Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/g88biOjnkbPohaktoTsnhWS6NwI.roa
File: g88biOjnkbPohaktoTsnhWS6NwI.roa (raw, json)
Hash identifier: bNl3Ubu6YE11xTPGCxtwV01ZKwv5yuqYI2wVUG42fKw=
Subject key identifier: 83:CF:1B:88:E8:E7:91:B3:E8:85:A9:2D:A1:3B:27:85:64:BA:37:02
Certificate issuer: /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Certificate serial: F4D593
Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/g88biOjnkbPohaktoTsnhWS6NwI.roa
Signing time: Fri 27 May 2022 12:45:15 +0000
ROA not before: Fri 27 May 2022 12:45:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 217.117.65.0/24 maxlen: 24
217.117.71.0/24 maxlen: 24
217.117.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16045459 (0xf4d593)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Validity
Not Before: May 27 12:45:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83cf1b88e8e791b3e885a92da13b278564ba3702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:84:91:20:4b:37:07:6f:6b:e8:73:8f:5c:ec:
5a:29:e4:06:7a:cd:9e:35:5b:2a:eb:0a:3a:26:9e:
64:84:90:aa:f5:31:45:ae:ca:78:0b:45:7a:94:57:
09:9f:8a:4e:d7:a1:66:6b:70:d8:55:25:8c:10:38:
27:2b:c7:05:f6:11:9f:92:fc:c2:b0:ca:05:8f:46:
3c:f0:20:b9:06:fc:21:b7:a8:4a:ea:00:85:8c:f4:
c1:e3:98:4c:88:b5:91:fe:0a:d3:0a:13:01:99:1e:
ff:49:af:cd:37:ba:cc:a8:c2:71:b3:4a:04:85:a1:
08:c1:4f:cb:db:ad:80:f7:4c:aa:9c:a1:a7:83:a7:
7e:18:39:19:f2:15:92:09:cc:fc:49:d3:b5:52:d9:
60:35:f7:03:21:2c:93:91:f5:04:61:09:c3:e5:82:
75:ba:15:52:c5:9f:97:f9:dd:67:fe:55:c9:c8:11:
7b:88:9b:0e:3f:c2:80:8e:26:f0:74:dc:da:04:52:
4b:d9:5e:56:a7:d2:0e:09:05:ac:2a:97:d2:22:c2:
f2:f9:fd:ba:7f:38:63:8e:24:cf:19:95:77:48:fb:
f1:84:e8:1b:ad:ad:24:7e:1b:5b:b5:55:9f:ec:0c:
a2:e0:64:19:aa:92:26:72:fb:f0:7f:cd:75:c4:de:
89:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CF:1B:88:E8:E7:91:B3:E8:85:A9:2D:A1:3B:27:85:64:BA:37:02
X509v3 Authority Key Identifier:
keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/g88biOjnkbPohaktoTsnhWS6NwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.117.65.0/24
217.117.71.0/24
217.117.76.0/24
Signature Algorithm: sha256WithRSAEncryption
59:55:ff:09:8a:4a:86:bf:e8:18:45:7b:b0:ac:93:03:97:ab:
52:bb:2e:8d:fc:f8:14:07:a5:fc:92:b2:32:d4:bd:c0:74:25:
a6:39:90:e4:c1:35:5c:b6:df:5f:e8:92:68:34:66:91:0c:7b:
ff:7d:45:df:b5:f8:74:bb:68:59:64:8f:22:40:2c:85:08:4a:
eb:aa:d7:2f:12:cc:2d:75:80:15:93:30:16:8a:b4:b4:ad:b1:
10:6b:64:86:dd:c9:fb:94:6b:c8:b6:70:3e:1b:cc:4d:c0:1e:
93:3c:ed:95:55:a3:1b:f1:ce:0d:55:ca:25:90:57:83:8a:e9:
d0:d4:7b:15:4f:a2:66:35:26:09:b5:a8:a3:2e:4e:f5:85:d0:
3e:a5:61:66:d9:45:e4:57:f8:18:87:6e:73:64:76:1e:46:be:
2e:f6:f2:e9:96:f4:a4:40:1d:9c:a9:49:78:47:b9:30:b6:25:
de:10:1c:92:c5:8c:51:71:16:41:34:55:a4:b2:d0:fd:28:5b:
04:1b:e6:b9:3d:f5:8f:ab:e4:52:a2:09:4f:d7:f1:06:70:36:
bd:d4:23:6b:3c:87:52:07:15:e2:3d:15:3e:06:2a:e2:4d:11:
b9:b5:82:25:58:3c:00:29:1a:56:eb:14:aa:62:34:f2:4f:08:
de:d6:64:11
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAPTVkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWNlMjEwOTBlZTRkNzg2Nzc0MTM0MjNkY2IyZmUwMWE2ZTFjNjIyMB4XDTIyMDUy
NzEyNDUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODNjZjFiODhlOGU3
OTFiM2U4ODVhOTJkYTEzYjI3ODU2NGJhMzcwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeEkSBLNwdva+hzj1zsWinkBnrNnjVbKusKOiaeZISQqvUx
Ra7KeAtFepRXCZ+KTtehZmtw2FUljBA4JyvHBfYRn5L8wrDKBY9GPPAguQb8Ibeo
SuoAhYz0weOYTIi1kf4K0woTAZke/0mvzTe6zKjCcbNKBIWhCMFPy9utgPdMqpyh
p4Onfhg5GfIVkgnM/EnTtVLZYDX3AyEsk5H1BGEJw+WCdboVUsWfl/ndZ/5VycgR
e4ibDj/CgI4m8HTc2gRSS9leVqfSDgkFrCqX0iLC8vn9un84Y44kzxmVd0j78YTo
G62tJH4bW7VVn+wMouBkGaqSJnL78H/NdcTeiTUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSDzxuI6OeRs+iFqS2hOyeFZLo3AjAfBgNVHSMEGDAWgBQqziEJDuTXhndB
NCPcsv4BpuHGIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzNGhDUTdrMTRaM1FUUWozTEwtQWFiaHhpSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvMjkxNWYxLTg3YmEtNGMxOC1hYWY5LTU5MGE5ODEzZGRkZi8x
L2c4OGJpT2pua2JQb2hha3RvVHNuaFdTNk53SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
MjkxNWYxLTg3YmEtNGMxOC1hYWY5LTU5MGE5ODEzZGRkZi8xL0tzNGhDUTdrMTRa
M1FUUWozTEwtQWFiaHhpSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEANl1QQMEANl1RwMEANl1TDANBgkq
hkiG9w0BAQsFAAOCAQEAWVX/CYpKhr/oGEV7sKyTA5erUrsujfz4FAel/JKyMtS9
wHQlpjmQ5ME1XLbfX+iSaDRmkQx7/31F37X4dLtoWWSPIkAshQhK66rXLxLMLXWA
FZMwFoq0tK2xEGtkht3J+5RryLZwPhvMTcAekzztlVWjG/HODVXKJZBXg4rp0NR7
FU+iZjUmCbWooy5O9YXQPqVhZtlF5Ff4GIduc2R2Hka+Lvby6Zb0pEAdnKlJeEe5
MLYl3hAcksWMUXEWQTRVpLLQ/ShbBBvmuT31j6vkUqIJT9fxBnA2vdQjazyHUgcV
4j0VPgYq4k0RubWCJVg8ACkaVusUqmI08k8I3tZkEQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:10 2025 by rpki-client