Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Mi8DHOwIxYKNIXqdOqdT1xVQvRs.roa
File: Mi8DHOwIxYKNIXqdOqdT1xVQvRs.roa (raw, json)
Hash identifier: jc86ThDgLbyUTaNEcCpyETj7kPgDy7ybxnTgRj919tk=
Subject key identifier: 32:2F:03:1C:EC:08:C5:82:8D:21:7A:9D:3A:A7:53:D7:15:50:BD:1B
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 018478531E4DBB19EFC7D8FEC0F9B43A14C8
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Mi8DHOwIxYKNIXqdOqdT1xVQvRs.roa
Signing time: Mon 14 Nov 2022 22:47:03 +0000
ROA not before: Mon 14 Nov 2022 22:47:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51057
IP address blocks: 217.181.250.0/23 maxlen: 23
109.235.232.0/23 maxlen: 23
109.235.232.0/21 maxlen: 21
109.235.233.0/24 maxlen: 24
109.235.234.0/23 maxlen: 23
109.235.234.0/24 maxlen: 24
109.235.238.0/24 maxlen: 24
109.235.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:78:53:1e:4d:bb:19:ef:c7:d8:fe:c0:f9:b4:3a:14:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Nov 14 22:47:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=322f031cec08c5828d217a9d3aa753d71550bd1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:19:f2:eb:68:a0:8f:70:e9:fa:63:48:4c:f8:
5a:ad:da:ba:01:6c:8a:df:d3:7c:39:bc:cf:54:4b:
29:92:88:13:f2:ee:f7:7e:b6:a3:26:5e:bb:c5:f9:
94:d0:fc:ef:54:47:58:38:25:07:56:fc:ad:82:80:
e0:e1:50:21:bb:18:3d:78:28:4b:c6:c5:50:ab:83:
5e:0b:a6:ba:65:da:82:dc:d4:4e:32:f7:45:85:a3:
c1:0e:8f:30:47:e9:79:72:b0:67:29:8c:e9:f7:7b:
3a:93:f9:dc:04:df:5d:62:45:68:a8:7d:07:39:55:
04:13:35:2d:ca:d3:ab:53:09:ac:c1:58:f1:8f:d6:
5d:f7:2e:63:b6:1d:cc:66:18:7c:2c:d8:41:be:84:
76:d2:56:0d:be:c5:d1:e1:99:68:d8:9c:de:22:e4:
8f:cf:5b:55:1d:38:d6:34:7c:d6:6f:7a:a0:f4:c2:
90:67:e6:e4:29:75:94:c6:d4:98:52:ed:ec:74:6f:
78:03:90:d4:98:bc:64:e3:69:82:71:a3:f0:1b:d9:
c3:dd:12:78:b4:20:79:9e:eb:bb:d8:f0:67:cb:49:
c0:c6:4f:8d:63:90:f3:f1:8e:24:f7:3e:f0:a0:31:
02:85:89:f2:34:2e:3e:1b:fa:a1:a6:48:bf:52:ea:
b1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:2F:03:1C:EC:08:C5:82:8D:21:7A:9D:3A:A7:53:D7:15:50:BD:1B
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Mi8DHOwIxYKNIXqdOqdT1xVQvRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.232.0/21
217.181.250.0/23
Signature Algorithm: sha256WithRSAEncryption
01:ed:35:bd:ca:c8:63:a2:7f:5c:be:bd:2f:9b:96:e5:7b:56:
20:f2:92:87:f1:1b:32:fc:82:63:70:60:81:37:2c:b0:82:73:
95:1b:43:9a:68:4a:e8:33:40:82:6d:d5:5a:bc:19:66:a7:a7:
b8:a9:79:af:fd:12:6f:dd:ec:3c:1b:1d:ff:f8:ed:97:a9:33:
01:f6:67:74:9a:d9:5b:c4:40:3b:5e:98:17:87:4f:84:f4:8e:
ec:0d:2b:80:f1:a2:aa:3c:7e:71:03:c4:f0:37:93:bc:0f:cd:
c2:e3:f0:62:c2:79:f0:cf:35:61:ca:b3:09:d5:39:31:f4:8e:
dc:ea:d5:4a:4b:d0:6f:29:1c:e3:3d:fa:20:7a:65:5c:c6:7c:
f8:67:9b:d2:b5:7d:76:d0:5a:91:bc:c7:7c:d5:6f:a8:8d:29:
50:6c:dc:26:3b:ef:a9:5c:a3:ed:09:b1:79:4c:af:9b:e8:b6:
b5:8a:5c:10:16:6d:a3:3f:18:26:88:54:d9:cb:a4:1b:2b:25:
c6:9e:e9:09:22:a4:33:bc:50:c3:ec:4f:9e:8b:46:a8:49:51:
22:ab:75:8e:91:43:65:23:3c:79:31:6b:60:b3:f9:5b:ca:ae:
d7:41:1d:fd:c5:c9:9d:f3:b4:c3:1b:3f:b7:ab:7f:e1:4f:96:
ed:32:62:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR4Ux5Nuxnvx9j+wPm0OhTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjIxMTE0MjI0NzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjJmMDMxY2VjMDhjNTgyOGQyMTdhOWQzYWE3NTNkNzE1NTBiZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBny62igj3Dp+mNITPhardq6AWyK
39N8ObzPVEspkogT8u73frajJl67xfmU0PzvVEdYOCUHVvytgoDg4VAhuxg9eChL
xsVQq4NeC6a6ZdqC3NROMvdFhaPBDo8wR+l5crBnKYzp93s6k/ncBN9dYkVoqH0H
OVUEEzUtytOrUwmswVjxj9Zd9y5jth3MZhh8LNhBvoR20lYNvsXR4Zlo2JzeIuSP
z1tVHTjWNHzWb3qg9MKQZ+bkKXWUxtSYUu3sdG94A5DUmLxk42mCcaPwG9nD3RJ4
tCB5nuu72PBny0nAxk+NY5Dz8Y4k9z7woDEChYnyNC4+G/qhpki/UuqxOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDIvAxzsCMWCjSF6nTqnU9cVUL0bMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvTWk4REhPd0l4WUtOSVhxZE9xZFQxeFZRdlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbevoAwQB
2bX6MA0GCSqGSIb3DQEBCwUAA4IBAQAB7TW9yshjon9cvr0vm5ble1Yg8pKH8Rsy
/IJjcGCBNyywgnOVG0OaaEroM0CCbdVavBlmp6e4qXmv/RJv3ew8Gx3/+O2XqTMB
9md0mtlbxEA7XpgXh0+E9I7sDSuA8aKqPH5xA8TwN5O8D83C4/BiwnnwzzVhyrMJ
1Tkx9I7c6tVKS9BvKRzjPfogemVcxnz4Z5vStX120FqRvMd81W+ojSlQbNwmO++p
XKPtCbF5TK+b6La1ilwQFm2jPxgmiFTZy6QbKyXGnukJIqQzvFDD7E+ei0aoSVEi
q3WOkUNlIzx5MWtgs/lbyq7XQR39xcmd87TDGz+3q3/hT5btMmK+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org