Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/OkVkiKjI1MqTUCxxFZ81LGElf_E.roa
File: OkVkiKjI1MqTUCxxFZ81LGElf_E.roa (raw, json)
Hash identifier: VUE5LUXcr/y8tB6WXlWhCVbmQ8BjY6hq9Z8gL4Vl8rk=
Subject key identifier: 3A:45:64:88:A8:C8:D4:CA:93:50:2C:71:15:9F:35:2C:61:25:7F:F1
Certificate issuer: /CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Certificate serial: 41F7308A
Authority key identifier: 92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/OkVkiKjI1MqTUCxxFZ81LGElf_E.roa
Signing time: Sat 01 Jan 2022 16:05:08 +0000
ROA not before: Sat 01 Jan 2022 16:05:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201270
IP address blocks: 217.107.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1106718858 (0x41f7308a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Validity
Not Before: Jan 1 16:05:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a456488a8c8d4ca93502c71159f352c61257ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:bb:81:ca:76:da:1d:61:dc:c0:48:fb:c5:41:
d3:c0:90:6f:5f:28:6e:33:ae:03:72:7f:e1:a6:f1:
a3:52:e6:b8:d3:50:d7:56:f0:81:36:ab:22:d6:ad:
05:ba:90:b8:d8:7a:a6:e8:31:ba:19:e6:24:67:42:
fc:7a:69:04:e4:41:f3:e2:72:7e:f4:18:d1:0b:f1:
1d:42:f4:8a:cf:4a:a7:c5:e4:1c:ce:e6:36:66:dd:
c4:08:b6:5d:3e:50:a2:c8:6d:08:70:60:90:fe:f3:
d2:79:04:d3:a3:3f:83:63:6a:b4:4e:6b:e8:38:c3:
8b:60:7b:ff:5d:11:23:e6:92:7d:90:17:54:4c:d8:
bd:00:e8:0a:c4:35:be:35:3c:4a:f3:d1:0d:0b:0d:
f3:b3:75:01:d3:29:38:33:da:e8:b7:61:b3:eb:c5:
50:c9:1c:72:03:b3:3f:3c:3e:13:7d:0f:12:42:de:
3b:98:50:94:43:8c:74:1b:2b:05:f8:e0:42:da:fb:
dd:1d:40:b3:a6:0c:ff:90:7d:4b:a6:10:c2:33:a0:
8d:28:ce:e5:cc:25:22:b6:a6:1b:0f:b5:fb:60:89:
06:14:01:c2:2c:22:db:45:c7:2b:b5:12:72:8d:49:
36:9c:87:8d:a6:db:c6:34:0c:9c:bd:cd:83:33:66:
7a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:45:64:88:A8:C8:D4:CA:93:50:2C:71:15:9F:35:2C:61:25:7F:F1
X509v3 Authority Key Identifier:
keyid:92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/OkVkiKjI1MqTUCxxFZ81LGElf_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.107.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:06:f1:93:86:f9:f1:60:2c:9c:5f:cb:e7:d8:08:c3:39:db:
e7:f4:72:ac:35:e9:c0:75:f2:61:aa:ae:a7:cb:a2:8e:d9:e1:
7e:2c:8c:28:12:2f:53:07:0c:32:5a:4a:20:66:96:1e:2e:18:
71:25:44:83:c1:21:35:7c:13:65:44:f4:a7:ac:24:88:41:40:
c7:e5:8a:79:94:ca:8b:0a:60:a4:86:e3:89:50:0e:fd:ce:b1:
46:89:9a:2f:5a:26:7c:f1:34:f5:66:a1:f5:0f:bc:90:d6:c6:
4c:92:74:13:b0:19:b0:f9:ce:c8:44:17:8e:78:ef:be:98:78:
b9:81:6a:d9:a8:00:cc:f8:20:78:d9:8c:1b:5e:6d:da:2f:7d:
0f:6f:9d:91:3a:98:cb:37:fe:37:35:bb:eb:56:f7:d8:18:27:
65:9c:73:54:c8:27:dd:d8:74:eb:f4:60:ba:d7:65:8a:7b:b0:
74:f7:83:4f:8d:45:b7:0f:9b:71:f3:fe:f6:68:26:ce:e2:9f:
86:b6:55:61:a6:b0:b7:10:f0:75:fd:aa:33:b6:2f:40:43:79:
7d:e6:f2:0d:41:fb:5c:bf:5f:4c:62:3e:ca:7b:9a:1c:97:b1:
08:93:8c:08:99:06:17:ea:21:27:c0:f2:74:75:81:d4:13:3b:
74:ca:5d:e6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQfcwijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmY0YjFjMGJmYmFkNDZiODExZWVlNTY4YTE4ZmJhYTE0YTlkNjg3MB4XDTIyMDEw
MTE2MDUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E0NTY0ODhhOGM4
ZDRjYTkzNTAyYzcxMTU5ZjM1MmM2MTI1N2ZmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANm7gcp22h1h3MBI+8VB08CQb18objOuA3J/4abxo1LmuNNQ
11bwgTarItatBbqQuNh6pugxuhnmJGdC/HppBORB8+JyfvQY0QvxHUL0is9Kp8Xk
HM7mNmbdxAi2XT5QoshtCHBgkP7z0nkE06M/g2NqtE5r6DjDi2B7/10RI+aSfZAX
VEzYvQDoCsQ1vjU8SvPRDQsN87N1AdMpODPa6Ldhs+vFUMkccgOzPzw+E30PEkLe
O5hQlEOMdBsrBfjgQtr73R1As6YM/5B9S6YQwjOgjSjO5cwlIramGw+1+2CJBhQB
wiwi20XHK7USco1JNpyHjabbxjQMnL3NgzNmeoUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ6RWSIqMjUypNQLHEVnzUsYSV/8TAfBgNVHSMEGDAWgBSS9LHAv7rUa4Ee
7laKGPuqFKnWhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t2U3h3TC02MUd1Qkh1NVdpaGo3cWhTcDFvYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvNGY4NTE0LTJlMjAtNDkzNS05OTVjLWEwODRmNzZjOGUyYi8x
L09rVmtpS2pJMU1xVFVDeHhGWjgxTEdFbGZfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
NGY4NTE0LTJlMjAtNDkzNS05OTVjLWEwODRmNzZjOGUyYi8xL2t2U3h3TC02MUd1
Qkh1NVdpaGo3cWhTcDFvYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtlrwDANBgkqhkiG9w0BAQsFAAOC
AQEApgbxk4b58WAsnF/L59gIwznb5/RyrDXpwHXyYaqup8uijtnhfiyMKBIvUwcM
MlpKIGaWHi4YcSVEg8EhNXwTZUT0p6wkiEFAx+WKeZTKiwpgpIbjiVAO/c6xRoma
L1omfPE09Wah9Q+8kNbGTJJ0E7AZsPnOyEQXjnjvvph4uYFq2agAzPggeNmMG15t
2i99D2+dkTqYyzf+NzW761b32BgnZZxzVMgn3dh06/RgutdlinuwdPeDT41Ftw+b
cfP+9mgmzuKfhrZVYaawtxDwdf2qM7YvQEN5febyDUH7XL9fTGI+ynuaHJexCJOM
CJkGF+ohJ8DydHWB1BM7dMpd5g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:44 2025 by rpki-client