Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/gJU3mDDrDn--cNXbpOzK6OubP-0.roa
File: gJU3mDDrDn--cNXbpOzK6OubP-0.roa (raw, json)
Hash identifier: MErkhobGolKHbDYWpqTLdbbyqy7ZD7JFZ72R+fJsrc8=
Subject key identifier: 80:95:37:98:30:EB:0E:7F:BE:70:D5:DB:A4:EC:CA:E8:EB:9B:3F:ED
Certificate issuer: /CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
Certificate serial: 0184CD3D96338EE6486C420B95274399AA42
Authority key identifier: 55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/gJU3mDDrDn--cNXbpOzK6OubP-0.roa
Signing time: Thu 01 Dec 2022 10:31:16 +0000
ROA not before: Thu 01 Dec 2022 10:31:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16297
IP address blocks: 217.118.0.0/20 maxlen: 20
217.118.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:3d:96:33:8e:e6:48:6c:42:0b:95:27:43:99:aa:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
Validity
Not Before: Dec 1 10:31:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8095379830eb0e7fbe70d5dba4eccae8eb9b3fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e4:8c:04:cb:b1:69:bf:fb:96:5c:3c:cc:61:
f1:6e:06:21:f4:66:9a:cc:e0:68:15:cd:56:94:bd:
5c:b2:45:7b:f1:39:8c:2e:8f:4a:5e:4e:6b:12:2d:
c9:54:91:0c:22:6e:b0:cc:96:3d:82:98:07:8c:2c:
7a:71:38:cb:fb:47:17:42:5f:99:34:d2:33:90:bd:
b1:34:31:5c:7e:6a:00:2f:1c:4d:8b:0c:d4:44:85:
e7:0c:c7:d2:8e:a8:56:d4:ca:86:6a:a3:15:b6:94:
99:6b:67:90:6c:9e:e4:b1:40:70:bc:92:51:6e:e2:
cc:91:c0:87:2e:2a:af:96:f5:6b:5f:fd:b1:c5:55:
ad:9e:17:06:dc:e4:82:04:b3:6e:de:ae:75:b4:63:
4f:04:90:99:cf:bd:85:7e:d9:63:2e:a5:24:07:26:
e0:c7:8d:a6:bb:48:ce:a0:d6:fb:ae:56:e7:54:f4:
0b:64:5c:1d:0e:ed:e7:f6:4c:dc:84:e5:9c:93:06:
3a:24:a0:48:6f:58:40:25:6d:79:99:af:f8:3d:63:
65:d8:3c:82:d7:db:ee:49:3e:9d:8d:04:da:df:bb:
36:21:d4:1d:89:fb:2f:7e:70:be:e3:6f:d0:d5:34:
9a:46:c2:82:47:55:c2:85:64:4d:d7:f7:43:c8:fc:
32:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:95:37:98:30:EB:0E:7F:BE:70:D5:DB:A4:EC:CA:E8:EB:9B:3F:ED
X509v3 Authority Key Identifier:
keyid:55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/gJU3mDDrDn--cNXbpOzK6OubP-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/VUrbcrguz6_FcF4l_ryrXILXbuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.118.0.0/20
Signature Algorithm: sha256WithRSAEncryption
67:b0:57:92:d4:d0:3b:f5:46:6d:da:c9:1f:dc:fc:d0:d1:f0:
60:81:f9:0e:9d:4c:0c:c0:e6:64:a2:ae:6d:98:e8:09:6d:75:
31:d3:05:cc:6b:71:ae:00:e0:47:f5:2d:3b:00:4b:16:fd:df:
24:55:72:d5:30:d9:dd:54:4f:2c:99:5d:38:8b:46:c8:23:45:
5a:04:f7:09:85:db:ac:03:3f:cb:59:e2:2f:99:b5:8d:f1:24:
78:13:2f:bd:ff:e4:0e:83:17:d2:5a:0b:51:09:68:b4:b5:d7:
af:00:10:85:7a:fa:c9:e5:3b:e9:a9:3e:ff:5b:8d:75:4f:8d:
80:83:fa:ca:69:1d:6d:6d:28:08:80:54:5a:f8:c4:0e:a3:ed:
84:d7:ff:36:8d:0f:07:d7:f9:ea:92:0d:ee:4d:f6:32:86:8e:
c5:b6:22:59:c8:a1:21:fc:49:44:59:52:09:01:63:1b:62:84:
22:ad:d1:b5:69:6f:60:4d:73:71:22:2f:94:a8:8b:55:32:16:
f5:90:dc:75:66:80:8b:bd:c5:67:1a:b8:c4:3b:e1:79:cd:d7:
49:f8:67:04:89:6e:2c:f2:70:06:f8:3b:07:0a:ef:a7:da:4b:
05:1e:4c:75:34:11:9f:bb:9b:bc:ca:5d:65:f6:9a:33:ea:7c:
4b:c9:6a:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTNPZYzjuZIbEILlSdDmapCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NGFkYjcyYjgyZWNmYWZjNTcwNWUyNWZlYmNhYjVjODJk
NzZlZTYwHhcNMjIxMjAxMTAzMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDk1Mzc5ODMwZWIwZTdmYmU3MGQ1ZGJhNGVjY2FlOGViOWIzZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOSMBMuxab/7llw8zGHxbgYh9Gaa
zOBoFc1WlL1cskV78TmMLo9KXk5rEi3JVJEMIm6wzJY9gpgHjCx6cTjL+0cXQl+Z
NNIzkL2xNDFcfmoALxxNiwzURIXnDMfSjqhW1MqGaqMVtpSZa2eQbJ7ksUBwvJJR
buLMkcCHLiqvlvVrX/2xxVWtnhcG3OSCBLNu3q51tGNPBJCZz72FftljLqUkBybg
x42mu0jOoNb7rlbnVPQLZFwdDu3n9kzchOWckwY6JKBIb1hAJW15ma/4PWNl2DyC
19vuST6djQTa37s2IdQdifsvfnC+42/Q1TSaRsKCR1XChWRN1/dDyPwyMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFICVN5gw6w5/vnDV26Tsyujrmz/tMB8GA1UdIwQY
MBaAFFVK23K4Ls+vxXBeJf68q1yC127mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEt
NzU4NjNmNDM0NzZhLzEvZ0pVM21ERHJEbi0tY05YYnBPeks2T3ViUC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEtNzU4NjNmNDM0NzZh
LzEvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2XYAMA0G
CSqGSIb3DQEBCwUAA4IBAQBnsFeS1NA79UZt2skf3PzQ0fBggfkOnUwMwOZkoq5t
mOgJbXUx0wXMa3GuAOBH9S07AEsW/d8kVXLVMNndVE8smV04i0bII0VaBPcJhdus
Az/LWeIvmbWN8SR4Ey+9/+QOgxfSWgtRCWi0tdevABCFevrJ5TvpqT7/W411T42A
g/rKaR1tbSgIgFRa+MQOo+2E1/82jQ8H1/nqkg3uTfYyho7FtiJZyKEh/ElEWVIJ
AWMbYoQirdG1aW9gTXNxIi+UqItVMhb1kNx1ZoCLvcVnGrjEO+F5zddJ+GcEiW4s
8nAG+DsHCu+n2ksFHkx1NBGfu5u8yl1l9poz6nxLyWoQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:52 2025 by rpki-client