Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/IkhvDVjDhe9hgai0ZtD0iAdS_dI.roa
File: IkhvDVjDhe9hgai0ZtD0iAdS_dI.roa (raw, json)
Hash identifier: 7kbBuvLifwNNeJ5nbFrD/o/Pni00iYrYui5HFpdIwhQ=
Subject key identifier: 22:48:6F:0D:58:C3:85:EF:61:81:A8:B4:66:D0:F4:88:07:52:FD:D2
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 03E1A664
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/IkhvDVjDhe9hgai0ZtD0iAdS_dI.roa
Signing time: Sat 01 Jan 2022 03:59:20 +0000
ROA not before: Sat 01 Jan 2022 03:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21379
IP address blocks: 217.147.160.0/24 maxlen: 24
217.147.161.0/24 maxlen: 24
217.147.162.0/24 maxlen: 24
217.147.163.0/24 maxlen: 24
217.147.164.0/24 maxlen: 24
217.147.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65119844 (0x3e1a664)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jan 1 03:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22486f0d58c385ef6181a8b466d0f4880752fdd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:79:0d:13:a5:30:51:5a:23:ab:dc:8b:9c:a8:
34:ed:db:ac:c8:5f:dc:c1:a3:1f:05:ac:40:f8:ef:
7c:cb:86:38:cf:29:37:a5:e3:bb:05:36:f0:5c:f2:
48:17:12:ed:6f:a8:ea:22:c4:e3:10:6e:96:82:0f:
b3:44:5d:b3:f2:15:64:54:16:57:ed:b6:f1:8b:a7:
e2:c0:34:a6:fa:d8:0f:39:eb:21:3c:10:ce:73:b8:
91:60:bd:6c:1c:e3:cc:ee:d6:c1:3a:e0:4d:ef:80:
30:9f:c0:61:03:1b:ff:bb:30:a0:0d:98:ec:56:27:
f5:a7:c2:a2:35:b1:57:a4:15:92:c1:b7:f3:41:66:
80:02:84:9a:41:93:80:c6:55:25:77:fa:4d:9f:35:
0d:93:83:d8:96:e6:40:2e:f3:bd:48:e0:eb:a4:1a:
56:1f:08:14:d3:d5:69:f1:e6:29:e3:f0:b7:95:7b:
24:59:4c:3c:99:be:03:81:db:e8:82:8e:fc:5e:b9:
2c:ed:0d:17:c3:e9:f7:91:92:cb:fb:c9:95:a6:ca:
bd:ec:e5:c3:f5:ba:55:6e:24:7b:66:06:66:1e:b7:
a1:eb:7c:1b:05:17:f9:82:5e:95:1f:cb:14:58:02:
34:ec:f0:74:86:de:e0:6d:e8:8a:d3:af:c1:97:04:
e5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:48:6F:0D:58:C3:85:EF:61:81:A8:B4:66:D0:F4:88:07:52:FD:D2
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/IkhvDVjDhe9hgai0ZtD0iAdS_dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.160.0-217.147.165.255
Signature Algorithm: sha256WithRSAEncryption
85:6d:c2:13:bf:98:08:60:75:73:5f:c9:1c:23:e4:96:df:2c:
d6:0c:7c:4c:47:6e:5a:f6:f8:ee:cb:a3:d9:f6:b1:e3:59:dc:
6c:e8:29:6b:2d:b0:af:39:78:cf:ab:8f:39:0a:61:7e:55:3a:
fc:ab:d5:c5:02:81:a6:e1:89:e4:00:59:cb:a2:95:3f:f7:82:
67:99:d5:60:40:96:12:26:91:26:44:f5:ab:5d:7c:76:12:99:
30:cd:7a:8c:dd:be:06:e3:93:ff:fc:3f:57:1d:c8:8b:b2:12:
b5:06:b8:04:28:15:be:65:46:33:e7:ad:ec:29:c0:c0:97:22:
db:da:49:f0:1f:a9:d9:30:5e:39:03:ea:0f:39:88:74:ef:31:
7d:38:cd:ce:aa:a9:a7:5e:67:3f:f1:43:f0:e2:5c:2e:d3:23:
f4:b7:36:62:22:d4:93:9a:79:40:aa:1b:07:45:f3:71:17:ce:
e4:cb:d0:7d:12:3e:a1:94:d4:f5:47:37:e7:ae:cf:9f:03:96:
d1:b9:dc:f6:3f:17:2f:a7:b6:94:64:09:c4:b8:0d:6d:d0:17:
00:a2:bd:c0:72:b1:78:5b:11:b0:0c:03:a1:28:55:ef:a4:ac:
bd:a0:f2:c4:bb:9b:3e:73:8a:03:2b:36:1f:4a:ad:78:45:2b:
30:b5:2e:50
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEA+GmZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmY4YWIyYmEyNDg3OWU0NWM0NDU0ODZmY2ViMjFhZjQ2NjU2ZDVhMB4XDTIyMDEw
MTAzNTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI0ODZmMGQ1OGMz
ODVlZjYxODFhOGI0NjZkMGY0ODgwNzUyZmRkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANt5DROlMFFaI6vci5yoNO3brMhf3MGjHwWsQPjvfMuGOM8p
N6XjuwU28FzySBcS7W+o6iLE4xBuloIPs0Rds/IVZFQWV+228Yun4sA0pvrYDznr
ITwQznO4kWC9bBzjzO7WwTrgTe+AMJ/AYQMb/7swoA2Y7FYn9afCojWxV6QVksG3
80FmgAKEmkGTgMZVJXf6TZ81DZOD2JbmQC7zvUjg66QaVh8IFNPVafHmKePwt5V7
JFlMPJm+A4Hb6IKO/F65LO0NF8Pp95GSy/vJlabKvezlw/W6VW4ke2YGZh63oet8
GwUX+YJelR/LFFgCNOzwdIbe4G3oitOvwZcE5c8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQiSG8NWMOF72GBqLRm0PSIB1L90jAfBgNVHSMEGDAWgBRC+Ksrokh55FxE
VIb86yGvRmVtWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1F2aXJLNkpJZWVSY1JGU0dfT3NocjBabGJWby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvYzE3YzVkLTc1NDMtNDQwZi04NzhmLTE3NjlmZWY2YmU5Ni8x
L0lraHZEVmpEaGU5aGdhaTBadEQwaUFkU19kSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
YzE3YzVkLTc1NDMtNDQwZi04NzhmLTE3NjlmZWY2YmU5Ni8xL1F2aXJLNkpJZWVS
Y1JGU0dfT3NocjBabGJWby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQF2ZOgAwQB2ZOkMA0GCSqGSIb3
DQEBCwUAA4IBAQCFbcITv5gIYHVzX8kcI+SW3yzWDHxMR25a9vjuy6PZ9rHjWdxs
6ClrLbCvOXjPq485CmF+VTr8q9XFAoGm4YnkAFnLopU/94JnmdVgQJYSJpEmRPWr
XXx2EpkwzXqM3b4G45P//D9XHciLshK1BrgEKBW+ZUYz563sKcDAlyLb2knwH6nZ
MF45A+oPOYh07zF9OM3OqqmnXmc/8UPw4lwu0yP0tzZiItSTmnlAqhsHRfNxF87k
y9B9Ej6hlNT1Rzfnrs+fA5bRudz2Pxcvp7aUZAnEuA1t0BcAor3AcrF4WxGwDAOh
KFXvpKy9oPLEu5s+c4oDKzYfSq14RSswtS5Q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:44 2025 by rpki-client