Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/_bo6rKmgxrr-9Tq-RlhDhlZye4E.roa
File: _bo6rKmgxrr-9Tq-RlhDhlZye4E.roa (raw, json)
Hash identifier: cIZw33MJzCiLn6D6sbf5lnQwpGLF4UMvk1wT9zLL8Kg=
Subject key identifier: FD:BA:3A:AC:A9:A0:C6:BA:FE:F5:3A:BE:46:58:43:86:56:72:7B:81
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 0188FA6A15D32B76EE35641736596E6E9339
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/_bo6rKmgxrr-9Tq-RlhDhlZye4E.roa
Signing time: Tue 27 Jun 2023 01:13:56 +0000
ROA not before: Tue 27 Jun 2023 01:13:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208528
IP address blocks: 217.150.217.0/24 maxlen: 24
217.150.214.0/24 maxlen: 24
217.150.219.0/24 maxlen: 24
217.150.218.0/24 maxlen: 24
217.150.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fa:6a:15:d3:2b:76:ee:35:64:17:36:59:6e:6e:93:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jun 27 01:13:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdba3aaca9a0c6bafef53abe4658438656727b81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2c:e7:6a:42:ec:97:bb:8f:e7:da:ff:5f:d1:
ba:c4:72:39:71:d1:da:d3:6d:7f:d7:09:18:9c:58:
36:d2:9b:f3:3a:e9:93:03:66:91:1c:7f:a7:63:d7:
6e:7e:21:ca:06:c8:97:16:27:dd:b3:b6:71:96:60:
a3:bd:2d:57:68:24:59:db:3d:8d:eb:b2:64:f1:77:
74:1e:40:bd:a2:b7:b9:51:6b:96:63:c6:75:e0:83:
c9:98:6a:42:31:6e:32:df:9a:3c:c2:99:55:54:ea:
b9:ef:b6:f9:15:57:a3:1f:47:14:2c:dc:28:47:43:
42:f0:c8:1d:5f:85:28:e9:a8:84:1b:1b:25:88:c4:
82:9b:3d:72:12:f1:f0:2f:db:53:0e:0d:21:a2:81:
0a:46:f9:16:de:40:49:d3:0c:4e:b8:eb:72:fd:f6:
c9:9e:21:b8:cb:77:1d:41:1a:95:bb:55:3f:03:2a:
0d:93:c2:ea:72:af:c0:8f:13:94:c6:6c:1c:56:a4:
51:c5:73:ef:d7:e1:70:41:28:3a:13:48:1c:ef:5b:
ee:c7:ae:c2:08:16:10:09:25:91:19:22:0d:96:f7:
8e:b6:95:2c:b4:e4:8a:1d:92:9c:58:8b:fe:11:6e:
69:b0:a4:b3:db:7e:41:b0:0d:e9:74:25:bc:f9:e7:
77:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BA:3A:AC:A9:A0:C6:BA:FE:F5:3A:BE:46:58:43:86:56:72:7B:81
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/_bo6rKmgxrr-9Tq-RlhDhlZye4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.214.0/24
217.150.217.0-217.150.219.255
217.150.223.0/24
Signature Algorithm: sha256WithRSAEncryption
17:e5:58:4e:07:a9:13:0e:a6:e8:b1:5f:80:3f:3a:e7:d7:41:
15:25:ca:91:a1:30:53:e6:3b:9c:c7:1c:18:39:9c:3e:3d:3f:
d7:ec:b1:d8:f3:a3:a5:d3:f2:0d:4c:4d:d0:25:f7:a9:51:3f:
c7:ec:de:c0:64:87:7c:5e:4d:48:50:8e:2e:b9:d2:9b:92:7b:
07:7a:25:45:48:bd:a9:3c:ef:e8:5e:08:7f:a6:44:02:55:bd:
59:29:c3:6b:03:7e:05:3c:51:0f:e5:d1:1c:23:63:7f:c6:a7:
fe:c0:fc:08:da:53:27:92:0e:98:ac:a2:13:62:80:e2:81:fc:
4a:a9:d2:f0:92:bc:55:00:0d:c6:08:3c:30:2d:79:80:6a:22:
d1:ae:09:93:07:ad:2f:37:9f:73:e0:93:0a:c3:73:dd:08:0f:
91:68:6e:ac:6b:21:ac:17:6b:48:3f:82:c2:81:01:7d:51:d3:
88:71:d1:21:12:92:22:28:1d:00:47:1d:25:ec:0a:82:d0:e7:
59:4c:f6:8d:5d:c0:a6:70:ce:3f:51:1a:3c:45:8f:92:80:46:
9d:a7:f4:67:4f:21:1d:8c:8a:ad:b2:55:a3:47:d1:cc:21:3a:
b8:cd:3d:aa:a0:b9:5a:61:19:b1:a2:03:dc:34:50:6a:54:e8:
0a:c1:18:52
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYj6ahXTK3buNWQXNllubpM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjMwNjI3MDExMzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGJhM2FhY2E5YTBjNmJhZmVmNTNhYmU0NjU4NDM4NjU2NzI3YjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCznakLsl7uP59r/X9G6xHI5cdHa
021/1wkYnFg20pvzOumTA2aRHH+nY9dufiHKBsiXFifds7ZxlmCjvS1XaCRZ2z2N
67Jk8Xd0HkC9ore5UWuWY8Z14IPJmGpCMW4y35o8wplVVOq577b5FVejH0cULNwo
R0NC8MgdX4Uo6aiEGxsliMSCmz1yEvHwL9tTDg0hooEKRvkW3kBJ0wxOuOty/fbJ
niG4y3cdQRqVu1U/AyoNk8Lqcq/AjxOUxmwcVqRRxXPv1+FwQSg6E0gc71vux67C
CBYQCSWRGSINlveOtpUstOSKHZKcWIv+EW5psKSz235BsA3pdCW8+ed3EQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP26OqypoMa6/vU6vkZYQ4ZWcnuBMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvX2JvNnJLbWd4cnItOVRxLVJsaERobFp5ZTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQA2ZbWMAwD
BADZltkDBALZltgDBADZlt8wDQYJKoZIhvcNAQELBQADggEBABflWE4HqRMOpuix
X4A/OufXQRUlypGhMFPmO5zHHBg5nD49P9fssdjzo6XT8g1MTdAl96lRP8fs3sBk
h3xeTUhQji650puSewd6JUVIvak87+heCH+mRAJVvVkpw2sDfgU8UQ/l0RwjY3/G
p/7A/AjaUyeSDpisohNigOKB/Eqp0vCSvFUADcYIPDAteYBqItGuCZMHrS83n3Pg
kwrDc90ID5FobqxrIawXa0g/gsKBAX1R04hx0SESkiIoHQBHHSXsCoLQ51lM9o1d
wKZwzj9RGjxFj5KARp2n9GdPIR2Miq2yVaNH0cwhOrjNPaqguVphGbGiA9w0UGpU
6ArBGFI=
-----END CERTIFICATE-----
Generated at Sun Apr 13 23:12:17 2025 by rpki-client