Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/cdrjYh8DQ2DImJKJJ6P2jn5zA7g.roa
File: cdrjYh8DQ2DImJKJJ6P2jn5zA7g.roa (raw, json)
Hash identifier: RiF5195k2hiNND+6PNJ+7Dv2Uu1jq51AptyxAQSlR8s=
Subject key identifier: 71:DA:E3:62:1F:03:43:60:C8:98:92:89:27:A3:F6:8E:7E:73:03:B8
Certificate issuer: /CN=9eda096dbc8d59a442721cc169d6aeb649f5fd3f
Certificate serial: 01846839664332684E44A13BB8C342E0AF2E
Authority key identifier: 9E:DA:09:6D:BC:8D:59:A4:42:72:1C:C1:69:D6:AE:B6:49:F5:FD:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ntoJbbyNWaRCchzBadautkn1_T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/cdrjYh8DQ2DImJKJJ6P2jn5zA7g.roa
Signing time: Fri 11 Nov 2022 19:45:02 +0000
ROA not before: Fri 11 Nov 2022 19:45:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201633
IP address blocks: 206.225.17.0/24 maxlen: 24
2a12:d4c0:b00b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:68:39:66:43:32:68:4e:44:a1:3b:b8:c3:42:e0:af:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eda096dbc8d59a442721cc169d6aeb649f5fd3f
Validity
Not Before: Nov 11 19:45:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71dae3621f034360c898928927a3f68e7e7303b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:67:04:38:f2:02:59:4e:01:5a:a2:1a:a4:6e:
03:ec:f1:0d:b5:b1:f0:55:e0:d2:56:42:79:13:00:
ae:af:f8:2f:ba:29:68:7f:63:8e:cf:b6:aa:0f:cc:
ef:51:2a:24:97:86:d8:5a:51:85:62:36:2a:37:30:
6c:95:71:99:4b:72:91:87:0d:76:57:96:6f:f6:f2:
f6:a6:05:43:cf:6e:f5:ff:42:84:80:57:07:d8:f3:
c9:6b:af:12:ff:64:12:08:86:67:ab:26:da:2f:80:
93:70:65:b8:fc:c4:eb:2c:e8:22:14:86:58:81:0a:
76:2f:62:e0:47:24:0c:62:8f:77:a9:df:2f:e0:f8:
6a:5d:68:e0:2d:7f:11:63:13:22:74:3b:e7:34:45:
19:b1:98:12:56:95:5d:37:78:4e:bd:71:85:47:af:
ac:1d:c6:48:c9:d4:75:a5:c2:41:ba:28:4e:ec:85:
87:ab:63:4c:58:df:3c:b6:ec:3c:f5:9a:65:37:03:
0a:b7:54:5e:e0:c1:5f:13:10:9f:fe:f3:ee:e0:4a:
1d:9f:bc:0f:95:f7:c2:10:85:5d:34:a1:6f:27:6e:
eb:7d:10:a4:2c:ee:44:c6:dd:6a:5e:51:4c:f0:ff:
1a:05:d9:2c:71:f3:3d:1e:96:43:05:74:45:bc:a0:
84:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:DA:E3:62:1F:03:43:60:C8:98:92:89:27:A3:F6:8E:7E:73:03:B8
X509v3 Authority Key Identifier:
keyid:9E:DA:09:6D:BC:8D:59:A4:42:72:1C:C1:69:D6:AE:B6:49:F5:FD:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ntoJbbyNWaRCchzBadautkn1_T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/cdrjYh8DQ2DImJKJJ6P2jn5zA7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/ntoJbbyNWaRCchzBadautkn1_T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.225.17.0/24
IPv6:
2a12:d4c0:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
