Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e1f09a-b49f-4f69-8eb9-5cac94b836b6/1/3yDMPv23TzFfcQ1ORxTMKl8Xm28.roa
File: 3yDMPv23TzFfcQ1ORxTMKl8Xm28.roa (raw, json)
Hash identifier: mWmzxEtQvVTgv0sPllftILxCdvOzR+L4mtvRZjsEFC4=
Subject key identifier: DF:20:CC:3E:FD:B7:4F:31:5F:71:0D:4E:47:14:CC:2A:5F:17:9B:6F
Certificate issuer: /CN=f35f3f2ebf80c77669250a759be1e5c91e388435
Certificate serial: 018433A6082C6DE9A5766ABB11A6393C438A
Authority key identifier: F3:5F:3F:2E:BF:80:C7:76:69:25:0A:75:9B:E1:E5:C9:1E:38:84:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/818_Lr-Ax3ZpJQp1m-HlyR44hDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e1f09a-b49f-4f69-8eb9-5cac94b836b6/1/3yDMPv23TzFfcQ1ORxTMKl8Xm28.roa
Signing time: Tue 01 Nov 2022 14:43:49 +0000
ROA not before: Tue 01 Nov 2022 14:43:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20504
IP address blocks: 217.118.160.0/24 maxlen: 24
217.118.160.0/20 maxlen: 20
217.118.166.0/24 maxlen: 24
217.118.162.0/24 maxlen: 24
217.118.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:a6:08:2c:6d:e9:a5:76:6a:bb:11:a6:39:3c:43:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f35f3f2ebf80c77669250a759be1e5c91e388435
Validity
Not Before: Nov 1 14:43:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df20cc3efdb74f315f710d4e4714cc2a5f179b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e5:5f:84:43:d9:23:1c:86:46:e2:18:ac:4c:
0c:31:57:9b:ef:b0:87:f4:29:dc:1f:de:51:3e:39:
4b:ad:e0:c8:60:e4:7f:37:e4:5d:0e:63:ef:00:d3:
fd:4d:bf:5f:60:58:73:e3:93:fc:d8:d3:d3:de:fc:
af:98:de:30:40:71:dc:e3:0a:c6:d6:40:6f:4e:d7:
c0:3a:54:a3:4b:63:00:3a:a0:14:fc:55:cf:17:46:
d3:c4:1f:81:3a:48:96:d6:1a:7c:96:88:0c:dc:d8:
5a:0b:8d:b0:60:c0:f6:de:52:c3:d7:cb:f1:7e:ae:
85:71:ea:9c:81:8d:b9:6c:d2:d7:90:7e:1d:83:b4:
91:36:b1:77:a6:2f:71:ff:02:62:d0:f0:a8:b3:75:
6a:89:f1:58:3c:c4:b5:97:4a:c7:8c:74:a6:52:3b:
3b:05:2a:c4:13:7a:9a:69:1f:9a:64:3f:80:fb:2c:
ad:b8:67:b4:59:06:b7:70:ca:5b:ab:ea:0a:94:cd:
37:38:45:be:e9:6c:89:08:4d:3e:53:48:c6:03:12:
cd:4f:02:96:42:88:fc:6d:25:fc:ec:ff:a9:04:13:
fd:1d:81:21:54:48:98:4a:26:f1:96:e9:3b:34:e0:
fb:2d:a3:15:9a:88:62:61:08:7a:07:80:a8:7d:fd:
54:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:20:CC:3E:FD:B7:4F:31:5F:71:0D:4E:47:14:CC:2A:5F:17:9B:6F
X509v3 Authority Key Identifier:
keyid:F3:5F:3F:2E:BF:80:C7:76:69:25:0A:75:9B:E1:E5:C9:1E:38:84:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/818_Lr-Ax3ZpJQp1m-HlyR44hDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e1f09a-b49f-4f69-8eb9-5cac94b836b6/1/3yDMPv23TzFfcQ1ORxTMKl8Xm28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e1f09a-b49f-4f69-8eb9-5cac94b836b6/1/818_Lr-Ax3ZpJQp1m-HlyR44hDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.118.160.0/20
