Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/wPbnYcw3rd9hr9voeEnr0Qamrsw.roa
File: wPbnYcw3rd9hr9voeEnr0Qamrsw.roa (raw, json)
Hash identifier: DH4qt9E4HURZ+a5hoYK5XsPFhUtV8WlltajaIRHxKtQ=
Subject key identifier: C0:F6:E7:61:CC:37:AD:DF:61:AF:DB:E8:78:49:EB:D1:06:A6:AE:CC
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018570CBD2C999904F27C247F5C56C633DB7
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/wPbnYcw3rd9hr9voeEnr0Qamrsw.roa
Signing time: Mon 02 Jan 2023 04:44:43 +0000
ROA not before: Mon 02 Jan 2023 04:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28852
IP address blocks: 217.214.194.0/24 maxlen: 24
217.214.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:d2:c9:99:90:4f:27:c2:47:f5:c5:6c:63:3d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 2 04:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0f6e761cc37addf61afdbe87849ebd106a6aecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d3:39:28:1d:dd:ff:10:d2:a0:93:2b:ad:a3:
af:1f:67:d6:27:e4:18:a9:97:28:18:d6:78:69:8d:
bd:c2:6f:65:b5:4a:0a:0f:67:0f:b0:1c:bd:5e:de:
83:9a:2e:f7:f8:47:90:b9:6b:f1:ea:ba:c6:a1:d3:
d4:c8:ab:84:64:7e:3f:04:c5:03:aa:d3:e4:65:c5:
6b:0c:2c:ae:96:6c:32:97:8f:0e:8d:79:29:8f:84:
47:42:f6:57:ce:8a:90:58:e2:d2:cd:3e:7f:2d:8e:
82:31:ee:0e:a9:7f:36:45:94:42:b4:6b:7d:00:77:
f2:82:07:bb:ba:7a:b2:de:41:51:50:80:a6:65:e1:
c4:b4:41:eb:0e:1c:97:5c:1f:1a:63:f2:7d:5d:28:
7c:66:5b:40:df:ae:92:ae:f9:54:1d:76:6e:a7:8c:
3c:7a:b0:41:89:c3:87:c2:b4:7e:b4:33:52:ee:09:
9e:01:e4:dc:e8:18:d0:d6:7e:28:eb:bc:03:fa:f0:
7d:2d:78:6e:29:c0:7e:97:9c:c9:40:24:cb:c1:2a:
7b:0b:17:ab:b1:87:a8:f6:35:1b:1b:bf:38:81:4d:
22:ca:2f:8f:c9:c0:2d:6a:db:f2:6b:26:77:78:70:
40:da:e0:5d:38:3b:91:fd:a8:a6:49:e1:4e:f1:51:
2b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F6:E7:61:CC:37:AD:DF:61:AF:DB:E8:78:49:EB:D1:06:A6:AE:CC
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/wPbnYcw3rd9hr9voeEnr0Qamrsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.214.194.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:b7:db:b8:a1:b9:7d:7d:48:4b:be:ee:80:b8:7d:ba:7c:97:
fc:92:a9:14:36:f3:ed:f9:a6:2c:90:5f:0a:31:5e:4b:ca:23:
3e:a8:70:fd:02:48:d5:2f:48:34:2d:2d:17:89:bd:20:3d:f4:
cd:2a:d2:76:de:59:ac:b1:30:05:ee:a9:1e:ac:d1:9f:64:f3:
c3:1b:c8:cb:df:fe:96:c3:8d:d6:a7:5e:98:ef:bb:d4:9d:9e:
9e:3a:5d:bd:de:df:70:8c:fb:ba:cd:c1:7a:5a:ca:c9:d7:e3:
24:88:30:aa:d4:cd:57:b2:f0:da:24:d7:55:f8:70:da:97:2a:
4d:1e:7c:0d:77:16:8d:83:5a:2e:01:b1:c4:7d:02:3b:4f:43:
3f:a9:28:4e:1e:e7:e6:8d:36:0c:c9:13:97:cf:90:ce:7c:b4:
e1:23:c9:68:63:86:a4:8a:d9:61:ef:7e:21:52:d1:b3:e6:3e:
b3:4d:f8:6e:8d:e0:9d:77:78:67:3a:c0:9c:77:73:41:41:36:
81:44:2c:3a:3e:9b:02:fa:94:15:c4:e7:9a:cb:30:99:2a:63:
a7:e2:56:8a:e6:07:5a:a8:1e:6d:7f:bc:30:eb:9a:4c:79:ca:
e3:22:d5:72:8a:14:3a:1c:6c:8b:83:12:10:30:ed:95:e2:4c:
df:e1:0b:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy9LJmZBPJ8JH9cVsYz23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjMwMTAyMDQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGY2ZTc2MWNjMzdhZGRmNjFhZmRiZTg3ODQ5ZWJkMTA2YTZhZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNM5KB3d/xDSoJMrraOvH2fWJ+QY
qZcoGNZ4aY29wm9ltUoKD2cPsBy9Xt6Dmi73+EeQuWvx6rrGodPUyKuEZH4/BMUD
qtPkZcVrDCyulmwyl48OjXkpj4RHQvZXzoqQWOLSzT5/LY6CMe4OqX82RZRCtGt9
AHfygge7unqy3kFRUICmZeHEtEHrDhyXXB8aY/J9XSh8ZltA366SrvlUHXZup4w8
erBBicOHwrR+tDNS7gmeAeTc6BjQ1n4o67wD+vB9LXhuKcB+l5zJQCTLwSp7Cxer
sYeo9jUbG784gU0iyi+PycAtatvyayZ3eHBA2uBdODuR/aimSeFO8VErYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMD252HMN63fYa/b6HhJ69EGpq7MMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvd1BiblljdzNyZDlocjl2b2VFbnIwUWFtcnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2dbCMA0G
CSqGSIb3DQEBCwUAA4IBAQANt9u4obl9fUhLvu6AuH26fJf8kqkUNvPt+aYskF8K
MV5LyiM+qHD9AkjVL0g0LS0Xib0gPfTNKtJ23lmssTAF7qkerNGfZPPDG8jL3/6W
w43Wp16Y77vUnZ6eOl293t9wjPu6zcF6WsrJ1+MkiDCq1M1XsvDaJNdV+HDalypN
HnwNdxaNg1ouAbHEfQI7T0M/qShOHufmjTYMyROXz5DOfLThI8loY4akitlh734h
UtGz5j6zTfhujeCdd3hnOsCcd3NBQTaBRCw6PpsC+pQVxOeayzCZKmOn4laK5gda
qB5tf7ww65pMecrjItVyihQ6HGyLgxIQMO2V4kzf4QvE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:00 2025 by rpki-client