Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/f344dn1I3sh24mTojcsOQdUQRgw.roa
File: f344dn1I3sh24mTojcsOQdUQRgw.roa (raw, json)
Hash identifier: z0Jox6vcMnMD7UNdCtfuDkcf3Vu3Am82HDnQ9C57h00=
Subject key identifier: 7F:7E:38:76:7D:48:DE:C8:76:E2:64:E8:8D:CB:0E:41:D5:10:46:0C
Certificate issuer: /CN=ca91c42dfa6afbc11e78ee9de2e785f8a20b5043
Certificate serial: 04E923
Authority key identifier: CA:91:C4:2D:FA:6A:FB:C1:1E:78:EE:9D:E2:E7:85:F8:A2:0B:50:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypHELfpq-8EeeO6d4ueF-KILUEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/f344dn1I3sh24mTojcsOQdUQRgw.roa
Signing time: Wed 27 Apr 2022 09:57:39 +0000
ROA not before: Wed 27 Apr 2022 09:57:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20529
IP address blocks: 217.147.192.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321827 (0x4e923)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca91c42dfa6afbc11e78ee9de2e785f8a20b5043
Validity
Not Before: Apr 27 09:57:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f7e38767d48dec876e264e88dcb0e41d510460c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f7:3a:d9:74:18:e2:4d:28:93:a1:e8:81:51:
f8:59:cc:94:3f:0f:4d:49:db:59:23:85:f5:8a:9a:
73:a9:21:fd:ac:ab:c8:42:7f:c1:dd:ea:77:e0:f6:
a0:05:e3:f2:e0:a4:c5:fb:07:08:0d:c8:c2:6f:29:
06:f1:87:3d:7c:75:1f:1e:b1:58:62:31:64:f9:90:
9f:7e:4b:f1:73:d2:aa:f3:9d:4a:9f:bc:dc:5f:c5:
95:f5:85:22:01:12:bd:96:97:77:fc:49:86:b6:07:
38:a8:24:50:8d:8f:7f:c5:84:85:9c:b2:d2:d4:da:
bf:5f:63:26:fa:0e:91:4d:ea:fb:6a:b9:e4:7e:45:
94:c2:58:2f:23:9c:ff:a1:d0:24:0d:3a:5d:74:5b:
02:cd:23:da:59:3f:76:73:2d:df:0d:6a:64:75:ca:
d8:03:61:29:6b:89:19:5f:27:28:d9:48:83:c9:76:
35:23:1f:4f:62:b5:34:0e:d9:08:f7:0f:53:03:5d:
8a:c4:23:3e:a3:30:3f:01:0d:17:90:9d:ac:65:c0:
4c:e8:f1:cf:91:b6:72:51:24:dd:f4:d0:2b:e0:ef:
4a:65:79:81:95:00:c2:16:2a:4e:2a:44:00:31:a5:
6a:09:a8:cd:db:5c:cb:77:48:32:fc:4a:80:ff:fa:
52:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7E:38:76:7D:48:DE:C8:76:E2:64:E8:8D:CB:0E:41:D5:10:46:0C
X509v3 Authority Key Identifier:
keyid:CA:91:C4:2D:FA:6A:FB:C1:1E:78:EE:9D:E2:E7:85:F8:A2:0B:50:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypHELfpq-8EeeO6d4ueF-KILUEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/f344dn1I3sh24mTojcsOQdUQRgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/ypHELfpq-8EeeO6d4ueF-KILUEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.192.0/20
Signature Algorithm: sha256WithRSAEncryption