a2:00:c7:7d:a3:fc:82:57:0c:b2:cf:bf:26:e3:ab:d4:84:4e:
19:fe:64:f8:b8:44:d2:1e:2f:94:f9:30:b4:01:18:cc:2a:d4:
c3:b4:29:a3:3d:ef:19:13:f7:76:31:70:91:d0:67:96:25:b2:
53:e1:8d:6f:1a:5b:7a:41:3b:cf:49:c7:84:ec:0f:c7:64:d7:
89:86:da:4f:f2:de:50:ca:be:85:51:06:20:2d:5f:3b:24:4c:
ef:45:0d:7d:a3:c1:02:3e:a6:19:73:e0:12:0e:f6:03:5f:33:
3d:66:f0:d4:55:6a:b6:ba:41:f0:cf:cd:cf:4f:67:1e:0d:4f:
e0:33:12:04:5c:83:da:60:ee:b4:1b:54:06:44:c4:23:0e:da:
90:73:0c:a5:8c:aa:1b:bb:0a:85:48:e3:06:71:e8:1f:50:94:
e7:fc:bb:8f:81:b3:2e:d6:90:c0:4c:40:36:79:01:a1:7f:4e:
3b:3f:ee:43:ec:1a:ef:86:a7:bb:3e:bf:48:e3:f7:82:b2:e7:
35:82:0a:d8:07:a2:eb:6d:cd:a3:3c:d9:c9:5f:c2:6d:37:60:
6f:67:c8:9d:7f:2a:8e:2e:5d:6f:01:f6:fb:b4:79:75:d1:a5:
a2:c8:48:c3:dc:b8:01:09:2f:77:62:8a:c4:9c:67:fc:12:92:
0d:5f:9a:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYRoOWZDMmhORKE7uMNC4K8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZGEwOTZkYmM4ZDU5YTQ0MjcyMWNjMTY5ZDZhZWI2NDlm
NWZkM2YwHhcNMjIxMTExMTk0NTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWRhZTM2MjFmMDM0MzYwYzg5ODkyODkyN2EzZjY4ZTdlNzMwM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmcEOPICWU4BWqIapG4D7PENtbHw
VeDSVkJ5EwCur/gvuilof2OOz7aqD8zvUSokl4bYWlGFYjYqNzBslXGZS3KRhw12
V5Zv9vL2pgVDz271/0KEgFcH2PPJa68S/2QSCIZnqybaL4CTcGW4/MTrLOgiFIZY
gQp2L2LgRyQMYo93qd8v4PhqXWjgLX8RYxMidDvnNEUZsZgSVpVdN3hOvXGFR6+s
HcZIydR1pcJBuihO7IWHq2NMWN88tuw89ZplNwMKt1Re4MFfExCf/vPu4Eodn7wP
lffCEIVdNKFvJ27rfRCkLO5Ext1qXlFM8P8aBdkscfM9HpZDBXRFvKCEgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHHa42IfA0NgyJiSiSej9o5+cwO4MB8GA1UdIwQY
MBaAFJ7aCW28jVmkQnIcwWnWrrZJ9f0/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnRvSmJieU5XYVJDY2h6QmFkYXV0a24xX1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85ODFiNTAtMDNhYi00MTRiLWEzMTAt
YmRjNWQ2Y2IyMTQxLzEvY2RyalloOERRMkRJbUpLSko2UDJqbjV6QTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85ODFiNTAtMDNhYi00MTRiLWEzMTAtYmRjNWQ2Y2IyMTQx
LzEvbnRvSmJieU5XYVJDY2h6QmFkYXV0a24xX1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAzuERMA8E
AgACMAkDBwAqEtTAsAswDQYJKoZIhvcNAQELBQADggEBAKIAx32j/IJXDLLPvybj
q9SEThn+ZPi4RNIeL5T5MLQBGMwq1MO0KaM97xkT93YxcJHQZ5YlslPhjW8aW3pB
O89Jx4TsD8dk14mG2k/y3lDKvoVRBiAtXzskTO9FDX2jwQI+phlz4BIO9gNfMz1m
8NRVara6QfDPzc9PZx4NT+AzEgRcg9pg7rQbVAZExCMO2pBzDKWMqhu7CoVI4wZx
6B9QlOf8u4+Bsy7WkMBMQDZ5AaF/Tjs/7kPsGu+Gp7s+v0jj94Ky5zWCCtgHoutt
zaM82clfwm03YG9nyJ1/Ko4uXW8B9vu0eXXRpaLISMPcuAEJL3diisScZ/wSkg1f
mpQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:08 2024 by rpki-client on console-fra.rpki-client.org