA not before: Sat 01 Jan 2022 05:02:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50810
IP address blocks: 2.183.202.0/23 maxlen: 23
2.182.160.0/20 maxlen: 20
2.183.128.0/20 maxlen: 20
2.188.32.0/21 maxlen: 21
2.183.136.0/23 maxlen: 23
2.183.184.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186977735 (0xb250dc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 1 05:02:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac22bc429f37518730eaa942bbf8f074e2b5e8eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:94:64:15:d3:a2:77:9b:8a:22:83:28:25:6c:
ea:08:c6:8f:1a:58:9c:93:af:7c:31:48:16:73:90:
7b:0a:40:d1:9d:c1:3b:8b:03:76:83:ad:bc:7f:2e:
b7:c3:c8:5e:48:ca:81:af:6f:b4:6c:22:27:2a:f3:
5f:37:2c:ff:53:f4:02:a8:a1:0a:08:66:ea:e6:1d:
cf:9d:5d:34:98:09:0c:69:c3:fb:99:64:48:1f:6c:
e6:59:c4:89:fc:7b:21:95:8e:aa:57:38:55:46:26:
25:78:ce:aa:ae:f1:3e:69:cd:4d:eb:ee:59:63:90:
f1:50:eb:e8:d7:80:de:13:1a:32:b2:41:36:2d:50:
46:a9:a1:02:db:fe:f9:96:ec:f9:b4:5c:7d:0e:8b:
97:9a:e1:34:13:b1:ee:fa:ca:57:e4:21:b5:bd:ca:
0f:ee:d0:e4:7e:4c:9f:46:96:6b:df:79:79:46:d9:
a4:f8:8a:d2:72:e1:ca:ce:0a:fe:d4:a5:f0:04:9b:
9a:c6:92:c2:44:ea:d1:2c:c2:3b:02:3b:67:82:47:
bf:68:21:82:48:08:86:11:da:87:b7:3c:4c:5b:81:
3e:95:5a:11:be:86:cc:d6:ba:46:5b:c7:28:b7:e3:
58:87:87:36:8b:04:97:9f:1f:79:b1:a1:2b:e3:dd:
de:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:22:BC:42:9F:37:51:87:30:EA:A9:42:BB:F8:F0:74:E2:B5:E8:EB
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/rCK8Qp83UYcw6qlCu_jwdOK16Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.182.160.0/20
2.183.128.0/20
2.183.184.0/21
2.183.202.0/23
2.188.32.0/21
Signature Algorithm: sha256WithRSAEncryption
29:62:99:f1:88:78:67:c6:f2:ec:a0:e7:14:7d:2b:9f:48:0d:
04:b4:64:55:5c:92:01:29:8a:2d:0c:e3:76:ef:a7:69:07:4e:
d3:de:1d:4b:e7:ab:a9:ee:d2:d3:16:72:10:3f:d8:a7:66:80:
ab:fa:28:8c:c5:b9:12:40:c6:46:8f:0d:65:7e:65:b9:6a:0d:
32:f2:d8:04:4a:db:e6:3c:d9:ff:fd:e7:c0:0f:89:4e:88:31:
14:19:9b:aa:00:4e:9b:96:33:9c:b3:57:dc:47:3e:fd:4e:1c:
09:ae:a0:50:8e:c2:e6:15:4b:62:3f:0f:6a:e0:56:c4:65:c1:
ec:78:c4:e5:87:f6:8e:e6:2a:d1:28:65:ff:2c:ac:c4:91:c4:
3e:94:5b:14:ba:f5:d5:2d:3b:97:27:1b:5b:f1:7a:59:65:ad:
3d:83:f1:e4:84:e2:4e:e3:91:83:b5:e8:7d:97:7e:d2:94:51:
d8:a2:3e:b2:d9:1d:40:66:fc:9f:b9:6d:89:11:35:d5:2b:c6:
2a:fd:27:0a:ca:f3:c0:08:bc:82:1c:29:45:6f:cb:d5:c2:d0:
0a:45:54:fe:1f:e6:99:2e:cb:f3:92:ba:20:5a:60:16:a3:23:
6b:ec:85:19:7b:7c:ad:1e:63:79:3c:74:b4:5b:d3:26:66:88:
d2:aa:26:5c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECyUNxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDEw
MTA1MDIzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWMyMmJjNDI5ZjM3
NTE4NzMwZWFhOTQyYmJmOGYwNzRlMmI1ZThlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOuUZBXTonebiiKDKCVs6gjGjxpYnJOvfDFIFnOQewpA0Z3B
O4sDdoOtvH8ut8PIXkjKga9vtGwiJyrzXzcs/1P0AqihCghm6uYdz51dNJgJDGnD
+5lkSB9s5lnEifx7IZWOqlc4VUYmJXjOqq7xPmnNTevuWWOQ8VDr6NeA3hMaMrJB
Ni1QRqmhAtv++Zbs+bRcfQ6Ll5rhNBOx7vrKV+Qhtb3KD+7Q5H5Mn0aWa995eUbZ
pPiK0nLhys4K/tSl8ASbmsaSwkTq0SzCOwI7Z4JHv2ghgkgIhhHah7c8TFuBPpVa
Eb6GzNa6RlvHKLfjWIeHNosEl58febGhK+Pd3lsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSsIrxCnzdRhzDqqUK7+PB04rXo6zAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
L3JDSzhRcDgzVVljdzZxbEN1X2p3ZE9LMTZPcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEBAK2oAMEBAK3gAMEAwK3uAMEAQK3
ygMEAwK8IDANBgkqhkiG9w0BAQsFAAOCAQEAKWKZ8Yh4Z8by7KDnFH0rn0gNBLRk
VVySASmKLQzjdu+naQdO094dS+erqe7S0xZyED/Yp2aAq/oojMW5EkDGRo8NZX5l
uWoNMvLYBErb5jzZ//3nwA+JTogxFBmbqgBOm5YznLNX3Ec+/U4cCa6gUI7C5hVL
Yj8PauBWxGXB7HjE5Yf2juYq0Shl/yysxJHEPpRbFLr11S07lycbW/F6WWWtPYPx
5ITiTuORg7XofZd+0pRR2KI+stkdQGb8n7ltiRE11SvGKv0nCsrzwAi8ghwpRW/L
1cLQCkVU/h/mmS7L85K6IFpgFqMja+yFGXt8rR5jeTx0tFvTJmaI0qomXA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:10 2025 by rpki-client