Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/zI4b7z4hTzgB6R_U44ZaCNcC-Oc.roa
File: zI4b7z4hTzgB6R_U44ZaCNcC-Oc.roa (raw, json)
Hash identifier: fFSgzNYCYKWw9vv1/I1h6DxddJUJRy5c7V0ebILPH74=
Subject key identifier: CC:8E:1B:EF:3E:21:4F:38:01:E9:1F:D4:E3:86:5A:08:D7:02:F8:E7
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 018774539A80EA08F2CBDB6C61FA6307477C
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/zI4b7z4hTzgB6R_U44ZaCNcC-Oc.roa
Signing time: Wed 12 Apr 2023 07:17:28 +0000
ROA not before: Wed 12 Apr 2023 07:17:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206963
IP address blocks: 217.147.166.0/24 maxlen: 24
217.147.167.0/24 maxlen: 24
217.147.168.0/24 maxlen: 24
217.147.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:53:9a:80:ea:08:f2:cb:db:6c:61:fa:63:07:47:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Apr 12 07:17:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc8e1bef3e214f3801e91fd4e3865a08d702f8e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fc:f4:4a:27:29:f9:fd:b6:cd:6f:ad:3b:1f:
a9:b8:5d:ea:4c:d8:0c:b8:b9:4c:06:73:ee:88:6f:
29:0b:c5:41:9f:d4:8d:5b:3c:c1:71:e3:01:af:b8:
18:34:82:53:c0:b7:c8:06:30:99:60:aa:96:0f:16:
61:ed:f4:39:9e:49:94:72:09:3e:89:7d:35:40:6b:
5c:98:9d:ca:15:44:72:56:0b:d9:c2:c0:5b:73:f4:
67:3c:5f:3f:ab:17:fc:c4:ea:9f:5f:f0:e8:b4:7a:
90:10:8f:13:db:f6:b5:bb:6e:80:23:81:c6:c3:51:
a3:f3:fe:40:45:24:ac:87:8f:32:58:8a:48:9c:44:
b1:b0:f2:5a:3a:b5:d1:cc:50:15:a0:d1:07:47:2b:
a4:52:9d:eb:62:20:4d:fa:2a:96:ae:0d:9a:6f:b2:
14:c6:97:30:ff:fa:cc:cf:14:ee:d6:64:d0:b4:c3:
74:35:8e:db:9f:e2:58:34:d3:a5:c7:2e:e6:1d:8a:
d5:2f:5e:e8:fd:3b:3b:6b:17:47:a4:b9:6c:18:ca:
73:bb:33:da:19:b6:c2:fb:8a:60:09:d9:b3:74:e8:
77:8a:a0:aa:95:72:85:d6:71:e1:68:6c:d2:ca:0a:
aa:63:5c:e1:0f:ed:21:c9:d1:2a:9e:bf:f8:71:43:
05:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:8E:1B:EF:3E:21:4F:38:01:E9:1F:D4:E3:86:5A:08:D7:02:F8:E7
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/zI4b7z4hTzgB6R_U44ZaCNcC-Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.166.0-217.147.169.255
Signature Algorithm: sha256WithRSAEncryption
63:9c:24:8f:6f:ac:45:d2:3d:4b:21:ae:3a:9f:81:03:02:4a:
1a:4f:0d:0f:1a:96:7c:8c:d7:2b:90:02:6e:62:d5:4d:94:d3:
b4:0b:2e:5d:e4:b9:e6:58:1b:f5:ba:26:44:91:7b:38:3f:48:
60:6d:a3:58:46:cb:6f:74:de:66:94:c8:52:39:be:c1:a1:e4:
7d:7c:26:e9:cb:23:b6:b7:45:a7:93:a6:dd:db:8d:29:2e:16:
87:64:e0:dd:e7:df:e3:a3:88:17:a6:db:1c:ef:5e:77:14:0c:
f0:0a:fc:18:47:d7:65:ae:43:20:a4:7e:4b:36:d4:f9:2e:df:
e1:f0:af:d5:57:f3:98:f4:66:2f:c6:b2:a1:22:6d:07:88:ef:
fd:53:35:e1:d2:9c:f4:ba:81:a4:85:57:b7:55:aa:1f:c7:4c:
73:42:28:de:4d:e9:27:12:ae:17:49:9c:5e:90:ff:35:a7:79:
d3:7d:80:00:98:f9:5b:c3:43:03:34:83:02:20:09:c0:92:fe:
29:25:93:7d:c2:90:fa:2b:ac:b2:60:58:f0:60:be:4e:79:6c:
ff:91:ac:4b:ba:ae:56:de:b5:02:9d:62:5e:6a:27:04:21:f2:
40:4b:3a:bc:a6:80:bf:d6:59:23:c6:28:7f:67:6e:b3:3c:45:
86:ee:cb:2a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYd0U5qA6gjyy9tsYfpjB0d8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjMwNDEyMDcxNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzhlMWJlZjNlMjE0ZjM4MDFlOTFmZDRlMzg2NWEwOGQ3MDJmOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPz0Sicp+f22zW+tOx+puF3qTNgM
uLlMBnPuiG8pC8VBn9SNWzzBceMBr7gYNIJTwLfIBjCZYKqWDxZh7fQ5nkmUcgk+
iX01QGtcmJ3KFURyVgvZwsBbc/RnPF8/qxf8xOqfX/DotHqQEI8T2/a1u26AI4HG
w1Gj8/5ARSSsh48yWIpInESxsPJaOrXRzFAVoNEHRyukUp3rYiBN+iqWrg2ab7IU
xpcw//rMzxTu1mTQtMN0NY7bn+JYNNOlxy7mHYrVL17o/Ts7axdHpLlsGMpzuzPa
GbbC+4pgCdmzdOh3iqCqlXKF1nHhaGzSygqqY1zhD+0hydEqnr/4cUMFIwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMyOG+8+IU84Aekf1OOGWgjXAvjnMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvekk0Yjd6NGhUemdCNlJfVTQ0WmFDTmNDLU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHZk6YD
BAHZk6gwDQYJKoZIhvcNAQELBQADggEBAGOcJI9vrEXSPUshrjqfgQMCShpPDQ8a
lnyM1yuQAm5i1U2U07QLLl3kueZYG/W6JkSRezg/SGBto1hGy2903maUyFI5vsGh
5H18JunLI7a3RaeTpt3bjSkuFodk4N3n3+OjiBem2xzvXncUDPAK/BhH12WuQyCk
fks21Pku3+Hwr9VX85j0Zi/GsqEibQeI7/1TNeHSnPS6gaSFV7dVqh/HTHNCKN5N
6ScSrhdJnF6Q/zWnedN9gACY+VvDQwM0gwIgCcCS/iklk33CkPorrLJgWPBgvk55
bP+RrEu6rlbetQKdYl5qJwQh8kBLOrymgL/WWSPGKH9nbrM8RYbuyyo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:34 2025 by rpki-client