Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/Um0iv-4h4gkSCIthtBfTXAHQfaY.roa
File: Um0iv-4h4gkSCIthtBfTXAHQfaY.roa (raw, json)
Hash identifier: DEEiEYU97tWmfW9FiR7eBroNlQprANzbdri9N+RBTWA=
Subject key identifier: 52:6D:22:BF:EE:21:E2:09:12:08:8B:61:B4:17:D3:5C:01:D0:7D:A6
Certificate issuer: /CN=59138e3db77640beadf1da5b15194b9384a1444e
Certificate serial: 0184D22C5C334ECB120B81DD40B08165A314
Authority key identifier: 59:13:8E:3D:B7:76:40:BE:AD:F1:DA:5B:15:19:4B:93:84:A1:44:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WROOPbd2QL6t8dpbFRlLk4ShRE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/Um0iv-4h4gkSCIthtBfTXAHQfaY.roa
Signing time: Fri 02 Dec 2022 09:30:33 +0000
ROA not before: Fri 02 Dec 2022 09:30:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41878
IP address blocks: 217.29.225.0/24 maxlen: 24
217.29.224.0/24 maxlen: 24
217.29.226.0/24 maxlen: 24
217.29.230.0/24 maxlen: 24
217.29.229.0/24 maxlen: 24
217.29.232.0/24 maxlen: 24
217.29.231.0/24 maxlen: 24
217.29.233.0/24 maxlen: 24
217.29.228.0/24 maxlen: 24
217.29.227.0/24 maxlen: 24
217.29.237.0/24 maxlen: 24
217.29.236.0/24 maxlen: 24
217.29.239.0/24 maxlen: 24
217.29.238.0/24 maxlen: 24
217.29.235.0/24 maxlen: 24
217.29.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:2c:5c:33:4e:cb:12:0b:81:dd:40:b0:81:65:a3:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59138e3db77640beadf1da5b15194b9384a1444e
Validity
Not Before: Dec 2 09:30:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=526d22bfee21e20912088b61b417d35c01d07da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:27:ee:38:72:9c:c8:9e:0e:84:af:92:57:48:
42:78:3f:e7:49:42:1a:01:4a:ae:30:73:2a:18:34:
65:46:47:f2:52:55:7d:ae:45:ca:fd:bb:96:c7:68:
0a:8f:bc:80:a2:c2:ab:75:d9:ad:4c:9b:1b:c6:e1:
79:60:2d:0e:63:2a:3c:e8:46:af:ab:da:b7:2e:65:
0f:33:bd:9a:0a:f6:e8:b4:22:22:b2:05:bc:c5:bd:
ab:3a:c0:e2:1b:68:38:72:0e:7e:56:3b:a3:6f:10:
36:8b:bb:f6:05:29:9b:26:37:f7:09:04:89:5f:07:
dd:ad:c6:fd:7e:57:7a:85:02:35:20:5a:a9:2d:04:
69:70:3f:21:a4:c1:76:1e:53:76:94:65:85:6d:33:
1f:d5:a9:1d:bb:fc:17:94:5e:db:10:3e:05:aa:fb:
fe:52:29:f6:19:1d:a2:eb:72:66:2f:bb:c8:90:df:
b5:ea:01:18:8e:24:f7:a2:7d:05:1e:46:3c:b1:f6:
3e:03:30:00:d0:1a:17:5b:3c:cd:97:da:dc:f8:06:
c5:04:b3:9a:96:07:b0:92:ec:4b:f8:8f:2e:f4:c2:
75:f8:e9:9f:8a:af:d9:90:45:7a:ed:50:c7:5b:37:
bc:63:14:e2:fd:3e:02:36:be:07:41:86:2c:42:cb:
5e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6D:22:BF:EE:21:E2:09:12:08:8B:61:B4:17:D3:5C:01:D0:7D:A6
X509v3 Authority Key Identifier:
keyid:59:13:8E:3D:B7:76:40:BE:AD:F1:DA:5B:15:19:4B:93:84:A1:44:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WROOPbd2QL6t8dpbFRlLk4ShRE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/Um0iv-4h4gkSCIthtBfTXAHQfaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/WROOPbd2QL6t8dpbFRlLk4ShRE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.29.224.0/20
