Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/8H86UzEHV2_pEVo0IqS_XcDr4yg.roa
File: 8H86UzEHV2_pEVo0IqS_XcDr4yg.roa (raw, json)
Hash identifier: WNZ9IxIlylJ5PDbYQNDQGdwjjhXDBioQmHzAEcIETYc=
Subject key identifier: F0:7F:3A:53:31:07:57:6F:E9:11:5A:34:22:A4:BF:5D:C0:EB:E3:28
Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Certificate serial: 0185710BF020B6765A82CAA0C2D8A33BCB81
Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/8H86UzEHV2_pEVo0IqS_XcDr4yg.roa
Signing time: Mon 02 Jan 2023 05:54:45 +0000
ROA not before: Mon 02 Jan 2023 05:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202177
IP address blocks: 217.173.202.0/24 maxlen: 24
217.173.203.0/24 maxlen: 24
217.173.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:f0:20:b6:76:5a:82:ca:a0:c2:d8:a3:3b:cb:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Validity
Not Before: Jan 2 05:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f07f3a533107576fe9115a3422a4bf5dc0ebe328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2f:84:ad:a0:83:65:fb:58:61:3e:f3:00:c2:
8f:36:d6:21:29:04:78:5b:fc:3b:0a:84:05:84:5a:
db:32:89:6e:da:9f:05:48:b1:a5:78:f3:8f:0e:26:
87:7f:02:e7:85:45:6a:07:5b:23:34:10:c5:eb:04:
60:8f:e8:1d:5a:8d:85:ee:43:90:b4:88:2f:55:5b:
df:47:c6:a7:a0:9f:a6:a6:68:16:c2:7d:f8:42:e8:
1e:f8:8f:13:c5:42:de:38:85:db:a6:5a:34:2b:5e:
94:ae:c1:5d:54:a6:73:94:9b:3a:9e:00:28:bb:49:
10:1b:a2:c7:c1:bf:f1:9c:c2:15:49:62:85:df:66:
aa:f9:18:64:c3:2c:f7:c8:68:96:c6:7d:94:83:2d:
fb:0f:52:33:db:a8:16:40:50:57:27:a7:b3:e4:f4:
a8:91:87:04:8a:67:17:83:f4:94:46:92:ef:35:1a:
c1:1e:a2:67:86:e9:09:d4:21:45:84:0d:ca:00:82:
ad:a4:f7:62:c8:f2:24:bd:2e:0e:c3:4c:52:10:2e:
d7:54:07:6f:4f:60:07:11:a2:5b:1d:4a:c1:66:3e:
80:4d:ed:3e:47:f0:cc:a1:38:b5:8e:d9:2f:e5:88:
13:de:83:b5:71:2c:23:56:5b:b8:61:e0:e7:d2:8e:
05:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:7F:3A:53:31:07:57:6F:E9:11:5A:34:22:A4:BF:5D:C0:EB:E3:28
X509v3 Authority Key Identifier:
keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/8H86UzEHV2_pEVo0IqS_XcDr4yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.173.202.0-217.173.204.255
Signature Algorithm: sha256WithRSAEncryption
41:31:94:5f:79:0f:e9:0c:28:86:fc:e2:15:5e:27:bc:33:29:
af:03:2d:5b:37:76:3b:71:79:40:20:0d:67:1d:69:54:e1:a1:
10:60:1d:c2:b9:08:63:49:1a:bd:9f:21:f1:25:b8:8a:ca:86:
18:8e:b0:ef:ea:0e:b2:99:17:1c:83:eb:34:2a:a4:44:14:aa:
7a:de:40:34:c1:62:62:d3:1d:02:52:7a:d8:1d:40:f8:c8:ea:
21:e9:96:9c:0f:bc:70:ab:6e:83:e8:6f:f5:a9:fc:3b:27:e6:
4c:05:32:4d:f2:de:19:92:f3:1e:bb:44:3e:32:07:71:ed:7e:
1c:29:9d:86:d4:7d:30:a3:c9:68:47:a8:18:eb:f7:14:a5:a7:
49:5a:4d:62:08:c2:e5:f5:17:bf:9c:1b:c4:8c:13:d7:d4:92:
fd:20:22:db:24:62:a5:45:ff:3e:e4:51:b3:60:84:f7:ea:67:
f5:29:a7:9e:2a:6a:f4:03:61:3b:70:8a:99:eb:a6:75:91:fa:
60:90:67:39:bd:2e:3f:25:d0:fb:10:ec:91:8c:b8:6a:1f:d1:
80:f2:a8:6a:00:66:1d:d2:40:60:c6:8a:04:79:a4:02:c7:23:
1b:59:d1:db:84:14:3a:41:fb:81:16:43:cf:8c:94:d5:7c:b4:
53:39:d6:e4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxC/AgtnZagsqgwtijO8uBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQx
MWU5NGEwHhcNMjMwMTAyMDU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDdmM2E1MzMxMDc1NzZmZTkxMTVhMzQyMmE0YmY1ZGMwZWJlMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy+EraCDZftYYT7zAMKPNtYhKQR4
W/w7CoQFhFrbMolu2p8FSLGlePOPDiaHfwLnhUVqB1sjNBDF6wRgj+gdWo2F7kOQ
tIgvVVvfR8anoJ+mpmgWwn34Quge+I8TxULeOIXbplo0K16UrsFdVKZzlJs6ngAo
u0kQG6LHwb/xnMIVSWKF32aq+Rhkwyz3yGiWxn2Ugy37D1Iz26gWQFBXJ6ez5PSo
kYcEimcXg/SURpLvNRrBHqJnhukJ1CFFhA3KAIKtpPdiyPIkvS4Ow0xSEC7XVAdv
T2AHEaJbHUrBZj6ATe0+R/DMoTi1jtkv5YgT3oO1cSwjVlu4YeDn0o4FZwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPB/OlMxB1dv6RFaNCKkv13A6+MoMB8GA1UdIwQY
MBaAFKscgAqht4oXpD4Z/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMt
NTBjYmNiNWIxOWMyLzEvOEg4NlV6RUhWMl9wRVZvMElxU19YY0RyNHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMy
LzEvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHZrcoD
BADZrcwwDQYJKoZIhvcNAQELBQADggEBAEExlF95D+kMKIb84hVeJ7wzKa8DLVs3
djtxeUAgDWcdaVThoRBgHcK5CGNJGr2fIfEluIrKhhiOsO/qDrKZFxyD6zQqpEQU
qnreQDTBYmLTHQJSetgdQPjI6iHplpwPvHCrboPob/Wp/Dsn5kwFMk3y3hmS8x67
RD4yB3HtfhwpnYbUfTCjyWhHqBjr9xSlp0laTWIIwuX1F7+cG8SME9fUkv0gItsk
YqVF/z7kUbNghPfqZ/Upp54qavQDYTtwipnrpnWR+mCQZzm9Lj8l0PsQ7JGMuGof
0YDyqGoAZh3SQGDGigR5pALHIxtZ0duEFDpB+4EWQ8+MlNV8tFM51uQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:14 2025 by rpki-client