31:59:8e:54:d5:b8:3d:8c:d8:41:a4:68:b1:a5:f2:cd:d9:a3:
9f:da:dc:21:98:22:8a:b6:d3:5a:10:c8:51:4a:d1:d0:87:74:
b4:5d:5f:32:b2:79:f7:c9:97:bb:33:e5:c4:b1:5c:25:69:73:
a0:19:fb:1f:24:67:7b:ba:29:b3:c7:52:a9:95:f6:4a:06:4d:
28:42:6c:3b:c7:b4:1d:fe:4e:6c:39:f6:7d:43:28:a1:fa:fe:
bb:82:e7:02:ef:81:9e:00:42:02:51:ec:6a:5a:90:aa:3b:b1:
da:97:e8:09:35:d8:02:95:ba:b7:ae:31:87:98:61:63:69:7f:
f6:a0:d8:27:7d:d6:c3:0b:17:6d:55:dc:d7:28:46:ed:fc:4d:
1f:b5:5a:3e:07:ee:fb:b6:07:ca:68:b7:e8:36:3a:27:49:6f:
4e:ad:a0:4d:e1:9e:a5:18:20:bd:57:c9:35:41:43:db:1e:51:
e9:d9:94:ef:d3:d0:9c:0d:64:1e:69:71:35:c6:94:9c:96:3a:
52:3f:24:4d:45:95:16:cb:37:ec:a9:c9:a0:0a:9a:e5:01:50:
96:04:ee:20:37:3c:72:c1:e3:70:cf:c0:f8:40:7f:05:f0:aa:
72:be:1d:76:2c:41:fe:ef:01:9f:c5:61:27:f8:59:1a:3c:46:
b8:14:e6:98
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDBOkjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
OTFjNDJkZmE2YWZiYzExZTc4ZWU5ZGUyZTc4NWY4YTIwYjUwNDMwHhcNMjIwNDI3
MDk1NzM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ZjdlMzg3NjdkNDhk
ZWM4NzZlMjY0ZTg4ZGNiMGU0MWQ1MTA0NjBjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4/c62XQY4k0ok6HogVH4WcyUPw9NSdtZI4X1ippzqSH9rKvI
Qn/B3ep34PagBePy4KTF+wcIDcjCbykG8Yc9fHUfHrFYYjFk+ZCffkvxc9Kq851K
n7zcX8WV9YUiARK9lpd3/EmGtgc4qCRQjY9/xYSFnLLS1Nq/X2Mm+g6RTer7arnk
fkWUwlgvI5z/odAkDTpddFsCzSPaWT92cy3fDWpkdcrYA2Epa4kZXyco2UiDyXY1
Ix9PYrU0DtkI9w9TA12KxCM+ozA/AQ0XkJ2sZcBM6PHPkbZyUSTd9NAr4O9KZXmB
lQDCFipOKkQAMaVqCajN21zLd0gy/EqA//pS7wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFH9+OHZ9SN7IduJk6I3LDkHVEEYMMB8GA1UdIwQYMBaAFMqRxC36avvBHnju
neLnhfiiC1BDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eXBIRUxmcHEtOEVlZU82ZDR1ZUYtS0lMVUVNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny84NTFlODQtMmYxYS00Yzc3LWIxZjItZDU4NjUwNDFhMTRmLzEv
ZjM0NGRuMUkzc2gyNG1Ub2pjc09RZFVRUmd3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84
NTFlODQtMmYxYS00Yzc3LWIxZjItZDU4NjUwNDFhMTRmLzEveXBIRUxmcHEtOEVl
ZU82ZDR1ZUYtS0lMVUVNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZPAMA0GCSqGSIb3DQEBCwUAA4IB
AQAxWY5U1bg9jNhBpGixpfLN2aOf2twhmCKKttNaEMhRStHQh3S0XV8ysnn3yZe7
M+XEsVwlaXOgGfsfJGd7uimzx1KplfZKBk0oQmw7x7Qd/k5sOfZ9Qyih+v67gucC
74GeAEICUexqWpCqO7Hal+gJNdgClbq3rjGHmGFjaX/2oNgnfdbDCxdtVdzXKEbt
/E0ftVo+B+77tgfKaLfoNjonSW9OraBN4Z6lGCC9V8k1QUPbHlHp2ZTv09CcDWQe
aXE1xpScljpSPyRNRZUWyzfsqcmgCprlAVCWBO4gNzxyweNwz8D4QH8F8Kpyvh12
LEH+7wGfxWEn+FkaPEa4FOaY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:40 2023 by rpki-client on console-fra.rpki-client.org