Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/d5dc61-882b-4636-aff1-1fb3f817608f/1/Ip-lrsg2PE5xzCt8jiQczdsXPuU.roa
File: Ip-lrsg2PE5xzCt8jiQczdsXPuU.roa (raw, json)
Hash identifier: I0z4ygQJuR7Hilj77UlapU/bDl87a/j1rp9IHJYkFss=
Subject key identifier: 22:9F:A5:AE:C8:36:3C:4E:71:CC:2B:7C:8E:24:1C:CD:DB:17:3E:E5
Certificate issuer: /CN=bfad08ac862db6ae0bb0b880aec055edbcbb82fc
Certificate serial: 311554
Authority key identifier: BF:AD:08:AC:86:2D:B6:AE:0B:B0:B8:80:AE:C0:55:ED:BC:BB:82:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v60IrIYttq4LsLiArsBV7by7gvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/d5dc61-882b-4636-aff1-1fb3f817608f/1/Ip-lrsg2PE5xzCt8jiQczdsXPuU.roa
Signing time: Wed 23 Feb 2022 08:10:10 +0000
ROA not before: Wed 23 Feb 2022 08:10:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204896
IP address blocks: 217.74.80.0/20 maxlen: 20
2a02:dd80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3216724 (0x311554)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfad08ac862db6ae0bb0b880aec055edbcbb82fc
Validity
Not Before: Feb 23 08:10:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=229fa5aec8363c4e71cc2b7c8e241ccddb173ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:22:66:60:e2:67:91:aa:5f:60:2e:e6:ce:41:
cb:d9:ea:b3:f3:23:60:1f:7d:45:4d:bb:7d:99:31:
64:3e:0d:1d:5c:96:60:c3:f9:c5:d9:e5:22:15:e8:
d3:5c:3d:e3:81:d6:44:91:d8:c3:dd:ff:a0:e8:a2:
8a:68:73:77:03:91:76:99:c1:5e:73:d3:63:24:67:
11:a8:e6:fd:d8:a1:44:df:a4:25:fe:a2:41:c4:4b:
b6:7f:f0:2c:f5:0f:09:b6:fe:72:23:51:08:ed:f4:
d5:4c:9b:f5:cb:1f:bc:8e:03:df:f8:e0:80:28:78:
b1:af:65:7e:79:4c:3a:d8:66:db:59:91:46:c9:0b:
46:2a:79:2b:2f:38:06:39:f2:bc:39:81:2d:2d:96:
b6:f2:56:5e:a3:89:92:ab:8a:9b:a2:59:3e:e4:97:
dc:55:10:ef:b0:4b:9a:a8:b6:2f:91:62:b1:5b:98:
da:81:0c:58:c9:fe:e7:0b:8a:0e:26:f2:dc:f4:39:
5e:e1:da:61:80:ae:68:6a:3b:5a:05:e4:18:db:23:
9a:e0:2d:49:29:50:7d:e3:0b:11:5c:d5:26:b9:27:
31:f3:a7:93:de:12:15:1b:d9:34:f7:20:54:d6:dc:
03:03:34:d9:cc:1d:25:00:bf:ff:e5:18:22:64:6e:
f8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:9F:A5:AE:C8:36:3C:4E:71:CC:2B:7C:8E:24:1C:CD:DB:17:3E:E5
X509v3 Authority Key Identifier:
keyid:BF:AD:08:AC:86:2D:B6:AE:0B:B0:B8:80:AE:C0:55:ED:BC:BB:82:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v60IrIYttq4LsLiArsBV7by7gvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/d5dc61-882b-4636-aff1-1fb3f817608f/1/Ip-lrsg2PE5xzCt8jiQczdsXPuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/d5dc61-882b-4636-aff1-1fb3f817608f/1/v60IrIYttq4LsLiArsBV7by7gvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.74.80.0/20
