Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/0433e3-bd61-4d13-847a-d90c6177e402/1/5n0InncNdTssW-pruA7jx9cOKh8.roa
File: 5n0InncNdTssW-pruA7jx9cOKh8.roa (raw, json)
Hash identifier: Y2d2v+RA8vqZ6wQH2GA6I6y+baZRLi00T9GwtgDUwz8=
Subject key identifier: E6:7D:08:9E:77:0D:75:3B:2C:5B:EA:6B:B8:0E:E3:C7:D7:0E:2A:1F
Certificate issuer: /CN=27fdce9db6af9b8133a32617eef4e046444efdd4
Certificate serial: 0189EFA3D440FB0C4CF20A7A36CC108F1826
Authority key identifier: 27:FD:CE:9D:B6:AF:9B:81:33:A3:26:17:EE:F4:E0:46:44:4E:FD:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_3Onbavm4EzoyYX7vTgRkRO_dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/0433e3-bd61-4d13-847a-d90c6177e402/1/5n0InncNdTssW-pruA7jx9cOKh8.roa
Signing time: Sun 13 Aug 2023 16:03:58 +0000
ROA not before: Sun 13 Aug 2023 16:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60274
IP address blocks: 207.244.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ef:a3:d4:40:fb:0c:4c:f2:0a:7a:36:cc:10:8f:18:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27fdce9db6af9b8133a32617eef4e046444efdd4
Validity
Not Before: Aug 13 16:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e67d089e770d753b2c5bea6bb80ee3c7d70e2a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:73:64:dc:1d:22:0e:48:db:c2:30:22:3d:61:
10:65:71:c6:cf:70:16:1f:e3:19:8a:d1:af:f7:85:
7b:1c:38:e2:4e:5f:3b:f4:13:b1:ec:55:2f:ec:ef:
c5:26:19:ff:96:f5:0e:d9:86:4e:07:03:0f:19:4d:
f7:72:a7:aa:bf:1c:22:a8:af:23:7e:e0:7e:39:9e:
9f:96:b4:60:b6:39:f0:8a:34:dd:e8:43:39:20:19:
11:00:48:8d:af:ac:db:d1:18:9a:1e:1b:90:6c:07:
30:34:43:c0:b2:90:25:61:b0:8b:8e:8b:3a:8c:f1:
47:57:76:e3:de:21:a8:e8:df:2d:c5:e9:e3:ee:99:
75:c4:5a:62:75:ec:36:37:70:7e:45:2c:be:06:59:
1a:6f:b1:8c:bd:e4:5d:81:3c:32:5a:26:e2:be:66:
ea:5e:8b:74:5f:8b:83:a3:26:6f:6b:ea:4c:a1:64:
c8:3f:ad:62:7a:d4:cd:9a:b7:37:ce:71:51:64:0a:
30:4b:c9:23:44:d2:66:a4:f6:e3:11:d3:d0:33:ad:
41:3a:04:fd:1c:01:41:1b:37:62:54:18:ec:44:38:
53:2f:a2:a8:cb:e1:a9:be:af:40:59:75:10:65:7f:
e2:26:82:80:9b:ed:1c:a2:69:f9:84:40:ea:99:5b:
89:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7D:08:9E:77:0D:75:3B:2C:5B:EA:6B:B8:0E:E3:C7:D7:0E:2A:1F
X509v3 Authority Key Identifier:
keyid:27:FD:CE:9D:B6:AF:9B:81:33:A3:26:17:EE:F4:E0:46:44:4E:FD:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_3Onbavm4EzoyYX7vTgRkRO_dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/0433e3-bd61-4d13-847a-d90c6177e402/1/5n0InncNdTssW-pruA7jx9cOKh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/0433e3-bd61-4d13-847a-d90c6177e402/1/J_3Onbavm4EzoyYX7vTgRkRO_dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.244.220.0/24