Signature Algorithm: sha256WithRSAEncryption
1b:78:a2:76:50:3e:f5:b5:d3:7a:d0:8d:b8:cb:c6:fa:3f:18:
34:55:ea:b5:92:70:56:b0:73:a5:f2:81:a1:b0:51:14:2b:af:
8f:bb:60:65:52:34:ac:87:c1:c2:60:75:10:6e:08:cb:23:7c:
44:18:3b:1f:17:79:df:59:0f:a1:38:14:07:ef:e1:d4:2f:a1:
28:ae:29:1e:8a:4e:1b:c2:e4:40:6f:05:a9:90:7c:b3:30:f9:
d0:01:a9:ab:b6:1b:ce:ee:ea:db:d9:5e:1a:87:1c:cb:28:20:
06:25:51:1c:34:d5:38:bd:39:73:45:0a:19:2e:a7:d2:1a:bd:
54:49:87:e6:cc:36:dc:66:4c:0e:d3:5d:39:ee:47:f9:68:42:
fc:0e:4d:ff:2c:bd:65:a9:d8:2c:32:5e:c4:38:9f:e8:2b:4d:
f8:1b:1c:a8:85:9b:b1:50:41:ac:da:e7:65:4f:6c:20:1f:1b:
46:bf:ce:fe:97:0c:cd:4b:07:5b:ff:9a:57:a4:40:d5:93:22:
2c:20:bc:61:a0:c8:4c:fd:44:89:52:47:fd:31:8e:57:74:53:
d1:e4:87:37:d3:7e:fd:c9:53:9d:fa:f3:d5:bd:82:60:84:f1:
dd:fd:3b:93:9f:00:0b:43:76:ca:ff:b1:75:8f:f9:d9:6d:fe:
ad:26:cf:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQzpggsbemldmq7EaY5PEOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNWYzZjJlYmY4MGM3NzY2OTI1MGE3NTliZTFlNWM5MWUz
ODg0MzUwHhcNMjIxMTAxMTQ0MzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjIwY2MzZWZkYjc0ZjMxNWY3MTBkNGU0NzE0Y2MyYTVmMTc5YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuVfhEPZIxyGRuIYrEwMMVeb77CH
9CncH95RPjlLreDIYOR/N+RdDmPvANP9Tb9fYFhz45P82NPT3vyvmN4wQHHc4wrG
1kBvTtfAOlSjS2MAOqAU/FXPF0bTxB+BOkiW1hp8logM3NhaC42wYMD23lLD18vx
fq6FceqcgY25bNLXkH4dg7SRNrF3pi9x/wJi0PCos3VqifFYPMS1l0rHjHSmUjs7
BSrEE3qaaR+aZD+A+yytuGe0WQa3cMpbq+oKlM03OEW+6WyJCE0+U0jGAxLNTwKW
Qoj8bSX87P+pBBP9HYEhVEiYSibxluk7NOD7LaMVmohiYQh6B4Coff1UswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8gzD79t08xX3ENTkcUzCpfF5tvMB8GA1UdIwQY
MBaAFPNfPy6/gMd2aSUKdZvh5ckeOIQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODE4X0xyLUF4M1pwSlFwMW0tSGx5UjQ0aERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lMWYwOWEtYjQ5Zi00ZjY5LThlYjkt
NWNhYzk0YjgzNmI2LzEvM3lETVB2MjNUekZmY1ExT1J4VE1LbDhYbTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lMWYwOWEtYjQ5Zi00ZjY5LThlYjktNWNhYzk0YjgzNmI2
LzEvODE4X0xyLUF4M1pwSlFwMW0tSGx5UjQ0aERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2XagMA0G
CSqGSIb3DQEBCwUAA4IBAQAbeKJ2UD71tdN60I24y8b6Pxg0Veq1knBWsHOl8oGh
sFEUK6+Pu2BlUjSsh8HCYHUQbgjLI3xEGDsfF3nfWQ+hOBQH7+HUL6Eorikeik4b
wuRAbwWpkHyzMPnQAamrthvO7urb2V4ahxzLKCAGJVEcNNU4vTlzRQoZLqfSGr1U
SYfmzDbcZkwO01057kf5aEL8Dk3/LL1lqdgsMl7EOJ/oK034GxyohZuxUEGs2udl
T2wgHxtGv87+lwzNSwdb/5pXpEDVkyIsILxhoMhM/USJUkf9MY5XdFPR5Ic30379
yVOd+vPVvYJghPHd/TuTnwALQ3bK/7F1j/nZbf6tJs9O
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:41 2023 by rpki-client on console-ams.rpki-client.org