IPv6:
2a02:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
00:a1:25:af:07:cc:a2:93:de:87:a8:77:e9:e6:44:eb:cd:1a:
07:91:0a:96:b1:0e:7e:be:69:d6:bb:8c:80:d8:0d:ef:c6:15:
49:30:fd:0b:9a:f6:32:5d:2c:62:0e:3c:90:a5:97:ef:f2:ab:
46:2f:3f:50:14:4f:c5:9b:21:74:3a:2f:ac:8f:67:9f:d5:0c:
9d:e1:9b:99:0f:bf:1c:57:c7:62:c6:45:90:73:fd:dd:10:9c:
e3:48:ae:30:ed:6f:6e:0d:cb:5c:db:6e:d7:b0:b9:2a:b5:0a:
15:b3:2e:cb:e7:2d:be:6e:3c:8f:9e:6d:c6:4c:f0:0a:29:7c:
04:82:91:89:0a:c7:bc:c3:58:cf:c4:6f:22:8b:5d:df:b3:67:
e3:40:77:c1:6c:db:74:c7:42:d3:3b:4d:a9:6e:c2:6c:fa:df:
39:bd:0b:0b:39:f1:24:91:fe:e9:81:71:a2:3d:69:44:61:61:
ac:fa:c4:f6:1d:03:74:cd:d7:7d:c1:ad:f0:06:8a:4d:8c:99:
98:3c:71:fc:14:d4:ed:be:29:b1:df:93:d1:50:09:9a:ad:ca:
fa:f8:e3:f8:a6:76:48:1e:37:35:23:b8:0c:2e:fb:31:c4:ba:
88:a8:6e:84:8e:7f:26:ef:5a:44:4f:80:99:9f:bd:39:0f:72:
fc:9f:a3:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDMRVUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YWQwOGFjODYyZGI2YWUwYmIwYjg4MGFlYzA1NWVkYmNiYjgyZmMwHhcNMjIwMjIz
MDgxMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMjlmYTVhZWM4MzYz
YzRlNzFjYzJiN2M4ZTI0MWNjZGRiMTczZWU1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApyJmYOJnkapfYC7mzkHL2eqz8yNgH31FTbt9mTFkPg0dXJZg
w/nF2eUiFejTXD3jgdZEkdjD3f+g6KKKaHN3A5F2mcFec9NjJGcRqOb92KFE36Ql
/qJBxEu2f/As9Q8Jtv5yI1EI7fTVTJv1yx+8jgPf+OCAKHixr2V+eUw62GbbWZFG
yQtGKnkrLzgGOfK8OYEtLZa28lZeo4mSq4qbolk+5JfcVRDvsEuaqLYvkWKxW5ja
gQxYyf7nC4oOJvLc9Dle4dphgK5oajtaBeQY2yOa4C1JKVB94wsRXNUmuScx86eT
3hIVG9k09yBU1twDAzTZzB0lAL//5RgiZG74iwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFCKfpa7INjxOccwrfI4kHM3bFz7lMB8GA1UdIwQYMBaAFL+tCKyGLbauC7C4
gK7AVe28u4L8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
djYwSXJJWXR0cTRMc0xpQXJzQlY3Ynk3Z3Z3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMS9kNWRjNjEtODgyYi00NjM2LWFmZjEtMWZiM2Y4MTc2MDhmLzEv
SXAtbHJzZzJQRTV4ekN0OGppUWN6ZHNYUHVVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9k
NWRjNjEtODgyYi00NjM2LWFmZjEtMWZiM2Y4MTc2MDhmLzEvdjYwSXJJWXR0cTRM
c0xpQXJzQlY3Ynk3Z3Z3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UpQMA0EAgACMAcDBQMqAt2AMA0G
CSqGSIb3DQEBCwUAA4IBAQAAoSWvB8yik96HqHfp5kTrzRoHkQqWsQ5+vmnWu4yA
2A3vxhVJMP0LmvYyXSxiDjyQpZfv8qtGLz9QFE/FmyF0Oi+sj2ef1Qyd4ZuZD78c
V8dixkWQc/3dEJzjSK4w7W9uDctc227XsLkqtQoVsy7L5y2+bjyPnm3GTPAKKXwE
gpGJCse8w1jPxG8ii13fs2fjQHfBbNt0x0LTO02pbsJs+t85vQsLOfEkkf7pgXGi
PWlEYWGs+sT2HQN0zdd9wa3wBopNjJmYPHH8FNTtvimx35PRUAmarcr6+OP4pnZI
Hjc1I7gMLvsxxLqIqG6Ejn8m71pET4CZn705D3L8n6Mu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:13 2023 by rpki-client on console-fra.rpki-client.org