Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/Rgu8wRf12XvsKbZXuaScD-oAJr0.roa
File: Rgu8wRf12XvsKbZXuaScD-oAJr0.roa (raw, json)
Hash identifier: 0dO5GqUzgbnp2TMnrSvOMv3ocGCjD+MDOKV6Vh30L7E=
Subject key identifier: 46:0B:BC:C1:17:F5:D9:7B:EC:29:B6:57:B9:A4:9C:0F:EA:00:26:BD
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 0554EFDA
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/Rgu8wRf12XvsKbZXuaScD-oAJr0.roa
Signing time: Fri 10 Jun 2022 09:15:04 +0000
ROA not before: Fri 10 Jun 2022 09:15:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21379
IP address blocks: 217.147.160.0/24 maxlen: 24
217.147.161.0/24 maxlen: 24
217.147.162.0/24 maxlen: 24
217.147.163.0/24 maxlen: 24
217.147.164.0/24 maxlen: 24
217.147.165.0/24 maxlen: 24
217.147.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89452506 (0x554efda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jun 10 09:15:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=460bbcc117f5d97bec29b657b9a49c0fea0026bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:01:e4:50:6d:90:11:6a:5a:88:9f:f8:d3:bb:
9f:fb:49:fc:05:71:35:d6:60:1e:f7:99:35:d3:e0:
fa:16:9c:92:44:78:a9:ea:55:bf:d2:8e:e8:57:09:
74:ff:70:bb:58:bc:a9:72:e2:1e:e8:ff:66:33:6f:
4c:f6:a9:0a:40:fa:0e:f6:86:2d:b4:76:12:04:a1:
fc:11:33:bf:c5:f5:7b:f7:bd:76:aa:9c:c3:87:00:
8c:39:10:cc:78:64:e4:ac:76:c4:35:f2:6c:42:30:
72:26:a2:50:aa:fc:6f:74:37:8d:83:d4:72:00:d9:
11:8c:56:73:1b:02:3b:d6:08:7b:75:03:09:9c:b9:
c1:ec:67:7e:d2:e6:79:62:38:80:7a:bf:66:eb:77:
09:91:65:60:19:6c:45:1e:4f:09:7a:bb:e9:c4:cf:
39:49:71:64:05:d5:80:6a:21:4f:15:8d:92:c0:87:
0e:b3:87:21:50:6b:f1:99:90:07:9d:66:d8:bd:03:
38:d7:9d:40:7f:cc:33:c8:99:9c:30:dc:a8:b6:d6:
2f:4c:9d:95:c0:99:ed:41:91:7f:0d:0e:b3:8a:73:
8b:34:de:c3:1f:e6:66:65:55:55:b9:e0:05:fe:c6:
a7:8c:89:fe:ff:20:d4:fc:2c:39:a7:52:7c:92:8d:
f8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:0B:BC:C1:17:F5:D9:7B:EC:29:B6:57:B9:A4:9C:0F:EA:00:26:BD
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/Rgu8wRf12XvsKbZXuaScD-oAJr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.160.0-217.147.165.255
217.147.169.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:35:63:b0:08:7d:cb:69:64:55:7e:4b:ab:a0:4f:91:21:fb:
d3:22:c8:6e:b1:b5:80:e6:c8:3e:07:f1:f8:5f:55:48:54:61:
4d:7d:2d:43:8e:08:4d:8a:a9:d4:d1:e3:b1:68:5b:86:25:e3:
6f:e1:82:b2:f4:50:bb:fc:0c:ac:5d:4c:c7:cd:cc:98:e1:d8:
64:79:49:1c:75:dd:8b:47:88:48:71:d1:3f:a9:36:40:f3:bc:
56:1c:21:f1:54:88:96:68:de:2c:f0:79:ac:c4:e5:57:d5:63:
13:cf:f6:7d:61:e3:2c:7b:1e:1e:72:12:f1:5a:5d:b9:ef:cd:
d7:97:d8:91:b1:0c:d3:69:c3:cc:e0:91:c9:5f:09:4c:03:d1:
2f:6a:ce:a3:f4:52:da:96:ea:e5:39:33:32:a4:fc:0e:67:9f:
e0:1a:57:68:5e:d0:ba:65:91:97:c0:d7:96:14:43:13:2c:55:
cb:c8:26:23:77:9d:dd:39:db:46:5f:89:c0:81:69:f7:b1:66:
7f:b6:e0:2f:31:0d:68:e6:cf:9d:8f:94:8d:e3:77:50:eb:f7:
3e:66:a7:36:21:73:ae:eb:6e:f8:b9:6d:f0:bd:42:ac:d4:3b:
4e:10:3c:e6:62:4e:8f:de:b7:4e:ae:38:6f:ef:34:31:65:7d:
8b:9c:97:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBVTv2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmY4YWIyYmEyNDg3OWU0NWM0NDU0ODZmY2ViMjFhZjQ2NjU2ZDVhMB4XDTIyMDYx
MDA5MTUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDYwYmJjYzExN2Y1
ZDk3YmVjMjliNjU3YjlhNDljMGZlYTAwMjZiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQB5FBtkBFqWoif+NO7n/tJ/AVxNdZgHveZNdPg+hackkR4
qepVv9KO6FcJdP9wu1i8qXLiHuj/ZjNvTPapCkD6DvaGLbR2EgSh/BEzv8X1e/e9
dqqcw4cAjDkQzHhk5Kx2xDXybEIwciaiUKr8b3Q3jYPUcgDZEYxWcxsCO9YIe3UD
CZy5wexnftLmeWI4gHq/Zut3CZFlYBlsRR5PCXq76cTPOUlxZAXVgGohTxWNksCH
DrOHIVBr8ZmQB51m2L0DONedQH/MM8iZnDDcqLbWL0ydlcCZ7UGRfw0Os4pzizTe
wx/mZmVVVbngBf7Gp4yJ/v8g1PwsOadSfJKN+AkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRGC7zBF/XZe+wptle5pJwP6gAmvTAfBgNVHSMEGDAWgBRC+Ksrokh55FxE
VIb86yGvRmVtWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1F2aXJLNkpJZWVSY1JGU0dfT3NocjBabGJWby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvYzE3YzVkLTc1NDMtNDQwZi04NzhmLTE3NjlmZWY2YmU5Ni8x
L1JndTh3UmYxMlh2c0tiWlh1YVNjRC1vQUpyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
YzE3YzVkLTc1NDMtNDQwZi04NzhmLTE3NjlmZWY2YmU5Ni8xL1F2aXJLNkpJZWVS
Y1JGU0dfT3NocjBabGJWby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQF2ZOgAwQB2ZOkAwQA2ZOpMA0G
CSqGSIb3DQEBCwUAA4IBAQB/NWOwCH3LaWRVfkuroE+RIfvTIshusbWA5sg+B/H4
X1VIVGFNfS1DjghNiqnU0eOxaFuGJeNv4YKy9FC7/AysXUzHzcyY4dhkeUkcdd2L
R4hIcdE/qTZA87xWHCHxVIiWaN4s8HmsxOVX1WMTz/Z9YeMsex4echLxWl25783X
l9iRsQzTacPM4JHJXwlMA9Evas6j9FLalurlOTMypPwOZ5/gGldoXtC6ZZGXwNeW
FEMTLFXLyCYjd53dOdtGX4nAgWn3sWZ/tuAvMQ1o5s+dj5SN43dQ6/c+Zqc2IXOu
6274uW3wvUKs1DtOEDzmYk6P3rdOrjhv7zQxZX2LnJfK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:15 2025 by rpki-client