Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/hvIH5UZyBjA9Pl-aClWVYqTZwyU.roa
File: hvIH5UZyBjA9Pl-aClWVYqTZwyU.roa (raw, json)
Hash identifier: GOjrnmY33ibDlCVfP8p+p0+0u2ZYU7prJDPdYcnqRNY=
Subject key identifier: 86:F2:07:E5:46:72:06:30:3D:3E:5F:9A:0A:55:95:62:A4:D9:C3:25
Certificate issuer: /CN=7cdc40c3dbdf819d7413e772bd875814c7eaf55e
Certificate serial: 0186CA7CF91EAD28CD50F2991F4EAC6B7B67
Authority key identifier: 7C:DC:40:C3:DB:DF:81:9D:74:13:E7:72:BD:87:58:14:C7:EA:F5:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fNxAw9vfgZ10E-dyvYdYFMfq9V4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/hvIH5UZyBjA9Pl-aClWVYqTZwyU.roa
Signing time: Fri 10 Mar 2023 07:47:13 +0000
ROA not before: Fri 10 Mar 2023 07:47:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201233
IP address blocks: 217.18.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ca:7c:f9:1e:ad:28:cd:50:f2:99:1f:4e:ac:6b:7b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cdc40c3dbdf819d7413e772bd875814c7eaf55e
Validity
Not Before: Mar 10 07:47:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86f207e5467206303d3e5f9a0a559562a4d9c325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:5b:43:4a:4b:00:0c:e7:a1:fe:e8:72:22:
81:da:89:d0:9f:f2:e1:70:a3:64:5c:d9:2f:6b:7e:
92:9e:55:47:49:e1:a5:d6:e3:d0:a3:01:4d:01:67:
11:9e:2e:6a:58:61:5f:5b:fa:c3:e8:02:a1:45:a7:
f7:ef:1e:fb:9c:a6:4b:49:28:38:3c:47:00:d8:63:
b3:18:dc:b9:9f:3a:fd:99:ba:a8:12:cd:6c:8a:41:
5b:9a:75:01:ef:ca:6c:9f:05:e4:09:04:14:99:00:
33:6c:47:1f:22:09:f4:cc:b9:a5:ba:ec:52:86:e7:
65:a5:6e:d4:53:e9:9c:52:e3:01:ca:3d:1b:35:81:
e1:22:ca:30:16:a8:5a:08:77:10:06:18:89:e6:bb:
a6:02:20:6a:9b:e2:29:89:dc:cd:26:28:c0:38:f3:
68:a9:75:65:11:7f:2e:79:b7:d1:8d:ed:2a:5b:02:
e1:1b:a0:93:d2:7b:64:19:4d:ed:ab:55:92:57:32:
ed:2c:07:3f:27:4f:6f:31:2b:09:40:d2:92:0e:26:
97:98:84:c8:f7:55:5b:dc:d6:fe:ad:e7:d7:dc:1b:
80:a4:01:f5:eb:3c:b1:92:c0:90:45:0a:6e:be:c2:
ac:96:a3:10:55:8d:2e:6c:24:f9:9b:03:70:5f:3e:
ee:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F2:07:E5:46:72:06:30:3D:3E:5F:9A:0A:55:95:62:A4:D9:C3:25
X509v3 Authority Key Identifier:
keyid:7C:DC:40:C3:DB:DF:81:9D:74:13:E7:72:BD:87:58:14:C7:EA:F5:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fNxAw9vfgZ10E-dyvYdYFMfq9V4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/hvIH5UZyBjA9Pl-aClWVYqTZwyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/fNxAw9vfgZ10E-dyvYdYFMfq9V4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.85.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:66:58:d5:7a:55:8f:59:98:b7:a6:2c:f0:97:20:a0:80:8c:
