Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/1-yrf6mpD4eFnQ28B7iV7_99ghGU.roa
File: 1-yrf6mpD4eFnQ28B7iV7_99ghGU.roa (raw, json)
Hash identifier: SBrl2inbpNRZ/2/9F7bgplYxp4DlN/TVdcGqzvkKMb4=
Subject key identifier: FB:2A:DF:EA:6A:43:E1:E1:67:43:6F:01:EE:25:7B:FF:DF:60:84:65
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 35EE47B3
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/1-yrf6mpD4eFnQ28B7iV7_99ghGU.roa
Signing time: Sat 01 Jan 2022 03:02:12 +0000
ROA not before: Sat 01 Jan 2022 03:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25459
IP address blocks: 217.170.1.0/24 maxlen: 24
217.170.12.0/23 maxlen: 23
217.170.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 904808371 (0x35ee47b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 03:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb2adfea6a43e1e167436f01ee257bffdf608465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6f:aa:e9:83:dc:0c:61:4d:17:dc:e4:eb:08:
6e:42:69:bd:d6:7e:36:0e:80:24:d7:94:cc:9a:7a:
86:28:08:e9:3c:a4:5c:76:cb:e6:da:8d:84:4a:90:
c8:db:60:d6:57:12:20:31:44:b3:db:65:2e:33:22:
20:af:7c:e2:ab:71:c5:a3:a8:eb:e8:7a:0d:ae:62:
65:9d:4d:ac:50:98:6c:28:d2:73:e0:55:9f:8d:e1:
3b:d9:80:70:fd:ec:39:64:96:32:08:f0:f5:b2:53:
dd:83:84:91:6d:f7:c6:6f:0a:d9:7d:4a:56:74:c1:
f8:6d:52:98:c4:dc:b7:bd:d7:4a:45:cd:e4:15:e7:
e2:a2:12:de:d8:02:72:b1:00:3d:2a:6e:58:72:6f:
c6:18:ae:d6:88:a3:77:87:ef:b2:66:ce:77:32:51:
fe:df:45:d0:47:6b:3d:38:74:af:bf:2a:f6:d3:8b:
bc:38:3d:35:84:b1:64:d8:38:e5:4c:7e:2e:31:74:
3a:0d:f6:80:36:2f:ce:0c:97:34:e9:87:10:3b:0b:
c9:4d:a8:33:87:3f:16:2e:6f:06:6b:54:a9:39:d2:
cd:41:8b:64:84:93:26:4f:3a:4f:25:a2:15:1e:9b:
3d:ae:76:92:14:cb:78:d9:5d:d2:e8:a7:40:aa:8c:
42:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:2A:DF:EA:6A:43:E1:E1:67:43:6F:01:EE:25:7B:FF:DF:60:84:65
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/1-yrf6mpD4eFnQ28B7iV7_99ghGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.1.0/24
217.170.12.0-217.170.14.255
Signature Algorithm: sha256WithRSAEncryption
83:39:85:28:9a:29:ab:f8:e0:e9:41:4a:66:67:73:53:75:ac:
08:da:f2:54:1a:bd:48:a9:0b:6b:12:72:27:66:f7:9a:b4:40:
da:8e:a9:86:14:2d:d3:90:4a:5c:2e:e3:d2:ec:f2:a3:f3:a9:
23:c1:3f:eb:b0:c5:6b:12:f2:7c:59:ab:0b:9e:ab:36:33:ca:
32:26:2a:2b:89:c0:dd:47:28:62:78:6d:ea:f4:ae:37:41:40:
d2:96:e4:8a:ae:77:1c:bc:38:c5:6b:17:7a:35:46:f9:7d:1f:
09:01:5e:90:68:b9:5b:0e:ea:c9:e6:fb:29:92:b8:1c:82:e0:
91:80:0e:75:fd:6e:25:5a:68:3d:9f:95:1d:96:cd:00:5b:ca:
5e:d7:2a:98:08:7b:0b:2a:8b:10:af:5a:63:8f:a8:00:d3:b9:
d5:8f:cb:b9:54:f7:2b:b5:65:61:72:8a:f4:a6:5b:a0:e5:d4:
ae:12:bf:89:4c:8f:ba:67:25:e3:83:16:7f:40:b6:1a:9d:ef:
cc:e9:d4:3a:24:75:b3:63:db:f2:a6:62:4d:b2:0c:a5:f5:e9:
8b:f2:46:77:24:5e:62:db:28:d8:f6:96:8c:6e:da:09:f0:4f:
1b:25:73:d7:57:e8:11:7f:84:4e:59:8b:f4:1c:ee:48:4e:bf:
23:f5:1f:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENe5HszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDFmZTMwZmM2YjRiMGQwZjZkYjRlMWJmYmJkNTAxOTVkY2E1NzVjMB4XDTIyMDEw
MTAzMDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIyYWRmZWE2YTQz
ZTFlMTY3NDM2ZjAxZWUyNTdiZmZkZjYwODQ2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFvqumD3AxhTRfc5OsIbkJpvdZ+Ng6AJNeUzJp6higI6Tyk
XHbL5tqNhEqQyNtg1lcSIDFEs9tlLjMiIK984qtxxaOo6+h6Da5iZZ1NrFCYbCjS
c+BVn43hO9mAcP3sOWSWMgjw9bJT3YOEkW33xm8K2X1KVnTB+G1SmMTct73XSkXN
5BXn4qIS3tgCcrEAPSpuWHJvxhiu1oijd4fvsmbOdzJR/t9F0EdrPTh0r78q9tOL
vDg9NYSxZNg45Ux+LjF0Og32gDYvzgyXNOmHEDsLyU2oM4c/Fi5vBmtUqTnSzUGL
ZISTJk86TyWiFR6bPa52khTLeNld0uinQKqMQvECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT7Kt/qakPh4WdDbwHuJXv/32CEZTAfBgNVHSMEGDAWgBQgH+MPxrSw0Pbb
Thv7vVAZXcpXXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lCX2pEOGEwc05EMjIwNGItNzFRR1YzS1Yxdy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvOGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8x
LzEteXJmNm1wRDRlRm5RMjhCN2lWN185OWdoR1Uucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQz
LzhkODBmOS00OTRlLTRhYmItOTk1Ni1mYzEyMWM4MDBiMzAvMS9JQl9qRDhhMHNO
RDIyMDRiLTcxUUdWM0tWMXcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
LQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQDBADZqgEwDAMEAtmqDAMEANmqDjAN
BgkqhkiG9w0BAQsFAAOCAQEAgzmFKJopq/jg6UFKZmdzU3WsCNryVBq9SKkLaxJy
J2b3mrRA2o6phhQt05BKXC7j0uzyo/OpI8E/67DFaxLyfFmrC56rNjPKMiYqK4nA
3UcoYnht6vSuN0FA0pbkiq53HLw4xWsXejVG+X0fCQFekGi5Ww7qyeb7KZK4HILg
kYAOdf1uJVpoPZ+VHZbNAFvKXtcqmAh7CyqLEK9aY4+oANO51Y/LuVT3K7VlYXKK
9KZboOXUrhK/iUyPumcl44MWf0C2Gp3vzOnUOiR1s2Pb8qZiTbIMpfXpi/JGdyRe
Ytso2PaWjG7aCfBPGyVz11foEX+ETlmL9BzuSE6/I/UfJQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:54 2023 by rpki-client on console-ams.rpki-client.org