Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/aNrXhtcqaYQH9GAze6YGv9MJK_A.roa
File: aNrXhtcqaYQH9GAze6YGv9MJK_A.roa (raw, json)
Hash identifier: bvrZ+PpfeDR3jtm6Q9bXcdCtEUk9rzXtGuYGpv+J39A=
Subject key identifier: 68:DA:D7:86:D7:2A:69:84:07:F4:60:33:7B:A6:06:BF:D3:09:2B:F0
Certificate issuer: /CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Certificate serial: 01856C9CD48D862B44CE937675175A0F4708
Authority key identifier: 92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/aNrXhtcqaYQH9GAze6YGv9MJK_A.roa
Signing time: Sun 01 Jan 2023 09:14:55 +0000
ROA not before: Sun 01 Jan 2023 09:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201270
IP address blocks: 217.107.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:d4:8d:86:2b:44:ce:93:76:75:17:5a:0f:47:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Validity
Not Before: Jan 1 09:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68dad786d72a698407f460337ba606bfd3092bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:fc:f2:fa:db:e6:96:43:fe:3c:5b:17:84:fc:
f4:aa:e7:8a:3d:d6:74:71:17:62:93:72:d2:fa:b0:
d9:a7:83:d8:83:66:92:8b:d7:50:9a:52:1e:7a:14:
81:f8:81:ab:35:7b:d9:ce:9c:fa:b3:2f:ee:11:87:
3e:80:77:f9:a3:5b:cc:a8:67:97:74:31:cb:b8:9f:
1d:fa:b9:8d:07:cd:5b:9f:0c:ba:4e:50:d8:4d:28:
90:38:70:bc:d1:86:a9:92:fd:f1:89:80:ae:a7:fd:
66:c4:56:8e:b2:c9:36:82:93:76:fe:3a:08:0b:9d:
06:c9:99:ea:bc:06:f6:fc:8e:d0:71:e6:aa:d4:b2:
4b:e3:3e:17:bf:f7:bf:e5:b3:2f:46:f9:2b:13:0b:
e5:6c:8e:7c:a6:06:82:61:bc:28:9e:c1:ba:4e:99:
db:44:1e:cd:82:19:e5:cd:7c:13:49:e2:40:4f:b9:
21:1e:f5:64:61:e5:a7:3b:a5:2e:51:7e:29:c3:77:
7e:7b:7c:c6:34:23:8c:2a:84:a1:91:62:db:c8:95:
a1:30:2b:f9:ac:86:61:10:9f:0e:fd:15:7d:25:f5:
6c:cd:a6:91:12:59:0e:13:18:c7:cd:75:c3:e2:ad:
c1:0f:3b:0d:bc:a6:86:cd:21:30:d4:e2:90:b8:e3:
be:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DA:D7:86:D7:2A:69:84:07:F4:60:33:7B:A6:06:BF:D3:09:2B:F0
X509v3 Authority Key Identifier:
keyid:92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/aNrXhtcqaYQH9GAze6YGv9MJK_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.107.192.0/22
Signature Algorithm: sha256WithRSAEncryption
90:b9:1e:4c:a9:4a:3f:a7:6d:cc:87:c4:3a:19:90:56:8d:42:
27:4b:2c:8a:da:e2:99:f2:55:d2:85:43:45:22:75:07:6b:14:
e9:a7:f1:18:46:23:cf:35:07:cd:44:aa:9e:19:c0:ee:d1:d0:
53:6b:71:7b:bd:41:27:00:c5:39:96:10:15:2a:32:7f:86:01:
c0:16:3e:d9:f9:d9:c1:c4:e8:63:3d:41:70:77:9d:96:13:c4:
fa:af:8e:43:f8:d9:8b:6b:44:8f:fd:80:04:c6:b4:db:8c:3c:
cd:97:3f:93:c3:47:1d:f4:32:b3:c9:04:54:6b:a2:ad:74:2e:
89:94:68:be:7a:8c:d9:f1:f7:d1:1d:fb:a0:81:5a:ac:0a:66:
df:70:8f:7b:29:9d:a4:35:4e:b1:0f:4a:d9:a1:5b:9a:de:c0:
24:70:50:5b:36:4f:f3:aa:4f:8a:56:62:05:bc:6a:2d:e4:1d:
60:4c:dc:8a:6d:45:c0:a0:5c:b0:20:9b:0e:f8:a6:ed:69:ee:
d6:cc:4b:c4:53:78:61:56:a9:63:2f:7c:af:bf:74:e5:ac:d5:
d9:12:79:20:5b:6a:70:a5:46:ec:77:ec:25:9f:da:39:2c:db:
00:3e:22:d7:ad:3c:e7:c4:3a:71:a8:22:2e:4a:c0:1b:5f:21:
22:56:9b:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnNSNhitEzpN2dRdaD0cIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZjRiMWMwYmZiYWQ0NmI4MTFlZWU1NjhhMThmYmFhMTRh
OWQ2ODcwHhcNMjMwMTAxMDkxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGRhZDc4NmQ3MmE2OTg0MDdmNDYwMzM3YmE2MDZiZmQzMDkyYmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Pzy+tvmlkP+PFsXhPz0queKPdZ0
cRdik3LS+rDZp4PYg2aSi9dQmlIeehSB+IGrNXvZzpz6sy/uEYc+gHf5o1vMqGeX
dDHLuJ8d+rmNB81bnwy6TlDYTSiQOHC80Yapkv3xiYCup/1mxFaOssk2gpN2/joI
C50GyZnqvAb2/I7Qceaq1LJL4z4Xv/e/5bMvRvkrEwvlbI58pgaCYbwonsG6Tpnb
RB7NghnlzXwTSeJAT7khHvVkYeWnO6UuUX4pw3d+e3zGNCOMKoShkWLbyJWhMCv5
rIZhEJ8O/RV9JfVszaaRElkOExjHzXXD4q3BDzsNvKaGzSEw1OKQuOO+xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGja14bXKmmEB/RgM3umBr/TCSvwMB8GA1UdIwQY
MBaAFJL0scC/utRrgR7uVooY+6oUqdaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMt
YTA4NGY3NmM4ZTJiLzEvYU5yWGh0Y3FhWVFIOUdBemU2WUd2OU1KS19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMtYTA4NGY3NmM4ZTJi
LzEva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2WvAMA0G
CSqGSIb3DQEBCwUAA4IBAQCQuR5MqUo/p23Mh8Q6GZBWjUInSyyK2uKZ8lXShUNF
InUHaxTpp/EYRiPPNQfNRKqeGcDu0dBTa3F7vUEnAMU5lhAVKjJ/hgHAFj7Z+dnB
xOhjPUFwd52WE8T6r45D+NmLa0SP/YAExrTbjDzNlz+Tw0cd9DKzyQRUa6KtdC6J
lGi+eozZ8ffRHfuggVqsCmbfcI97KZ2kNU6xD0rZoVua3sAkcFBbNk/zqk+KVmIF
vGot5B1gTNyKbUXAoFywIJsO+Kbtae7WzEvEU3hhVqljL3yvv3TlrNXZEnkgW2pw
pUbsd+wln9o5LNsAPiLXrTznxDpxqCIuSsAbXyEiVpuE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:05 2025 by rpki-client