Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/BOsBzSuUegbgxNgfngukyJAEVBA.roa
File: BOsBzSuUegbgxNgfngukyJAEVBA.roa (raw, json)
Hash identifier: YkLJYh2nAlCLAw8CR8QaHOuHOjpb8N3tJ51cUbgQDws=
Subject key identifier: 04:EB:01:CD:2B:94:7A:06:E0:C4:D8:1F:9E:0B:A4:C8:90:04:54:10
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 018774A64908B706C3E8FE48B17B2D147522
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/BOsBzSuUegbgxNgfngukyJAEVBA.roa
Signing time: Wed 12 Apr 2023 08:47:47 +0000
ROA not before: Wed 12 Apr 2023 08:47:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 217.147.166.0/24 maxlen: 24
217.147.167.0/24 maxlen: 24
217.147.169.0/24 maxlen: 24
217.147.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:a6:49:08:b7:06:c3:e8:fe:48:b1:7b:2d:14:75:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Apr 12 08:47:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04eb01cd2b947a06e0c4d81f9e0ba4c890045410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cc:85:61:c1:5e:0d:05:75:8e:1c:32:70:3c:
60:22:88:99:80:77:2b:4c:b4:32:44:16:88:ac:d5:
f2:db:0d:15:96:3e:e4:ed:ca:70:2b:57:8c:5e:f6:
2d:ae:d4:9e:14:7f:a9:9b:30:73:6b:a5:7f:66:99:
c3:bb:f2:97:0c:84:27:3a:f0:4b:bf:25:43:7d:cf:
c4:36:d6:80:bb:22:86:f1:f3:b3:ba:53:9f:83:4f:
d2:f3:4f:e1:59:d4:bc:9e:04:91:b6:ca:87:e4:d0:
ba:8e:c8:b9:0d:90:28:44:0d:05:25:e0:fa:36:14:
7b:2e:1e:7a:0e:99:72:41:90:6b:09:37:d2:a9:84:
c9:35:8d:b4:23:57:ba:24:df:4c:4f:d4:76:35:a8:
7d:03:7a:01:a7:b8:d5:ea:85:24:71:6b:05:30:fc:
0b:72:4f:4d:30:b6:ba:fd:d3:56:88:83:5d:72:5e:
d3:91:dc:76:44:01:0a:6f:07:81:bf:8b:af:c9:8e:
2b:32:e5:ff:ef:0a:b0:ef:c8:83:93:da:66:4f:23:
f0:79:b6:34:01:63:ac:28:0b:22:9b:eb:e7:6d:08:
16:23:2c:9d:8b:8b:12:f7:4b:e3:d7:2c:1b:77:aa:
5d:f1:ae:d9:d2:1f:bb:fb:f3:14:c8:98:a7:03:83:
7d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EB:01:CD:2B:94:7A:06:E0:C4:D8:1F:9E:0B:A4:C8:90:04:54:10
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/BOsBzSuUegbgxNgfngukyJAEVBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.166.0-217.147.169.255
Signature Algorithm: sha256WithRSAEncryption
61:59:45:c0:73:df:01:1a:49:32:2b:8e:dc:a1:20:ba:7c:e5:
91:72:44:ff:46:3e:60:63:b0:fd:86:b6:bf:b3:42:71:30:c4:
ce:60:eb:0a:8b:7b:e5:19:31:91:d7:54:48:98:3c:31:20:dc:
1b:88:74:67:2f:91:a9:09:17:9f:c7:42:f2:11:e4:82:5f:43:
15:97:85:ef:52:65:49:a0:e0:15:62:e3:84:df:88:73:cd:03:
06:a0:0b:81:6e:d3:f6:b2:3b:dc:75:ed:a2:2f:d6:e9:01:e1:
d4:e5:ac:78:63:38:a7:6d:a7:8b:44:18:ca:c9:a6:5a:39:3d:
11:d2:7b:51:1c:df:89:7d:77:81:63:7c:38:ac:77:ea:19:73:
2c:57:1a:4b:d3:59:eb:ef:59:ea:94:0b:5e:c2:4b:f5:d9:85:
ce:9f:37:7d:ec:3f:65:12:6a:d3:e7:a5:ed:99:ea:15:e4:6e:
9c:ef:5d:11:31:11:89:4f:5a:1b:94:44:73:55:0f:f3:a5:98:
6a:b3:bc:66:c2:61:66:06:90:04:73:cf:2d:e7:b4:1d:3a:e9:
2b:11:60:86:63:5c:a5:b8:50:04:04:f0:02:bb:4b:64:04:13:
ef:b5:9e:a0:2f:16:3f:af:b1:26:c5:5e:6b:cf:8f:db:d6:90:
ab:a8:6c:3f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYd0pkkItwbD6P5IsXstFHUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjMwNDEyMDg0NzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGViMDFjZDJiOTQ3YTA2ZTBjNGQ4MWY5ZTBiYTRjODkwMDQ1NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsyFYcFeDQV1jhwycDxgIoiZgHcr
TLQyRBaIrNXy2w0Vlj7k7cpwK1eMXvYtrtSeFH+pmzBza6V/ZpnDu/KXDIQnOvBL
vyVDfc/ENtaAuyKG8fOzulOfg0/S80/hWdS8ngSRtsqH5NC6jsi5DZAoRA0FJeD6
NhR7Lh56DplyQZBrCTfSqYTJNY20I1e6JN9MT9R2Nah9A3oBp7jV6oUkcWsFMPwL
ck9NMLa6/dNWiINdcl7Tkdx2RAEKbweBv4uvyY4rMuX/7wqw78iDk9pmTyPwebY0
AWOsKAsim+vnbQgWIyydi4sS90vj1ywbd6pd8a7Z0h+7+/MUyJinA4N9ZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFATrAc0rlHoG4MTYH54LpMiQBFQQMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvQk9zQnpTdVVlZ2JneE5nZm5ndWt5SkFFVkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHZk6YD
BAHZk6gwDQYJKoZIhvcNAQELBQADggEBAGFZRcBz3wEaSTIrjtyhILp85ZFyRP9G
PmBjsP2Gtr+zQnEwxM5g6wqLe+UZMZHXVEiYPDEg3BuIdGcvkakJF5/HQvIR5IJf
QxWXhe9SZUmg4BVi44TfiHPNAwagC4Fu0/ayO9x17aIv1ukB4dTlrHhjOKdtp4tE
GMrJplo5PRHSe1Ec34l9d4FjfDisd+oZcyxXGkvTWevvWeqUC17CS/XZhc6fN33s
P2USatPnpe2Z6hXkbpzvXRExEYlPWhuURHNVD/OlmGqzvGbCYWYGkARzzy3ntB06
6SsRYIZjXKW4UAQE8AK7S2QEE++1nqAvFj+vsSbFXmvPj9vWkKuobD8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:44 2025 by rpki-client