Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/On8RXrw3d1r52E2TnXXt7EyN2wk.roa
File: On8RXrw3d1r52E2TnXXt7EyN2wk.roa (raw, json)
Hash identifier: WFlDzWUwflTIMP1kkgeZjxyQ/eGuHWbozf5h3Uy0GCU=
Subject key identifier: 3A:7F:11:5E:BC:37:77:5A:F9:D8:4D:93:9D:75:ED:EC:4C:8D:DB:09
Certificate issuer: /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial: 03C6E77D
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/On8RXrw3d1r52E2TnXXt7EyN2wk.roa
Signing time: Sat 01 Jan 2022 12:57:20 +0000
ROA not before: Sat 01 Jan 2022 12:57:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208732
IP address blocks: 217.11.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63367037 (0x3c6e77d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Validity
Not Before: Jan 1 12:57:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a7f115ebc37775af9d84d939d75edec4c8ddb09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5e:ac:34:e7:1f:89:66:93:67:68:f5:48:8f:
31:14:7f:ef:fa:db:30:37:00:03:28:71:69:a5:01:
35:b3:b4:ee:ac:13:42:92:87:24:cb:57:69:57:60:
71:cf:8a:ed:45:f3:4a:01:4a:eb:39:57:1d:46:13:
d7:f8:80:12:cf:ba:1a:1c:22:50:d9:5c:fd:5b:09:
d0:9b:56:bc:ba:f2:c4:58:de:72:fb:86:c7:7b:02:
28:20:3d:af:04:72:ee:be:c9:4c:41:3f:f7:5e:11:
4c:57:9b:1e:48:d4:5f:43:9d:46:29:4d:f2:77:48:
84:9d:5e:69:35:53:82:1c:e6:b7:67:52:ad:23:d4:
83:63:a8:4b:b2:c7:12:81:0b:cb:c8:74:0d:f4:4e:
2b:5e:76:ad:d3:bc:17:9d:bb:f3:3f:fd:97:f2:bb:
34:f6:4d:12:e2:b7:ae:07:b2:c0:37:72:1b:d0:c7:
5c:89:56:9d:61:08:1a:7b:1b:b2:0b:a9:5b:bc:b3:
9d:e6:e6:64:d3:3d:67:90:38:ef:6a:6a:60:16:46:
bb:93:24:cb:91:ec:2e:da:b5:50:29:fc:9f:78:a3:
e4:3e:aa:a6:92:58:97:7c:47:70:7d:8d:f2:5e:9d:
e9:1b:50:ed:b5:5f:db:7d:23:c1:6a:48:00:5a:e4:
a8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7F:11:5E:BC:37:77:5A:F9:D8:4D:93:9D:75:ED:EC:4C:8D:DB:09
X509v3 Authority Key Identifier:
keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/On8RXrw3d1r52E2TnXXt7EyN2wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.11.133.0/24
Signature Algorithm: sha256WithRSAEncryption
36:f8:19:05:12:cd:98:a9:e1:54:dc:35:7f:b1:e1:aa:ef:f4:
67:1d:49:bd:66:83:9a:a6:b2:c2:88:fc:9b:06:43:1c:7a:1c:
42:5c:26:52:91:2d:46:9b:fb:f7:99:02:14:d0:a1:7a:e1:b3:
03:32:a6:52:8c:7d:7e:34:40:42:36:6b:64:36:37:1b:8b:a4:
06:a4:a8:95:8b:ef:b1:48:e6:1b:37:4a:8a:ee:db:b9:6f:11:
db:b7:15:81:cc:ab:4b:6e:c8:74:ce:35:b2:40:50:78:09:20:
94:66:4f:7f:4f:f6:b5:56:9f:bd:ec:a3:dc:7d:36:73:76:91:
2c:41:85:84:94:fb:0d:19:c8:37:6b:08:a9:7b:a1:ac:43:f3:
bc:d3:35:79:30:28:5a:e4:9b:92:32:85:e3:af:04:00:5b:0e:
dd:9d:9d:74:dd:6a:51:ad:28:68:51:d5:04:9a:61:e8:d9:ba:
3e:6b:27:22:30:91:0e:51:14:a3:c3:be:ad:77:a9:f5:ac:20:
1f:e6:11:41:08:16:d3:5d:8b:6d:55:89:0a:f8:33:c9:d9:f7:
03:43:ee:a3:dc:86:e1:4c:f8:0c:df:e4:be:dd:dc:0a:b4:a5:
02:a0:6f:c2:c3:c4:03:c4:48:ec:41:08:93:9c:43:d4:d0:e7:
c7:ac:94:2d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8bnfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDBhMTIzMWQxYzI3YTc1NGU0NmVmMTBlOTJhNzMwYWUxNWQwZjU1MB4XDTIyMDEw
MTEyNTcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E3ZjExNWViYzM3
Nzc1YWY5ZDg0ZDkzOWQ3NWVkZWM0YzhkZGIwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALterDTnH4lmk2do9UiPMRR/7/rbMDcAAyhxaaUBNbO07qwT
QpKHJMtXaVdgcc+K7UXzSgFK6zlXHUYT1/iAEs+6GhwiUNlc/VsJ0JtWvLryxFje
cvuGx3sCKCA9rwRy7r7JTEE/914RTFebHkjUX0OdRilN8ndIhJ1eaTVTghzmt2dS
rSPUg2OoS7LHEoELy8h0DfROK152rdO8F5278z/9l/K7NPZNEuK3rgeywDdyG9DH
XIlWnWEIGnsbsgupW7yznebmZNM9Z5A472pqYBZGu5Mky5HsLtq1UCn8n3ij5D6q
ppJYl3xHcH2N8l6d6RtQ7bVf230jwWpIAFrkqI8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ6fxFevDd3WvnYTZOdde3sTI3bCTAfBgNVHSMEGDAWgBRwChIx0cJ6dU5G
7xDpKnMK4V0PVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NBb1NNZEhDZW5WT1J1OFE2U3B6Q3VGZEQxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvZGNjMmI0LTlkZWQtNDY3OC04Mzk4LWFiNzlhMzc4OWY4Zi8x
L09uOFJYcnczZDFyNTJFMlRuWFh0N0V5TjJ3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
ZGNjMmI0LTlkZWQtNDY3OC04Mzk4LWFiNzlhMzc4OWY4Zi8xL2NBb1NNZEhDZW5W
T1J1OFE2U3B6Q3VGZEQxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkLhTANBgkqhkiG9w0BAQsFAAOC
AQEANvgZBRLNmKnhVNw1f7Hhqu/0Zx1JvWaDmqaywoj8mwZDHHocQlwmUpEtRpv7
95kCFNCheuGzAzKmUox9fjRAQjZrZDY3G4ukBqSolYvvsUjmGzdKiu7buW8R27cV
gcyrS27IdM41skBQeAkglGZPf0/2tVafveyj3H02c3aRLEGFhJT7DRnIN2sIqXuh
rEPzvNM1eTAoWuSbkjKF468EAFsO3Z2ddN1qUa0oaFHVBJph6Nm6PmsnIjCRDlEU
o8O+rXep9awgH+YRQQgW012LbVWJCvgzydn3A0Puo9yG4Uz4DN/kvt3cCrSlAqBv
wsPEA8RI7EEIk5xD1NDnx6yULQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:27:28 2025 by rpki-client