Signature Algorithm: sha256WithRSAEncryption
af:91:51:59:03:88:39:a0:05:18:d3:35:41:33:99:5e:70:64:
9e:c6:98:63:3b:f6:f1:23:07:46:6b:d2:38:85:0e:00:7d:f7:
45:56:14:2b:2c:ee:cc:4a:0a:13:76:8a:c8:88:26:0d:31:9d:
24:19:3a:d0:ad:8d:68:ef:b4:55:9e:b5:2c:69:30:2e:fe:b2:
50:c1:56:9a:c8:0c:dd:69:a9:95:73:9e:a5:16:f7:3e:40:d2:
28:5a:57:45:30:6f:70:78:d3:90:56:d5:7b:dd:fe:2a:5d:85:
ce:f1:c3:96:2c:c4:15:c2:a4:64:31:97:0a:7a:bf:70:61:83:
5e:5c:9f:c4:65:ac:ae:e6:92:59:b9:db:cb:b9:f4:1a:c1:35:
5a:f7:fd:1e:1d:bf:b6:21:1e:0a:37:c2:32:95:cf:d7:5a:ca:
e4:c3:4a:52:66:b5:be:3f:a1:5f:67:86:94:d6:96:e6:e1:8f:
38:7f:b4:0e:40:33:cd:b4:b0:ac:c8:21:50:0b:9b:aa:e4:72:
b1:57:16:c2:dc:26:b0:73:93:ae:99:c3:e2:c8:9b:bb:df:46:
23:67:7a:43:c3:92:17:37:e9:44:a5:4d:9a:98:fc:d8:60:97:
b9:45:02:14:0c:3e:42:e9:c6:d2:37:00:5c:6f:fc:3b:bf:d2:
c3:b4:21:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnvo9RA+wxM8gp6NswQjxgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZmRjZTlkYjZhZjliODEzM2EzMjYxN2VlZjRlMDQ2NDQ0
ZWZkZDQwHhcNMjMwODEzMTYwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjdkMDg5ZTc3MGQ3NTNiMmM1YmVhNmJiODBlZTNjN2Q3MGUyYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3Nk3B0iDkjbwjAiPWEQZXHGz3AW
H+MZitGv94V7HDjiTl879BOx7FUv7O/FJhn/lvUO2YZOBwMPGU33cqeqvxwiqK8j
fuB+OZ6flrRgtjnwijTd6EM5IBkRAEiNr6zb0RiaHhuQbAcwNEPAspAlYbCLjos6
jPFHV3bj3iGo6N8txenj7pl1xFpidew2N3B+RSy+Blkab7GMveRdgTwyWibivmbq
Xot0X4uDoyZva+pMoWTIP61ietTNmrc3znFRZAowS8kjRNJmpPbjEdPQM61BOgT9
HAFBGzdiVBjsRDhTL6Koy+Gpvq9AWXUQZX/iJoKAm+0comn5hEDqmVuJgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZ9CJ53DXU7LFvqa7gO48fXDiofMB8GA1UdIwQY
MBaAFCf9zp22r5uBM6MmF+704EZETv3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl8zT25iYXZtNEV6b3lZWDd2VGdSa1JPX2RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8wNDMzZTMtYmQ2MS00ZDEzLTg0N2Et
ZDkwYzYxNzdlNDAyLzEvNW4wSW5uY05kVHNzVy1wcnVBN2p4OWNPS2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8wNDMzZTMtYmQ2MS00ZDEzLTg0N2EtZDkwYzYxNzdlNDAy
LzEvSl8zT25iYXZtNEV6b3lZWDd2VGdSa1JPX2RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAz/TcMA0G
CSqGSIb3DQEBCwUAA4IBAQCvkVFZA4g5oAUY0zVBM5lecGSexphjO/bxIwdGa9I4
hQ4AffdFVhQrLO7MSgoTdorIiCYNMZ0kGTrQrY1o77RVnrUsaTAu/rJQwVaayAzd
aamVc56lFvc+QNIoWldFMG9weNOQVtV73f4qXYXO8cOWLMQVwqRkMZcKer9wYYNe
XJ/EZayu5pJZudvLufQawTVa9/0eHb+2IR4KN8Iylc/XWsrkw0pSZrW+P6FfZ4aU
1pbm4Y84f7QOQDPNtLCsyCFQC5uq5HKxVxbC3Cawc5OumcPiyJu730YjZ3pDw5IX
N+lEpU2amPzYYJe5RQIUDD5C6cbSNwBcb/w7v9LDtCE2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:59 2025 by rpki-client