Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/2451b7-9091-4a27-ab91-348f9ffbd883/1/beXxmyP3sPPZAzWvoj7NFCGLozw.roa
File: beXxmyP3sPPZAzWvoj7NFCGLozw.roa (raw, json)
Hash identifier: Ns5cBIAIIO4DaJxS5COK9YIFGuOAX+DlH10B7HZh1YY=
Subject key identifier: 6D:E5:F1:9B:23:F7:B0:F3:D9:03:35:AF:A2:3E:CD:14:21:8B:A3:3C
Certificate issuer: /CN=a1b0477f9d09a2c74f4c459e80b729afeeb312d4
Certificate serial: 018571B0AD59AD0CEF14490AF550B8EB6FFA
Authority key identifier: A1:B0:47:7F:9D:09:A2:C7:4F:4C:45:9E:80:B7:29:AF:EE:B3:12:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obBHf50JosdPTEWegLcpr-6zEtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/2451b7-9091-4a27-ab91-348f9ffbd883/1/beXxmyP3sPPZAzWvoj7NFCGLozw.roa
Signing time: Mon 02 Jan 2023 08:54:42 +0000
ROA not before: Mon 02 Jan 2023 08:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207311
IP address blocks: 178.17.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:ad:59:ad:0c:ef:14:49:0a:f5:50:b8:eb:6f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b0477f9d09a2c74f4c459e80b729afeeb312d4
Validity
Not Before: Jan 2 08:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6de5f19b23f7b0f3d90335afa23ecd14218ba33c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:45:d3:60:32:39:5c:94:aa:5f:ac:91:f0:89:
07:2e:42:52:cd:1b:c3:53:aa:52:06:6f:63:35:a3:
9a:44:d2:f6:ca:89:80:84:b7:5a:df:9b:81:46:50:
6d:3d:5f:30:0a:4a:2a:e5:6d:3a:b9:51:91:f4:64:
8a:89:62:40:23:5c:32:2c:48:33:48:05:93:ef:a0:
ec:b7:56:49:41:a8:fc:5f:6c:b8:64:e2:49:33:74:
8b:fc:01:1a:0d:65:ff:97:04:22:bd:fb:e7:02:a4:
98:a3:97:88:f7:cd:0b:0a:67:50:7e:01:24:3b:6c:
b5:9b:cb:12:65:db:5e:26:c4:43:c2:c3:fe:57:22:
c0:e9:49:88:fc:3e:ec:2e:99:9b:3a:6e:8a:40:fc:
ea:c9:4b:ee:e8:5d:24:d6:41:8c:50:23:ae:d8:70:
d7:fa:2b:c6:e9:0c:de:33:88:fe:a4:4c:3a:dc:de:
da:61:7e:d2:a4:55:85:1f:a0:ae:92:a6:89:53:46:
67:d0:6e:16:f8:73:1f:6c:8f:44:4b:6a:f7:06:1a:
86:8d:85:f3:35:c6:e4:b4:8e:f8:44:b4:fe:a2:a1:
30:ce:7d:49:f9:22:06:c6:f9:b4:34:89:39:ed:d5:
c5:17:bf:32:24:80:cb:1d:d1:4c:9a:49:ce:07:55:
d2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E5:F1:9B:23:F7:B0:F3:D9:03:35:AF:A2:3E:CD:14:21:8B:A3:3C
X509v3 Authority Key Identifier:
keyid:A1:B0:47:7F:9D:09:A2:C7:4F:4C:45:9E:80:B7:29:AF:EE:B3:12:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obBHf50JosdPTEWegLcpr-6zEtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/2451b7-9091-4a27-ab91-348f9ffbd883/1/beXxmyP3sPPZAzWvoj7NFCGLozw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/2451b7-9091-4a27-ab91-348f9ffbd883/1/obBHf50JosdPTEWegLcpr-6zEtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.17.218.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:9e:45:72:28:45:e9:d3:ce:ff:69:d5:03:ca:03:4d:a6:0a:
e1:41:6b:be:ee:c5:1c:3b:e6:6f:fb:e3:4a:d6:12:18:cf:b1:
67:ce:50:09:53:f1:f9:c6:50:f0:32:b7:87:69:7e:6d:45:57:
e8:d9:d1:11:4c:68:09:60:36:b2:74:89:19:a9:d4:81:00:46:
02:34:ee:05:9d:3a:fe:12:0b:9c:2c:d9:bc:97:85:68:b1:d3:
79:5b:79:56:4e:63:6f:7a:da:67:74:30:ce:d9:59:27:94:88:
8b:25:fd:ee:4f:f4:88:94:55:ce:23:32:8a:df:9e:2b:33:c0:
5f:4b:36:13:c6:18:be:85:74:ec:74:bd:90:4e:3a:ea:7b:99:
14:e5:c2:20:ae:06:71:f7:98:ee:e0:4a:75:bb:db:97:ac:d5:
50:35:11:22:1c:bf:40:cb:f3:76:96:ae:12:23:5e:74:69:bc:
a2:1a:26:40:9a:71:20:ec:fa:f5:bc:68:59:3d:62:e8:4a:4d:
2b:af:c1:52:35:b6:1b:3a:f3:7c:8d:fb:ed:c3:96:aa:38:9c:
80:c5:20:8c:e4:73:a6:06:ba:1f:25:b0:0f:dd:3e:c8:e7:d4:
ec:fd:8a:ab:b1:af:7f:0b:72:bd:30:6f:be:34:a1:59:c9:21:
08:e7:0a:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsK1ZrQzvFEkK9VC462/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjA0NzdmOWQwOWEyYzc0ZjRjNDU5ZTgwYjcyOWFmZWVi
MzEyZDQwHhcNMjMwMTAyMDg1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU1ZjE5YjIzZjdiMGYzZDkwMzM1YWZhMjNlY2QxNDIxOGJhMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEXTYDI5XJSqX6yR8IkHLkJSzRvD
U6pSBm9jNaOaRNL2yomAhLda35uBRlBtPV8wCkoq5W06uVGR9GSKiWJAI1wyLEgz
SAWT76Dst1ZJQaj8X2y4ZOJJM3SL/AEaDWX/lwQivfvnAqSYo5eI980LCmdQfgEk
O2y1m8sSZdteJsRDwsP+VyLA6UmI/D7sLpmbOm6KQPzqyUvu6F0k1kGMUCOu2HDX
+ivG6QzeM4j+pEw63N7aYX7SpFWFH6CukqaJU0Zn0G4W+HMfbI9ES2r3BhqGjYXz
NcbktI74RLT+oqEwzn1J+SIGxvm0NIk57dXFF78yJIDLHdFMmknOB1XSjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3l8Zsj97Dz2QM1r6I+zRQhi6M8MB8GA1UdIwQY
MBaAFKGwR3+dCaLHT0xFnoC3Ka/usxLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JCSGY1MEpvc2RQVEVXZWdMY3ByLTZ6RXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8yNDUxYjctOTA5MS00YTI3LWFiOTEt
MzQ4ZjlmZmJkODgzLzEvYmVYeG15UDNzUFBaQXpXdm9qN05GQ0dMb3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8yNDUxYjctOTA5MS00YTI3LWFiOTEtMzQ4ZjlmZmJkODgz
LzEvb2JCSGY1MEpvc2RQVEVXZWdMY3ByLTZ6RXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshHaMA0G
CSqGSIb3DQEBCwUAA4IBAQBsnkVyKEXp087/adUDygNNpgrhQWu+7sUcO+Zv++NK
1hIYz7FnzlAJU/H5xlDwMreHaX5tRVfo2dERTGgJYDaydIkZqdSBAEYCNO4FnTr+
EgucLNm8l4VosdN5W3lWTmNvetpndDDO2VknlIiLJf3uT/SIlFXOIzKK354rM8Bf
SzYTxhi+hXTsdL2QTjrqe5kU5cIgrgZx95ju4Ep1u9uXrNVQNREiHL9Ay/N2lq4S
I150abyiGiZAmnEg7Pr1vGhZPWLoSk0rr8FSNbYbOvN8jfvtw5aqOJyAxSCM5HOm
BrofJbAP3T7I59Ts/Yqrsa9/C3K9MG++NKFZySEI5wri
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:23 2025 by rpki-client