Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/fbd141-1645-42de-9a7b-0fe55ca10f8f/1/D7v4-Zoc483ErsuZf-RwdG68UDA.roa
File: D7v4-Zoc483ErsuZf-RwdG68UDA.roa (raw, json)
Hash identifier: svCsR/LT8FgVEqZt2YocQXqJDaQcacwIWu75bnxHZUA=
Subject key identifier: 0F:BB:F8:F9:9A:1C:E3:CD:C4:AE:CB:99:7F:E4:70:74:6E:BC:50:30
Certificate issuer: /CN=5188c94b8bedeecc6a59bdc44c6fd5157abe4b67
Certificate serial: 018AA3ED433E137FC2D0134792B1896C893E
Authority key identifier: 51:88:C9:4B:8B:ED:EE:CC:6A:59:BD:C4:4C:6F:D5:15:7A:BE:4B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYjJS4vt7sxqWb3ETG_VFXq-S2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/fbd141-1645-42de-9a7b-0fe55ca10f8f/1/D7v4-Zoc483ErsuZf-RwdG68UDA.roa
Signing time: Sun 17 Sep 2023 16:15:50 +0000
ROA not before: Sun 17 Sep 2023 16:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198126
IP address blocks: 217.197.110.0/24 maxlen: 24
2a13:a240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a3:ed:43:3e:13:7f:c2:d0:13:47:92:b1:89:6c:89:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5188c94b8bedeecc6a59bdc44c6fd5157abe4b67
Validity
Not Before: Sep 17 16:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fbbf8f99a1ce3cdc4aecb997fe470746ebc5030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3d:7d:9e:f5:fc:56:59:4a:d1:21:d2:b4:ea:
f1:3c:ba:38:3e:02:a3:c7:0b:2e:87:dd:8c:75:83:
23:c7:01:52:fc:ef:5a:c6:62:e2:f0:0d:44:b7:c3:
e4:ba:8b:a3:f2:8b:0f:93:63:12:af:f6:1f:a3:9d:
ad:b4:d2:e4:e3:0d:bf:19:f9:fc:18:6f:80:a5:68:
55:96:f0:88:5a:4f:df:bf:39:3b:d7:c6:d1:dd:6d:
a4:46:4e:5d:31:ec:09:87:6e:37:48:58:bc:a9:c5:
9a:03:56:a4:54:cb:0c:63:1c:2e:79:e7:89:97:76:
c5:b1:96:be:79:7f:11:07:62:51:97:6b:08:50:50:
0e:ad:2a:78:97:1d:e3:14:d8:43:97:62:12:05:78:
3a:07:8c:8f:f3:77:0e:05:e3:f7:46:25:48:b0:58:
76:86:18:5d:30:9a:56:38:eb:b9:78:ea:45:80:99:
24:91:26:78:5f:3f:8b:d1:c1:63:bc:67:3e:78:a9:
3e:82:63:57:41:5d:a7:02:5d:cf:c7:2b:de:02:b9:
35:19:80:03:1c:a0:92:92:ba:e3:e7:90:85:30:3e:
39:26:6f:0e:93:39:73:f5:5f:a5:d0:2b:45:5c:fd:
07:d6:35:e5:84:e5:04:fa:10:c3:d7:96:40:a6:c6:
11:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BB:F8:F9:9A:1C:E3:CD:C4:AE:CB:99:7F:E4:70:74:6E:BC:50:30
X509v3 Authority Key Identifier:
keyid:51:88:C9:4B:8B:ED:EE:CC:6A:59:BD:C4:4C:6F:D5:15:7A:BE:4B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYjJS4vt7sxqWb3ETG_VFXq-S2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/fbd141-1645-42de-9a7b-0fe55ca10f8f/1/D7v4-Zoc483ErsuZf-RwdG68UDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/fbd141-1645-42de-9a7b-0fe55ca10f8f/1/UYjJS4vt7sxqWb3ETG_VFXq-S2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.110.0/24
