Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/2Ir_OkUQT4RE0RBm1ebB0XQDk5I.roa
File: 2Ir_OkUQT4RE0RBm1ebB0XQDk5I.roa (raw, json)
Hash identifier: rJk8aZVsed/uJr0hCCin3uyE1WKuoqk9clUmvz6r++8=
Subject key identifier: D8:8A:FF:3A:45:10:4F:84:44:D1:10:66:D5:E6:C1:D1:74:03:93:92
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 11DB2E1E
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/2Ir_OkUQT4RE0RBm1ebB0XQDk5I.roa
Signing time: Sat 01 Jan 2022 09:59:19 +0000
ROA not before: Sat 01 Jan 2022 09:59:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 217.163.11.0/24 maxlen: 24
217.163.10.0/24 maxlen: 24
217.163.23.0/24 maxlen: 24
217.163.24.0/22 maxlen: 24
217.163.30.0/24 maxlen: 24
217.163.28.0/23 maxlen: 24
217.163.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 299576862 (0x11db2e1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 1 09:59:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d88aff3a45104f8444d11066d5e6c1d174039392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e2:4f:58:b3:83:5f:a2:0e:21:51:d3:6b:04:
11:85:60:37:2c:aa:73:b6:71:ab:e2:c8:90:9b:99:
09:db:0b:e7:08:c9:30:fc:b9:9b:e4:c3:57:19:d5:
87:46:ed:f6:e9:fa:40:be:15:9a:1e:0b:67:21:30:
85:bd:d9:e2:1a:e9:3c:60:15:c2:a4:fe:b2:0c:ff:
c8:2c:1b:b2:7a:49:02:f9:f5:ea:49:08:a8:27:d8:
15:8b:94:e8:a2:c6:ef:c8:cd:ac:53:e3:cb:4c:fe:
c2:8a:01:2e:b3:9a:52:5a:bb:2e:98:a8:9b:77:07:
6e:4f:6e:7a:1b:2f:71:6c:37:84:29:86:34:a9:73:
8a:98:65:a6:2a:94:c9:8f:f6:fe:e5:0e:3f:af:ef:
f4:8c:70:2a:ae:7a:d5:6c:89:a6:1d:e0:39:19:69:
88:f7:16:20:8b:9d:43:bc:74:09:6e:16:57:d6:a9:
77:e9:d2:7f:a6:35:78:af:71:5a:28:50:96:17:c7:
23:8a:28:94:f0:49:bf:fa:02:77:cd:91:6d:ee:c4:
17:bb:96:e2:97:dc:82:f6:f6:68:ec:17:6f:ca:83:
a7:b3:c3:6c:63:39:a9:b8:11:37:93:5f:83:db:f3:
67:5a:bb:c9:18:d6:7b:f5:11:17:63:49:e1:8a:9f:
12:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:8A:FF:3A:45:10:4F:84:44:D1:10:66:D5:E6:C1:D1:74:03:93:92
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/2Ir_OkUQT4RE0RBm1ebB0XQDk5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.163.10.0/23
217.163.23.0-217.163.31.255
Signature Algorithm: sha256WithRSAEncryption
79:78:33:19:d2:f0:1c:98:b0:52:5c:3c:c7:c2:1a:8c:0e:fc:
5e:7e:06:1a:ed:4a:ce:10:cc:d0:49:d1:3b:cf:7f:83:28:55:
6f:01:7e:be:4f:d3:62:e2:e8:03:62:8b:10:36:0c:b1:f6:15:
e2:bb:b3:c1:b3:8a:ed:12:b0:b5:e5:fa:52:43:32:c9:1c:dd:
