Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/wU0cmS_TLoA0OEZ1cK_g2yS6Tq4.roa
File: wU0cmS_TLoA0OEZ1cK_g2yS6Tq4.roa (raw, json)
Hash identifier: iqibr6CFpolw/3rH9ecpe/yPT+1q++qNWvszhRE/yOo=
Subject key identifier: C1:4D:1C:99:2F:D3:2E:80:34:38:46:75:70:AF:E0:DB:24:BA:4E:AE
Certificate issuer: /CN=d50cda48c35e54eb802575aaa408cce579927216
Certificate serial: 018C4A2AAF3CD453249FBC4AE7674FA11A2D
Authority key identifier: D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/wU0cmS_TLoA0OEZ1cK_g2yS6Tq4.roa
Signing time: Fri 08 Dec 2023 16:02:40 +0000
ROA not before: Fri 08 Dec 2023 16:02:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48932
IP address blocks: 217.12.226.0/24 maxlen: 24
217.12.224.0/24 maxlen: 24
217.12.225.0/24 maxlen: 24
217.12.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:2a:af:3c:d4:53:24:9f:bc:4a:e7:67:4f:a1:1a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50cda48c35e54eb802575aaa408cce579927216
Validity
Not Before: Dec 8 16:02:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c14d1c992fd32e803438467570afe0db24ba4eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:44:a5:35:ef:ba:82:42:0c:ee:e2:9a:ae:0e:
31:c9:86:3e:70:68:1d:5c:88:81:c5:02:62:47:3c:
aa:5c:eb:1b:cf:9f:fd:c7:8c:fa:bc:63:4e:86:15:
8e:52:6c:56:02:4a:6e:29:37:b7:29:fa:10:c6:43:
11:c3:db:8a:c5:33:e9:b7:4d:82:9d:e6:2a:9f:ab:
a0:8c:4d:36:96:7a:a4:b1:80:24:c9:92:d9:fb:4e:
5c:4c:14:41:c1:2a:6e:c7:a0:6b:52:57:72:c6:67:
ea:19:04:83:90:29:f3:95:d4:72:f8:eb:e1:f8:05:
94:0a:da:7a:e1:52:13:4a:11:eb:08:c1:b6:38:58:
ea:9f:88:71:0d:d3:68:44:7a:0b:2f:cf:26:c5:2a:
00:d6:3f:01:e7:cf:d9:69:e6:16:56:cf:ec:29:86:
97:eb:ee:b9:ab:9d:31:54:d6:5f:30:e4:b7:33:55:
3f:2e:7e:a4:c9:e3:a8:89:e1:a3:30:e5:e6:c8:86:
59:30:36:71:bc:62:29:97:bf:42:d6:a7:3c:5f:68:
86:95:99:90:f6:7e:a4:25:0f:d5:da:6b:e6:c4:0b:
4f:fa:4d:1b:34:fa:fc:22:a4:60:ec:fd:2f:75:68:
a2:75:ea:23:69:92:5e:5b:8e:bf:3f:21:7a:ff:41:
4a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:4D:1C:99:2F:D3:2E:80:34:38:46:75:70:AF:E0:DB:24:BA:4E:AE
X509v3 Authority Key Identifier:
keyid:D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/wU0cmS_TLoA0OEZ1cK_g2yS6Tq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/1QzaSMNeVOuAJXWqpAjM5XmSchY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.224.0/22
Signature Algorithm: sha256WithRSAEncryption
25:45:f8:6e:a3:59:70:09:62:aa:43:d8:b5:a7:09:ba:20:88:
0f:a7:62:8f:b6:f4:21:ef:15:b7:83:08:25:51:c6:a6:62:d0:
62:72:31:cc:a3:06:b2:ee:20:16:f2:57:74:31:02:83:fb:4b:
45:11:06:bf:62:ac:24:37:13:ae:a0:0c:3d:c7:40:9e:29:de:
2e:b3:2f:5a:b7:cf:1c:75:a7:e8:a6:a4:46:0f:6e:bd:3d:83:
1b:d2:a1:d8:a4:38:e5:46:df:0b:b3:37:d1:20:ea:08:4e:51:
63:a5:5a:ba:1c:c5:4d:69:7f:be:ac:5f:8d:5f:10:c3:e8:6d:
c8:57:c6:d0:67:b2:02:b5:8c:a3:2b:17:ff:44:4e:71:88:3a:
f1:c2:50:72:2b:ed:eb:35:a1:af:c1:41:b1:f4:d7:ee:6b:09:
85:00:7c:c5:ac:5f:3e:80:84:c6:e6:1d:f3:6f:a5:e5:07:d5:
24:72:97:57:23:1f:a0:89:69:91:5c:08:9b:b5:46:13:78:c9:
f2:ac:e0:97:c2:3e:b9:d4:e5:2d:fe:bc:0b:94:e1:59:4a:88:
a8:d7:8d:16:6a:9e:f8:4e:21:a8:b4:a3:7e:1a:00:1a:d4:ec:
8d:d4:b6:1d:59:b5:61:78:52:e7:70:59:46:26:d4:63:67:42:
ca:40:9b:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxKKq881FMkn7xK52dPoRotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MGNkYTQ4YzM1ZTU0ZWI4MDI1NzVhYWE0MDhjY2U1Nzk5
MjcyMTYwHhcNMjMxMjA4MTYwMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTRkMWM5OTJmZDMyZTgwMzQzODQ2NzU3MGFmZTBkYjI0YmE0ZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ESlNe+6gkIM7uKarg4xyYY+cGgd
XIiBxQJiRzyqXOsbz5/9x4z6vGNOhhWOUmxWAkpuKTe3KfoQxkMRw9uKxTPpt02C
neYqn6ugjE02lnqksYAkyZLZ+05cTBRBwSpux6BrUldyxmfqGQSDkCnzldRy+Ovh
+AWUCtp64VITShHrCMG2OFjqn4hxDdNoRHoLL88mxSoA1j8B58/ZaeYWVs/sKYaX
6+65q50xVNZfMOS3M1U/Ln6kyeOoieGjMOXmyIZZMDZxvGIpl79C1qc8X2iGlZmQ
9n6kJQ/V2mvmxAtP+k0bNPr8IqRg7P0vdWiideojaZJeW46/PyF6/0FK+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFNHJkv0y6ANDhGdXCv4Nskuk6uMB8GA1UdIwQY
MBaAFNUM2kjDXlTrgCV1qqQIzOV5knIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWIt
MjI5MjA1NjVjZGE0LzEvd1UwY21TX1RMb0EwT0VaMWNLX2cyeVM2VHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWItMjI5MjA1NjVjZGE0
LzEvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2QzgMA0G
CSqGSIb3DQEBCwUAA4IBAQAlRfhuo1lwCWKqQ9i1pwm6IIgPp2KPtvQh7xW3gwgl
UcamYtBicjHMoway7iAW8ld0MQKD+0tFEQa/YqwkNxOuoAw9x0CeKd4usy9at88c
dafopqRGD269PYMb0qHYpDjlRt8LszfRIOoITlFjpVq6HMVNaX++rF+NXxDD6G3I
V8bQZ7ICtYyjKxf/RE5xiDrxwlByK+3rNaGvwUGx9NfuawmFAHzFrF8+gITG5h3z
b6XlB9UkcpdXIx+giWmRXAibtUYTeMnyrOCXwj651OUt/rwLlOFZSoio140Wap74
TiGotKN+GgAa1OyN1LYdWbVheFLncFlGJtRjZ0LKQJvZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:39 2025 by rpki-client