Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/XhcactLgAxGGrx4XJ92qJYLois0.roa
File: XhcactLgAxGGrx4XJ92qJYLois0.roa (raw, json)
Hash identifier: piY1ZqS8dn53ZWnGl6OVC70Q6qw3kY3Q5wXYS4hGRc4=
Subject key identifier: 5E:17:1A:72:D2:E0:03:11:86:AF:1E:17:27:DD:AA:25:82:E8:8A:CD
Certificate issuer: /CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Certificate serial: 01891AB85C9B4EAE599CC207850B65F865A0
Authority key identifier: 67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/XhcactLgAxGGrx4XJ92qJYLois0.roa
Signing time: Mon 03 Jul 2023 07:47:17 +0000
ROA not before: Mon 03 Jul 2023 07:47:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39657
IP address blocks: 217.30.3.0/24 maxlen: 24
217.30.0.0/22 maxlen: 24
217.30.0.0/23 maxlen: 23
217.30.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1a:b8:5c:9b:4e:ae:59:9c:c2:07:85:0b:65:f8:65:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67a4ec38f2ff69d2505f7f62e94c3bd798b58552
Validity
Not Before: Jul 3 07:47:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e171a72d2e0031186af1e1727ddaa2582e88acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c2:9d:1d:e5:b5:18:05:e1:69:8f:52:9b:91:
61:fb:aa:7b:b8:5a:7e:4a:9e:d3:7c:9c:13:b0:4f:
ea:57:5e:3e:45:ee:4a:d7:09:4a:18:87:d0:1e:2e:
2d:58:7b:42:2d:d9:24:f3:da:cb:2d:61:c7:81:9f:
5d:9e:67:cf:eb:5a:22:05:5c:47:c3:80:3e:5f:cc:
6a:82:30:12:52:0f:ce:45:a2:b6:19:e1:c3:36:9d:
d3:63:f2:be:e1:6d:57:fa:bd:df:6b:34:4f:63:2d:
33:a4:1a:c0:db:e5:2f:1e:1c:d5:12:ae:a7:ca:e9:
fb:66:cb:3b:ea:3b:3d:63:57:96:97:88:32:d7:71:
07:c1:ce:7f:06:a7:74:16:dc:04:73:e4:f0:4f:72:
ea:eb:da:2a:63:93:95:4e:85:a8:35:cd:b0:7d:46:
2b:57:b3:2d:fd:40:f4:d3:58:40:a1:15:7b:c8:43:
b8:e0:92:b1:67:c9:a8:98:e0:cf:93:47:0e:79:50:
fd:63:97:0d:73:46:0d:31:67:e1:05:56:e3:fe:b3:
17:cf:e0:fd:98:24:b8:a0:09:f2:53:78:73:f4:76:
0a:73:10:63:36:21:05:00:4d:3b:b1:3f:fe:12:24:
d1:42:27:eb:d7:82:3b:0a:a7:e6:63:63:e8:e4:68:
4b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:17:1A:72:D2:E0:03:11:86:AF:1E:17:27:DD:AA:25:82:E8:8A:CD
X509v3 Authority Key Identifier:
keyid:67:A4:EC:38:F2:FF:69:D2:50:5F:7F:62:E9:4C:3B:D7:98:B5:85:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6TsOPL_adJQX39i6Uw715i1hVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/XhcactLgAxGGrx4XJ92qJYLois0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/773e49-f4ea-47a7-8a60-d42d4e9c767d/1/Z6TsOPL_adJQX39i6Uw715i1hVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.30.0.0/22
