Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/itJOULeEFlLdXXQSuj9xEJokoNc.roa
File: itJOULeEFlLdXXQSuj9xEJokoNc.roa (raw, json)
Hash identifier: 89IgEtO3KdWjCOwH/swQBV7kOQ1UmsHX0/8mR4kx6jw=
Subject key identifier: 8A:D2:4E:50:B7:84:16:52:DD:5D:74:12:BA:3F:71:10:9A:24:A0:D7
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 3791015E
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/itJOULeEFlLdXXQSuj9xEJokoNc.roa
Signing time: Sat 01 Jan 2022 06:01:50 +0000
ROA not before: Sat 01 Jan 2022 06:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43212
IP address blocks: 217.60.192.0/22 maxlen: 22
217.60.188.0/22 maxlen: 22
217.60.196.0/22 maxlen: 22
217.60.200.0/22 maxlen: 22
217.60.203.0/24 maxlen: 24
217.60.201.0/24 maxlen: 24
94.182.14.0/24 maxlen: 24
217.60.202.0/24 maxlen: 24
217.60.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 932249950 (0x3791015e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 1 06:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ad24e50b7841652dd5d7412ba3f71109a24a0d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6a:bb:a7:d8:c9:ae:8e:fe:8a:ae:98:76:ba:
bb:c0:24:52:aa:a3:05:80:c3:53:28:e8:c0:e3:a9:
ae:53:bb:c9:bc:01:a5:00:30:48:51:28:34:f6:2d:
ca:9d:64:77:ac:ca:bd:b1:c7:01:fb:dd:5d:66:75:
85:1c:94:8c:6f:82:a5:75:50:b6:d3:9e:26:37:2c:
14:28:83:ce:8d:9a:9d:ee:74:a4:b0:e0:80:10:93:
e4:3d:fb:ce:54:fd:05:7b:6a:2c:8d:2c:b7:00:a6:
d8:d0:dd:c1:de:38:81:a0:2d:30:46:06:cc:2a:68:
f2:83:0d:80:ad:2b:a0:f5:0d:4e:15:5f:9c:94:9c:
3e:1d:92:c1:97:a4:ee:29:80:fe:07:d2:cf:f7:59:
37:1e:c7:95:13:9c:ab:76:d9:67:71:e8:5a:b0:c1:
33:45:18:73:e5:01:4a:e0:bc:b3:de:1a:33:77:25:
79:70:76:fa:ac:95:a3:3f:13:c7:fb:35:87:57:87:
2b:cb:2f:54:f2:8a:80:b1:d9:74:27:7e:18:dd:b2:
2c:6d:44:94:14:e3:fb:26:76:41:8a:cd:ff:e9:71:
eb:3b:83:a0:a0:55:e8:27:bc:a8:fe:ea:96:6d:0f:
b8:a0:25:ba:b2:81:52:10:6e:4d:0f:d5:41:88:62:
56:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D2:4E:50:B7:84:16:52:DD:5D:74:12:BA:3F:71:10:9A:24:A0:D7
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/itJOULeEFlLdXXQSuj9xEJokoNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.182.14.0/24
217.60.188.0-217.60.203.255
Signature Algorithm: sha256WithRSAEncryption
3e:3c:1b:97:b5:6f:15:5a:e9:8b:e8:27:f2:51:4e:b0:bc:7c:
b9:ca:64:18:3e:b2:31:69:70:c8:df:d0:e3:25:fb:d6:22:c9:
27:3e:6a:b1:3c:b3:93:7c:f9:70:c2:ec:5d:9d:a9:5a:bd:ad:
f8:e0:e9:b3:ff:ed:51:d5:c8:af:18:bf:67:92:97:f5:80:dc:
9c:03:58:f9:23:7d:b5:98:f1:01:6d:30:7f:09:8c:35:83:de:
8f:8c:30:b5:c0:24:34:e0:e9:13:9b:28:9f:a5:78:1c:8e:34:
e7:f1:4d:a4:50:dc:a4:ae:80:3e:ac:1d:cf:35:10:c6:9d:ea:
b8:33:95:ee:df:80:30:ed:9d:f2:d8:bb:a0:2d:2a:ab:6e:13:
2e:f9:03:a9:05:23:c7:6b:c4:fa:b0:39:31:ae:2e:3e:c0:9f:
e7:f5:9a:19:74:24:be:f4:1f:36:d9:e8:1d:54:01:f9:ca:9b:
2c:d8:3f:ba:e9:39:f6:87:5a:08:e4:a9:1a:7d:96:bd:f9:12:
22:24:7d:02:6a:81:35:e9:85:42:cc:29:0f:2e:f1:1d:7e:50:
5b:c4:a6:8d:32:30:3d:9f:f1:ed:fe:62:5e:d3:5a:1c:36:d7:
d1:f8:03:f6:bc:97:79:bd:50:28:d3:1f:cd:e1:3b:ef:10:f4:
76:5d:f6:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEN5EBXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGY0OTE0ODhhN2NkODQ0OGE0MjA5NDU4NzFjMGI5OTY3MmRjNjZlMB4XDTIyMDEw
MTA2MDE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFkMjRlNTBiNzg0
MTY1MmRkNWQ3NDEyYmEzZjcxMTA5YTI0YTBkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxqu6fYya6O/oqumHa6u8AkUqqjBYDDUyjowOOprlO7ybwB
pQAwSFEoNPYtyp1kd6zKvbHHAfvdXWZ1hRyUjG+CpXVQttOeJjcsFCiDzo2ane50
pLDggBCT5D37zlT9BXtqLI0stwCm2NDdwd44gaAtMEYGzCpo8oMNgK0roPUNThVf
nJScPh2SwZek7imA/gfSz/dZNx7HlROcq3bZZ3HoWrDBM0UYc+UBSuC8s94aM3cl
eXB2+qyVoz8Tx/s1h1eHK8svVPKKgLHZdCd+GN2yLG1ElBTj+yZ2QYrN/+lx6zuD
oKBV6Ce8qP7qlm0PuKAlurKBUhBuTQ/VQYhiVmMCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSK0k5Qt4QWUt1ddBK6P3EQmiSg1zAfBgNVHSMEGDAWgBSt9JFIinzYRIpC
CUWHHAuZZy3GbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmU1JTSXA4MkVTS1FnbEZoeHdMbVdjdHhtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8x
L2l0Sk9VTGVFRmxMZFhYUVN1ajl4RUpva29OYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8xL3JmU1JTSXA4MkVT
S1FnbEZoeHdMbVdjdHhtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAF62DjAMAwQC2Ty8AwQC2TzIMA0G
CSqGSIb3DQEBCwUAA4IBAQA+PBuXtW8VWumL6CfyUU6wvHy5ymQYPrIxaXDI39Dj
JfvWIsknPmqxPLOTfPlwwuxdnalava344Omz/+1R1civGL9nkpf1gNycA1j5I321
mPEBbTB/CYw1g96PjDC1wCQ04OkTmyifpXgcjjTn8U2kUNykroA+rB3PNRDGneq4
M5Xu34Aw7Z3y2LugLSqrbhMu+QOpBSPHa8T6sDkxri4+wJ/n9ZoZdCS+9B822egd
VAH5ypss2D+66Tn2h1oI5KkafZa9+RIiJH0CaoE16YVCzCkPLvEdflBbxKaNMjA9
n/Ht/mJe01ocNtfR+AP2vJd5vVAo0x/N4TvvEPR2XfYm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:31 2023 by rpki-client on console-ams.rpki-client.org