Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/hYMZWdk2dgYmo7ayRGjiir9Gq0c.roa
File: hYMZWdk2dgYmo7ayRGjiir9Gq0c.roa (raw, json)
Hash identifier: ip7MqjX08egCVoDnk8F8GutXqzy+pdp+tMxD1e8nilU=
Subject key identifier: 85:83:19:59:D9:36:76:06:26:A3:B6:B2:44:68:E2:8A:BF:46:AB:47
Certificate issuer: /CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Certificate serial: 0185737190284ADD65FD39B4332AE93EFF15
Authority key identifier: EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/hYMZWdk2dgYmo7ayRGjiir9Gq0c.roa
Signing time: Mon 02 Jan 2023 17:05:00 +0000
ROA not before: Mon 02 Jan 2023 17:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3292
IP address blocks: 217.28.162.0/24 maxlen: 24
217.28.160.0/23 maxlen: 23
217.28.164.0/22 maxlen: 22
217.28.168.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:90:28:4a:dd:65:fd:39:b4:33:2a:e9:3e:ff:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Validity
Not Before: Jan 2 17:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85831959d936760626a3b6b24468e28abf46ab47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:62:2e:a7:83:bc:26:aa:17:f5:e0:74:e9:ac:
2d:1e:2d:b5:64:83:c6:cb:0d:f8:fb:54:71:4c:31:
f2:9c:a1:84:63:08:85:52:9c:86:19:e3:21:4a:23:
e6:1c:e7:66:ac:d4:1f:ab:ee:47:13:3d:4b:06:85:
fc:aa:f7:a6:0e:3b:ca:d4:fb:47:c5:bb:5f:ec:39:
93:3b:20:c2:be:ed:73:61:b4:75:8f:bd:66:42:74:
10:28:12:3e:bc:d7:66:fd:9d:d6:95:4f:24:91:19:
ca:0d:e1:91:04:97:44:e3:f9:19:b3:3f:58:9b:75:
bc:da:95:09:d1:66:a1:2e:52:55:30:09:14:67:ec:
e9:07:3e:c9:1a:58:e5:02:79:a5:83:d3:99:42:ff:
e1:9a:10:32:f7:d4:24:6e:ba:be:0e:f7:c1:3a:43:
a4:29:85:99:1b:9d:4b:f3:ca:f5:bb:6c:d9:26:f1:
7d:87:2c:fb:cf:d9:22:11:fa:0c:22:a8:da:78:35:
f8:b4:c7:10:82:21:76:62:03:4e:48:c2:cb:2b:75:
cc:a2:b0:90:c7:02:cd:3b:07:66:45:dd:49:ed:bf:
3d:27:8c:67:a3:a0:65:cf:18:c5:6c:8b:f0:3d:df:
fc:a2:38:50:44:68:af:1a:e8:48:60:1a:11:3d:70:
62:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:83:19:59:D9:36:76:06:26:A3:B6:B2:44:68:E2:8A:BF:46:AB:47
X509v3 Authority Key Identifier:
keyid:EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/hYMZWdk2dgYmo7ayRGjiir9Gq0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/73_V0zBhqd6SCvHCoTUT1G3SRhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.160.0-217.28.162.255
217.28.164.0-217.28.175.255
Signature Algorithm: sha256WithRSAEncryption
3a:07:ce:64:9c:fd:f8:82:fa:e1:5d:e6:73:6a:7e:e6:ac:c0:
ef:d3:4e:11:f7:9e:02:70:81:ec:83:c9:69:c6:b4:31:de:d9:
9e:9f:a3:16:11:17:a0:86:ad:be:7e:54:12:d5:8e:91:4b:9b:
76:f0:03:1c:a1:fa:13:eb:a3:b3:29:c3:18:75:92:ba:4b:08:
ed:1b:47:5e:9f:f3:cb:fb:a6:bf:47:ad:50:b3:7c:b4:88:e5:
35:1e:2c:18:f0:13:1f:94:e2:c7:f3:81:17:7e:32:ba:d3:81:
37:0d:cf:a5:70:09:20:95:cb:e6:ce:d7:c4:e2:5e:51:e7:f5:
28:fc:0d:ec:d9:78:8f:5d:e5:97:90:ad:4c:28:0b:85:58:8b:
98:51:45:a3:dd:56:db:e5:49:4d:d2:d9:a5:84:ce:a1:76:7c:
84:70:9c:d5:c7:1e:67:7b:ef:13:57:b8:a1:e6:67:61:70:a9:
44:d7:13:66:0c:d5:6e:1e:67:d3:24:7e:eb:aa:77:1c:70:89:
b1:5c:a6:f0:30:fe:05:ab:e3:f7:92:c2:9c:98:fd:32:f2:b7:
60:e8:be:87:ed:e5:7d:54:3d:b9:05:48:14:02:c7:72:50:3a:
2d:ec:af:45:90:6c:10:23:32:4b:f3:cb:79:c7:d3:74:dc:19:
50:d1:3c:e0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVzcZAoSt1l/Tm0MyrpPv8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2ZkNWQzMzA2MWE5ZGU5MjBhZjFjMmExMzUxM2Q0NmRk
MjQ2MTIwHhcNMjMwMTAyMTcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTgzMTk1OWQ5MzY3NjA2MjZhM2I2YjI0NDY4ZTI4YWJmNDZhYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGIup4O8JqoX9eB06awtHi21ZIPG
yw34+1RxTDHynKGEYwiFUpyGGeMhSiPmHOdmrNQfq+5HEz1LBoX8qvemDjvK1PtH
xbtf7DmTOyDCvu1zYbR1j71mQnQQKBI+vNdm/Z3WlU8kkRnKDeGRBJdE4/kZsz9Y
m3W82pUJ0WahLlJVMAkUZ+zpBz7JGljlAnmlg9OZQv/hmhAy99Qkbrq+DvfBOkOk
KYWZG51L88r1u2zZJvF9hyz7z9kiEfoMIqjaeDX4tMcQgiF2YgNOSMLLK3XMorCQ
xwLNOwdmRd1J7b89J4xno6BlzxjFbIvwPd/8ojhQRGivGuhIYBoRPXBizQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIWDGVnZNnYGJqO2skRo4oq/RqtHMB8GA1UdIwQY
MBaAFO9/1dMwYanekgrxwqE1E9Rt0kYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzNfVjB6QmhxZDZTQ3ZIQ29UVVQxRzNTUmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMzE5MGMtZTFhMC00YmE0LWIxZDgt
YTEwMmJlMzgyZTUxLzEvaFlNWldkazJkZ1ltbzdheVJHamlpcjlHcTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMzE5MGMtZTFhMC00YmE0LWIxZDgtYTEwMmJlMzgyZTUx
LzEvNzNfVjB6QmhxZDZTQ3ZIQ29UVVQxRzNTUmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAXZHKAD
BADZHKIwDAMEAtkcpAMEBNkcoDANBgkqhkiG9w0BAQsFAAOCAQEAOgfOZJz9+IL6
4V3mc2p+5qzA79NOEfeeAnCB7IPJaca0Md7Znp+jFhEXoIatvn5UEtWOkUubdvAD
HKH6E+ujsynDGHWSuksI7RtHXp/zy/umv0etULN8tIjlNR4sGPATH5Tix/OBF34y
utOBNw3PpXAJIJXL5s7XxOJeUef1KPwN7Nl4j13ll5CtTCgLhViLmFFFo91W2+VJ
TdLZpYTOoXZ8hHCc1cceZ3vvE1e4oeZnYXCpRNcTZgzVbh5n0yR+66p3HHCJsVym
8DD+Bavj95LCnJj9MvK3YOi+h+3lfVQ9uQVIFALHclA6LeyvRZBsECMyS/PLecfT
dNwZUNE84A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:55 2025 by rpki-client