Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/r4Dq6huIXsMLEca0A1LMYJH8NCA.roa
File: r4Dq6huIXsMLEca0A1LMYJH8NCA.roa (raw, json)
Hash identifier: FdZXaSe9pDHB2Sro0jdb9n4Zy6yJXG97QQW6kJ/Im2E=
Subject key identifier: AF:80:EA:EA:1B:88:5E:C3:0B:11:C6:B4:03:52:CC:60:91:FC:34:20
Certificate issuer: /CN=955dbebbc1070b99e4fb372117df2620038603e9
Certificate serial: 1B4D6072
Authority key identifier: 95:5D:BE:BB:C1:07:0B:99:E4:FB:37:21:17:DF:26:20:03:86:03:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lV2-u8EHC5nk-zchF98mIAOGA-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/r4Dq6huIXsMLEca0A1LMYJH8NCA.roa
Signing time: Sat 01 Jan 2022 14:01:32 +0000
ROA not before: Sat 01 Jan 2022 14:01:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 10753
IP address blocks: 217.14.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 458055794 (0x1b4d6072)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=955dbebbc1070b99e4fb372117df2620038603e9
Validity
Not Before: Jan 1 14:01:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af80eaea1b885ec30b11c6b40352cc6091fc3420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b6:fe:e8:46:c2:7b:a8:14:7b:6e:48:51:f2:
0c:80:c8:06:29:ad:bf:2c:81:1e:bf:d5:dc:e4:d2:
dd:d1:22:84:62:45:57:b2:8f:71:34:f7:45:61:52:
25:ca:a8:5b:ce:ea:52:b9:a0:47:87:9b:4c:a0:83:
be:f9:dc:10:c1:90:50:a2:c1:6e:3c:13:e2:f9:74:
de:e5:eb:04:7e:f6:cd:09:de:d2:38:b4:d8:c1:b6:
79:bf:79:51:68:3d:49:9b:a3:32:7c:c2:64:e4:84:
81:24:c5:7e:6c:80:a4:fa:38:79:9d:1e:81:f4:c6:
66:88:50:16:ae:bf:5f:04:7d:39:93:81:73:b0:21:
c1:3b:29:51:8a:c7:88:57:40:fa:56:33:6b:db:5c:
5a:a8:b7:5e:48:45:cb:dd:05:62:28:83:27:db:dc:
8d:f2:bb:e1:b0:a1:89:16:58:5e:dc:e3:d6:f3:34:
32:6a:49:7e:c8:02:9a:2f:51:b3:0f:89:36:cf:c2:
e7:20:f7:5c:df:9b:7c:af:13:11:ff:fa:f6:8e:d3:
df:fe:96:e6:a6:d0:2c:33:cf:12:dd:8c:21:c3:a4:
2a:f8:64:46:ce:a2:9d:06:2c:d5:55:97:8e:a2:27:
81:7c:2e:da:50:03:80:68:98:92:20:4b:15:57:5b:
ee:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:80:EA:EA:1B:88:5E:C3:0B:11:C6:B4:03:52:CC:60:91:FC:34:20
X509v3 Authority Key Identifier:
keyid:95:5D:BE:BB:C1:07:0B:99:E4:FB:37:21:17:DF:26:20:03:86:03:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lV2-u8EHC5nk-zchF98mIAOGA-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/r4Dq6huIXsMLEca0A1LMYJH8NCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/lV2-u8EHC5nk-zchF98mIAOGA-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.14.120.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:30:bc:63:e4:3d:43:ee:a5:1f:f5:db:5b:10:1b:21:3c:40:
a5:cb:0a:88:d4:83:a8:90:88:b2:0d:b7:46:b0:7f:79:a9:e8:
be:e2:5b:a1:27:4d:e4:58:a0:46:90:06:35:43:fa:ea:7a:e7:
65:d7:ca:25:e6:9d:ed:ff:cf:5a:2d:3e:b3:8e:9e:bc:80:92:
e0:ee:06:56:34:f9:5c:0e:f6:21:c3:8a:8e:fd:d1:13:f2:f0:
be:8f:fa:23:bd:6a:1f:56:d6:01:a1:23:12:3f:01:a0:7f:ee:
e4:77:94:24:b0:25:0d:cd:5d:6a:ef:94:3c:3a:b7:11:ea:bc:
41:4c:13:cc:48:45:bd:d6:90:24:4c:ae:f9:2d:48:e8:8a:41:
9e:39:83:2d:aa:e2:8e:ea:f2:e2:7e:52:b9:3f:d9:62:9d:96:
0b:a6:25:05:6e:ab:3e:07:d0:81:20:48:39:ca:da:ef:ab:11:
fd:79:b9:6c:3e:16:00:03:9d:be:27:09:b5:0e:93:51:bb:f8:
b5:7b:56:0e:b8:6a:d6:7a:05:bc:13:e2:e1:da:0d:2e:a6:ce:
47:f6:19:56:4e:cb:d4:b8:41:4a:7a:96:4c:8f:04:48:75:5c:
54:07:31:30:28:b3:61:38:76:38:c2:25:d9:3b:53:e7:fe:55:
b6:41:86:81
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG01gcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTVkYmViYmMxMDcwYjk5ZTRmYjM3MjExN2RmMjYyMDAzODYwM2U5MB4XDTIyMDEw
MTE0MDEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWY4MGVhZWExYjg4
NWVjMzBiMTFjNmI0MDM1MmNjNjA5MWZjMzQyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKq2/uhGwnuoFHtuSFHyDIDIBimtvyyBHr/V3OTS3dEihGJF
V7KPcTT3RWFSJcqoW87qUrmgR4ebTKCDvvncEMGQUKLBbjwT4vl03uXrBH72zQne
0ji02MG2eb95UWg9SZujMnzCZOSEgSTFfmyApPo4eZ0egfTGZohQFq6/XwR9OZOB
c7AhwTspUYrHiFdA+lYza9tcWqi3XkhFy90FYiiDJ9vcjfK74bChiRZYXtzj1vM0
MmpJfsgCmi9Rsw+JNs/C5yD3XN+bfK8TEf/69o7T3/6W5qbQLDPPEt2MIcOkKvhk
Rs6inQYs1VWXjqIngXwu2lADgGiYkiBLFVdb7pECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvgOrqG4hewwsRxrQDUsxgkfw0IDAfBgNVHSMEGDAWgBSVXb67wQcLmeT7
NyEX3yYgA4YD6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xWMi11OEVIQzVuay16Y2hGOThtSUFPR0Etay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvZGRhYzExLTJlNjMtNGFhZS05NDBmLTAyMzIwMzk0N2Q5ZC8x
L3I0RHE2aHVJWHNNTEVjYTBBMUxNWUpIOE5DQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
ZGRhYzExLTJlNjMtNGFhZS05NDBmLTAyMzIwMzk0N2Q5ZC8xL2xWMi11OEVIQzVu
ay16Y2hGOThtSUFPR0Etay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtkOeDANBgkqhkiG9w0BAQsFAAOC
AQEAjjC8Y+Q9Q+6lH/XbWxAbITxApcsKiNSDqJCIsg23RrB/eanovuJboSdN5Fig
RpAGNUP66nrnZdfKJead7f/PWi0+s46evICS4O4GVjT5XA72IcOKjv3RE/Lwvo/6
I71qH1bWAaEjEj8BoH/u5HeUJLAlDc1dau+UPDq3Eeq8QUwTzEhFvdaQJEyu+S1I
6IpBnjmDLarijury4n5SuT/ZYp2WC6YlBW6rPgfQgSBIOcra76sR/Xm5bD4WAAOd
vicJtQ6TUbv4tXtWDrhq1noFvBPi4doNLqbOR/YZVk7L1LhBSnqWTI8ESHVcVAcx
MCizYTh2OMIl2TtT5/5VtkGGgQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:58 2025 by rpki-client