Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/IwuwcqP6r0C14V1pvJaOom70__c.roa
File: IwuwcqP6r0C14V1pvJaOom70__c.roa (raw, json)
Hash identifier: 0s9HH0E1h2pUr1PX5pRxeKy+cHyLrX3FQYxTARZoA5U=
Subject key identifier: 23:0B:B0:72:A3:FA:AF:40:B5:E1:5D:69:BC:96:8E:A2:6E:F4:FF:F7
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018848A0E9B37BB968A2168D0D773575DB29
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/IwuwcqP6r0C14V1pvJaOom70__c.roa
Signing time: Tue 23 May 2023 12:41:25 +0000
ROA not before: Tue 23 May 2023 12:41:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213224
IP address blocks: 209.227.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:a0:e9:b3:7b:b9:68:a2:16:8d:0d:77:35:75:db:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: May 23 12:41:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=230bb072a3faaf40b5e15d69bc968ea26ef4fff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3d:68:49:ac:de:39:e7:13:62:d4:ac:6e:d8:
35:e9:b6:35:9c:ae:91:67:84:20:55:fc:47:15:46:
20:e1:79:ce:7b:1b:b3:87:f6:0d:fa:fc:c7:6d:d5:
b0:79:77:c8:76:eb:87:07:2f:bd:e2:05:ae:2f:53:
c3:d0:0c:79:16:98:c2:65:7c:14:77:67:87:42:85:
c9:fc:89:4c:ed:44:e4:67:d6:6f:44:65:2e:48:e0:
c0:ca:cc:78:3e:a7:b7:86:32:4b:ad:dc:b2:2b:27:
94:a2:6d:c1:c9:cf:87:22:33:0d:76:ea:90:01:48:
81:3c:aa:c3:d0:1f:b1:90:7a:86:97:5f:73:fd:93:
0e:95:9a:1e:97:d5:c8:60:c3:5b:c7:8f:f9:78:10:
4a:24:20:ee:8e:d0:5f:01:22:63:85:80:0f:26:fa:
04:ab:2f:99:f4:21:fd:26:de:f3:0c:cd:c0:f5:83:
1b:4f:8f:65:a5:5c:bc:1a:6e:49:0e:70:e6:c4:31:
e1:c8:ed:28:56:b7:a3:a5:36:46:54:98:f1:88:b0:
9c:33:ea:62:2b:b9:3c:c9:f6:2b:bc:38:55:50:bf:
f6:d6:0b:d6:c7:6a:95:4b:b7:d3:4f:21:ac:04:d6:
26:7e:5f:49:85:27:07:71:6c:a3:e5:9b:8f:21:a5:
31:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:0B:B0:72:A3:FA:AF:40:B5:E1:5D:69:BC:96:8E:A2:6E:F4:FF:F7
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/IwuwcqP6r0C14V1pvJaOom70__c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.227.208.0/20
Signature Algorithm: sha256WithRSAEncryption
79:20:fc:43:c8:08:ec:54:60:e6:76:64:24:f5:92:42:c5:82:
cb:ce:ff:4d:1f:73:57:0e:3a:28:57:2a:46:90:ea:3f:97:45:
3e:46:04:9f:0d:88:95:77:3f:9a:57:a7:12:a5:77:18:c1:1a:
6e:7b:48:79:01:15:b6:cc:7c:db:d0:07:d7:3e:d3:db:e5:bd:
3f:a1:c6:05:b6:da:2a:16:56:8f:e9:d6:76:8f:7c:1a:0c:67:
fc:d8:9c:9c:7a:76:5f:84:12:6e:8f:ab:c1:f1:52:f8:20:de:
31:a4:b7:19:9c:39:b1:d7:9d:8d:bb:c8:b6:d4:ae:5a:2e:39:
89:cf:ee:60:b6:49:73:9d:1c:4f:72:c4:23:e1:9a:37:ac:16:
cc:9a:ca:01:29:48:a9:11:3f:5f:c9:80:34:d7:68:25:67:fa:
99:48:c2:35:e9:69:2a:17:db:bf:4b:65:95:8e:57:bd:68:8d:
fe:1d:28:df:16:bc:5f:81:23:e1:3b:62:09:82:66:0a:93:45:
43:8d:f6:3f:1b:b4:a7:80:e3:84:71:63:56:94:a8:0b:16:48:
b9:24:79:be:4a:b9:09:64:f1:17:2f:26:7a:d8:31:23:16:bb:
d7:c7:da:21:03:36:f7:f9:8f:9c:cf:f1:75:d9:a6:19:5e:fd:
1a:d8:b9:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhIoOmze7loohaNDXc1ddspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwNTIzMTI0MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzBiYjA3MmEzZmFhZjQwYjVlMTVkNjliYzk2OGVhMjZlZjRmZmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj1oSazeOecTYtSsbtg16bY1nK6R
Z4QgVfxHFUYg4XnOexuzh/YN+vzHbdWweXfIduuHBy+94gWuL1PD0Ax5FpjCZXwU
d2eHQoXJ/IlM7UTkZ9ZvRGUuSODAysx4Pqe3hjJLrdyyKyeUom3Byc+HIjMNduqQ
AUiBPKrD0B+xkHqGl19z/ZMOlZoel9XIYMNbx4/5eBBKJCDujtBfASJjhYAPJvoE
qy+Z9CH9Jt7zDM3A9YMbT49lpVy8Gm5JDnDmxDHhyO0oVrejpTZGVJjxiLCcM+pi
K7k8yfYrvDhVUL/21gvWx2qVS7fTTyGsBNYmfl9JhScHcWyj5ZuPIaUxkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMLsHKj+q9AteFdabyWjqJu9P/3MB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvSXd1d2NxUDZyMEMxNFYxcHZKYU9vbTcwX19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE0ePQMA0G
CSqGSIb3DQEBCwUAA4IBAQB5IPxDyAjsVGDmdmQk9ZJCxYLLzv9NH3NXDjooVypG
kOo/l0U+RgSfDYiVdz+aV6cSpXcYwRpue0h5ARW2zHzb0AfXPtPb5b0/ocYFttoq
FlaP6dZ2j3waDGf82JycenZfhBJuj6vB8VL4IN4xpLcZnDmx152Nu8i21K5aLjmJ
z+5gtklznRxPcsQj4Zo3rBbMmsoBKUipET9fyYA012glZ/qZSMI16WkqF9u/S2WV
jle9aI3+HSjfFrxfgSPhO2IJgmYKk0VDjfY/G7SngOOEcWNWlKgLFki5JHm+SrkJ
ZPEXLyZ62DEjFrvXx9ohAzb3+Y+cz/F12aYZXv0a2Lld
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:20 2025 by rpki-client