2b:f2:1c:ed:9b:3c:f9:da:64:41:c1:4c:fb:b5:38:c0:be:72:
8f:26:b7:ee:cb:8a:c0:f3:2b:a4:8e:70:e8:ff:b0:f6:de:14:
2e:7b:58:91:f4:95:b8:89:b4:ae:43:de:7c:66:56:84:a5:6c:
3c:1f:16:5f:3e:b5:64:7f:d6:b4:43:d2:51:8f:b4:ab:21:17:
c9:cc:fb:05:43:ca:08:54:30:5a:09:d3:88:6c:a7:e3:ae:50:
ea:dd:c0:2f:9d:45:fc:e9:40:b5:c2:5a:d5:98:6f:61:ea:b4:
22:11:a1:1c:c7:64:10:7f:3d:87:28:95:e3:57:5d:8b:51:9b:
f6:d9:cb:00:ac:03:1f:2d:f6:14:61:15:35:00:ad:e4:28:57:
56:f7:c3:c5:76:85:69:ba:be:60:b5:28:a5:48:f9:1c:bc:eb:
61:62:3a:be:6d:53:3d:52:45:6f:76:63:2b:74:6d:9b:dc:cd:
20:e6:2a:74:bd:bd:7f:4a:a1:b6:7c:56:6d:27:ca:c2:8f:d6:
47:63:e8:13:0e:f1:cc:90:d7:06:60:84:c0:3c:4a:59:a6:fc:
b0:d4:42:19:3a:61:d5:9c:43:4c:87:82:69:2f:ec:dd:4a:56:
b2:53:4b:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbKfPkerSjNUPKZH06sa3tnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZGM0MGMzZGJkZjgxOWQ3NDEzZTc3MmJkODc1ODE0Yzdl
YWY1NWUwHhcNMjMwMzEwMDc0NzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmYyMDdlNTQ2NzIwNjMwM2QzZTVmOWEwYTU1OTU2MmE0ZDljMzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXZbQ0pLAAznof7ociKB2onQn/Lh
cKNkXNkva36SnlVHSeGl1uPQowFNAWcRni5qWGFfW/rD6AKhRaf37x77nKZLSSg4
PEcA2GOzGNy5nzr9mbqoEs1sikFbmnUB78psnwXkCQQUmQAzbEcfIgn0zLmluuxS
hudlpW7UU+mcUuMByj0bNYHhIsowFqhaCHcQBhiJ5rumAiBqm+IpidzNJijAOPNo
qXVlEX8uebfRje0qWwLhG6CT0ntkGU3tq1WSVzLtLAc/J09vMSsJQNKSDiaXmITI
91Vb3Nb+refX3BuApAH16zyxksCQRQpuvsKslqMQVY0ubCT5mwNwXz7uhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbyB+VGcgYwPT5fmgpVlWKk2cMlMB8GA1UdIwQY
MBaAFHzcQMPb34GddBPncr2HWBTH6vVeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk54QXc5dmZnWjEwRS1keXZZZFlGTWZxOVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yZTU0M2QtNGVmNy00ZTg1LTg2N2Et
OTlmMjAwNDY1OWQxLzEvaHZJSDVVWnlCakE5UGwtYUNsV1ZZcVRad3lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8yZTU0M2QtNGVmNy00ZTg1LTg2N2EtOTlmMjAwNDY1OWQx
LzEvZk54QXc5dmZnWjEwRS1keXZZZFlGTWZxOVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RJVMA0G
CSqGSIb3DQEBCwUAA4IBAQCuZljVelWPWZi3pizwlyCggIwr8hztmzz52mRBwUz7
tTjAvnKPJrfuy4rA8yukjnDo/7D23hQue1iR9JW4ibSuQ958ZlaEpWw8HxZfPrVk
f9a0Q9JRj7SrIRfJzPsFQ8oIVDBaCdOIbKfjrlDq3cAvnUX86UC1wlrVmG9h6rQi
EaEcx2QQfz2HKJXjV12LUZv22csArAMfLfYUYRU1AK3kKFdW98PFdoVpur5gtSil
SPkcvOthYjq+bVM9UkVvdmMrdG2b3M0g5ip0vb1/SqG2fFZtJ8rCj9ZHY+gTDvHM
kNcGYITAPEpZpvyw1EIZOmHVnENMh4JpL+zdSlayU0s2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:14 2025 by rpki-client