Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/pO63jnhx1GUG4YJdC7thb5DQS-w.roa
File: pO63jnhx1GUG4YJdC7thb5DQS-w.roa (raw, json)
Hash identifier: 6OD4GReg7rgqCyWzVz8sQhQU1Y2soF8rTmPuAOeZqR0=
Subject key identifier: A4:EE:B7:8E:78:71:D4:65:06:E1:82:5D:0B:BB:61:6F:90:D0:4B:EC
Certificate issuer: /CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Certificate serial: 018A03894FC95DFC03C32232262012577AC2
Authority key identifier: 11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/pO63jnhx1GUG4YJdC7thb5DQS-w.roa
Signing time: Thu 17 Aug 2023 12:47:24 +0000
ROA not before: Thu 17 Aug 2023 12:47:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34458
IP address blocks: 217.150.82.0/24 maxlen: 24
217.150.83.0/24 maxlen: 24
217.150.80.0/24 maxlen: 24
217.150.84.0/24 maxlen: 24
217.150.81.0/24 maxlen: 24
217.150.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:89:4f:c9:5d:fc:03:c3:22:32:26:20:12:57:7a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11dd0ebff5ba38a8758b794d04d62905194a3266
Validity
Not Before: Aug 17 12:47:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4eeb78e7871d46506e1825d0bbb616f90d04bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b6:fe:18:d9:eb:6e:28:6f:7c:b5:4d:1e:d2:
5a:54:59:71:f9:ae:a6:cc:94:9c:a9:ad:f6:e9:16:
4c:12:bc:7c:18:f4:d6:a1:14:5c:2d:57:81:f4:68:
c7:6f:a1:62:8e:0d:bd:4e:16:b5:49:68:0a:f3:77:
a3:84:63:f2:25:c1:b2:64:a4:fc:33:9a:e5:a5:c4:
29:b3:3c:64:d7:90:a5:8d:13:d5:63:5f:e6:90:6a:
76:2d:e1:d9:85:02:19:17:27:58:22:8a:cd:a5:b7:
c1:e7:57:b2:04:63:5f:ca:36:3c:3d:a0:c1:b4:93:
23:6a:ef:15:90:cd:44:b8:06:be:ae:50:b1:ed:a0:
cc:ca:8f:42:cb:e5:dc:d5:a2:b8:ba:b4:f2:b3:29:
52:95:99:40:9c:42:55:3c:37:10:94:b7:e5:f2:7f:
65:3a:bf:ce:e0:74:d8:8c:0c:67:b3:90:d6:73:51:
21:9e:1e:dd:b2:d9:87:44:2d:f6:9b:23:5b:93:19:
a7:ab:81:1e:7f:eb:84:65:04:0a:29:94:e1:60:ea:
05:ab:0f:22:30:b7:c2:af:f2:b3:e4:f1:fe:9d:35:
fb:b3:cb:d4:94:6a:f0:71:8f:c7:44:b6:ac:92:43:
0e:eb:fc:2c:9c:ff:90:37:a0:95:15:65:db:fd:36:
e3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EE:B7:8E:78:71:D4:65:06:E1:82:5D:0B:BB:61:6F:90:D0:4B:EC
X509v3 Authority Key Identifier:
keyid:11:DD:0E:BF:F5:BA:38:A8:75:8B:79:4D:04:D6:29:05:19:4A:32:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/pO63jnhx1GUG4YJdC7thb5DQS-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a66a29-51cc-4ba9-884f-f17613ea49e7/1/Ed0Ov_W6OKh1i3lNBNYpBRlKMmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.80.0-217.150.85.255
