Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/ytg8nMLxrUigMPiXzNI8KCQz9RU.roa
File: ytg8nMLxrUigMPiXzNI8KCQz9RU.roa (raw, json)
Hash identifier: 3IJo5r2IuU2DmGfKeM+mV1py/BL4KaABaG/Kt/ZKGFQ=
Subject key identifier: CA:D8:3C:9C:C2:F1:AD:48:A0:30:F8:97:CC:D2:3C:28:24:33:F5:15
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 018BF780E614B040F89856ECB7800699C971
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/ytg8nMLxrUigMPiXzNI8KCQz9RU.roa
Signing time: Wed 22 Nov 2023 14:48:21 +0000
ROA not before: Wed 22 Nov 2023 14:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61121
IP address blocks: 217.73.119.0/24 maxlen: 24
217.73.117.0/24 maxlen: 24
217.73.118.0/24 maxlen: 24
217.73.116.0/23 maxlen: 23
217.73.116.0/22 maxlen: 22
217.73.118.0/23 maxlen: 23
217.73.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:80:e6:14:b0:40:f8:98:56:ec:b7:80:06:99:c9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Nov 22 14:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cad83c9cc2f1ad48a030f897ccd23c282433f515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a3:d1:68:7a:69:8b:80:6a:e1:02:a1:ea:32:
bb:7c:6f:f1:8c:f8:e5:4e:46:84:94:64:62:41:85:
d7:41:dc:12:8f:31:52:7e:be:39:8e:82:58:cc:bb:
28:08:ec:03:50:82:a7:d4:77:9b:be:08:de:d7:3f:
e7:a5:d5:96:36:b1:7b:41:62:0f:80:41:50:4f:c4:
75:9d:1f:5d:57:17:4b:b1:47:1f:0e:75:27:21:42:
af:72:06:cb:8a:bb:f0:14:05:05:c4:27:85:60:44:
33:38:d2:94:ef:ae:0d:c3:e0:85:83:b0:4f:da:79:
d1:15:84:a4:48:e7:b2:48:a5:c5:23:88:9a:99:5a:
e0:e1:e5:70:fd:26:64:f3:0f:99:0f:0f:81:e5:e8:
bc:01:ee:7c:bc:c8:c4:1c:9a:2f:47:33:71:e2:6a:
95:9c:96:59:9e:28:70:4a:b2:aa:b4:80:1d:70:34:
37:e8:d6:3f:b5:9d:c8:9a:c9:78:bb:7a:35:46:6f:
53:54:13:5f:0d:66:5a:b1:ff:da:5d:7d:67:f0:76:
e2:23:b4:3c:67:9d:84:08:35:6f:77:49:0d:7a:35:
21:6b:ca:04:dd:ad:f6:ed:b6:c8:a7:ab:08:54:cf:
ad:11:b3:2a:85:51:e5:cc:99:a9:f5:06:59:57:0b:
b6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D8:3C:9C:C2:F1:AD:48:A0:30:F8:97:CC:D2:3C:28:24:33:F5:15
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/ytg8nMLxrUigMPiXzNI8KCQz9RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.73.116.0/22
Signature Algorithm: sha256WithRSAEncryption
36:ef:45:82:75:22:92:8d:1c:e9:52:ca:c5:21:9c:94:74:bc:
c6:05:92:43:79:93:52:31:96:01:c3:39:cd:d4:8a:b3:ab:00:
a3:cc:1b:e3:98:d6:8d:e7:f9:ea:47:25:59:c7:65:af:72:bc:
2c:28:1a:6b:09:5e:6d:bd:b6:7f:32:3e:4a:cc:08:bf:ff:94:
c1:30:df:a5:8b:68:a7:8d:ff:2d:dd:4a:5a:92:24:a0:26:29:
7f:d2:43:08:63:85:ee:fa:4c:6d:d7:17:af:7f:ce:bd:c8:e9:
e5:9a:00:c3:ee:b0:0f:db:fd:d7:3b:d7:07:da:8c:ac:f1:29:
35:45:78:4d:91:fd:ce:d0:95:6f:43:82:3b:80:db:d9:1c:08:
47:77:1f:5d:4e:44:6f:6e:97:2e:c6:96:68:45:40:6e:0b:9a:
1f:56:b1:58:0d:1a:da:53:74:d8:b3:95:da:e5:92:83:39:3f:
0a:cc:97:be:14:64:ff:74:3e:9c:c5:90:1c:6b:75:ca:53:86:
46:d3:f4:db:60:85:88:2c:0e:92:a8:2f:fa:a1:8f:7f:f9:dc:
eb:d6:d1:7e:94:f8:e2:f9:e8:9e:52:23:2a:00:9d:4c:9d:5c:
dc:41:0b:1a:ee:0a:99:6a:f2:9c:93:ad:ce:3c:2a:3a:32:4b:
9e:6f:be:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv3gOYUsED4mFbst4AGmclxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjMxMTIyMTQ0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQ4M2M5Y2MyZjFhZDQ4YTAzMGY4OTdjY2QyM2MyODI0MzNmNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6PRaHppi4Bq4QKh6jK7fG/xjPjl
TkaElGRiQYXXQdwSjzFSfr45joJYzLsoCOwDUIKn1Hebvgje1z/npdWWNrF7QWIP
gEFQT8R1nR9dVxdLsUcfDnUnIUKvcgbLirvwFAUFxCeFYEQzONKU764Nw+CFg7BP
2nnRFYSkSOeySKXFI4iamVrg4eVw/SZk8w+ZDw+B5ei8Ae58vMjEHJovRzNx4mqV
nJZZnihwSrKqtIAdcDQ36NY/tZ3Imsl4u3o1Rm9TVBNfDWZasf/aXX1n8HbiI7Q8
Z52ECDVvd0kNejUha8oE3a327bbIp6sIVM+tEbMqhVHlzJmp9QZZVwu2HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrYPJzC8a1IoDD4l8zSPCgkM/UVMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEveXRnOG5NTHhyVWlnTVBpWHpOSThLQ1F6OVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2Ul0MA0G
CSqGSIb3DQEBCwUAA4IBAQA270WCdSKSjRzpUsrFIZyUdLzGBZJDeZNSMZYBwznN
1IqzqwCjzBvjmNaN5/nqRyVZx2WvcrwsKBprCV5tvbZ/Mj5KzAi//5TBMN+li2in
jf8t3UpakiSgJil/0kMIY4Xu+kxt1xevf869yOnlmgDD7rAP2/3XO9cH2oys8Sk1
RXhNkf3O0JVvQ4I7gNvZHAhHdx9dTkRvbpcuxpZoRUBuC5ofVrFYDRraU3TYs5Xa
5ZKDOT8KzJe+FGT/dD6cxZAca3XKU4ZG0/TbYIWILA6SqC/6oY9/+dzr1tF+lPji
+eieUiMqAJ1MnVzcQQsa7gqZavKck63OPCo6Mkueb76p
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:18 2025 by rpki-client