Signature Algorithm: sha256WithRSAEncryption
19:86:c3:9e:ef:94:7f:89:50:0c:23:00:a0:b2:f7:83:5e:7a:
39:c5:c0:8f:e0:f2:4f:7b:2b:7b:7b:54:a5:61:1a:a1:49:a1:
b8:f6:44:81:1b:8e:ac:5d:e2:8f:d6:39:71:98:60:af:44:83:
d6:dc:ac:84:b9:7b:49:a8:5c:fd:18:d6:04:d7:25:6b:d1:32:
20:65:d8:d1:14:c2:fa:49:5b:3d:76:d5:28:6e:57:bb:3f:a2:
e9:3a:f0:c6:08:79:6f:a1:be:c3:5a:b8:a5:b1:94:89:9e:4e:
4e:05:8d:68:c3:08:b4:d0:77:e7:30:74:96:99:f4:75:f0:d8:
c7:48:70:c6:7a:88:8d:be:94:f8:ca:fe:7b:47:b1:90:02:99:
f8:02:0b:f4:70:77:ba:96:85:08:a0:7e:ff:98:80:78:23:f3:
13:d0:41:1c:4d:2c:1f:c0:83:05:97:66:5a:8a:c2:9a:43:2e:
5f:b0:f6:64:52:bf:6a:2b:26:26:9d:32:1c:26:66:39:5c:bb:
cc:e2:24:06:70:c6:69:fc:7b:d6:83:45:cb:90:1c:4b:f6:50:
d3:cf:8d:6d:78:e3:dd:70:21:e0:b3:6e:8b:67:bc:7e:75:44:
08:78:e1:1d:7a:a4:40:38:2f:75:30:af:e4:48:ce:91:a1:18:
ee:03:e3:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkauFybTq5ZnMIHhQtl+GWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YTRlYzM4ZjJmZjY5ZDI1MDVmN2Y2MmU5NGMzYmQ3OThi
NTg1NTIwHhcNMjMwNzAzMDc0NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE3MWE3MmQyZTAwMzExODZhZjFlMTcyN2RkYWEyNTgyZTg4YWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMKdHeW1GAXhaY9Sm5Fh+6p7uFp+
Sp7TfJwTsE/qV14+Re5K1wlKGIfQHi4tWHtCLdkk89rLLWHHgZ9dnmfP61oiBVxH
w4A+X8xqgjASUg/ORaK2GeHDNp3TY/K+4W1X+r3fazRPYy0zpBrA2+UvHhzVEq6n
yun7Zss76js9Y1eWl4gy13EHwc5/Bqd0FtwEc+TwT3Lq69oqY5OVToWoNc2wfUYr
V7Mt/UD001hAoRV7yEO44JKxZ8momODPk0cOeVD9Y5cNc0YNMWfhBVbj/rMXz+D9
mCS4oAnyU3hz9HYKcxBjNiEFAE07sT/+EiTRQifr14I7CqfmY2Po5GhLwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4XGnLS4AMRhq8eFyfdqiWC6IrNMB8GA1UdIwQY
MBaAFGek7Djy/2nSUF9/YulMO9eYtYVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAt
ZDQyZDRlOWM3NjdkLzEvWGhjYWN0TGdBeEdHcng0WEo5MnFKWUxvaXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83NzNlNDktZjRlYS00N2E3LThhNjAtZDQyZDRlOWM3Njdk
LzEvWjZUc09QTF9hZEpRWDM5aTZVdzcxNWkxaFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2R4AMA0G
CSqGSIb3DQEBCwUAA4IBAQAZhsOe75R/iVAMIwCgsveDXno5xcCP4PJPeyt7e1Sl
YRqhSaG49kSBG46sXeKP1jlxmGCvRIPW3KyEuXtJqFz9GNYE1yVr0TIgZdjRFML6
SVs9dtUoble7P6LpOvDGCHlvob7DWrilsZSJnk5OBY1owwi00HfnMHSWmfR18NjH
SHDGeoiNvpT4yv57R7GQApn4Agv0cHe6loUIoH7/mIB4I/MT0EEcTSwfwIMFl2Za
isKaQy5fsPZkUr9qKyYmnTIcJmY5XLvM4iQGcMZp/HvWg0XLkBxL9lDTz41teOPd
cCHgs26LZ7x+dUQIeOEdeqRAOC91MK/kSM6RoRjuA+P9
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:21:00 2025 by rpki-client