Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/rkelGL1yG2iq9c3wUVxpu_Vk5MY.roa
File: rkelGL1yG2iq9c3wUVxpu_Vk5MY.roa (raw, json)
Hash identifier: k6jAEoMcby17VlYUYuIVk7pFrmVgyrNl8rJ6hYWVaDk=
Subject key identifier: AE:47:A5:18:BD:72:1B:68:AA:F5:CD:F0:51:5C:69:BB:F5:64:E4:C6
Certificate issuer: /CN=f4e40f03979a3f4e4ad39da983b67ba7e6215c0d
Certificate serial: 01870A4E29044AE77E1094D7186F928A92D1
Authority key identifier: F4:E4:0F:03:97:9A:3F:4E:4A:D3:9D:A9:83:B6:7B:A7:E6:21:5C:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OQPA5eaP05K052pg7Z7p-YhXA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/rkelGL1yG2iq9c3wUVxpu_Vk5MY.roa
Signing time: Wed 22 Mar 2023 17:11:46 +0000
ROA not before: Wed 22 Mar 2023 17:11:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196773
IP address blocks: 217.168.97.0/24 maxlen: 24
217.168.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0a:4e:29:04:4a:e7:7e:10:94:d7:18:6f:92:8a:92:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e40f03979a3f4e4ad39da983b67ba7e6215c0d
Validity
Not Before: Mar 22 17:11:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae47a518bd721b68aaf5cdf0515c69bbf564e4c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a0:87:3d:51:07:d3:3d:b5:b5:9e:6c:cb:b5:
85:fe:7e:e6:aa:4b:c5:35:bd:6b:5b:fd:92:0c:9d:
80:f2:f4:04:fc:1f:d3:c2:af:67:b4:87:85:4e:a8:
d3:0b:9e:c4:2f:2a:b3:2b:85:97:4b:69:b8:d4:aa:
a8:ab:99:f1:5b:d0:17:da:47:56:4f:f9:d3:7a:91:
42:47:ac:3c:69:28:65:a2:02:a0:a5:8b:ce:79:52:
44:c8:4b:80:53:7c:f9:f2:8f:84:8a:98:db:f9:03:
94:4e:d3:b7:20:22:13:03:83:70:d5:e8:dd:f7:71:
e3:09:1a:7d:45:40:03:f1:65:8b:e5:a1:85:23:e5:
ee:c6:fd:3c:9c:64:05:c1:b5:3f:19:c1:dd:10:4e:
4e:80:d4:4f:80:bc:2f:e7:31:da:2b:03:23:da:c2:
9b:7a:12:01:85:ad:03:a4:6f:80:46:53:75:df:f6:
43:a2:c5:88:3a:30:75:b0:5d:7d:cd:c2:e6:f9:97:
95:1c:3a:ed:ce:bd:55:94:5e:37:7a:e2:81:4c:b7:
08:ee:da:eb:49:c0:5e:21:0c:3a:0f:81:7f:ef:e3:
e8:3d:28:7a:d6:f5:d0:db:3f:16:0e:b2:34:0e:39:
11:7f:65:74:99:18:fb:29:07:42:ba:97:c4:87:98:
a2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:47:A5:18:BD:72:1B:68:AA:F5:CD:F0:51:5C:69:BB:F5:64:E4:C6
X509v3 Authority Key Identifier:
keyid:F4:E4:0F:03:97:9A:3F:4E:4A:D3:9D:A9:83:B6:7B:A7:E6:21:5C:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OQPA5eaP05K052pg7Z7p-YhXA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/rkelGL1yG2iq9c3wUVxpu_Vk5MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/9OQPA5eaP05K052pg7Z7p-YhXA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.168.96.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:a2:df:50:9f:13:6c:09:7a:26:43:57:a8:6d:26:12:db:3f:
49:1e:a8:66:d5:b4:72:a0:26:ff:d8:8b:14:c1:de:be:74:9b:
06:d7:f7:ed:f9:67:25:46:76:00:59:20:c2:fa:d7:a1:27:fa:
6c:a5:0b:e6:bb:8a:f2:c9:96:da:55:5b:12:9c:6e:56:7a:f1:
95:99:35:08:8e:f6:8a:52:1d:5c:8f:86:d9:2f:07:e5:30:ca:
12:a7:41:ea:c7:82:f0:30:ee:c5:a7:ba:07:2e:e4:69:af:80:
47:e7:4f:96:c2:34:d0:41:74:89:6f:23:03:c3:cb:a6:3e:2e:
1d:dd:f3:7e:45:47:3b:b3:71:56:53:28:e8:25:52:69:f3:f7:
db:d4:2b:ee:60:38:5c:fd:a3:a4:80:76:4a:7f:7d:8a:7a:b0:
f4:28:26:ff:97:36:2a:f8:cb:39:d8:de:26:46:43:76:f4:bd:
a0:e1:54:5e:2f:d2:5f:d1:7c:d1:11:1a:c6:6e:57:b0:38:1e:
53:a8:09:ca:2e:a9:de:d1:7b:85:0a:c4:49:95:5d:21:f8:53:
76:95:0a:fb:90:c1:50:79:62:f0:3d:dd:7f:44:d1:29:eb:40:
8d:04:a7:d0:b3:b8:61:6e:20:9c:df:33:d2:a4:96:43:89:e8:
27:13:8a:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcKTikESud+EJTXGG+SipLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTQwZjAzOTc5YTNmNGU0YWQzOWRhOTgzYjY3YmE3ZTYy
MTVjMGQwHhcNMjMwMzIyMTcxMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQ3YTUxOGJkNzIxYjY4YWFmNWNkZjA1MTVjNjliYmY1NjRlNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6CHPVEH0z21tZ5sy7WF/n7mqkvF
Nb1rW/2SDJ2A8vQE/B/Twq9ntIeFTqjTC57ELyqzK4WXS2m41Kqoq5nxW9AX2kdW
T/nTepFCR6w8aShlogKgpYvOeVJEyEuAU3z58o+Eipjb+QOUTtO3ICITA4Nw1ejd
93HjCRp9RUAD8WWL5aGFI+Xuxv08nGQFwbU/GcHdEE5OgNRPgLwv5zHaKwMj2sKb
ehIBha0DpG+ARlN13/ZDosWIOjB1sF19zcLm+ZeVHDrtzr1VlF43euKBTLcI7trr
ScBeIQw6D4F/7+PoPSh61vXQ2z8WDrI0DjkRf2V0mRj7KQdCupfEh5iimQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5HpRi9chtoqvXN8FFcabv1ZOTGMB8GA1UdIwQY
MBaAFPTkDwOXmj9OStOdqYO2e6fmIVwNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9RUEE1ZWFQMDVLMDUycGc3WjdwLVloWEEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNGZmYzAtYTUyZC00NjFiLTk3MTkt
YTkxNGUzY2UzOTQxLzEvcmtlbEdMMXlHMmlxOWMzd1VWeHB1X1ZrNU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNGZmYzAtYTUyZC00NjFiLTk3MTktYTkxNGUzY2UzOTQx
LzEvOU9RUEE1ZWFQMDVLMDUycGc3WjdwLVloWEEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2ahgMA0G
CSqGSIb3DQEBCwUAA4IBAQArot9QnxNsCXomQ1eobSYS2z9JHqhm1bRyoCb/2IsU
wd6+dJsG1/ft+WclRnYAWSDC+tehJ/pspQvmu4ryyZbaVVsSnG5WevGVmTUIjvaK
Uh1cj4bZLwflMMoSp0Hqx4LwMO7Fp7oHLuRpr4BH50+WwjTQQXSJbyMDw8umPi4d
3fN+RUc7s3FWUyjoJVJp8/fb1CvuYDhc/aOkgHZKf32KerD0KCb/lzYq+Ms52N4m
RkN29L2g4VReL9Jf0XzRERrGblewOB5TqAnKLqne0XuFCsRJlV0h+FN2lQr7kMFQ
eWLwPd1/RNEp60CNBKfQs7hhbiCc3zPSpJZDiegnE4q0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:42 2025 by rpki-client