Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/y89k66CtwvQgrHH3trahT4HoSyA.roa
File: y89k66CtwvQgrHH3trahT4HoSyA.roa (raw, json)
Hash identifier: JAuyBL6qyrMEsN46Dr2/jZYw5lhVGVfyC8t2qaVmNKU=
Subject key identifier: CB:CF:64:EB:A0:AD:C2:F4:20:AC:71:F7:B6:B6:A1:4F:81:E8:4B:20
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 19E36A77
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/y89k66CtwvQgrHH3trahT4HoSyA.roa
Signing time: Sat 01 Jan 2022 02:57:59 +0000
ROA not before: Sat 01 Jan 2022 02:57:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208528
IP address blocks: 217.150.217.0/24 maxlen: 24
217.150.216.0/24 maxlen: 24
217.150.215.0/24 maxlen: 24
217.150.214.0/24 maxlen: 24
217.150.219.0/24 maxlen: 24
217.150.218.0/24 maxlen: 24
217.150.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 434334327 (0x19e36a77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 1 02:57:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbcf64eba0adc2f420ac71f7b6b6a14f81e84b20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4c:22:9c:f1:06:5c:10:bd:4a:0f:11:5a:42:
12:65:0f:12:c7:55:3a:61:bf:0f:c4:98:90:11:4d:
ec:1a:04:a1:d3:2a:43:a4:11:8e:a2:22:3d:79:c4:
08:2a:39:4f:95:73:1d:b0:9f:0d:ef:71:ba:e7:ef:
c5:8f:af:c3:d9:f7:be:25:16:bc:cb:e7:ac:76:ad:
0f:8d:b5:1f:f5:41:16:ba:72:3e:b2:0b:70:59:7c:
70:98:2a:6c:6c:7c:01:6f:be:13:a1:af:43:d1:73:
3b:3a:77:4b:19:a6:eb:9d:56:53:b0:6a:58:cf:e5:
e0:95:bd:49:3d:3c:f0:73:1e:22:0d:e9:cc:ca:d5:
3b:32:ef:01:1d:15:f4:0e:10:56:d0:09:6b:89:fb:
15:a7:ec:49:d7:45:1a:7b:53:bd:91:a8:47:84:a6:
84:de:3e:c0:36:64:12:7c:2e:69:fa:06:9f:65:ea:
ee:bb:df:91:5b:a0:69:c0:8f:a7:bf:46:e5:6f:03:
29:46:66:fb:26:71:e0:9d:db:cb:e7:a8:e1:1a:1d:
dd:7e:1c:9f:ff:b7:fc:6f:5b:fd:32:bd:12:ea:27:
69:3c:4f:d0:0d:8e:87:4c:cd:a2:d2:01:4e:de:8e:
a5:d4:2b:4e:3b:e5:c4:e5:5c:b9:b2:8b:c9:bc:44:
78:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CF:64:EB:A0:AD:C2:F4:20:AC:71:F7:B6:B6:A1:4F:81:E8:4B:20
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/y89k66CtwvQgrHH3trahT4HoSyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.214.0-217.150.219.255
217.150.223.0/24
Signature Algorithm: sha256WithRSAEncryption
88:85:3a:92:46:b8:3f:ab:63:48:41:a3:cb:76:a3:4c:54:0e:
25:ad:26:18:99:92:c6:25:4a:ea:96:0c:78:90:10:d1:d2:7b:
4c:5c:19:55:4e:5d:ec:1a:a8:16:c0:89:43:93:07:28:d2:6f:
