Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/l1vDSYi86eTAuovT4NYYZi0lx-k.roa
File: l1vDSYi86eTAuovT4NYYZi0lx-k.roa (raw, json)
Hash identifier: Q2M0ryFzLi0GjFqKniSnEGlUQMQz5jWWJpdzUFgtrBM=
Subject key identifier: 97:5B:C3:49:88:BC:E9:E4:C0:BA:8B:D3:E0:D6:18:66:2D:25:C7:E9
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 01893ED5DD290E5E06A15956666AEF2AABDE
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/l1vDSYi86eTAuovT4NYYZi0lx-k.roa
Signing time: Mon 10 Jul 2023 08:05:50 +0000
ROA not before: Mon 10 Jul 2023 08:05:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 217.67.74.0/23 maxlen: 24
217.67.72.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:d5:dd:29:0e:5e:06:a1:59:56:66:6a:ef:2a:ab:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jul 10 08:05:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=975bc34988bce9e4c0ba8bd3e0d618662d25c7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2f:b5:e6:89:bc:7f:c8:e8:32:66:dd:55:db:
36:9b:da:a9:34:90:01:f0:4b:1e:6a:70:7d:c4:44:
d0:3a:04:fb:e3:0d:3e:ae:b1:80:42:73:37:76:f7:
68:c2:4d:2b:f9:51:ff:dd:c1:21:7a:05:e6:76:b0:
4f:54:c5:80:b9:55:99:6d:20:c7:5f:0d:e7:f9:67:
34:0b:9e:80:9e:78:47:28:e9:a0:81:34:fd:08:e3:
af:3a:90:16:8e:1c:29:b5:86:dd:48:a9:f2:b8:96:
3d:52:9e:ef:44:e2:80:c4:d5:f6:ef:a9:31:53:81:
f9:e6:a5:c1:e1:21:19:03:37:3e:52:59:a5:db:d9:
5d:1a:5b:01:06:e5:f1:e4:38:1e:2f:67:7f:04:3a:
86:b2:c0:8a:7a:c5:31:a9:58:ed:52:c2:fa:f1:e3:
05:51:1e:5c:06:a8:88:48:23:fa:2e:53:98:4e:3c:
89:f0:ae:99:a6:7f:14:b3:69:a7:62:f6:dd:85:35:
3e:b4:cf:1b:c1:71:cf:14:b8:19:d9:f2:1e:25:db:
9a:45:a3:f4:7c:34:71:85:d3:57:04:dd:4f:9a:d6:
a9:97:fe:fb:c2:07:f6:aa:10:eb:c4:37:6d:fc:17:
57:e9:fd:7f:62:9e:41:6f:24:e7:96:74:53:50:ec:
e1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5B:C3:49:88:BC:E9:E4:C0:BA:8B:D3:E0:D6:18:66:2D:25:C7:E9
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/l1vDSYi86eTAuovT4NYYZi0lx-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.72.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:25:9f:f5:86:c8:c3:d1:bd:67:19:4b:3c:7c:2e:61:a8:f4:
96:45:6d:7f:9e:05:47:98:bc:a2:3d:13:52:ca:b9:ff:19:dd:
0e:18:78:2e:d9:7b:f4:fe:cd:d4:9d:94:d4:42:1f:a5:f4:75:
09:63:1e:ab:60:57:a0:0f:58:9d:d9:35:5a:b6:a7:86:3e:d6:
47:23:b1:45:52:76:38:f2:7c:77:b2:41:3f:79:ed:df:ba:ae:
cd:5b:5f:89:25:46:73:c1:42:ed:ff:c3:2d:51:c8:6f:67:38:
de:d1:76:f0:a4:5d:cf:4c:9a:35:d1:d4:65:3b:bb:7e:fb:53:
46:9b:82:8b:7b:97:b9:57:f8:9d:92:6a:8f:2f:54:8e:fa:69:
e8:19:e8:57:61:48:1c:69:e3:43:19:fc:62:6e:fb:89:46:7f:
c3:29:47:3a:3d:e9:9a:a8:8f:8a:a4:fc:53:01:94:c3:b5:d1:
5d:95:bd:ff:15:84:c7:24:04:cf:27:c1:64:e9:f5:cc:b6:5b:
6a:ef:e7:90:ee:85:20:db:11:89:78:88:5c:33:5a:b0:a3:bc:
b5:06:3a:08:ec:38:5c:a3:5a:2b:4f:4d:c3:16:03:5d:b8:11:
d5:6f:c7:dc:ca:17:4c:42:82:42:63:20:33:9c:e1:92:04:bc:
02:00:14:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk+1d0pDl4GoVlWZmrvKqveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNzEwMDgwNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzViYzM0OTg4YmNlOWU0YzBiYThiZDNlMGQ2MTg2NjJkMjVjN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy+15om8f8joMmbdVds2m9qpNJAB
8EseanB9xETQOgT74w0+rrGAQnM3dvdowk0r+VH/3cEhegXmdrBPVMWAuVWZbSDH
Xw3n+Wc0C56AnnhHKOmggTT9COOvOpAWjhwptYbdSKnyuJY9Up7vROKAxNX276kx
U4H55qXB4SEZAzc+Ulml29ldGlsBBuXx5DgeL2d/BDqGssCKesUxqVjtUsL68eMF
UR5cBqiISCP6LlOYTjyJ8K6Zpn8Us2mnYvbdhTU+tM8bwXHPFLgZ2fIeJduaRaP0
fDRxhdNXBN1Pmtapl/77wgf2qhDrxDdt/BdX6f1/Yp5BbyTnlnRTUOzhbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdbw0mIvOnkwLqL0+DWGGYtJcfpMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvbDF2RFNZaTg2ZVRBdW92VDROWVlaaTBseC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UNIMA0G
CSqGSIb3DQEBCwUAA4IBAQDCJZ/1hsjD0b1nGUs8fC5hqPSWRW1/ngVHmLyiPRNS
yrn/Gd0OGHgu2Xv0/s3UnZTUQh+l9HUJYx6rYFegD1id2TVatqeGPtZHI7FFUnY4
8nx3skE/ee3fuq7NW1+JJUZzwULt/8MtUchvZzje0XbwpF3PTJo10dRlO7t++1NG
m4KLe5e5V/idkmqPL1SO+mnoGehXYUgcaeNDGfxibvuJRn/DKUc6PemaqI+KpPxT
AZTDtdFdlb3/FYTHJATPJ8Fk6fXMtltq7+eQ7oUg2xGJeIhcM1qwo7y1BjoI7Dhc
o1orT03DFgNduBHVb8fcyhdMQoJCYyAznOGSBLwCABSm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:59 2025 by rpki-client