Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/kXpe6EbNG_yup4CAPy7Vl1hMtzE.roa
File: kXpe6EbNG_yup4CAPy7Vl1hMtzE.roa (raw, json)
Hash identifier: gwd9hFjTeQmIbTAn+hQFJiNbK3S1uswUaNyiIlIoGTU=
Subject key identifier: 91:7A:5E:E8:46:CD:1B:FC:AE:A7:80:80:3F:2E:D5:97:58:4C:B7:31
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 018B80911E678068AC0E5A19E2065F16814E
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/kXpe6EbNG_yup4CAPy7Vl1hMtzE.roa
Signing time: Mon 30 Oct 2023 12:31:16 +0000
ROA not before: Mon 30 Oct 2023 12:31:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 217.147.181.0/24 maxlen: 24
217.147.180.0/24 maxlen: 24
217.147.180.0/23 maxlen: 24
2a0b:2900:ff00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:91:1e:67:80:68:ac:0e:5a:19:e2:06:5f:16:81:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Oct 30 12:31:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=917a5ee846cd1bfcaea780803f2ed597584cb731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:85:4e:3c:f9:33:a1:cb:4b:e4:bb:2e:49:df:
8d:0a:db:2b:fb:be:86:3f:25:ed:af:a5:ec:43:b0:
8b:31:6b:38:7e:2e:04:bc:7f:94:83:0d:b5:0e:e0:
64:4c:e8:a8:7e:43:97:f0:31:9a:4f:d1:a5:cf:8c:
9a:c4:b7:a5:ed:c0:99:cf:0c:98:2a:de:49:e6:13:
03:8d:83:06:b7:bd:ac:bb:8b:a9:67:70:1f:a3:0a:
b4:4f:47:73:7a:5f:8b:a7:ae:55:ac:6b:7b:82:6b:
67:8e:fa:1a:0d:d0:9d:e3:fc:8e:b7:7d:f4:d9:70:
9f:e3:e3:ed:22:c1:3b:3b:f1:50:ec:d7:1e:ca:9e:
cc:af:2c:2f:ad:db:88:5f:2b:57:b0:a1:17:b4:b0:
98:de:a1:2e:8b:5b:4f:cf:67:82:39:fe:84:01:f1:
f7:74:15:63:c2:4d:cb:09:79:a6:c5:b1:41:ad:e1:
d6:c8:38:bf:f9:2d:9e:6a:5c:e4:b0:31:7e:d6:ae:
d4:1b:b0:a9:1a:4b:67:70:d4:f5:34:ae:17:9b:07:
1d:26:30:1b:0c:1a:4a:f8:df:ac:83:1f:51:6a:45:
b7:4b:0a:cb:b3:a8:1f:32:d1:b3:51:e1:a4:8c:30:
03:59:11:bf:24:a5:7a:86:e6:00:2f:44:e6:9f:f1:
28:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7A:5E:E8:46:CD:1B:FC:AE:A7:80:80:3F:2E:D5:97:58:4C:B7:31
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/kXpe6EbNG_yup4CAPy7Vl1hMtzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.180.0/23
IPv6:
2a0b:2900:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
87:60:ed:77:56:e9:8a:16:2a:ee:70:5d:82:9f:68:47:20:35:
18:46:4c:65:5d:3f:1e:30:ff:a0:88:60:02:b8:51:6c:d1:dc:
36:98:29:bf:0f:cc:38:02:52:57:52:48:91:c9:e7:b4:70:df:
66:35:c5:c8:8f:16:34:4b:76:6b:4b:d8:79:e1:68:b2:f8:f3:
d1:8c:5e:ef:86:f7:6e:4c:a2:35:8a:64:27:56:b6:7d:4c:d9:
41:f3:7b:8e:09:14:d1:6c:a9:a6:0b:6a:27:0d:88:8e:81:f4:
01:a7:dd:2d:6f:a9:a3:17:48:d9:61:c6:b5:b7:89:a9:40:87:
5e:86:90:41:e1:c0:77:92:5a:c0:a1:12:48:24:87:aa:b5:b6:
1c:ca:e7:30:37:1c:e2:d3:27:7a:4d:16:b8:33:7e:b0:db:23:
6f:c8:e8:f2:47:c6:ff:c0:4e:e5:55:88:f6:97:a1:71:8e:b9:
9c:5a:a1:78:08:4d:e7:4a:fa:6f:59:46:6a:05:38:a1:04:82:
6b:42:2b:3c:aa:a1:06:20:22:a0:6f:ab:3b:63:3f:ae:5f:a4:
db:a8:b7:c8:67:b1:b9:d9:cc:13:ce:80:76:e8:c6:f7:db:a2:
83:5c:97:ab:39:ed:c8:46:9e:95:66:fb:97:b8:73:30:9e:b8:
b9:2a:95:0a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYuAkR5ngGisDloZ4gZfFoFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjMxMDMwMTIzMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTdhNWVlODQ2Y2QxYmZjYWVhNzgwODAzZjJlZDU5NzU4NGNiNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYVOPPkzoctL5LsuSd+NCtsr+76G
PyXtr6XsQ7CLMWs4fi4EvH+Ugw21DuBkTOiofkOX8DGaT9Glz4yaxLel7cCZzwyY
Kt5J5hMDjYMGt72su4upZ3Afowq0T0dzel+Lp65VrGt7gmtnjvoaDdCd4/yOt330
2XCf4+PtIsE7O/FQ7Nceyp7MrywvrduIXytXsKEXtLCY3qEui1tPz2eCOf6EAfH3
dBVjwk3LCXmmxbFBreHWyDi/+S2ealzksDF+1q7UG7CpGktncNT1NK4XmwcdJjAb
DBpK+N+sgx9RakW3SwrLs6gfMtGzUeGkjDADWRG/JKV6huYAL0Tmn/Eo+QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJF6XuhGzRv8rqeAgD8u1ZdYTLcxMB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEva1hwZTZFYk5HX3l1cDRDQVB5N1ZsMWhNdHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQB2ZO0MA4E
AgACMAgDBgAqCykA/zANBgkqhkiG9w0BAQsFAAOCAQEAh2Dtd1bpihYq7nBdgp9o
RyA1GEZMZV0/HjD/oIhgArhRbNHcNpgpvw/MOAJSV1JIkcnntHDfZjXFyI8WNEt2
a0vYeeFosvjz0Yxe74b3bkyiNYpkJ1a2fUzZQfN7jgkU0WyppgtqJw2IjoH0Aafd
LW+poxdI2WHGtbeJqUCHXoaQQeHAd5JawKESSCSHqrW2HMrnMDcc4tMnek0WuDN+
sNsjb8jo8kfG/8BO5VWI9pehcY65nFqheAhN50r6b1lGagU4oQSCa0IrPKqhBiAi
oG+rO2M/rl+k26i3yGexudnME86AdujG99uig1yXqzntyEaelWb7l7hzMJ64uSqV
Cg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:02 2025 by rpki-client