Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/FZ41ReSnOwZghefYmO6X09OC4bQ.roa
File: FZ41ReSnOwZghefYmO6X09OC4bQ.roa (raw, json)
Hash identifier: ygxDdpQ4BvFDGjvt3IjGlr9bl5uVacMwQBGBHDbhQX4=
Subject key identifier: 15:9E:35:45:E4:A7:3B:06:60:85:E7:D8:98:EE:97:D3:D3:82:E1:B4
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 1541A532
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/FZ41ReSnOwZghefYmO6X09OC4bQ.roa
Signing time: Sat 01 Jan 2022 07:52:51 +0000
ROA not before: Sat 01 Jan 2022 07:52:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207360
IP address blocks: 217.22.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 356623666 (0x1541a532)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 1 07:52:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=159e3545e4a73b066085e7d898ee97d3d382e1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:34:d4:2d:b5:c3:33:d1:98:08:9d:fb:16:05:
56:68:1b:d8:24:bc:5c:e1:ca:f4:6d:00:e9:9c:f7:
eb:f8:18:d7:f0:cf:03:7c:4d:15:b3:83:7d:42:73:
79:01:e9:f1:ae:08:04:03:e8:62:85:a5:9a:97:b5:
a5:7f:5c:92:9f:bd:cd:9c:c3:9c:59:cf:95:88:a8:
b3:c4:77:00:d0:3d:99:e1:cc:47:46:e5:76:f6:a8:
7f:66:dc:27:65:59:e9:8a:03:3f:4f:a7:d9:95:1c:
36:94:9c:53:a5:f0:85:c3:d3:8a:29:ac:e6:17:b3:
ea:b3:0c:0a:d8:01:3d:0b:ea:a9:0e:bb:5a:ef:a2:
2c:3c:27:c9:c0:00:9d:f1:b5:7b:57:a1:6b:59:c6:
b9:ff:23:74:cf:07:ff:b6:4d:2e:4b:04:a1:d6:ec:
75:4b:95:b5:9e:06:36:7d:44:0a:40:0e:8b:72:59:
e6:90:8c:b4:73:51:1c:dd:06:e9:82:ea:7c:e8:63:
16:c5:54:c4:ed:10:ad:70:6b:a1:c5:71:2c:fb:e1:
1d:a1:73:e0:2e:d6:d0:ce:40:ef:cb:5d:32:1d:25:
36:b3:fb:e3:ca:13:a5:7b:52:37:be:2f:25:f1:26:
cc:60:b4:a9:98:71:95:f8:9d:ce:e8:12:75:db:01:
12:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:9E:35:45:E4:A7:3B:06:60:85:E7:D8:98:EE:97:D3:D3:82:E1:B4
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/FZ41ReSnOwZghefYmO6X09OC4bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.22.115.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ee:9a:78:c5:64:51:ad:1f:00:d1:ed:f5:d9:57:64:aa:5e:
fe:e7:07:9e:49:dc:d2:f4:78:12:dc:18:1c:47:f8:51:fc:a3:
48:42:4b:f5:a5:8a:f6:4a:9c:14:a9:5e:46:ad:0a:75:1b:27:
98:74:e6:a1:30:88:61:61:5a:4d:6f:88:29:bf:69:77:e1:28:
65:30:02:bf:26:12:70:76:b1:95:d2:d1:bf:a0:90:73:a6:d7:
cc:85:65:7b:c2:a2:a9:1b:a3:fe:53:55:5d:3a:64:cd:b2:d0:
89:24:45:ec:02:66:aa:39:fd:53:8f:bb:2e:b7:c6:04:31:c2:
29:dc:f4:56:b8:2c:61:76:9b:10:93:05:64:35:cc:7a:2b:b1:
1b:60:57:b7:8c:43:e5:ae:52:f1:7e:13:7f:16:88:b4:dc:f3:
1a:96:b1:e5:89:ac:bd:25:4f:74:26:fb:7c:68:4c:fa:a1:be:
9e:4a:bc:43:a7:8b:da:02:e0:9b:f9:27:7b:39:df:53:28:81:
04:fc:a3:53:84:45:27:48:17:d3:e7:c4:2d:28:e0:b2:2b:56:
d5:ba:a1:01:9d:f6:9c:57:b8:a1:65:ad:cd:56:43:e6:3a:ce:
1c:6d:b4:d2:af:81:24:b1:74:6a:4b:ec:07:e4:e2:ea:b9:81:
cd:3e:a4:60
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFUGlMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZmVkZDg1YzFlY2NiNWZmNGJhOTMwMTE3YTczMjkwOTljMGZmMmViMB4XDTIyMDEw
MTA3NTI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTU5ZTM1NDVlNGE3
M2IwNjYwODVlN2Q4OThlZTk3ZDNkMzgyZTFiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMc01C21wzPRmAid+xYFVmgb2CS8XOHK9G0A6Zz36/gY1/DP
A3xNFbODfUJzeQHp8a4IBAPoYoWlmpe1pX9ckp+9zZzDnFnPlYios8R3ANA9meHM
R0bldvaof2bcJ2VZ6YoDP0+n2ZUcNpScU6XwhcPTiims5hez6rMMCtgBPQvqqQ67
Wu+iLDwnycAAnfG1e1eha1nGuf8jdM8H/7ZNLksEodbsdUuVtZ4GNn1ECkAOi3JZ
5pCMtHNRHN0G6YLqfOhjFsVUxO0QrXBrocVxLPvhHaFz4C7W0M5A78tdMh0lNrP7
48oTpXtSN74vJfEmzGC0qZhxlfidzugSddsBEg8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQVnjVF5Kc7BmCF59iY7pfT04LhtDAfBgNVHSMEGDAWgBQ/7dhcHsy1/0up
MBF6cykJnA/y6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1AtM1lYQjdNdGY5THFUQVJlbk1wQ1p3UDh1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvNDFjMzIxLTM0N2UtNGMzZS1hZmZkLWUyYjUyNzcyOGU5Ni8x
L0ZaNDFSZVNuT3daZ2hlZlltTzZYMDlPQzRiUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
NDFjMzIxLTM0N2UtNGMzZS1hZmZkLWUyYjUyNzcyOGU5Ni8xL1AtM1lYQjdNdGY5
THFUQVJlbk1wQ1p3UDh1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkWczANBgkqhkiG9w0BAQsFAAOC
AQEAeu6aeMVkUa0fANHt9dlXZKpe/ucHnknc0vR4EtwYHEf4UfyjSEJL9aWK9kqc
FKleRq0KdRsnmHTmoTCIYWFaTW+IKb9pd+EoZTACvyYScHaxldLRv6CQc6bXzIVl
e8KiqRuj/lNVXTpkzbLQiSRF7AJmqjn9U4+7LrfGBDHCKdz0VrgsYXabEJMFZDXM
eiuxG2BXt4xD5a5S8X4TfxaItNzzGpax5YmsvSVPdCb7fGhM+qG+nkq8Q6eL2gLg
m/kneznfUyiBBPyjU4RFJ0gX0+fELSjgsitW1bqhAZ32nFe4oWWtzVZD5jrOHG20
0q+BJLF0akvsB+Ti6rmBzT6kYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:57 2024 by rpki-client on console-fra.rpki-client.org