Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/AqCPml6tWmVi520Mb1u75owfHQY.roa
File: AqCPml6tWmVi520Mb1u75owfHQY.roa (raw, json)
Hash identifier: VtTqZbjqoSTJrdaujfXOP3tUDb9pa5gemGIzLi7jNqo=
Subject key identifier: 02:A0:8F:9A:5E:AD:5A:65:62:E7:6D:0C:6F:5B:BB:E6:8C:1F:1D:06
Certificate issuer: /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Certificate serial: F6B44D
Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/AqCPml6tWmVi520Mb1u75owfHQY.roa
Signing time: Fri 27 May 2022 12:47:13 +0000
ROA not before: Fri 27 May 2022 12:47:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 217.117.65.0/24 maxlen: 24
217.117.71.0/24 maxlen: 24
217.117.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16168013 (0xf6b44d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Validity
Not Before: May 27 12:47:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02a08f9a5ead5a6562e76d0c6f5bbbe68c1f1d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cd:06:82:0f:06:4e:6e:4c:15:31:25:bd:05:
6b:9e:a5:f0:d0:0e:b1:92:22:9c:4f:b5:fb:a3:8d:
2c:9f:95:39:74:6e:42:56:ea:2f:e6:c8:c0:55:62:
66:01:bf:2f:4d:03:c5:89:12:22:05:9c:35:dc:a3:
e4:24:20:95:c2:03:7d:85:03:9f:51:59:1a:14:ae:
e7:8d:f5:4a:04:08:cd:57:16:97:fd:46:33:b9:71:
3e:01:00:92:27:a2:88:74:bf:a0:a1:e9:53:d9:00:
e9:bc:ac:9e:57:4f:d0:2d:56:34:0b:9f:c6:0c:55:
b0:9d:d9:49:ca:63:ec:a3:aa:9a:03:45:06:49:42:
3b:d2:54:c1:4d:de:d9:39:ce:38:7d:59:f9:e5:9c:
13:35:e2:68:b0:a4:06:dd:fb:c5:42:56:1d:94:c5:
32:45:db:b5:c2:b2:0a:c8:a1:d2:8b:69:2e:a0:69:
f5:dd:b0:88:d3:3d:9c:30:58:5f:ed:df:1a:d8:33:
23:a4:69:ca:84:dc:bf:c1:29:b4:8e:ce:7a:55:19:
6d:41:7f:30:77:7f:9d:f9:1f:d6:f3:b2:88:b1:9d:
28:4f:0f:0a:fa:f1:60:d9:4f:3f:37:03:3b:f2:9f:
f2:26:e1:ae:2c:f5:5c:0b:f6:ee:a2:f9:3c:a7:7e:
70:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A0:8F:9A:5E:AD:5A:65:62:E7:6D:0C:6F:5B:BB:E6:8C:1F:1D:06
X509v3 Authority Key Identifier:
keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/AqCPml6tWmVi520Mb1u75owfHQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.117.65.0/24
217.117.71.0/24
217.117.76.0/24
Signature Algorithm: sha256WithRSAEncryption
21:65:b6:a1:59:ba:19:b3:06:6b:dd:9c:f9:92:11:c3:37:07:
06:42:08:1e:df:a6:d2:f0:7d:6a:16:99:0f:22:b1:3b:95:12:
54:0d:bc:9f:84:ad:52:c8:f6:18:30:d6:4a:09:44:7a:cc:bc:
b9:41:9e:d4:40:56:ff:c7:c9:4c:c5:6d:d2:e2:25:8c:ad:db:
3a:e2:a5:a0:60:3e:8d:6b:e7:6a:49:22:f0:fd:fc:48:b6:22:
d9:79:9f:1b:84:0f:2f:b9:60:6d:5b:8e:d9:27:85:04:30:87:
fd:bd:00:73:e5:9e:1a:cf:e4:23:e9:e9:8f:d5:27:13:97:23:
eb:42:5c:76:3c:3f:66:43:9a:44:28:6d:86:93:10:59:fc:18:
c7:9f:2d:90:5b:e0:4c:30:29:67:78:2c:d5:fb:e8:ee:86:dc:
a8:30:71:26:70:d8:b7:a3:ea:8c:5e:36:97:31:e5:df:bf:6d:
de:74:2f:dc:db:46:88:cb:1c:b9:61:c5:85:e0:0b:dc:0b:76:
70:58:be:c0:7a:80:0e:d5:84:d7:0c:6c:c7:f1:b9:58:4d:32:
ce:97:f4:61:5a:5e:ff:0c:3e:3d:cf:1f:c2:50:e4:d0:86:8f:
59:f2:26:3a:8b:51:c3:ba:67:51:62:39:3c:5e:cc:86:51:51:
34:66:da:eb
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAPa0TTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWNlMjEwOTBlZTRkNzg2Nzc0MTM0MjNkY2IyZmUwMWE2ZTFjNjIyMB4XDTIyMDUy
NzEyNDcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJhMDhmOWE1ZWFk
NWE2NTYyZTc2ZDBjNmY1YmJiZTY4YzFmMWQwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDNBoIPBk5uTBUxJb0Fa56l8NAOsZIinE+1+6ONLJ+VOXRu
QlbqL+bIwFViZgG/L00DxYkSIgWcNdyj5CQglcIDfYUDn1FZGhSu5431SgQIzVcW
l/1GM7lxPgEAkieiiHS/oKHpU9kA6bysnldP0C1WNAufxgxVsJ3ZScpj7KOqmgNF
BklCO9JUwU3e2TnOOH1Z+eWcEzXiaLCkBt37xUJWHZTFMkXbtcKyCsih0otpLqBp
9d2wiNM9nDBYX+3fGtgzI6RpyoTcv8EptI7OelUZbUF/MHd/nfkf1vOyiLGdKE8P
CvrxYNlPPzcDO/Kf8ibhriz1XAv27qL5PKd+cEcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQCoI+aXq1aZWLnbQxvW7vmjB8dBjAfBgNVHSMEGDAWgBQqziEJDuTXhndB
NCPcsv4BpuHGIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzNGhDUTdrMTRaM1FUUWozTEwtQWFiaHhpSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvMjkxNWYxLTg3YmEtNGMxOC1hYWY5LTU5MGE5ODEzZGRkZi8x
L0FxQ1BtbDZ0V21WaTUyME1iMXU3NW93ZkhRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
MjkxNWYxLTg3YmEtNGMxOC1hYWY5LTU5MGE5ODEzZGRkZi8xL0tzNGhDUTdrMTRa
M1FUUWozTEwtQWFiaHhpSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEANl1QQMEANl1RwMEANl1TDANBgkq
hkiG9w0BAQsFAAOCAQEAIWW2oVm6GbMGa92c+ZIRwzcHBkIIHt+m0vB9ahaZDyKx
O5USVA28n4StUsj2GDDWSglEesy8uUGe1EBW/8fJTMVt0uIljK3bOuKloGA+jWvn
akki8P38SLYi2XmfG4QPL7lgbVuO2SeFBDCH/b0Ac+WeGs/kI+npj9UnE5cj60Jc
djw/ZkOaRChthpMQWfwYx58tkFvgTDApZ3gs1fvo7obcqDBxJnDYt6PqjF42lzHl
379t3nQv3NtGiMscuWHFheAL3At2cFi+wHqADtWE1wxsx/G5WE0yzpf0YVpe/ww+
Pc8fwlDk0IaPWfImOotRw7pnUWI5PF7MhlFRNGba6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org