Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/bfKKw8MqhMER3nBt-qkqdbbkFSQ.roa
File: bfKKw8MqhMER3nBt-qkqdbbkFSQ.roa (raw, json)
Hash identifier: 4jflewh/zuvMtAYUKMSoU+8L6krXuq0jMgauziCzyR8=
Subject key identifier: 6D:F2:8A:C3:C3:2A:84:C1:11:DE:70:6D:FA:A9:2A:75:B6:E4:15:24
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 018A3BBAE8B0CC65F98FA8ABF680DF3DB55F
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/bfKKw8MqhMER3nBt-qkqdbbkFSQ.roa
Signing time: Mon 28 Aug 2023 10:40:19 +0000
ROA not before: Mon 28 Aug 2023 10:40:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 217.113.22.0/23 maxlen: 23
217.113.26.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:ba:e8:b0:cc:65:f9:8f:a8:ab:f6:80:df:3d:b5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Aug 28 10:40:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6df28ac3c32a84c111de706dfaa92a75b6e41524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b4:c0:a2:f9:23:01:0a:d5:ee:50:c0:a4:eb:
b7:e8:6b:57:c2:92:7a:6f:a8:7a:6e:ec:e7:f3:ee:
b8:af:3f:e3:a6:62:86:fd:82:35:44:77:69:93:d4:
2a:1f:82:be:cb:f9:d9:7f:84:fd:69:7e:31:61:b6:
4f:55:23:97:ac:ef:27:6b:94:8a:84:69:b1:9f:ee:
f1:52:d2:a5:50:24:8a:d4:28:2f:9d:47:fc:ae:b3:
4b:71:d3:1a:4e:f7:ad:80:6e:62:2f:53:a3:37:b2:
8f:5f:b0:c6:92:ca:26:57:e0:33:29:23:d1:91:5e:
6b:87:dc:38:9c:0b:8d:42:30:39:40:0b:94:1b:dd:
e1:f0:20:74:a4:03:8d:af:e3:1e:62:f8:d2:be:04:
22:e8:da:44:df:f0:0a:54:72:06:fe:85:ad:82:b0:
fc:18:d3:26:24:12:9d:a8:6b:90:28:46:64:19:b1:
d9:9c:8d:3d:5a:0d:94:19:43:be:39:4f:d4:0d:55:
8f:52:2f:c8:73:15:55:6e:5b:92:e0:d1:d4:72:34:
a8:72:64:69:9c:23:5f:12:3a:d6:5c:1a:de:13:36:
27:e0:19:33:51:b6:d5:27:55:99:c3:e1:c8:aa:01:
2c:9b:ab:b6:11:4a:f7:a6:b7:4a:d8:f4:69:4c:df:
4a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F2:8A:C3:C3:2A:84:C1:11:DE:70:6D:FA:A9:2A:75:B6:E4:15:24
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/bfKKw8MqhMER3nBt-qkqdbbkFSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.22.0/23
217.113.26.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:d4:59:22:e1:f1:03:2a:1d:71:95:f9:e8:ec:2b:e0:a2:80:
89:0e:bd:ae:84:db:6b:54:f8:82:25:6d:db:9c:66:ae:40:3a:
c4:e2:e5:c9:7b:9c:33:a5:2e:6e:14:b1:92:0e:50:cd:8a:42:
e8:b5:f0:3e:11:1a:f2:d0:a1:58:7d:ff:9b:f7:ff:06:70:a5:
94:c2:24:a7:d1:68:30:5a:9a:17:bd:05:98:95:f2:73:38:4d:
f8:99:de:ab:4c:d2:40:c3:59:39:64:39:7f:a8:74:6e:c6:c1:
95:be:03:0e:78:35:07:99:01:47:4f:f4:bc:64:91:4c:64:26:
bf:55:92:9b:49:23:2d:f9:05:fb:20:02:09:6c:d1:18:6c:06:
fc:78:da:0f:c6:42:b7:0a:d4:ef:77:37:6c:56:c1:d6:da:9d:
ff:99:c9:c4:58:0a:d4:04:3e:b6:e6:27:2e:5e:87:39:58:86:
62:3c:37:7f:be:ae:f9:32:d8:bc:20:90:04:03:42:30:cc:2b:
83:eb:bb:b1:33:f1:58:1a:a1:c4:a2:c0:64:28:13:c8:aa:51:
13:ec:3b:eb:94:66:ff:77:21:a0:67:58:f5:13:17:2d:12:e7:
82:74:c9:a4:cb:80:d0:3b:7e:a2:53:cf:8e:43:27:7a:d9:0e:
0c:78:26:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYo7uuiwzGX5j6ir9oDfPbVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjMwODI4MTA0MDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGYyOGFjM2MzMmE4NGMxMTFkZTcwNmRmYWE5MmE3NWI2ZTQxNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLTAovkjAQrV7lDApOu36GtXwpJ6
b6h6buzn8+64rz/jpmKG/YI1RHdpk9QqH4K+y/nZf4T9aX4xYbZPVSOXrO8na5SK
hGmxn+7xUtKlUCSK1CgvnUf8rrNLcdMaTvetgG5iL1OjN7KPX7DGksomV+AzKSPR
kV5rh9w4nAuNQjA5QAuUG93h8CB0pAONr+MeYvjSvgQi6NpE3/AKVHIG/oWtgrD8
GNMmJBKdqGuQKEZkGbHZnI09Wg2UGUO+OU/UDVWPUi/IcxVVbluS4NHUcjSocmRp
nCNfEjrWXBreEzYn4BkzUbbVJ1WZw+HIqgEsm6u2EUr3prdK2PRpTN9KfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG3yisPDKoTBEd5wbfqpKnW25BUkMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvYmZLS3c4TXFoTUVSM25CdC1xa3FkYmJrRlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB2XEWAwQB
2XEaMA0GCSqGSIb3DQEBCwUAA4IBAQBP1Fki4fEDKh1xlfno7CvgooCJDr2uhNtr
VPiCJW3bnGauQDrE4uXJe5wzpS5uFLGSDlDNikLotfA+ERry0KFYff+b9/8GcKWU
wiSn0WgwWpoXvQWYlfJzOE34md6rTNJAw1k5ZDl/qHRuxsGVvgMOeDUHmQFHT/S8
ZJFMZCa/VZKbSSMt+QX7IAIJbNEYbAb8eNoPxkK3CtTvdzdsVsHW2p3/mcnEWArU
BD625icuXoc5WIZiPDd/vq75Mti8IJAEA0IwzCuD67uxM/FYGqHEosBkKBPIqlET
7DvrlGb/dyGgZ1j1ExctEueCdMmky4DQO36iU8+OQyd62Q4MeCaU
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:11:15 2025 by rpki-client