3c:29:0a:7e:0f:24:07:89:48:ca:bc:f0:b5:e0:68:26:58:dd:
07:bd:0f:c2:f9:27:8f:85:a7:e1:eb:d2:79:06:3a:eb:f7:03:
8b:cf:27:74:03:17:c8:8d:b2:68:23:35:af:8f:5b:12:96:e4:
84:d8:f0:64:f5:ef:8a:a7:ec:31:bd:3e:54:50:95:68:03:d1:
cf:dd:43:02:85:78:c6:8d:a4:34:0a:c3:21:f9:8f:83:26:1a:
a7:cd:46:4a:9c:a5:20:3d:2d:6f:6a:2e:54:8a:66:24:e5:b4:
98:28:c0:71:96:8f:cd:1e:fa:9e:16:4f:d2:cd:f6:de:87:55:
a3:9e:61:77:a6:dd:11:ae:27:05:fc:1f:ac:01:33:b9:46:d5:
d4:6b:af:3d:a3:d3:02:a1:54:96:54:ed:63:57:2d:f0:4a:c2:
45:41:c6:c0:96:dc:28:b4:a9:f2:4d:7e:d5:53:61:32:95:cb:
f7:f7:f4:86:6d:42:92:c6:a2:a5:7e:9c:ee:54:0d:d0:6d:2d:
c5:3f:85:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEGeNqdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDg2MjY3NDljYmY4NGJjZjQyZWJiMjk4NWI4NmRlZTgzMGU1YzE0MB4XDTIyMDEw
MTAyNTc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JjZjY0ZWJhMGFk
YzJmNDIwYWM3MWY3YjZiNmExNGY4MWU4NGIyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN1MIpzxBlwQvUoPEVpCEmUPEsdVOmG/D8SYkBFN7BoEodMq
Q6QRjqIiPXnECCo5T5VzHbCfDe9xuufvxY+vw9n3viUWvMvnrHatD421H/VBFrpy
PrILcFl8cJgqbGx8AW++E6GvQ9FzOzp3Sxmm651WU7BqWM/l4JW9ST088HMeIg3p
zMrVOzLvAR0V9A4QVtAJa4n7FafsSddFGntTvZGoR4SmhN4+wDZkEnwuafoGn2Xq
7rvfkVugacCPp79G5W8DKUZm+yZx4J3by+eo4Rod3X4cn/+3/G9b/TK9EuonaTxP
0A2Oh0zNotIBTt6OpdQrTjvlxOVcubKLybxEeHkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBTLz2TroK3C9CCscfe2tqFPgehLIDAfBgNVHSMEGDAWgBQdhiZ0nL+EvPQu
uymFuG3ugw5cFDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hZWW1kSnlfaEx6MExyc3BoYmh0N29NT1hCUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvOTUxYzhlLTRhODYtNGM4ZS05OTg2LTBiZmJhZDQ4NDljZC8x
L3k4OWs2NkN0d3ZRZ3JISDN0cmFoVDRIb1N5QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
OTUxYzhlLTRhODYtNGM4ZS05OTg2LTBiZmJhZDQ4NDljZC8xL0hZWW1kSnlfaEx6
MExyc3BoYmh0N29NT1hCUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQB2ZbWAwQC2ZbYAwQA2ZbfMA0G
CSqGSIb3DQEBCwUAA4IBAQCIhTqSRrg/q2NIQaPLdqNMVA4lrSYYmZLGJUrqlgx4
kBDR0ntMXBlVTl3sGqgWwIlDkwco0m88KQp+DyQHiUjKvPC14GgmWN0HvQ/C+SeP
hafh69J5Bjrr9wOLzyd0AxfIjbJoIzWvj1sSluSE2PBk9e+Kp+wxvT5UUJVoA9HP
3UMChXjGjaQ0CsMh+Y+DJhqnzUZKnKUgPS1vai5UimYk5bSYKMBxlo/NHvqeFk/S
zfbeh1WjnmF3pt0RricF/B+sATO5RtXUa689o9MCoVSWVO1jVy3wSsJFQcbAltwo
tKnyTX7VU2Eylcv39/SGbUKSxqKlfpzuVA3QbS3FP4Xk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:07 2023 by rpki-client on console-fra.rpki-client.org