Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Zmseyzk07to2ol2dL59Oqqw_pt8.roa
File: Zmseyzk07to2ol2dL59Oqqw_pt8.roa (raw, json)
Hash identifier: mfqxvQUbXPAMEjDLdhymR+r0zbqDhbG/IYYTX2N4F8s=
Subject key identifier: 66:6B:1E:CB:39:34:EE:DA:36:A2:5D:9D:2F:9F:4E:AA:AC:3F:A6:DF
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 1B6F8ADC
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Zmseyzk07to2ol2dL59Oqqw_pt8.roa
Signing time: Sat 01 Jan 2022 10:02:44 +0000
ROA not before: Sat 01 Jan 2022 10:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59448
IP address blocks: 217.20.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 460294876 (0x1b6f8adc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 10:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=666b1ecb3934eeda36a25d9d2f9f4eaaac3fa6df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ed:cd:9e:e3:5d:7b:2b:50:81:64:29:82:fd:
54:da:90:33:fc:5a:b4:d7:aa:0f:d6:39:e7:72:37:
2e:9a:be:ba:9e:02:a8:bd:79:42:6c:a0:69:74:24:
f2:b6:b0:a6:92:14:d9:eb:d9:2f:80:a7:70:d8:38:
66:fb:83:eb:78:cd:0c:f2:03:d4:c1:95:e5:b5:a3:
e5:6c:7d:10:74:16:58:17:c1:2b:49:50:54:34:36:
37:da:77:ca:c4:bd:aa:0e:15:51:17:99:a0:74:77:
db:89:e2:91:0d:1b:a5:c3:11:4c:5b:ff:f5:39:71:
cc:31:ca:4e:bf:3f:9b:ab:91:e5:ec:32:bc:ea:cf:
92:99:6b:83:51:49:34:9c:87:70:a2:6c:8a:c6:d0:
23:6b:0a:92:b2:e1:74:4a:a7:b5:73:eb:57:25:8b:
72:ad:c4:6c:12:30:e0:89:40:b7:5d:d8:39:76:db:
c4:70:c7:9d:ab:11:5a:ac:0e:0b:58:1f:51:d0:f4:
00:1a:14:40:f4:b9:11:9f:2c:38:e2:9d:ad:99:4d:
d8:2f:63:86:ca:4f:4f:58:9f:57:a0:f0:83:9e:aa:
4a:aa:d7:06:cd:aa:67:24:92:e2:a2:10:aa:0e:e7:
68:28:5e:8b:0b:40:1c:30:1a:46:6e:e7:f9:7c:e5:
b0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:6B:1E:CB:39:34:EE:DA:36:A2:5D:9D:2F:9F:4E:AA:AC:3F:A6:DF
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Zmseyzk07to2ol2dL59Oqqw_pt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.128.0/24
Signature Algorithm: sha256WithRSAEncryption
25:f2:f2:6c:25:3d:06:d1:0b:5f:67:96:44:be:85:28:48:ee:
0e:1d:c9:13:bb:56:ba:8f:7a:3a:ac:19:eb:6a:d4:5c:6d:14:
aa:20:05:20:6b:f4:0a:33:ca:9e:44:1e:e5:17:85:03:3d:74:
27:76:68:0e:dd:9e:6f:7a:8b:5f:2b:bb:4a:5a:a0:f5:25:64:
d8:0d:f4:ec:88:19:0e:6f:11:88:ef:e3:61:df:44:87:1e:16:
be:cf:7f:06:b7:3e:aa:fe:16:7a:64:55:fc:40:4e:48:7f:b7:
9e:17:ac:d0:de:95:7e:ff:40:d4:03:aa:de:ae:b6:c0:4b:21:
a4:63:da:15:e7:dc:e1:ce:db:8d:45:d1:14:cb:a5:0f:42:58:
17:a3:a2:3a:8f:31:11:e4:df:6c:0c:17:07:a5:76:c3:2e:cc:
29:29:b7:b6:1e:e0:c2:9c:5a:f5:57:b5:27:cb:a9:17:ac:e7:
04:1e:1f:ae:86:9b:0b:2b:cc:0a:4c:7c:e8:96:a4:a8:69:30:
d6:1b:c8:f8:a9:40:5e:22:4d:87:29:cf:06:32:a4:78:16:5f:
78:1f:0c:2d:68:39:22:8a:24:4f:e8:0a:8c:6a:5f:75:8d:16:
e7:ad:9d:6f:81:48:4c:d1:13:76:fc:9d:b1:e1:39:84:3a:11:
0f:bb:2b:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG2+K3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDJkYWM2MDVmNDY1OTcxOGMwYTE1ZTFmNzMyY2JkNGY0OGFhZTdiMB4XDTIyMDEw
MTEwMDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY2YjFlY2IzOTM0
ZWVkYTM2YTI1ZDlkMmY5ZjRlYWFhYzNmYTZkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHtzZ7jXXsrUIFkKYL9VNqQM/xatNeqD9Y553I3Lpq+up4C
qL15QmygaXQk8rawppIU2evZL4CncNg4ZvuD63jNDPID1MGV5bWj5Wx9EHQWWBfB
K0lQVDQ2N9p3ysS9qg4VUReZoHR324nikQ0bpcMRTFv/9TlxzDHKTr8/m6uR5ewy
vOrPkplrg1FJNJyHcKJsisbQI2sKkrLhdEqntXPrVyWLcq3EbBIw4IlAt13YOXbb
xHDHnasRWqwOC1gfUdD0ABoUQPS5EZ8sOOKdrZlN2C9jhspPT1ifV6Dwg56qSqrX
Bs2qZySS4qIQqg7naCheiwtAHDAaRm7n+XzlsH8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRmax7LOTTu2jaiXZ0vn06qrD+m3zAfBgNVHSMEGDAWgBTwLaxgX0ZZcYwK
FeH3MsvU9IquezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhDMnNZRjlHV1hHTUNoWGg5ekxMMVBTS3Jucy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8x
L1ptc2V5emswN3RvMm9sMmRMNTlPcXF3X3B0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8xLzhDMnNZRjlHV1hH
TUNoWGg5ekxMMVBTS3Jucy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkUgDANBgkqhkiG9w0BAQsFAAOC
AQEAJfLybCU9BtELX2eWRL6FKEjuDh3JE7tWuo96OqwZ62rUXG0UqiAFIGv0CjPK
nkQe5ReFAz10J3ZoDt2eb3qLXyu7Slqg9SVk2A307IgZDm8RiO/jYd9Ehx4Wvs9/
Brc+qv4WemRV/EBOSH+3nhes0N6Vfv9A1AOq3q62wEshpGPaFefc4c7bjUXRFMul
D0JYF6OiOo8xEeTfbAwXB6V2wy7MKSm3th7gwpxa9Ve1J8upF6znBB4froabCyvM
Ckx86JakqGkw1hvI+KlAXiJNhynPBjKkeBZfeB8MLWg5IookT+gKjGpfdY0W562d
b4FITNETdvydseE5hDoRD7srtw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:17 2023 by rpki-client on console-fra.rpki-client.org