Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/8ksi6MtQKiO4GSbAzvMN4co37yk.roa
File: 8ksi6MtQKiO4GSbAzvMN4co37yk.roa (raw, json)
Hash identifier: jVmJEIYWhEvcdJzczLPBsMRacPnmfpbnZjCz2vod4dQ=
Subject key identifier: F2:4B:22:E8:CB:50:2A:23:B8:19:26:C0:CE:F3:0D:E1:CA:37:EF:29
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 01856CEF06C46828C59CE4A102994DB26521
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/8ksi6MtQKiO4GSbAzvMN4co37yk.roa
Signing time: Sun 01 Jan 2023 10:44:42 +0000
ROA not before: Sun 01 Jan 2023 10:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6720
IP address blocks: 217.149.224.0/20 maxlen: 20
141.203.0.0/16 maxlen: 16
2a00:1ba0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:06:c4:68:28:c5:9c:e4:a1:02:99:4d:b2:65:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Jan 1 10:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f24b22e8cb502a23b81926c0cef30de1ca37ef29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a4:bc:5f:98:ef:dc:b6:8c:74:5f:aa:4e:37:
60:58:0a:e5:b1:23:eb:62:92:d6:25:0a:2c:02:b7:
7f:8c:38:b3:66:25:98:78:1d:a9:e9:ad:d6:28:0e:
8f:d6:4c:9e:96:32:9f:a2:b2:76:e7:c3:f9:e0:9b:
3e:e2:60:0f:e5:2d:4c:49:d4:2c:28:a6:e9:29:45:
77:6e:1e:69:8d:a9:e9:55:25:f8:8b:83:04:2c:1a:
e7:4f:3b:05:db:44:65:3d:3c:aa:58:0d:1e:e6:f6:
1a:59:41:13:f3:8e:17:16:67:93:32:61:ba:ba:76:
da:ff:4b:a7:11:0f:9a:3b:76:be:f0:bd:ff:51:ee:
e1:07:f9:7d:d9:26:d2:82:65:3e:89:e2:24:68:69:
7d:f2:a8:a7:dd:2a:30:b8:08:ff:be:ae:e5:94:ee:
99:a7:63:94:15:3b:6c:fe:0c:3d:bb:b4:c9:b5:f7:
df:4a:aa:b7:b9:10:6b:d7:43:2d:a4:63:84:3e:4b:
eb:19:76:c8:a6:0a:fc:16:00:a9:e6:57:61:6f:38:
04:52:81:ec:02:8a:3f:1c:28:ac:14:fb:e8:2a:ee:
6b:1c:70:8b:dc:7b:59:60:7a:25:c2:a3:d4:e5:b2:
be:22:e8:b6:3a:8f:d2:0f:05:1a:de:23:3c:cc:16:
1e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4B:22:E8:CB:50:2A:23:B8:19:26:C0:CE:F3:0D:E1:CA:37:EF:29
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/8ksi6MtQKiO4GSbAzvMN4co37yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.203.0.0/16
217.149.224.0/20
IPv6:
2a00:1ba0:2::/48
Signature Algorithm: sha256WithRSAEncryption
60:41:60:aa:81:b8:08:dd:02:3a:16:1a:b6:f0:aa:e4:11:96:
c4:7e:67:d2:bb:30:d5:78:68:0a:13:61:ee:74:24:82:f6:2f:
63:37:b5:6c:c8:e6:8f:76:e5:aa:42:c4:58:69:d4:b9:a0:64:
e8:76:7e:ba:29:f9:0e:97:a0:17:f2:e1:7d:91:a7:51:65:86:
51:39:6a:e0:b1:f2:e4:61:43:2e:4e:61:51:b1:f0:b9:ab:72:
a1:ac:e3:d8:f1:7d:c6:65:f7:26:8c:b3:9d:a4:41:f7:70:f9:
f5:fe:1b:b3:1c:91:8b:e1:e7:9c:fb:7e:08:6d:4e:f2:9c:8f:
e7:1e:18:f3:62:82:34:b8:88:d3:ad:d0:db:ae:61:a0:fc:8b:
cd:93:ea:d0:41:bc:c8:3b:f2:f1:7a:6b:3b:d8:a2:40:cc:48:
e1:09:76:ba:ba:12:8f:69:3d:26:4c:3f:b1:1f:b6:a1:a8:b6:
bf:9d:57:24:d0:90:04:7e:ba:4b:41:9f:72:c2:67:33:a4:82:
57:3b:b0:04:30:1c:22:f2:5f:94:6d:38:4a:cd:32:b6:d2:16:
24:05:f1:82:1f:2d:ab:6b:dc:07:81:bb:f1:c7:b1:82:ad:d7:
8a:d5:60:b9:4c:f0:75:e1:76:ee:3c:27:0f:f1:3f:3e:24:34:
1c:54:e6:c3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVs7wbEaCjFnOShAplNsmUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjMwMTAxMTA0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjRiMjJlOGNiNTAyYTIzYjgxOTI2YzBjZWYzMGRlMWNhMzdlZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6S8X5jv3LaMdF+qTjdgWArlsSPr
YpLWJQosArd/jDizZiWYeB2p6a3WKA6P1kyeljKforJ258P54Js+4mAP5S1MSdQs
KKbpKUV3bh5pjanpVSX4i4MELBrnTzsF20RlPTyqWA0e5vYaWUET844XFmeTMmG6
unba/0unEQ+aO3a+8L3/Ue7hB/l92SbSgmU+ieIkaGl98qin3SowuAj/vq7llO6Z
p2OUFTts/gw9u7TJtfffSqq3uRBr10MtpGOEPkvrGXbIpgr8FgCp5ldhbzgEUoHs
Aoo/HCisFPvoKu5rHHCL3HtZYHolwqPU5bK+Iui2Oo/SDwUa3iM8zBYeGwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPJLIujLUCojuBkmwM7zDeHKN+8pMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvOGtzaTZNdFFLaU80R1NiQXp2TU40Y28zN3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDARBAIAATALAwMAjcsDBATZ
leAwDwQCAAIwCQMHACoAG6AAAjANBgkqhkiG9w0BAQsFAAOCAQEAYEFgqoG4CN0C
OhYatvCq5BGWxH5n0rsw1XhoChNh7nQkgvYvYze1bMjmj3blqkLEWGnUuaBk6HZ+
uin5DpegF/LhfZGnUWWGUTlq4LHy5GFDLk5hUbHwuatyoazj2PF9xmX3JoyznaRB
93D59f4bsxyRi+HnnPt+CG1O8pyP5x4Y82KCNLiI063Q265hoPyLzZPq0EG8yDvy
8XprO9iiQMxI4Ql2uroSj2k9Jkw/sR+2oai2v51XJNCQBH66S0GfcsJnM6SCVzuw
BDAcIvJflG04Ss0yttIWJAXxgh8tq2vcB4G78cexgq3XitVguUzwdeF27jwnD/E/
PiQ0HFTmww==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:45 2025 by rpki-client