Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/IrX2Q3wfUALoiJVBQHI2IJ3W6G4.roa
File: IrX2Q3wfUALoiJVBQHI2IJ3W6G4.roa (raw, json)
Hash identifier: 8IMnII+jnRDpkclVSsoU84BM8kce3gHQmVUw8dOQEkY=
Subject key identifier: 22:B5:F6:43:7C:1F:50:02:E8:88:95:41:40:72:36:20:9D:D6:E8:6E
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 01856D0A9FCAC46F2F472E8E2AF6DBC736CA
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/IrX2Q3wfUALoiJVBQHI2IJ3W6G4.roa
Signing time: Sun 01 Jan 2023 11:14:50 +0000
ROA not before: Sun 01 Jan 2023 11:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12908
IP address blocks: 193.255.134.0/24 maxlen: 24
193.255.134.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:9f:ca:c4:6f:2f:47:2e:8e:2a:f6:db:c7:36:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 11:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22b5f6437c1f5002e8889541407236209dd6e86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ee:c4:37:74:bf:85:2c:4e:11:2a:0a:3b:fa:
3a:24:ee:47:e5:6f:23:16:db:88:32:aa:e2:ac:92:
d5:fb:de:8c:69:b8:59:c7:c8:2f:9b:a6:78:71:f1:
d5:d2:15:2d:9b:b0:af:bb:49:0a:15:3e:79:ac:17:
53:9b:86:60:30:12:99:ae:48:e7:ed:10:36:41:32:
98:f4:3c:81:9f:f7:ff:ee:28:be:f4:32:e5:6b:d8:
e5:d8:a6:0b:0a:73:c6:4a:12:99:00:7d:2a:ce:5b:
01:56:49:eb:bd:20:b8:3b:6a:27:8f:2d:35:d1:cc:
2e:d3:32:fd:32:3d:4f:31:7a:20:86:3f:60:5a:aa:
6c:01:ab:ce:34:f2:f4:3f:e5:87:c6:ca:a9:66:f6:
79:bf:00:de:83:4b:6e:07:95:31:99:be:d2:8a:4c:
dd:af:eb:dc:a1:01:36:fa:51:2c:8e:06:0e:c3:df:
27:46:8e:a3:94:f6:dc:f6:db:c5:70:4b:dc:de:4e:
8f:9e:d3:46:90:2c:03:22:3d:05:6e:ee:bb:8f:14:
1d:8c:2f:7d:05:12:67:22:6d:26:28:10:a4:9a:23:
cc:b3:25:e3:0b:16:52:c1:df:4d:03:63:08:61:54:
f5:bb:34:61:4f:7d:9d:75:94:2d:48:b1:17:db:3a:
c5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B5:F6:43:7C:1F:50:02:E8:88:95:41:40:72:36:20:9D:D6:E8:6E
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/IrX2Q3wfUALoiJVBQHI2IJ3W6G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.255.134.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:cc:4e:1c:c2:47:f8:27:93:d9:c8:39:51:71:12:70:9e:1a:
21:ba:4a:f0:72:f5:6a:13:dc:2b:da:21:d2:cf:7d:c5:25:1a:
6a:d5:0d:94:d7:74:0d:27:4a:3a:81:f6:bb:55:69:9b:86:2a:
05:68:18:01:63:20:6a:07:88:e8:32:dd:1d:05:11:d7:2b:b8:
d1:25:c5:e7:b0:de:bc:0a:da:da:e6:3a:f2:bb:49:40:52:69:
ef:e3:5c:a2:2e:6b:e5:b3:89:41:f5:e8:66:b7:ac:47:b3:fa:
cd:12:77:93:f7:e5:07:19:9c:36:2d:26:6a:27:77:4d:ab:92:
3d:02:81:93:73:09:77:64:6a:85:2d:3f:f1:16:18:10:cd:27:
c5:c7:8b:a2:da:1f:f9:c6:46:7f:cf:2a:a7:75:aa:c8:40:f7:
b6:93:75:fd:f0:ba:dd:db:b0:ca:18:35:d1:b3:cf:79:6c:5d:
ed:3d:cf:74:ec:c0:ec:5f:97:fb:d5:e1:2a:06:8a:d9:f0:22:
ff:c0:07:02:69:7f:1a:46:0a:ac:53:9a:7a:89:43:80:9d:f8:
ef:4d:af:85:16:02:39:72:96:27:cf:81:17:c7:48:44:7e:2c:
4d:97:7a:d4:e5:93:ce:f0:1d:c6:05:19:46:ce:df:8e:fc:91:
ef:89:cf:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCp/KxG8vRy6OKvbbxzbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjMwMTAxMTExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmI1ZjY0MzdjMWY1MDAyZTg4ODk1NDE0MDcyMzYyMDlkZDZlODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO7EN3S/hSxOESoKO/o6JO5H5W8j
FtuIMqrirJLV+96MabhZx8gvm6Z4cfHV0hUtm7Cvu0kKFT55rBdTm4ZgMBKZrkjn
7RA2QTKY9DyBn/f/7ii+9DLla9jl2KYLCnPGShKZAH0qzlsBVknrvSC4O2onjy01
0cwu0zL9Mj1PMXoghj9gWqpsAavONPL0P+WHxsqpZvZ5vwDeg0tuB5Uxmb7Sikzd
r+vcoQE2+lEsjgYOw98nRo6jlPbc9tvFcEvc3k6PntNGkCwDIj0Fbu67jxQdjC99
BRJnIm0mKBCkmiPMsyXjCxZSwd9NA2MIYVT1uzRhT32ddZQtSLEX2zrFgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCK19kN8H1AC6IiVQUByNiCd1uhuMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvSXJYMlEzd2ZVQUxvaUpWQlFISTJJSjNXNkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwf+GMA0G
CSqGSIb3DQEBCwUAA4IBAQBqzE4cwkf4J5PZyDlRcRJwnhohukrwcvVqE9wr2iHS
z33FJRpq1Q2U13QNJ0o6gfa7VWmbhioFaBgBYyBqB4joMt0dBRHXK7jRJcXnsN68
Ctra5jryu0lAUmnv41yiLmvls4lB9ehmt6xHs/rNEneT9+UHGZw2LSZqJ3dNq5I9
AoGTcwl3ZGqFLT/xFhgQzSfFx4ui2h/5xkZ/zyqndarIQPe2k3X98Lrd27DKGDXR
s895bF3tPc907MDsX5f71eEqBorZ8CL/wAcCaX8aRgqsU5p6iUOAnfjvTa+FFgI5
cpYnz4EXx0hEfixNl3rU5ZPO8B3GBRlGzt+O/JHvic9m
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:19 2025 by rpki-client