Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/DIVW2FN27WdWLetSgcwS5yGBsuo.roa
File: DIVW2FN27WdWLetSgcwS5yGBsuo.roa (raw, json)
Hash identifier: 53plmNMrL0tIie1E+dHJX1UJ3/vyGnAG5feyW+rXtKc=
Subject key identifier: 0C:85:56:D8:53:76:ED:67:56:2D:EB:52:81:CC:12:E7:21:81:B2:EA
Certificate issuer: /CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
Certificate serial: 01856F8B8E21DC519B068794F76EE09C3AE8
Authority key identifier: CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/DIVW2FN27WdWLetSgcwS5yGBsuo.roa
Signing time: Sun 01 Jan 2023 22:54:54 +0000
ROA not before: Sun 01 Jan 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140641
IP address blocks: 213.170.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8e:21:dc:51:9b:06:87:94:f7:6e:e0:9c:3a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
Validity
Not Before: Jan 1 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c8556d85376ed67562deb5281cc12e72181b2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:48:44:3d:8e:d1:76:5a:0e:35:4c:0e:d8:52:
40:ff:6f:d1:94:2d:29:51:52:8a:2c:1f:dd:04:15:
6e:35:c6:d5:7b:5d:47:0e:8f:bf:fd:a3:5b:ec:7c:
e6:7b:a8:58:a5:b7:17:ce:e3:ca:cb:30:42:18:2d:
10:fc:11:90:ac:2c:45:fc:f2:ff:10:51:37:e7:d9:
4f:1a:d2:22:fb:06:a5:a8:5e:48:bc:42:96:1d:13:
aa:44:86:fb:bc:5d:ff:40:b2:38:bd:23:60:82:e9:
ea:58:92:f3:00:70:ad:52:7e:ae:fa:58:0a:6b:9e:
94:7d:01:79:fe:cd:1a:20:f5:b5:52:d2:6c:37:9e:
21:ca:31:4d:fd:ec:b1:05:ba:c3:b6:c3:90:59:a9:
76:b2:8c:70:70:98:91:c6:f3:8d:c2:25:8a:60:e8:
e3:ea:46:04:ae:4f:48:87:f6:9b:83:b3:9c:4b:1e:
fb:66:ff:78:a2:95:a0:4d:cf:7f:96:26:35:8a:b1:
c9:b9:b1:cf:c0:ab:be:f5:19:38:e7:1d:ad:a3:cd:
22:ed:84:95:56:9f:6a:9b:0e:12:f9:8e:66:39:8e:
b9:3b:d5:33:76:b1:e1:bc:52:7c:85:de:4f:17:4a:
7f:a6:33:4f:08:07:7f:56:33:4c:6c:2b:1d:cd:40:
d6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:85:56:D8:53:76:ED:67:56:2D:EB:52:81:CC:12:E7:21:81:B2:EA
X509v3 Authority Key Identifier:
keyid:CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/DIVW2FN27WdWLetSgcwS5yGBsuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.170.202.0/24
Signature Algorithm: sha256WithRSAEncryption
66:24:43:0e:44:8a:58:08:68:68:65:00:9a:23:98:07:97:ec:
f2:bb:22:e0:32:33:68:82:8a:02:69:d0:97:b8:9e:6d:9a:1f:
ef:27:38:7d:68:68:ae:d9:8e:d8:8e:12:be:09:72:bc:49:24:
6c:bb:0f:92:4f:96:2e:f2:a2:52:e9:66:00:c6:e2:da:4e:19:
22:d8:02:73:30:14:b6:ba:b3:eb:12:99:02:27:cc:5f:07:61:
73:b9:b6:53:65:c3:e3:30:64:ed:f6:f0:20:dc:0c:0f:1f:02:
85:1c:62:30:cb:ec:54:1a:91:7b:0e:1a:8a:b1:40:6e:86:c9:
b0:58:44:7d:39:94:24:ec:65:a7:d6:10:98:2c:3c:39:71:20:
f2:a6:17:c8:92:93:4a:db:7a:76:a1:26:36:99:e8:31:dc:16:
bd:7f:a6:d4:52:53:9c:08:f3:50:72:a8:a3:54:01:1f:f9:8f:
ff:64:77:d1:2d:17:63:6e:5f:c7:e7:45:bc:2f:fe:a8:85:6d:
7f:88:de:8a:a0:be:de:3a:2d:32:19:72:36:5f:17:1c:c4:ef:
09:46:f5:bd:46:c9:16:d7:5d:b3:54:4b:5e:a2:a4:b8:29:95:
81:93:60:80:a2:a4:e7:d8:73:2c:27:5a:e4:85:ab:1e:1d:8b:
5d:95:6a:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi44h3FGbBoeU927gnDroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYmY5NWI0N2FiMmI5OWMyMjJiZmU1NDUyMWVmZDFhYjY3
ZDI2N2YwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg1NTZkODUzNzZlZDY3NTYyZGViNTI4MWNjMTJlNzIxODFiMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0hEPY7RdloONUwO2FJA/2/RlC0p
UVKKLB/dBBVuNcbVe11HDo+//aNb7Hzme6hYpbcXzuPKyzBCGC0Q/BGQrCxF/PL/
EFE359lPGtIi+walqF5IvEKWHROqRIb7vF3/QLI4vSNggunqWJLzAHCtUn6u+lgK
a56UfQF5/s0aIPW1UtJsN54hyjFN/eyxBbrDtsOQWal2soxwcJiRxvONwiWKYOjj
6kYErk9Ih/abg7OcSx77Zv94opWgTc9/liY1irHJubHPwKu+9Rk45x2to80i7YSV
Vp9qmw4S+Y5mOY65O9UzdrHhvFJ8hd5PF0p/pjNPCAd/VjNMbCsdzUDWtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyFVthTdu1nVi3rUoHMEuchgbLqMB8GA1UdIwQY
MBaAFMy/lbR6srmcIiv+VFIe/Rq2fSZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekwtVnRIcXl1WndpS181VVVoNzlHclo5Sm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMjliOTUtY2NiMy00NjdiLWFiN2Et
YWM1YjYxNDkzZTAxLzEvRElWVzJGTjI3V2RXTGV0U2djd1M1eUdCc3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMjliOTUtY2NiMy00NjdiLWFiN2EtYWM1YjYxNDkzZTAx
LzEvekwtVnRIcXl1WndpS181VVVoNzlHclo5Sm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1arKMA0G
CSqGSIb3DQEBCwUAA4IBAQBmJEMORIpYCGhoZQCaI5gHl+zyuyLgMjNogooCadCX
uJ5tmh/vJzh9aGiu2Y7YjhK+CXK8SSRsuw+ST5Yu8qJS6WYAxuLaThki2AJzMBS2
urPrEpkCJ8xfB2FzubZTZcPjMGTt9vAg3AwPHwKFHGIwy+xUGpF7DhqKsUBuhsmw
WER9OZQk7GWn1hCYLDw5cSDyphfIkpNK23p2oSY2megx3Ba9f6bUUlOcCPNQcqij
VAEf+Y//ZHfRLRdjbl/H50W8L/6ohW1/iN6KoL7eOi0yGXI2XxccxO8JRvW9RskW
112zVEteoqS4KZWBk2CAoqTn2HMsJ1rkhaseHYtdlWqG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:25 2025 by rpki-client