IPv6:
2a13:a240::/29
Signature Algorithm: sha256WithRSAEncryption
0c:5b:9f:37:68:6a:d2:9b:a8:fe:15:4f:d5:7a:35:68:2e:de:
d6:92:f1:00:3d:55:d0:c9:66:9b:34:7f:17:c5:b7:c8:02:b0:
7b:9a:eb:ed:35:d0:33:34:ce:fe:8b:92:dd:7b:de:1a:5e:d8:
37:87:07:17:e8:ee:9c:ea:cc:dc:f0:95:64:36:27:06:ac:16:
8f:41:39:b8:83:8f:61:de:34:d1:87:e1:21:b2:af:5d:20:5f:
a5:5c:28:09:4c:da:7e:10:6d:41:df:30:1e:a8:d7:22:f3:f1:
a2:3e:53:77:f2:30:1b:59:49:5f:54:4a:39:53:7a:d7:bb:43:
79:f8:4b:6f:df:58:a1:cf:eb:5e:f6:c0:41:28:81:1a:23:82:
f2:27:36:79:48:24:5a:7e:22:26:83:cf:c8:42:05:7b:4a:5c:
e9:91:b0:9e:a5:df:f9:3b:9e:c2:5a:ed:28:d8:7a:49:88:a2:
03:a5:a7:86:e6:0d:b9:aa:3c:1d:23:b2:da:45:10:e7:33:4d:
cc:cc:c4:57:94:3b:2d:b3:28:c7:5f:14:0c:5a:51:3a:3e:5e:
f9:d1:8b:fd:04:ee:e2:97:70:d7:15:c4:29:35:a0:cc:aa:06:
93:1c:95:5c:37:69:62:78:90:51:7f:9a:18:b8:d3:a6:9d:b4:
7f:97:23:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYqj7UM+E3/C0BNHkrGJbIk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxODhjOTRiOGJlZGVlY2M2YTU5YmRjNDRjNmZkNTE1N2Fi
ZTRiNjcwHhcNMjMwOTE3MTYxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmJiZjhmOTlhMWNlM2NkYzRhZWNiOTk3ZmU0NzA3NDZlYmM1MDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj19nvX8VllK0SHStOrxPLo4PgKj
xwsuh92MdYMjxwFS/O9axmLi8A1Et8Pkuouj8osPk2MSr/Yfo52ttNLk4w2/Gfn8
GG+ApWhVlvCIWk/fvzk718bR3W2kRk5dMewJh243SFi8qcWaA1akVMsMYxwueeeJ
l3bFsZa+eX8RB2JRl2sIUFAOrSp4lx3jFNhDl2ISBXg6B4yP83cOBeP3RiVIsFh2
hhhdMJpWOOu5eOpFgJkkkSZ4Xz+L0cFjvGc+eKk+gmNXQV2nAl3PxyveArk1GYAD
HKCSkrrj55CFMD45Jm8Okzlz9V+l0CtFXP0H1jXlhOUE+hDD15ZApsYRVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA+7+PmaHOPNxK7LmX/kcHRuvFAwMB8GA1UdIwQY
MBaAFFGIyUuL7e7Malm9xExv1RV6vktnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlqSlM0dnQ3c3hxV2IzRVRHX1ZGWHEtUzJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9mYmQxNDEtMTY0NS00MmRlLTlhN2It
MGZlNTVjYTEwZjhmLzEvRDd2NC1ab2M0ODNFcnN1WmYtUndkRzY4VURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9mYmQxNDEtMTY0NS00MmRlLTlhN2ItMGZlNTVjYTEwZjhm
LzEvVVlqSlM0dnQ3c3hxV2IzRVRHX1ZGWHEtUzJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2cVuMA0E
AgACMAcDBQMqE6JAMA0GCSqGSIb3DQEBCwUAA4IBAQAMW583aGrSm6j+FU/VejVo
Lt7WkvEAPVXQyWabNH8XxbfIArB7muvtNdAzNM7+i5Lde94aXtg3hwcX6O6c6szc
8JVkNicGrBaPQTm4g49h3jTRh+Ehsq9dIF+lXCgJTNp+EG1B3zAeqNci8/GiPlN3
8jAbWUlfVEo5U3rXu0N5+Etv31ihz+te9sBBKIEaI4LyJzZ5SCRafiImg8/IQgV7
SlzpkbCepd/5O57CWu0o2HpJiKIDpaeG5g25qjwdI7LaRRDnM03MzMRXlDstsyjH
XxQMWlE6Pl750Yv9BO7il3DXFcQpNaDMqgaTHJVcN2lieJBRf5oYuNOmnbR/lyM5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:26 2025 by rpki-client