Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/L_XWkVUj3-mcohSBEQ1kxW2NY2s.roa
File: L_XWkVUj3-mcohSBEQ1kxW2NY2s.roa (raw, json)
Hash identifier: J1nT30whhZwgtNkcdfIyvq324bAQLmNL1HYcVk+7GNw=
Subject key identifier: 2F:F5:D6:91:55:23:DF:E9:9C:A2:14:81:11:0D:64:C5:6D:8D:63:6B
Certificate issuer: /CN=66dfb43158d9ddb2f5b9f2923753bed3fb1173ca
Certificate serial: 01856C6F0D8551BC268A3F4DB0E31920D7F4
Authority key identifier: 66:DF:B4:31:58:D9:DD:B2:F5:B9:F2:92:37:53:BE:D3:FB:11:73:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt-0MVjZ3bL1ufKSN1O-0_sRc8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/L_XWkVUj3-mcohSBEQ1kxW2NY2s.roa
Signing time: Sun 01 Jan 2023 08:24:55 +0000
ROA not before: Sun 01 Jan 2023 08:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15721
IP address blocks: 217.21.160.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:0d:85:51:bc:26:8a:3f:4d:b0:e3:19:20:d7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66dfb43158d9ddb2f5b9f2923753bed3fb1173ca
Validity
Not Before: Jan 1 08:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ff5d6915523dfe99ca21481110d64c56d8d636b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ed:67:c2:df:e0:d4:8e:45:5e:10:fe:09:df:
82:42:90:a7:e8:24:23:d0:09:00:a0:32:1c:3f:7c:
d7:ad:fd:e7:b5:7e:74:bd:b4:d1:01:95:31:68:ff:
65:34:45:c3:67:61:74:ac:f1:72:45:d4:22:45:8b:
55:77:6f:d8:07:ba:3e:8c:d2:6d:7c:c0:19:98:05:
2f:89:a9:54:f3:a6:83:2f:3a:b5:16:e3:52:4d:bf:
aa:41:54:b1:92:7c:07:ef:90:42:10:9a:92:db:5e:
1c:4b:80:0b:95:26:07:5c:b2:5f:9d:2d:20:ba:d5:
96:bc:78:20:22:de:3a:d7:3d:6d:75:69:db:28:2b:
ea:86:ec:3a:de:9c:d9:6f:46:08:22:73:68:5e:e0:
91:35:94:66:e8:fa:3d:9c:7b:04:41:dc:22:f7:e1:
d1:92:4b:c8:5d:7a:84:02:37:92:da:fb:e3:1b:2b:
b6:e2:64:50:09:ad:b2:f9:cf:07:c0:80:b6:db:fe:
d4:58:d4:28:4c:7e:0b:65:dd:6a:42:e4:c1:db:fd:
d4:16:eb:c8:37:16:ad:4d:6c:4b:89:71:d5:a8:f7:
36:df:c3:6b:02:83:9b:7d:95:90:0e:26:29:02:1a:
8d:7f:f9:ae:64:1b:d2:33:99:08:98:af:af:b5:15:
d3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F5:D6:91:55:23:DF:E9:9C:A2:14:81:11:0D:64:C5:6D:8D:63:6B
X509v3 Authority Key Identifier:
keyid:66:DF:B4:31:58:D9:DD:B2:F5:B9:F2:92:37:53:BE:D3:FB:11:73:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt-0MVjZ3bL1ufKSN1O-0_sRc8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/L_XWkVUj3-mcohSBEQ1kxW2NY2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/aef530-0c91-4c28-85ae-27cb1b026113/1/Zt-0MVjZ3bL1ufKSN1O-0_sRc8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.21.160.0/20
