Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/2P_EubNW8lDMjH_PzlpmWlTGtiQ.roa
File: 2P_EubNW8lDMjH_PzlpmWlTGtiQ.roa (raw, json)
Hash identifier: 2qfH1JwiHjdJb4paVYq8GbE26DMfI+Sq0Y6YE0kiXA4=
Subject key identifier: D8:FF:C4:B9:B3:56:F2:50:CC:8C:7F:CF:CE:5A:66:5A:54:C6:B6:24
Certificate issuer: /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial: 01856FCBBD281CD388A3D142132E70B34342
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/2P_EubNW8lDMjH_PzlpmWlTGtiQ.roa
Signing time: Mon 02 Jan 2023 00:05:01 +0000
ROA not before: Mon 02 Jan 2023 00:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56544
IP address blocks: 217.11.140.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:bd:28:1c:d3:88:a3:d1:42:13:2e:70:b3:43:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Validity
Not Before: Jan 2 00:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8ffc4b9b356f250cc8c7fcfce5a665a54c6b624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a9:d4:d2:6b:62:0a:c1:56:a5:32:47:3c:fc:
a6:86:27:ef:cb:ce:2a:c9:2a:b2:13:d4:d1:28:a6:
6b:56:bf:bf:03:50:80:07:ca:7d:0a:75:1a:18:52:
a0:dc:9f:84:92:ba:b7:c0:ff:51:aa:e8:70:44:23:
a5:2e:47:f9:45:3c:bd:d1:33:30:dd:88:d2:cc:19:
21:0c:e6:c3:4a:22:7b:dd:2e:2e:e1:26:4d:d3:c5:
de:35:cf:17:96:a0:31:45:ae:9c:5c:30:1c:90:34:
43:8c:20:f4:b0:39:3f:dc:f6:52:c2:dc:ae:85:53:
91:52:72:b9:7f:80:aa:7a:bf:5a:95:a2:e2:9b:44:
5c:d9:56:97:7e:4d:78:a8:f0:44:79:fd:9b:e4:7c:
69:3b:ba:83:76:3e:63:b8:ae:c8:c0:74:27:8e:fa:
63:98:1b:c2:1c:ec:ab:32:06:08:93:37:39:36:c6:
41:27:45:e9:a4:ef:3a:db:8a:e8:ab:e8:4e:5b:35:
09:58:1e:a2:f5:b9:69:dc:1a:93:36:ae:99:8e:79:
3a:9c:5a:73:79:c0:40:47:92:ca:60:f8:db:93:08:
08:e2:97:30:09:f3:7a:76:b0:90:f0:ed:75:17:74:
90:5b:26:1a:b0:29:5e:54:44:1c:0d:a2:67:2a:1e:
c8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FF:C4:B9:B3:56:F2:50:CC:8C:7F:CF:CE:5A:66:5A:54:C6:B6:24
X509v3 Authority Key Identifier:
keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/2P_EubNW8lDMjH_PzlpmWlTGtiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.11.140.0/23
Signature Algorithm: sha256WithRSAEncryption
35:50:a9:36:58:c7:45:1d:2f:a4:75:9d:95:ed:73:ce:12:8e:
9c:f9:e2:c6:d4:6b:cb:d2:3b:f9:50:9f:c7:12:43:0f:26:fe:
e2:7c:4d:36:71:7f:02:d6:07:15:cc:47:e2:b9:8d:7b:c6:aa:
19:81:ff:ea:2c:bc:7b:ee:82:dc:43:bb:ed:86:a1:23:cd:6b:
88:8b:ee:4d:99:1f:1c:83:6f:0d:83:40:e7:f9:77:8a:70:05:
1f:38:0a:65:a0:25:15:06:37:64:ba:14:11:32:81:f7:5d:0c:
10:c2:a9:4d:4a:85:f6:1d:91:38:6b:f1:ee:e6:a7:5d:db:c8:
96:77:32:aa:e0:ec:74:e2:0d:e5:b6:2a:c6:fd:db:24:97:03:
24:fa:81:a5:a5:b4:c3:00:4f:c0:4c:60:9a:a5:37:d0:4f:c9:
42:2f:56:82:91:30:63:56:6a:c3:0a:92:ac:71:d9:ff:bd:5d:
0b:00:37:f4:55:a4:6d:d1:07:a5:9c:db:41:6c:1b:07:ae:1e:
a2:5d:45:83:9d:6e:18:5f:b1:16:a5:34:a8:1e:ea:b0:83:4c:
a6:0e:05:93:55:d6:2d:bb:d5:a5:5c:97:95:d5:5c:1a:ad:6c:
72:7f:ac:27:ef:fd:f3:79:87:12:e7:a2:90:b9:4d:3b:70:ef:
80:43:5f:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy70oHNOIo9FCEy5ws0NCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGExMjMxZDFjMjdhNzU0ZTQ2ZWYxMGU5MmE3MzBhZTE1
ZDBmNTUwHhcNMjMwMTAyMDAwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZmYzRiOWIzNTZmMjUwY2M4YzdmY2ZjZTVhNjY1YTU0YzZiNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKnU0mtiCsFWpTJHPPymhifvy84q
ySqyE9TRKKZrVr+/A1CAB8p9CnUaGFKg3J+Ekrq3wP9RquhwRCOlLkf5RTy90TMw
3YjSzBkhDObDSiJ73S4u4SZN08XeNc8XlqAxRa6cXDAckDRDjCD0sDk/3PZSwtyu
hVORUnK5f4Cqer9alaLim0Rc2VaXfk14qPBEef2b5HxpO7qDdj5juK7IwHQnjvpj
mBvCHOyrMgYIkzc5NsZBJ0XppO8624roq+hOWzUJWB6i9blp3BqTNq6Zjnk6nFpz
ecBAR5LKYPjbkwgI4pcwCfN6drCQ8O11F3SQWyYasCleVEQcDaJnKh7IMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNj/xLmzVvJQzIx/z85aZlpUxrYkMB8GA1UdIwQY
MBaAFHAKEjHRwnp1TkbvEOkqcwrhXQ9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgt
YWI3OWEzNzg5ZjhmLzEvMlBfRXViTlc4bERNakhfUHpscG1XbFRHdGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgtYWI3OWEzNzg5Zjhm
LzEvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2QuMMA0G
CSqGSIb3DQEBCwUAA4IBAQA1UKk2WMdFHS+kdZ2V7XPOEo6c+eLG1GvL0jv5UJ/H
EkMPJv7ifE02cX8C1gcVzEfiuY17xqoZgf/qLLx77oLcQ7vthqEjzWuIi+5NmR8c
g28Ng0Dn+XeKcAUfOAploCUVBjdkuhQRMoH3XQwQwqlNSoX2HZE4a/Hu5qdd28iW
dzKq4Ox04g3ltirG/dsklwMk+oGlpbTDAE/ATGCapTfQT8lCL1aCkTBjVmrDCpKs
cdn/vV0LADf0VaRt0QelnNtBbBsHrh6iXUWDnW4YX7EWpTSoHuqwg0ymDgWTVdYt
u9WlXJeV1VwarWxyf6wn7/3zeYcS56KQuU07cO+AQ19Z
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:19:00 2025 by rpki-client