Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/tpU0nRvOHCqBMHuMMz6y9CZMiI8.roa
File: tpU0nRvOHCqBMHuMMz6y9CZMiI8.roa (raw, json)
Hash identifier: /wW3OWUCiCncs7THL0HkyFKfZc1VdBImmGfw59rfkrY=
Subject key identifier: B6:95:34:9D:1B:CE:1C:2A:81:30:7B:8C:33:3E:B2:F4:26:4C:88:8F
Certificate issuer: /CN=a3d31f1799bf5588ffa988e49286bfc70a4b34be
Certificate serial: 01856F391F1FADE2A649DAFEA6AD9B254878
Authority key identifier: A3:D3:1F:17:99:BF:55:88:FF:A9:88:E4:92:86:BF:C7:0A:4B:34:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o9MfF5m_VYj_qYjkkoa_xwpLNL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/tpU0nRvOHCqBMHuMMz6y9CZMiI8.roa
Signing time: Sun 01 Jan 2023 21:24:52 +0000
ROA not before: Sun 01 Jan 2023 21:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20768
IP address blocks: 217.151.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:1f:1f:ad:e2:a6:49:da:fe:a6:ad:9b:25:48:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3d31f1799bf5588ffa988e49286bfc70a4b34be
Validity
Not Before: Jan 1 21:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b695349d1bce1c2a81307b8c333eb2f4264c888f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:04:d5:dd:cb:77:75:ec:4b:c7:c2:9f:41:99:
52:7a:28:3b:18:b3:33:6b:b1:a0:4c:f8:d2:86:a5:
39:21:cf:a4:a1:9d:33:d3:e7:65:01:87:7d:c5:15:
f1:c7:e7:fb:17:28:a1:16:f8:e4:0f:c7:13:a8:b1:
d7:66:66:17:30:20:c4:d3:46:c3:a2:e1:85:55:5f:
28:1c:29:53:ca:bb:8b:48:62:1b:9f:bc:66:cb:63:
17:f6:69:75:62:f8:d5:e7:5b:e3:3e:87:68:d9:8f:
ac:fc:96:f4:90:38:8f:c7:08:52:61:a4:1f:a3:f8:
f3:8c:4e:2e:98:a1:f0:05:da:d3:bc:f5:7d:af:50:
56:19:96:7a:3d:90:cb:c6:8c:22:99:ba:ff:a9:1d:
de:cc:e9:ec:2f:19:2f:02:27:41:b9:75:71:93:07:
85:46:2c:c0:03:34:63:91:f4:fd:64:a1:72:96:5c:
80:dd:74:7e:4f:8f:bd:ca:6b:5e:9b:18:e2:d8:62:
0c:cc:e3:57:74:6c:1f:d2:55:45:af:76:e5:4f:c1:
8d:12:58:8f:a0:94:49:e8:59:62:0d:b3:8f:e6:ed:
e4:3f:19:8f:f0:81:0b:79:ec:cf:9a:61:93:ab:55:
9e:b2:2f:8c:24:47:ec:eb:40:fd:7f:d9:f7:93:63:
b3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:95:34:9D:1B:CE:1C:2A:81:30:7B:8C:33:3E:B2:F4:26:4C:88:8F
X509v3 Authority Key Identifier:
keyid:A3:D3:1F:17:99:BF:55:88:FF:A9:88:E4:92:86:BF:C7:0A:4B:34:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9MfF5m_VYj_qYjkkoa_xwpLNL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/tpU0nRvOHCqBMHuMMz6y9CZMiI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/o9MfF5m_VYj_qYjkkoa_xwpLNL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.151.208.0/20