Signature Algorithm: sha256WithRSAEncryption
91:eb:8c:3c:2a:19:f0:e0:7d:7d:7a:61:cd:79:f1:37:2d:30:
a0:59:20:f6:a9:30:57:07:24:bd:58:6d:0f:86:7e:1b:c3:45:
c3:15:58:1f:17:48:e4:ec:e2:85:75:f0:44:dc:d6:15:2f:6a:
b1:74:3f:07:81:d5:17:e6:6f:39:90:a2:98:dd:f8:7a:b0:2d:
f0:10:22:6a:ac:09:7e:b2:09:f7:5c:18:f9:81:28:09:fd:52:
ef:d5:bb:bf:cd:6e:dd:65:03:79:6b:ef:b6:69:a2:df:11:53:
e0:d9:bb:24:2a:66:64:f7:79:ac:36:81:ce:f8:c4:9b:bf:c7:
f3:1a:63:cd:3b:91:d1:b9:4a:d3:46:a3:bd:4a:09:b7:57:bf:
8b:e8:f7:17:b1:57:18:0f:ad:c9:ba:f7:11:00:e8:9f:c4:c8:
ee:19:7c:56:80:11:a7:ed:ff:4d:58:90:07:8f:94:28:9f:f9:
eb:e9:99:e7:e8:5d:7c:37:62:5f:c2:69:01:97:22:f3:47:3e:
93:ea:29:01:05:6d:02:73:2f:f5:fa:96:f8:9f:b4:d4:3d:12:
64:72:2b:96:6a:61:90:b4:20:40:fa:27:95:e8:20:6f:62:9e:
13:78:2c:7f:de:d4:17:59:27:8b:52:5e:20:0d:cd:43:c6:9b:
ed:04:6b:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTSLFwzTssSC4HdQLCBZaMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MTM4ZTNkYjc3NjQwYmVhZGYxZGE1YjE1MTk0YjkzODRh
MTQ0NGUwHhcNMjIxMjAyMDkzMDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZkMjJiZmVlMjFlMjA5MTIwODhiNjFiNDE3ZDM1YzAxZDA3ZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApifuOHKcyJ4OhK+SV0hCeD/nSUIa
AUquMHMqGDRlRkfyUlV9rkXK/buWx2gKj7yAosKrddmtTJsbxuF5YC0OYyo86Eav
q9q3LmUPM72aCvbotCIisgW8xb2rOsDiG2g4cg5+VjujbxA2i7v2BSmbJjf3CQSJ
Xwfdrcb9fld6hQI1IFqpLQRpcD8hpMF2HlN2lGWFbTMf1akdu/wXlF7bED4Fqvv+
Uin2GR2i63JmL7vIkN+16gEYjiT3on0FHkY8sfY+AzAA0BoXWzzNl9rc+AbFBLOa
lgewkuxL+I8u9MJ1+Omfiq/ZkEV67VDHWze8YxTi/T4CNr4HQYYsQsteCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJtIr/uIeIJEgiLYbQX01wB0H2mMB8GA1UdIwQY
MBaAFFkTjj23dkC+rfHaWxUZS5OEoUROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1JPT1BiZDJRTDZ0OGRwYkZSbExrNFNoUkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mNGQzNDUtNWZmMy00YjBhLThkZDkt
N2E0ZTMzNDBhNDkxLzEvVW0waXYtNGg0Z2tTQ0l0aHRCZlRYQUhRZmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9mNGQzNDUtNWZmMy00YjBhLThkZDktN2E0ZTMzNDBhNDkx
LzEvV1JPT1BiZDJRTDZ0OGRwYkZSbExrNFNoUkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2R3gMA0G
CSqGSIb3DQEBCwUAA4IBAQCR64w8Khnw4H19emHNefE3LTCgWSD2qTBXByS9WG0P
hn4bw0XDFVgfF0jk7OKFdfBE3NYVL2qxdD8HgdUX5m85kKKY3fh6sC3wECJqrAl+
sgn3XBj5gSgJ/VLv1bu/zW7dZQN5a++2aaLfEVPg2bskKmZk93msNoHO+MSbv8fz
GmPNO5HRuUrTRqO9Sgm3V7+L6PcXsVcYD63JuvcRAOifxMjuGXxWgBGn7f9NWJAH
j5Qon/nr6Znn6F18N2JfwmkBlyLzRz6T6ikBBW0Ccy/1+pb4n7TUPRJkciuWamGQ
tCBA+ieV6CBvYp4TeCx/3tQXWSeLUl4gDc1DxpvtBGvm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:56 2024 by rpki-client on console-fra.rpki-client.org