Signature Algorithm: sha256WithRSAEncryption
7e:8a:df:f3:f5:5c:6b:65:48:d1:b0:e7:cb:f3:4f:54:b9:40:
f9:5e:85:f7:ce:df:27:cd:08:7b:13:3e:ac:94:57:f8:26:45:
a7:1d:e4:c2:30:88:07:0c:5f:cb:19:ee:7b:b2:4b:09:24:47:
50:24:be:a1:74:91:9c:20:77:2f:ba:a8:0b:9b:05:03:aa:cf:
66:ac:88:c9:68:ff:03:35:b8:cc:97:b1:1e:b6:98:be:00:b1:
1e:04:ab:07:4c:19:3d:b8:a8:0c:6f:6a:ae:47:7f:b1:93:e7:
5f:b6:79:0b:51:13:84:0c:45:c5:40:03:92:bd:53:19:78:8b:
77:12:74:23:15:19:1c:03:94:88:15:e9:52:7c:12:2a:3e:92:
59:0d:bf:cf:b9:19:e8:92:ea:23:3b:81:c6:38:d3:bb:53:d6:
7f:a3:d9:0a:28:cf:fc:68:4f:76:46:59:81:34:7a:d2:5c:41:
f6:dc:59:1e:bd:f8:67:d5:80:8b:e9:53:1f:33:66:e4:64:42:
a3:df:d3:9f:f4:95:c3:e4:58:51:73:cb:ba:26:6b:68:be:40:
e9:1d:06:dd:13:02:66:20:2a:33:78:ce:72:c7:da:de:b7:71:
36:9f:2a:f5:51:73:25:1d:f3:be:4d:6c:4e:18:0e:dc:69:73:
66:03:ce:e8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYoDiU/JXfwDwyIyJiASV3rCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZGQwZWJmZjViYTM4YTg3NThiNzk0ZDA0ZDYyOTA1MTk0
YTMyNjYwHhcNMjMwODE3MTI0NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGVlYjc4ZTc4NzFkNDY1MDZlMTgyNWQwYmJiNjE2ZjkwZDA0YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorb+GNnrbihvfLVNHtJaVFlx+a6m
zJScqa326RZMErx8GPTWoRRcLVeB9GjHb6Fijg29Tha1SWgK83ejhGPyJcGyZKT8
M5rlpcQpszxk15CljRPVY1/mkGp2LeHZhQIZFydYIorNpbfB51eyBGNfyjY8PaDB
tJMjau8VkM1EuAa+rlCx7aDMyo9Cy+Xc1aK4urTysylSlZlAnEJVPDcQlLfl8n9l
Or/O4HTYjAxns5DWc1Ehnh7dstmHRC32myNbkxmnq4Eef+uEZQQKKZThYOoFqw8i
MLfCr/Kz5PH+nTX7s8vUlGrwcY/HRLaskkMO6/wsnP+QN6CVFWXb/Tbj5wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKTut454cdRlBuGCXQu7YW+Q0EvsMB8GA1UdIwQY
MBaAFBHdDr/1ujiodYt5TQTWKQUZSjJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYt
ZjE3NjEzZWE0OWU3LzEvcE82M2puaHgxR1VHNFlKZEM3dGhiNURRUy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hNjZhMjktNTFjYy00YmE5LTg4NGYtZjE3NjEzZWE0OWU3
LzEvRWQwT3ZfVzZPS2gxaTNsTkJOWXBCUmxLTW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBATZllAD
BAHZllQwDQYJKoZIhvcNAQELBQADggEBAH6K3/P1XGtlSNGw58vzT1S5QPlehffO
3yfNCHsTPqyUV/gmRacd5MIwiAcMX8sZ7nuySwkkR1AkvqF0kZwgdy+6qAubBQOq
z2asiMlo/wM1uMyXsR62mL4AsR4EqwdMGT24qAxvaq5Hf7GT51+2eQtRE4QMRcVA
A5K9Uxl4i3cSdCMVGRwDlIgV6VJ8Eio+klkNv8+5GeiS6iM7gcY407tT1n+j2Qoo
z/xoT3ZGWYE0etJcQfbcWR69+GfVgIvpUx8zZuRkQqPf05/0lcPkWFFzy7oma2i+
QOkdBt0TAmYgKjN4znLH2t63cTafKvVRcyUd875NbE4YDtxpc2YDzug=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:19 2025 by rpki-client