Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/1Ctl0fga3QirQ6dByVRsohajCjQ.roa
File: 1Ctl0fga3QirQ6dByVRsohajCjQ.roa (raw, json)
Hash identifier: fcOhI/FMuAsNvJxfg/8AN3DmKPE8KRuVPFANC7Q7t6w=
Subject key identifier: D4:2B:65:D1:F8:1A:DD:08:AB:43:A7:41:C9:54:6C:A2:16:A3:0A:34
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 2CA64A3F
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/1Ctl0fga3QirQ6dByVRsohajCjQ.roa
Signing time: Sat 01 Jan 2022 04:59:37 +0000
ROA not before: Sat 01 Jan 2022 04:59:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43253
IP address blocks: 217.17.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 749095487 (0x2ca64a3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 1 04:59:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d42b65d1f81add08ab43a741c9546ca216a30a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:06:5a:92:18:33:6e:24:cc:5d:dd:aa:fb:c4:
99:b5:e5:22:8c:76:6a:63:4d:cc:1e:ba:09:d3:2f:
90:76:d4:27:35:75:75:d6:c1:cf:00:2f:98:ff:79:
46:c6:b5:e6:57:54:01:30:c0:5c:b5:59:e5:e7:d5:
09:c0:44:4f:89:0a:bd:a0:5b:f0:18:23:05:f2:8d:
e6:91:e0:30:8e:37:ef:eb:17:c7:7d:33:79:37:5f:
9a:15:0a:da:d9:bb:e5:7f:ec:3c:68:de:2a:e6:f5:
ba:f9:9e:0a:1a:b3:f2:60:40:25:00:e9:c1:fa:6c:
7d:79:d6:72:47:fa:07:66:cc:b2:4b:44:8a:9f:b3:
ca:d2:3f:d9:9b:25:f1:8f:8d:00:e5:13:0d:5f:3e:
f5:82:17:2c:06:85:76:ba:b2:0d:a4:f0:a6:31:24:
08:bb:14:42:ec:5d:62:cb:f3:22:ae:6a:a6:c3:1f:
53:de:80:ba:49:a0:cc:4b:8e:36:f7:7e:f4:0c:19:
3a:6c:bd:94:c2:4e:4f:77:9f:d2:9a:fa:0c:e4:d4:
74:45:04:e9:ef:39:5a:a2:eb:0f:b8:ef:85:8f:ef:
33:f0:4a:1d:73:f3:fd:90:01:8e:1e:5a:27:11:f6:
ab:b6:80:ef:02:b9:d5:5c:eb:48:47:c8:fd:98:a8:
65:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2B:65:D1:F8:1A:DD:08:AB:43:A7:41:C9:54:6C:A2:16:A3:0A:34
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/1Ctl0fga3QirQ6dByVRsohajCjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.17.38.0/24
Signature Algorithm: sha256WithRSAEncryption
20:31:9d:0f:eb:c4:58:bc:05:c5:87:d3:6c:c0:9b:aa:41:2a:
33:25:ec:aa:a3:b5:b0:23:6b:6c:2e:36:21:c4:d8:e0:b1:56:
ff:ee:79:80:88:db:67:57:85:bf:c8:e6:c5:27:de:99:16:71:
d8:eb:3a:a8:2d:f0:e4:f7:c0:55:ec:16:75:40:14:c7:29:64:
72:68:d7:e3:b4:50:f8:5e:f6:c2:09:c3:8d:ec:73:76:87:38:
dc:65:03:8c:96:e3:80:94:48:a2:61:06:fc:d4:83:41:ac:1f:
c3:de:5c:67:bc:69:37:ca:a3:f4:1c:93:e8:b4:9a:67:83:c3:
5a:65:55:96:71:79:3e:27:6a:1b:aa:a9:79:81:49:fa:20:e0:
a5:79:43:bc:a3:4a:e5:bc:c0:35:02:d5:b9:6b:f9:ed:d2:45:
27:88:cd:e1:47:0c:a3:22:1d:a9:89:a9:69:17:a3:d5:aa:27:
0c:f2:d2:6a:a2:dc:02:13:1f:ec:7e:2c:80:28:ce:25:c0:bd:
58:2d:52:bb:f7:ae:a7:ba:f1:39:4a:bf:cf:2d:f6:49:fb:39:
6e:01:df:de:ef:48:23:4c:ed:63:f5:4f:20:ad:36:bf:69:3f:
81:cf:83:c0:45:eb:bd:8d:f7:71:82:ee:1d:1c:c5:b8:01:17:
0b:cf:71:e0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIELKZKPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGM1MTBmYzliODY1ZDk2ZTNhZmM3YzU2MDU2ZWZhZDlhMzMwYzViMB4XDTIyMDEw
MTA0NTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDQyYjY1ZDFmODFh
ZGQwOGFiNDNhNzQxYzk1NDZjYTIxNmEzMGEzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsGWpIYM24kzF3dqvvEmbXlIox2amNNzB66CdMvkHbUJzV1
ddbBzwAvmP95Rsa15ldUATDAXLVZ5efVCcBET4kKvaBb8BgjBfKN5pHgMI437+sX
x30zeTdfmhUK2tm75X/sPGjeKub1uvmeChqz8mBAJQDpwfpsfXnWckf6B2bMsktE
ip+zytI/2Zsl8Y+NAOUTDV8+9YIXLAaFdrqyDaTwpjEkCLsUQuxdYsvzIq5qpsMf
U96AukmgzEuONvd+9AwZOmy9lMJOT3ef0pr6DOTUdEUE6e85WqLrD7jvhY/vM/BK
HXPz/ZABjh5aJxH2q7aA7wK51VzrSEfI/ZioZW0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTUK2XR+BrdCKtDp0HJVGyiFqMKNDAfBgNVHSMEGDAWgBRoxRD8m4ZdluOv
x8VgVu+tmjMMWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FNVVFfSnVHWFpianI4ZkZZRmJ2clpvekRGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8x
LzFDdGwwZmdhM1FpclE2ZEJ5VlJzb2hhakNqUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8xL2FNVVFfSnVHWFpi
anI4ZkZZRmJ2clpvekRGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkRJjANBgkqhkiG9w0BAQsFAAOC
AQEAIDGdD+vEWLwFxYfTbMCbqkEqMyXsqqO1sCNrbC42IcTY4LFW/+55gIjbZ1eF
v8jmxSfemRZx2Os6qC3w5PfAVewWdUAUxylkcmjX47RQ+F72wgnDjexzdoc43GUD
jJbjgJRIomEG/NSDQawfw95cZ7xpN8qj9ByT6LSaZ4PDWmVVlnF5PidqG6qpeYFJ
+iDgpXlDvKNK5bzANQLVuWv57dJFJ4jN4UcMoyIdqYmpaRej1aonDPLSaqLcAhMf
7H4sgCjOJcC9WC1Su/eup7rxOUq/zy32Sfs5bgHf3u9II0ztY/VPIK02v2k/gc+D
wEXrvY33cYLuHRzFuAEXC89x4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:57 2024 by rpki-client on console-fra.rpki-client.org