Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/IHcwlELtHTjVHFqBBbCaN9zjRkE.roa
File: IHcwlELtHTjVHFqBBbCaN9zjRkE.roa (raw, json)
Hash identifier: 5TLmJwg/IkrmTJuNic8G7w6Fjc16FMDCaxU5zhCinuU=
Subject key identifier: 20:77:30:94:42:ED:1D:38:D5:1C:5A:81:05:B0:9A:37:DC:E3:46:41
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 0187E2C12B1B75131F33BC90D59ABB74722E
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/IHcwlELtHTjVHFqBBbCaN9zjRkE.roa
Signing time: Wed 03 May 2023 17:55:22 +0000
ROA not before: Wed 03 May 2023 17:55:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50321
IP address blocks: 193.169.194.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:c1:2b:1b:75:13:1f:33:bc:90:d5:9a:bb:74:72:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: May 3 17:55:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2077309442ed1d38d51c5a8105b09a37dce34641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2d:7a:d9:2e:96:7f:26:bd:61:c1:75:f4:b9:
c2:f5:d5:52:57:0f:e0:24:50:b2:46:ab:b9:72:6b:
49:4a:9a:1f:af:63:8f:4c:9d:83:ad:15:b7:1d:4a:
9d:ad:88:82:eb:a6:5b:b3:ca:00:a3:8d:4d:bf:f2:
a5:35:59:1a:f6:7b:19:1a:c5:87:82:ab:ab:93:78:
10:bf:85:e6:eb:bc:32:a9:bb:f8:34:48:be:3f:ba:
a9:67:ce:27:e6:31:9b:21:0f:eb:6d:ae:84:e1:5a:
75:8d:ea:db:9a:e4:16:46:58:9b:27:d9:87:b5:2e:
f2:64:d5:84:34:a0:86:99:7c:88:d0:b5:73:c2:c5:
28:02:44:64:bf:b0:50:87:fb:e1:99:42:dd:af:55:
64:c4:ce:91:0f:13:0c:b6:0b:d6:42:95:b8:19:42:
8c:14:3b:9f:6a:44:da:de:11:5c:08:50:c4:9b:7b:
fa:71:bb:c8:ee:6b:60:91:c5:a8:31:f9:3c:90:0e:
11:a2:14:4e:42:00:9f:f3:11:ca:0e:30:14:02:3b:
a2:9a:a4:2a:09:d4:1a:00:7d:a9:b9:42:2c:69:8d:
aa:d8:06:13:21:b0:3b:26:e8:c8:cc:f9:13:04:ca:
a4:68:08:8c:1b:33:ae:9c:93:54:6e:09:b6:a8:e3:
84:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:77:30:94:42:ED:1D:38:D5:1C:5A:81:05:B0:9A:37:DC:E3:46:41
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/IHcwlELtHTjVHFqBBbCaN9zjRkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.194.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:31:05:7e:c0:cc:8b:fa:7d:04:e0:52:c1:73:bf:d7:77:32:
03:68:7e:00:c4:fd:68:2c:d4:94:22:1d:d1:bb:54:b1:fe:74:
22:2d:0c:e8:e4:4c:71:4d:89:d7:e6:77:70:ab:3f:0a:8e:dd:
a9:1e:b1:b2:df:89:f9:5d:29:2d:43:52:a4:25:95:04:d6:6d:
09:ff:06:83:c4:68:f7:cd:04:6a:83:09:2d:2c:cb:54:6f:9a:
6d:a9:36:dc:0e:2b:57:d0:2b:48:76:ad:62:85:ec:73:e0:29:
1f:7e:b3:16:82:3f:6f:2f:ce:41:8c:25:f8:3b:9a:ce:32:6d:
1a:11:b9:73:d2:74:ae:97:3e:62:b1:70:0e:3b:2d:85:60:97:
37:bf:27:c9:b0:9a:41:90:de:f0:40:55:4d:38:92:74:eb:dd:
39:c3:6c:86:d9:6f:f9:b2:84:d3:b9:a8:f4:b0:8a:7e:b6:62:
d5:6a:74:7c:86:0e:38:d1:c4:6b:a4:db:01:5b:fc:84:b8:a4:
e9:13:a1:37:e6:cf:f8:0a:1c:c7:57:29:6f:77:d6:65:01:c6:
8b:7d:1c:f3:34:8b:e8:a9:b4:8c:c0:99:ca:33:6a:34:13:14:
00:c6:8a:49:75:81:ee:b3:dc:e1:53:95:69:41:d4:30:fd:73:
5e:08:c5:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfiwSsbdRMfM7yQ1Zq7dHIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjMwNTAzMTc1NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDc3MzA5NDQyZWQxZDM4ZDUxYzVhODEwNWIwOWEzN2RjZTM0NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2y162S6Wfya9YcF19LnC9dVSVw/g
JFCyRqu5cmtJSpofr2OPTJ2DrRW3HUqdrYiC66Zbs8oAo41Nv/KlNVka9nsZGsWH
gqurk3gQv4Xm67wyqbv4NEi+P7qpZ84n5jGbIQ/rba6E4Vp1jerbmuQWRlibJ9mH
tS7yZNWENKCGmXyI0LVzwsUoAkRkv7BQh/vhmULdr1VkxM6RDxMMtgvWQpW4GUKM
FDufakTa3hFcCFDEm3v6cbvI7mtgkcWoMfk8kA4RohROQgCf8xHKDjAUAjuimqQq
CdQaAH2puUIsaY2q2AYTIbA7JujIzPkTBMqkaAiMGzOunJNUbgm2qOOEXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCB3MJRC7R041RxagQWwmjfc40ZBMB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvSUhjd2xFTHRIVGpWSEZxQkJiQ2FOOXpqUmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwanCMA0G
CSqGSIb3DQEBCwUAA4IBAQAcMQV+wMyL+n0E4FLBc7/XdzIDaH4AxP1oLNSUIh3R
u1Sx/nQiLQzo5ExxTYnX5ndwqz8Kjt2pHrGy34n5XSktQ1KkJZUE1m0J/waDxGj3
zQRqgwktLMtUb5ptqTbcDitX0CtIdq1ihexz4CkffrMWgj9vL85BjCX4O5rOMm0a
Eblz0nSulz5isXAOOy2FYJc3vyfJsJpBkN7wQFVNOJJ06905w2yG2W/5soTTuaj0
sIp+tmLVanR8hg440cRrpNsBW/yEuKTpE6E35s/4ChzHVylvd9ZlAcaLfRzzNIvo
qbSMwJnKM2o0ExQAxopJdYHus9zhU5VpQdQw/XNeCMUt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:30 2025 by rpki-client