Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/1-xuZgP2vZ-KsP2zYzOB45lOd0lA.roa
File: 1-xuZgP2vZ-KsP2zYzOB45lOd0lA.roa (raw, json)
Hash identifier: md+sgivC51DKpEjGlaHm2GeFGM+9R8SXPvDNZ8aaIUc=
Subject key identifier: FB:1B:99:80:FD:AF:67:E2:AC:3F:6C:D8:CC:E0:78:E6:53:9D:D2:50
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018572BA7FD7373E8198D0C1F46099CE0C62
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/1-xuZgP2vZ-KsP2zYzOB45lOd0lA.roa
Signing time: Mon 02 Jan 2023 13:45:02 +0000
ROA not before: Mon 02 Jan 2023 13:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57355
IP address blocks: 217.17.37.0/24 maxlen: 24
2001:1a68:30::/52 maxlen: 52
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:7f:d7:37:3e:81:98:d0:c1:f4:60:99:ce:0c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 13:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb1b9980fdaf67e2ac3f6cd8cce078e6539dd250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:42:0e:da:37:79:2d:03:ff:fb:a6:d2:16:f1:
d8:76:f2:3f:00:fe:fd:f9:19:75:ca:14:44:f2:47:
d1:69:b0:a8:a8:72:4c:82:e1:88:6b:55:59:14:5f:
df:ad:4f:f9:49:f0:62:4a:19:7c:c9:94:42:bb:43:
f7:2a:96:c2:66:7a:32:c7:09:40:83:f7:f3:e7:81:
41:db:2e:67:73:2c:f8:0c:49:3d:e4:96:dc:62:43:
0b:30:09:f1:3c:93:e2:91:05:05:e3:57:9e:b6:26:
14:df:c8:25:91:00:69:ad:76:b4:c0:63:3f:d3:14:
36:16:76:b8:13:35:01:46:d8:55:7a:24:1b:25:7e:
b6:ec:96:d5:73:36:f5:5e:b3:ca:4f:60:05:c7:9f:
bc:bc:3d:b5:43:4a:5c:15:e2:f1:56:c9:4f:af:b3:
8a:5a:76:29:77:c0:15:c7:10:82:5a:e9:1c:30:40:
71:9b:4f:46:3f:a6:1f:f3:ab:1c:d3:1a:42:d2:61:
27:73:c7:61:94:d5:ca:57:88:fb:0f:dc:87:1a:f8:
44:af:af:ac:46:18:b1:9c:d4:c9:e7:14:46:0b:0c:
cc:82:b8:58:23:9f:e6:35:19:ac:c3:9e:5a:40:6d:
8f:c4:20:5d:a6:39:a2:a8:59:fc:2a:9c:c3:c5:1f:
7f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1B:99:80:FD:AF:67:E2:AC:3F:6C:D8:CC:E0:78:E6:53:9D:D2:50
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/1-xuZgP2vZ-KsP2zYzOB45lOd0lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.17.37.0/24
IPv6:
2001:1a68:30::/52
Signature Algorithm: sha256WithRSAEncryption
6a:cc:ff:e1:c1:a6:2c:81:0f:fa:79:2f:e6:72:fb:c9:fc:6a:
8f:8f:3c:18:22:43:7c:ee:ba:68:0e:46:95:37:2d:db:6c:e4:
e6:8c:27:da:d1:61:d8:9a:eb:19:57:cb:92:de:aa:13:4c:78:
7a:99:1e:7b:c2:a1:09:16:0d:01:0f:b6:59:83:0b:a6:a7:81:
cb:45:56:a1:81:29:5a:77:eb:57:b9:c4:e8:1c:72:19:9f:c9:
23:02:09:41:02:8b:cf:6f:44:c9:48:61:1b:2e:8b:97:50:a4:
3f:eb:49:99:fd:1d:54:ba:95:f6:8f:f7:09:71:49:4b:b4:a3:
a4:a4:34:42:8d:fa:07:30:5a:5f:3a:ee:db:eb:37:17:93:40:
38:38:09:96:b0:97:e4:a0:d5:78:5e:40:3d:59:3e:98:dd:8c:
14:1f:9f:c3:c6:28:10:62:56:c5:ee:d2:1f:70:23:d1:43:72:
dd:eb:0a:58:23:9d:ca:9f:d3:22:2d:e7:a9:42:0f:11:0b:43:
07:e8:bd:46:4e:55:68:7e:c1:5e:f2:fb:16:93:c5:b5:50:f7:
55:a0:a5:40:a1:08:7e:c8:fd:27:1c:25:1e:e5:21:3e:bf:11:
6c:2c:64:58:89:a7:f9:6e:d0:90:ae:5c:ac:b7:cc:97:d2:69:
0b:cc:4e:21
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYVyun/XNz6BmNDB9GCZzgxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjFiOTk4MGZkYWY2N2UyYWMzZjZjZDhjY2UwNzhlNjUzOWRkMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUIO2jd5LQP/+6bSFvHYdvI/AP79
+Rl1yhRE8kfRabCoqHJMguGIa1VZFF/frU/5SfBiShl8yZRCu0P3KpbCZnoyxwlA
g/fz54FB2y5ncyz4DEk95JbcYkMLMAnxPJPikQUF41eetiYU38glkQBprXa0wGM/
0xQ2Fna4EzUBRthVeiQbJX627JbVczb1XrPKT2AFx5+8vD21Q0pcFeLxVslPr7OK
WnYpd8AVxxCCWukcMEBxm09GP6Yf86sc0xpC0mEnc8dhlNXKV4j7D9yHGvhEr6+s
RhixnNTJ5xRGCwzMgrhYI5/mNRmsw55aQG2PxCBdpjmiqFn8KpzDxR9/ZQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPsbmYD9r2firD9s2MzgeOZTndJQMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvMS14dVpnUDJ2Wi1Lc1Ayell6T0I0NWxPZDBsQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTgvZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2
YS8xL2FNVVFfSnVHWFpianI4ZkZZRmJ2clpvekRGcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwDAQCAAEwBgMEANkRJTAQ
BAIAAjAKAwgEIAEaaAAwADANBgkqhkiG9w0BAQsFAAOCAQEAasz/4cGmLIEP+nkv
5nL7yfxqj488GCJDfO66aA5GlTct22zk5own2tFh2JrrGVfLkt6qE0x4epkee8Kh
CRYNAQ+2WYMLpqeBy0VWoYEpWnfrV7nE6BxyGZ/JIwIJQQKLz29EyUhhGy6Ll1Ck
P+tJmf0dVLqV9o/3CXFJS7SjpKQ0Qo36BzBaXzru2+s3F5NAODgJlrCX5KDVeF5A
PVk+mN2MFB+fw8YoEGJWxe7SH3Aj0UNy3esKWCOdyp/TIi3nqUIPEQtDB+i9Rk5V
aH7BXvL7FpPFtVD3VaClQKEIfsj9JxwlHuUhPr8RbCxkWImn+W7QkK5crLfMl9Jp
C8xOIQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:02 2025 by rpki-client