Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/H4jjS04AW4zjDZz8DdFCnc7-TqM.roa
File: H4jjS04AW4zjDZz8DdFCnc7-TqM.roa (raw, json)
Hash identifier: 98mByMTbIvHqjy0vwuKw+phAAeco3A4YgirWUbjrxOM=
Subject key identifier: 1F:88:E3:4B:4E:00:5B:8C:E3:0D:9C:FC:0D:D1:42:9D:CE:FE:4E:A3
Certificate issuer: /CN=202f4c1a37e9313cdd2eea7750ae028d18cd5aae
Certificate serial: 0902B942
Authority key identifier: 20:2F:4C:1A:37:E9:31:3C:DD:2E:EA:77:50:AE:02:8D:18:CD:5A:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IC9MGjfpMTzdLup3UK4CjRjNWq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/H4jjS04AW4zjDZz8DdFCnc7-TqM.roa
Signing time: Sat 01 Jan 2022 02:52:34 +0000
ROA not before: Sat 01 Jan 2022 02:52:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206632
IP address blocks: 156.17.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151173442 (0x902b942)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=202f4c1a37e9313cdd2eea7750ae028d18cd5aae
Validity
Not Before: Jan 1 02:52:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f88e34b4e005b8ce30d9cfc0dd1429dcefe4ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:00:80:f9:18:c2:2d:4d:c3:db:e5:99:60:f0:
ca:d6:6f:2e:29:da:df:8f:ce:d7:e7:fd:b5:47:18:
65:2d:07:09:4c:8f:d4:29:b9:ee:be:8b:85:a3:c3:
0f:7f:b8:f5:2f:7c:e0:d5:a4:fe:af:01:8c:33:47:
32:1f:3f:ef:4c:7f:fd:d0:8a:09:87:61:8a:26:11:
72:51:f0:e6:a0:6e:b6:dd:25:91:09:37:8a:d6:36:
98:4b:97:42:ab:2e:2c:48:7d:d6:36:6b:08:6a:3f:
30:93:82:8b:eb:c7:32:d3:e8:c0:66:3e:6a:b1:f7:
3d:53:47:c9:bf:36:49:38:1a:12:36:5b:ed:47:66:
5a:2f:ea:26:6f:8b:4c:5e:a9:5d:18:d2:9f:8a:a1:
a5:42:d8:2d:71:a7:9d:10:4f:02:a6:0c:46:42:37:
ce:46:c6:b2:1a:8d:ea:9f:2d:24:57:15:9a:07:6b:
9c:2e:42:d1:56:ac:88:67:3e:78:e9:48:37:54:5f:
01:a5:1c:f1:fa:3b:63:c6:7a:02:70:92:43:f3:3c:
90:5d:b7:84:a5:44:c7:c6:f0:97:ef:68:41:f2:a7:
b1:0a:7c:bc:33:ff:ec:0b:3d:54:b4:93:d6:04:23:
38:48:4d:31:57:49:1a:04:28:8e:0e:05:c6:7d:b8:
e8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:88:E3:4B:4E:00:5B:8C:E3:0D:9C:FC:0D:D1:42:9D:CE:FE:4E:A3
X509v3 Authority Key Identifier:
keyid:20:2F:4C:1A:37:E9:31:3C:DD:2E:EA:77:50:AE:02:8D:18:CD:5A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IC9MGjfpMTzdLup3UK4CjRjNWq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/H4jjS04AW4zjDZz8DdFCnc7-TqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/IC9MGjfpMTzdLup3UK4CjRjNWq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.17.201.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:10:a6:19:97:d6:e9:ed:02:51:5d:c7:cb:90:f7:1e:5b:e7:
f8:da:72:1d:4e:93:15:64:1a:3e:f5:d2:27:89:1e:54:c9:19:
d2:0a:00:a4:d0:69:10:c8:4e:bc:de:83:f4:da:25:1f:a4:f0:
ab:ea:53:ff:8e:33:d8:bb:bb:eb:68:de:25:74:74:f8:08:7b:
e1:68:4b:5e:78:37:39:b2:9c:b0:5c:78:c5:fb:ff:ae:44:95:
fb:af:25:71:58:73:42:b8:99:67:8a:fc:5c:08:e6:4e:de:70:
9e:06:d9:ee:89:99:eb:dc:1d:8c:2b:31:db:d1:c4:65:f3:49:
88:81:d4:e6:3d:7a:27:b4:46:72:d6:2e:03:4d:fc:96:eb:60:
52:f1:1d:82:fc:82:36:25:be:c0:f5:f6:b6:97:11:23:a5:73:
a8:bb:77:57:b5:9b:db:34:6a:2c:09:89:e4:84:42:2f:ee:91:
19:ed:4c:95:22:5e:69:81:df:f1:21:d3:56:63:af:b8:19:eb:
c0:7f:92:76:6d:58:08:c1:0c:c7:ff:e0:13:a0:bb:ba:0d:67:
94:94:fa:c5:2b:22:21:cc:b4:44:7c:ef:9f:24:6d:9b:6d:97:
19:4a:64:94:b9:ac:e8:61:9c:d5:8d:0d:09:c8:ff:c0:80:46:
5d:b4:47:42
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECQK5QjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDJmNGMxYTM3ZTkzMTNjZGQyZWVhNzc1MGFlMDI4ZDE4Y2Q1YWFlMB4XDTIyMDEw
MTAyNTIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY4OGUzNGI0ZTAw
NWI4Y2UzMGQ5Y2ZjMGRkMTQyOWRjZWZlNGVhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIoAgPkYwi1Nw9vlmWDwytZvLina34/O1+f9tUcYZS0HCUyP
1Cm57r6LhaPDD3+49S984NWk/q8BjDNHMh8/70x//dCKCYdhiiYRclHw5qButt0l
kQk3itY2mEuXQqsuLEh91jZrCGo/MJOCi+vHMtPowGY+arH3PVNHyb82STgaEjZb
7UdmWi/qJm+LTF6pXRjSn4qhpULYLXGnnRBPAqYMRkI3zkbGshqN6p8tJFcVmgdr
nC5C0VasiGc+eOlIN1RfAaUc8fo7Y8Z6AnCSQ/M8kF23hKVEx8bwl+9oQfKnsQp8
vDP/7As9VLST1gQjOEhNMVdJGgQojg4Fxn246N0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQfiONLTgBbjOMNnPwN0UKdzv5OozAfBgNVHSMEGDAWgBQgL0waN+kxPN0u
6ndQrgKNGM1arjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lDOU1HamZwTVR6ZEx1cDNVSzRDalJqTldxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvZWRiOGNkLTAwM2QtNDgzYS05MDZhLWY2Yjc4ZTJiMTdhMS8x
L0g0ampTMDRBVzR6akRaejhEZEZDbmM3LVRxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
ZWRiOGNkLTAwM2QtNDgzYS05MDZhLWY2Yjc4ZTJiMTdhMS8xL0lDOU1HamZwTVR6
ZEx1cDNVSzRDalJqTldxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJwRyTANBgkqhkiG9w0BAQsFAAOC
AQEASxCmGZfW6e0CUV3Hy5D3Hlvn+NpyHU6TFWQaPvXSJ4keVMkZ0goApNBpEMhO
vN6D9NolH6Twq+pT/44z2Lu762jeJXR0+Ah74WhLXng3ObKcsFx4xfv/rkSV+68l
cVhzQriZZ4r8XAjmTt5wngbZ7omZ69wdjCsx29HEZfNJiIHU5j16J7RGctYuA038
lutgUvEdgvyCNiW+wPX2tpcRI6VzqLt3V7Wb2zRqLAmJ5IRCL+6RGe1MlSJeaYHf
8SHTVmOvuBnrwH+Sdm1YCMEMx//gE6C7ug1nlJT6xSsiIcy0RHzvnyRtm22XGUpk
lLms6GGc1Y0NCcj/wIBGXbRHQg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:52 2025 by rpki-client