Signature Algorithm: sha256WithRSAEncryption
3a:e8:48:e9:2a:f9:78:38:b8:6b:3f:4a:26:b9:10:8a:bd:2e:
e2:8a:79:46:16:13:14:d2:c7:a2:c4:71:45:af:54:88:2c:2b:
00:21:45:4f:12:46:fc:39:9c:a0:a1:12:2b:79:cd:ed:ba:22:
e1:47:ee:0f:ab:c8:29:32:30:25:1a:f7:4e:60:96:76:d2:ca:
b8:33:d0:f3:07:42:56:24:40:56:ca:b7:50:84:90:a2:40:4b:
79:cb:e7:df:36:82:e0:44:da:6d:50:61:f8:5e:33:22:24:63:
d4:28:d3:5b:fd:f6:05:6a:ea:d4:30:d4:bd:d4:b0:83:ae:a8:
5e:c3:fc:85:dd:24:a5:57:d5:17:d1:87:36:34:39:4c:a0:92:
10:99:30:95:ed:d5:76:df:b3:8a:f3:d9:db:55:83:a5:71:02:
03:84:df:0a:e8:bf:3f:f9:a5:a3:44:09:62:19:c3:26:85:24:
0f:de:e9:60:1d:fa:9f:b7:aa:93:08:10:ac:72:74:90:a8:0b:
fc:5f:cb:55:d2:98:0d:8c:4f:4e:9a:95:d8:15:f1:f4:e2:4d:
a2:ea:ef:ff:c3:4c:a2:c7:10:96:0d:06:6b:4b:19:d5:ff:1f:
d5:cf:3d:e9:42:f7:4d:b7:fb:67:68:c4:50:13:29:cb:e4:fc:
03:3b:75:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbw2FUbwmij9NsOMZINf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGZiNDMxNThkOWRkYjJmNWI5ZjI5MjM3NTNiZWQzZmIx
MTczY2EwHhcNMjMwMTAxMDgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmY1ZDY5MTU1MjNkZmU5OWNhMjE0ODExMTBkNjRjNTZkOGQ2MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe1nwt/g1I5FXhD+Cd+CQpCn6CQj
0AkAoDIcP3zXrf3ntX50vbTRAZUxaP9lNEXDZ2F0rPFyRdQiRYtVd2/YB7o+jNJt
fMAZmAUvialU86aDLzq1FuNSTb+qQVSxknwH75BCEJqS214cS4ALlSYHXLJfnS0g
utWWvHggIt461z1tdWnbKCvqhuw63pzZb0YIInNoXuCRNZRm6Po9nHsEQdwi9+HR
kkvIXXqEAjeS2vvjGyu24mRQCa2y+c8HwIC22/7UWNQoTH4LZd1qQuTB2/3UFuvI
NxatTWxLiXHVqPc238NrAoObfZWQDiYpAhqNf/muZBvSM5kImK+vtRXTYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/11pFVI9/pnKIUgRENZMVtjWNrMB8GA1UdIwQY
MBaAFGbftDFY2d2y9bnykjdTvtP7EXPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQtME1WalozYkwxdWZLU04xTy0wX3NSYzhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9hZWY1MzAtMGM5MS00YzI4LTg1YWUt
MjdjYjFiMDI2MTEzLzEvTF9YV2tWVWozLW1jb2hTQkVRMWt4VzJOWTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9hZWY1MzAtMGM5MS00YzI4LTg1YWUtMjdjYjFiMDI2MTEz
LzEvWnQtME1WalozYkwxdWZLU04xTy0wX3NSYzhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RWgMA0G
CSqGSIb3DQEBCwUAA4IBAQA66EjpKvl4OLhrP0omuRCKvS7iinlGFhMU0seixHFF
r1SILCsAIUVPEkb8OZygoRIrec3tuiLhR+4Pq8gpMjAlGvdOYJZ20sq4M9DzB0JW
JEBWyrdQhJCiQEt5y+ffNoLgRNptUGH4XjMiJGPUKNNb/fYFaurUMNS91LCDrqhe
w/yF3SSlV9UX0Yc2NDlMoJIQmTCV7dV237OK89nbVYOlcQIDhN8K6L8/+aWjRAli
GcMmhSQP3ulgHfqft6qTCBCscnSQqAv8X8tV0pgNjE9OmpXYFfH04k2i6u//w0yi
xxCWDQZrSxnV/x/Vzz3pQvdNt/tnaMRQEynL5PwDO3VL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:36 2025 by rpki-client