Signature Algorithm: sha256WithRSAEncryption
8b:53:25:5f:c0:41:dc:3f:58:d7:b1:31:69:de:63:c9:ce:fe:
52:90:56:28:1c:41:92:f8:fb:05:c3:54:a3:66:81:7d:5a:a5:
ff:93:20:ce:c0:8e:f1:53:fb:b6:23:7c:aa:79:cc:52:4c:4d:
58:df:43:86:07:d0:37:24:7d:23:93:da:70:e6:4a:c6:37:97:
23:61:13:53:5c:ca:a7:0c:ef:60:46:b1:82:e3:ae:eb:d5:cf:
18:29:79:36:82:18:d4:33:85:55:c4:1f:57:35:2c:a4:a4:65:
66:97:94:6b:83:21:b1:44:88:7f:b9:90:e1:73:42:79:1b:3c:
94:35:4a:8f:b9:71:9f:12:62:b7:9b:17:80:4d:d0:9d:d5:d5:
8f:4a:13:53:1f:9b:23:ce:fe:1d:57:ca:05:03:69:d9:7f:10:
f7:4b:03:c6:27:6e:b0:7a:b1:bd:95:5e:6d:60:74:97:be:1e:
de:f8:3d:04:7c:8f:22:01:34:d6:f6:91:da:c6:cf:92:3a:d1:
95:0e:d5:30:0a:5d:be:22:b4:bc:4d:8e:b8:a8:b4:73:a5:d5:
b8:f3:bc:71:ed:92:c2:57:3f:ea:15:f2:c2:96:b9:af:34:37:
59:ea:a6:07:bf:9f:19:c4:0d:e0:2e:6d:da:fe:c8:3c:e9:91:
07:a2:a2:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOR8freKmSdr+pq2bJUh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZDMxZjE3OTliZjU1ODhmZmE5ODhlNDkyODZiZmM3MGE0
YjM0YmUwHhcNMjMwMTAxMjEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjk1MzQ5ZDFiY2UxYzJhODEzMDdiOGMzMzNlYjJmNDI2NGM4ODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnATV3ct3dexLx8KfQZlSeig7GLMz
a7GgTPjShqU5Ic+koZ0z0+dlAYd9xRXxx+f7FyihFvjkD8cTqLHXZmYXMCDE00bD
ouGFVV8oHClTyruLSGIbn7xmy2MX9ml1YvjV51vjPodo2Y+s/Jb0kDiPxwhSYaQf
o/jzjE4umKHwBdrTvPV9r1BWGZZ6PZDLxowimbr/qR3ezOnsLxkvAidBuXVxkweF
RizAAzRjkfT9ZKFyllyA3XR+T4+9ymtemxji2GIMzONXdGwf0lVFr3blT8GNEliP
oJRJ6FliDbOP5u3kPxmP8IELeezPmmGTq1Wesi+MJEfs60D9f9n3k2OzEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLaVNJ0bzhwqgTB7jDM+svQmTIiPMB8GA1UdIwQY
MBaAFKPTHxeZv1WI/6mI5JKGv8cKSzS+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlNZkY1bV9WWWpfcVlqa2tvYV94d3BMTkw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYWNkNmMtODkyZi00NWUxLWIxNDUt
YWRlNTI2MWMxMDQzLzEvdHBVMG5Sdk9IQ3FCTUh1TU16Nnk5Q1pNaUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYWNkNmMtODkyZi00NWUxLWIxNDUtYWRlNTI2MWMxMDQz
LzEvbzlNZkY1bV9WWWpfcVlqa2tvYV94d3BMTkw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZfQMA0G
CSqGSIb3DQEBCwUAA4IBAQCLUyVfwEHcP1jXsTFp3mPJzv5SkFYoHEGS+PsFw1Sj
ZoF9WqX/kyDOwI7xU/u2I3yqecxSTE1Y30OGB9A3JH0jk9pw5krGN5cjYRNTXMqn
DO9gRrGC467r1c8YKXk2ghjUM4VVxB9XNSykpGVml5RrgyGxRIh/uZDhc0J5GzyU
NUqPuXGfEmK3mxeATdCd1dWPShNTH5sjzv4dV8oFA2nZfxD3SwPGJ26werG9lV5t
YHSXvh7e+D0EfI8iATTW9pHaxs+SOtGVDtUwCl2+IrS8TY64qLRzpdW487xx7ZLC
Vz/qFfLClrmvNDdZ6qYHv58ZxA3gLm3a/sg86ZEHoqJZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:06:58 2025 by rpki-client