ea:74:20:a6:4b:94:3e:f5:16:a7:c4:4d:e4:0e:71:46:e3:4c:
ec:09:7b:0e:58:60:27:55:2a:26:e1:86:47:05:cf:1c:78:4b:
31:bd:c0:06:83:32:b0:04:55:04:1e:31:55:b2:41:0d:dc:55:
0e:7f:b4:a4:43:1a:33:7f:16:46:3b:8e:83:77:0c:c1:42:0a:
b3:03:3a:6a:72:f8:c7:4d:74:17:a8:80:e0:24:d1:68:88:d6:
d4:63:bc:e1:b7:48:c5:47:18:42:7a:db:87:11:89:88:73:4c:
d9:c9:e6:f4:e2:4c:c0:51:d1:b2:c7:1a:b3:ce:73:90:0b:a3:
4d:cb:ba:33:93:aa:d7:ed:6f:fb:94:eb:c3:59:6d:2d:b3:b9:
94:43:65:7a:4d:20:5f:c3:00:20:86:4c:b4:9c:13:a6:5e:1d:
ff:55:b1:e7:5f:78:3a:b8:19:dd:a8:2a:55:81:41:f7:10:72:
52:e3:f9:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEEdsuHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjMyYTRiZmI3Nzk2NDA1YTU1NmI3NTlmMWQxOTNlNGM0ZDM3MTI5MB4XDTIyMDEw
MTA5NTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg4YWZmM2E0NTEw
NGY4NDQ0ZDExMDY2ZDVlNmMxZDE3NDAzOTM5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXiT1izg1+iDiFR02sEEYVgNyyqc7Zxq+LIkJuZCdsL5wjJ
MPy5m+TDVxnVh0bt9un6QL4Vmh4LZyEwhb3Z4hrpPGAVwqT+sgz/yCwbsnpJAvn1
6kkIqCfYFYuU6KLG78jNrFPjy0z+wooBLrOaUlq7Lpiom3cHbk9uehsvcWw3hCmG
NKlziphlpiqUyY/2/uUOP6/v9IxwKq561WyJph3gORlpiPcWIIudQ7x0CW4WV9ap
d+nSf6Y1eK9xWihQlhfHI4oolPBJv/oCd82Rbe7EF7uW4pfcgvb2aOwXb8qDp7PD
bGM5qbgRN5Nfg9vzZ1q7yRjWe/URF2NJ4YqfErECAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBTYiv86RRBPhETREGbV5sHRdAOTkjAfBgNVHSMEGDAWgBQCMqS/t3lkBaVW
t1nx0ZPkxNNxKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FqS2t2N2Q1WkFXbFZyZFo4ZEdUNU1UVGNTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvYTdjZTdhLTg0NDMtNDZlYi04Y2JhLTNiYjRkNjIwMDUxOC8x
LzJJcl9Pa1VRVDRSRTBSQm0xZWJCMFhRRGs1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
YTdjZTdhLTg0NDMtNDZlYi04Y2JhLTNiYjRkNjIwMDUxOC8xL0FqS2t2N2Q1WkFX
bFZyZFo4ZEdUNU1UVGNTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAdmjCjAMAwQA2aMXAwQF2aMAMA0G
CSqGSIb3DQEBCwUAA4IBAQB5eDMZ0vAcmLBSXDzHwhqMDvxefgYa7UrOEMzQSdE7
z3+DKFVvAX6+T9Ni4ugDYosQNgyx9hXiu7PBs4rtErC15fpSQzLJHN3qdCCmS5Q+
9RanxE3kDnFG40zsCXsOWGAnVSom4YZHBc8ceEsxvcAGgzKwBFUEHjFVskEN3FUO
f7SkQxozfxZGO46DdwzBQgqzAzpqcvjHTXQXqIDgJNFoiNbUY7zht0jFRxhCetuH
EYmIc0zZyeb04kzAUdGyxxqzznOQC6NNy7ozk6rX7W/7lOvDWW0ts7mUQ2V6TSBf
wwAghky0nBOmXh3/VbHnX3g6uBndqCpVgUH3EHJS4/mq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:44 2024 by rpki-client on console-ams.rpki-client.org