Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/rOwjsy2WLGdxFeJDnEZJj2YH5aE.roa
File: rOwjsy2WLGdxFeJDnEZJj2YH5aE.roa (raw, json)
Hash identifier: oNUaJNEZQAqHReQM5vukqoBkaCwiugoKklgOlslHuaA=
Subject key identifier: AC:EC:23:B3:2D:96:2C:67:71:15:E2:43:9C:46:49:8F:66:07:E5:A1
Certificate issuer: /CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
Certificate serial: 0BF0D2F4
Authority key identifier: AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/rOwjsy2WLGdxFeJDnEZJj2YH5aE.roa
Signing time: Tue 15 Feb 2022 08:30:29 +0000
ROA not before: Tue 15 Feb 2022 08:30:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35223
IP address blocks: 193.168.168.0/22 maxlen: 22
82.117.0.0/19 maxlen: 19
2a03:5480::/29 maxlen: 29
2a03:5480::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200332020 (0xbf0d2f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
Validity
Not Before: Feb 15 08:30:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acec23b32d962c677115e2439c46498f6607e5a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a3:d5:b0:53:7d:a6:56:af:fb:22:6e:40:b5:
d2:bd:2e:18:d3:18:7a:ed:22:6b:7b:15:31:33:60:
78:fa:d3:01:8c:09:da:5b:1f:f9:d5:7c:ca:0d:12:
38:27:df:b0:5d:8f:5c:bb:a6:75:70:ee:a7:70:43:
e0:84:0a:98:58:7f:e2:21:f5:52:46:ce:f9:7a:90:
1d:49:ae:82:da:86:61:bf:d2:75:15:1a:7e:05:24:
fa:df:ad:82:73:cc:1c:a3:56:4e:6a:16:35:b7:66:
4f:0c:61:65:af:d4:ea:51:ad:a1:e3:4c:95:46:e1:
3c:04:dd:63:52:76:45:c2:fe:07:78:0f:15:a2:ce:
ce:e5:e7:6f:f1:17:61:f2:60:28:e6:00:bc:7e:45:
b8:0e:a3:e8:47:f4:21:23:d8:99:41:0b:d1:3b:d8:
45:63:15:6d:e6:9d:76:ac:34:16:10:ce:a8:bf:c6:
34:aa:b6:ad:f5:fb:c3:f4:6e:23:a7:6a:2d:73:71:
9a:38:8c:22:07:ce:ed:bf:c4:cc:29:20:26:91:b7:
e2:ef:12:b9:86:9b:ca:ec:5f:ea:aa:f1:2d:fe:99:
31:77:4d:af:bf:3b:b6:0b:b0:5c:1c:cd:90:2e:a1:
ad:c1:d9:03:69:2f:04:4c:3b:1a:e7:2e:3e:87:d9:
58:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EC:23:B3:2D:96:2C:67:71:15:E2:43:9C:46:49:8F:66:07:E5:A1
X509v3 Authority Key Identifier:
keyid:AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/rOwjsy2WLGdxFeJDnEZJj2YH5aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.0.0/19
193.168.168.0/22
IPv6:
2a03:5480::/29
Signature Algorithm: sha256WithRSAEncryption
b8:a7:65:63:3c:92:ff:25:7d:68:21:a6:6a:c2:db:4a:f2:8c:
47:17:70:66:d9:10:f5:3b:a0:fd:25:2a:46:35:54:7b:54:83:
f0:87:e4:41:30:da:f3:b6:e5:58:f4:7d:f9:2a:37:f8:ca:3e:
17:fc:e4:d4:cc:fa:d1:de:12:7d:b9:04:08:bd:0e:00:08:ee:
b7:4e:b2:69:2e:58:3f:39:6c:54:d5:ca:be:c6:34:35:00:2c:
9c:79:f8:b2:2c:cf:14:c0:50:52:fc:57:6a:70:32:72:8d:1b:
38:4d:6e:4b:bc:2e:d1:14:f7:b5:a5:4b:95:4d:af:83:27:6f:
c8:ca:f8:6d:3a:83:0f:53:3f:62:3e:0a:b9:69:93:e4:11:6d:
51:ef:3f:a5:cd:12:4c:2a:c0:df:d4:4e:db:d8:78:14:7f:18:
b2:23:45:f1:93:6f:a8:15:03:1e:31:00:ec:b7:75:10:3d:4e:
cf:6b:e5:74:6b:28:6a:34:0c:a1:73:87:07:96:2b:64:74:81:
e6:f8:18:89:b9:6c:70:52:b5:5f:83:3f:5c:79:2f:91:ad:84:
6f:71:28:52:2b:bb:ca:4c:02:6f:4c:1d:5b:fb:2c:9e:ff:1b:
c4:6d:a8:2b:74:51:3b:b4:83:5f:b2:fa:87:06:1d:79:72:e1:
5f:97:e0:09
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEC/DS9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTcwZmJiM2RiMjI4NDM3ZDYwNTc5OWFjNGY0NTk4ZDIyZTEzZTFiMB4XDTIyMDIx
NTA4MzAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNlYzIzYjMyZDk2
MmM2NzcxMTVlMjQzOWM0NjQ5OGY2NjA3ZTVhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO2j1bBTfaZWr/sibkC10r0uGNMYeu0ia3sVMTNgePrTAYwJ
2lsf+dV8yg0SOCffsF2PXLumdXDup3BD4IQKmFh/4iH1UkbO+XqQHUmugtqGYb/S
dRUafgUk+t+tgnPMHKNWTmoWNbdmTwxhZa/U6lGtoeNMlUbhPATdY1J2RcL+B3gP
FaLOzuXnb/EXYfJgKOYAvH5FuA6j6Ef0ISPYmUEL0TvYRWMVbeaddqw0FhDOqL/G
NKq2rfX7w/RuI6dqLXNxmjiMIgfO7b/EzCkgJpG34u8SuYabyuxf6qrxLf6ZMXdN
r787tguwXBzNkC6hrcHZA2kvBEw7GucuPofZWNMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSs7COzLZYsZ3EV4kOcRkmPZgfloTAfBgNVHSMEGDAWgBSqcPuz2yKEN9YF
eZrE9FmNIuE+GzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FuRDdzOXNpaERmV0JYbWF4UFJaalNMaFBocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZDhlMTg0LWU3OWItNDdmZS05NmRjLTViYTQyMzVjZTYxOS8x
L3JPd2pzeTJXTEdkeEZlSkRuRVpKajJZSDVhRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZDhlMTg0LWU3OWItNDdmZS05NmRjLTViYTQyMzVjZTYxOS8xL3FuRDdzOXNpaERm
V0JYbWF4UFJaalNMaFBocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBVJ1AAMEAsGoqDANBAIAAjAHAwUD
KgNUgDANBgkqhkiG9w0BAQsFAAOCAQEAuKdlYzyS/yV9aCGmasLbSvKMRxdwZtkQ
9Tug/SUqRjVUe1SD8IfkQTDa87blWPR9+So3+Mo+F/zk1Mz60d4SfbkECL0OAAju
t06yaS5YPzlsVNXKvsY0NQAsnHn4sizPFMBQUvxXanAyco0bOE1uS7wu0RT3taVL
lU2vgydvyMr4bTqDD1M/Yj4KuWmT5BFtUe8/pc0STCrA39RO29h4FH8YsiNF8ZNv
qBUDHjEA7Ld1ED1Oz2vldGsoajQMoXOHB5YrZHSB5vgYiblscFK1X4M/XHkvka2E
b3EoUiu7ykwCb0wdW/ssnv8bxG2oK3RRO7SDX7L6hwYdeXLhX5fgCQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:39 2025 by rpki-client