Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/aeFmtyhEGXx2eHgltY5E7Txb9KU.roa
File: aeFmtyhEGXx2eHgltY5E7Txb9KU.roa (raw, json)
Hash identifier: jveEzI+ti61TdH1ckcBd2E8h/Yf+WlldYUCpCe6ff4Y=
Subject key identifier: 69:E1:66:B7:28:44:19:7C:76:78:78:25:B5:8E:44:ED:3C:5B:F4:A5
Certificate issuer: /CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Certificate serial: 0187B32F1B4A4B275DD0CE275C3847A7F959
Authority key identifier: 9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/aeFmtyhEGXx2eHgltY5E7Txb9KU.roa
Signing time: Mon 24 Apr 2023 12:13:41 +0000
ROA not before: Mon 24 Apr 2023 12:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48076
IP address blocks: 217.199.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:2f:1b:4a:4b:27:5d:d0:ce:27:5c:38:47:a7:f9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Validity
Not Before: Apr 24 12:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69e166b72844197c76787825b58e44ed3c5bf4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:56:01:f2:8d:55:f2:85:1b:0d:8a:e2:1d:36:
cf:ca:e7:85:90:f4:22:b5:8e:b5:51:5f:92:e9:9a:
2c:69:13:cf:07:b1:45:8e:87:ba:da:60:27:c5:a7:
80:0a:5b:a8:81:d4:cd:40:5b:77:11:93:d6:7f:8b:
5d:0b:82:90:11:9c:e3:82:d1:cc:89:59:9c:3c:dd:
aa:35:ec:0b:05:1e:57:a9:85:14:7c:15:3a:66:6a:
e8:a3:93:29:ff:e6:dc:81:0b:ee:49:5e:dd:8c:44:
e4:d2:a4:7b:3d:d7:07:43:0f:3c:d7:43:0f:ad:6f:
96:a6:ed:77:a2:55:c8:07:5c:77:e2:ea:fc:fe:8a:
50:cf:3c:1c:a3:d9:e2:0e:75:15:f4:9c:42:d6:24:
4d:65:9b:45:3f:c7:60:86:c9:a4:2f:b6:25:81:b1:
28:0a:1b:fb:32:23:ca:03:ef:a4:b0:e8:82:bf:2f:
1e:42:41:f8:c6:de:bc:f1:ad:84:65:5b:d9:ad:84:
27:8c:b1:f6:75:bf:72:c9:67:42:96:c0:80:eb:58:
43:bb:b8:a3:c0:ac:ef:08:50:60:b1:34:b5:9b:0b:
e3:fe:f5:2c:a8:3a:75:51:13:ac:16:64:16:78:3f:
a1:90:2b:b3:31:79:a1:66:e6:48:e0:66:63:a2:32:
f3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E1:66:B7:28:44:19:7C:76:78:78:25:B5:8E:44:ED:3C:5B:F4:A5
X509v3 Authority Key Identifier:
keyid:9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/aeFmtyhEGXx2eHgltY5E7Txb9KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.199.211.0/24
Signature Algorithm: sha256WithRSAEncryption
69:51:86:fa:d4:39:d9:1c:51:0c:db:88:4d:d8:c2:cd:0f:30:
32:90:85:f8:97:00:07:4b:51:f9:51:7b:ed:60:c1:8c:cc:4c:
d2:2d:60:b1:9a:af:ab:c2:54:50:3e:ee:27:90:50:e4:5e:75:
1c:1c:b1:49:e0:c4:7e:4a:d7:ff:b5:d1:58:67:3d:b4:1f:1c:
f7:f7:6b:cf:31:d0:86:91:d1:75:53:30:ca:c8:f7:5a:a7:45:
4a:26:eb:3b:4a:25:d1:94:f3:6c:fe:38:fc:37:ee:15:2c:f4:
87:2f:a1:c8:56:a9:a5:7b:f8:5e:02:6a:c8:67:81:76:ad:b4:
61:b9:e9:1d:25:b5:4b:88:08:8a:5b:00:4d:12:3d:d1:37:ea:
7a:66:08:af:86:21:80:11:28:cd:5a:94:06:0d:0f:c2:1d:70:
71:3c:08:da:ac:7e:28:c4:08:0f:ab:f7:2d:75:6b:15:3c:48:
50:40:03:61:4d:3a:70:46:67:23:62:88:a3:97:f3:6f:88:76:
01:82:be:28:0d:4e:f0:76:9c:e9:40:19:a6:02:f5:fa:20:05:
55:7e:a0:63:e0:2f:2f:4b:9e:7e:51:b0:10:dc:77:d4:fe:94:
77:9a:73:b7:db:0e:bb:8a:58:cb:2f:8d:c3:f9:e2:93:d8:6f:
9c:17:75:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYezLxtKSydd0M4nXDhHp/lZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzNkOTQ1M2ZiZWRmYjgwYzQ1NDNiYjUyOWZjMzMwYzFm
OGMxY2UwHhcNMjMwNDI0MTIxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWUxNjZiNzI4NDQxOTdjNzY3ODc4MjViNThlNDRlZDNjNWJmNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VYB8o1V8oUbDYriHTbPyueFkPQi
tY61UV+S6ZosaRPPB7FFjoe62mAnxaeACluogdTNQFt3EZPWf4tdC4KQEZzjgtHM
iVmcPN2qNewLBR5XqYUUfBU6Zmroo5Mp/+bcgQvuSV7djETk0qR7PdcHQw8810MP
rW+Wpu13olXIB1x34ur8/opQzzwco9niDnUV9JxC1iRNZZtFP8dghsmkL7YlgbEo
Chv7MiPKA++ksOiCvy8eQkH4xt688a2EZVvZrYQnjLH2db9yyWdClsCA61hDu7ij
wKzvCFBgsTS1mwvj/vUsqDp1UROsFmQWeD+hkCuzMXmhZuZI4GZjojLzAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGnhZrcoRBl8dnh4JbWORO08W/SlMB8GA1UdIwQY
MBaAFJxz2UU/vt+4DEVDu1KfwzDB+MHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEt
YzQ3ZTE4ZGYwMzcxLzEvYWVGbXR5aEVHWHgyZUhnbHRZNUU3VHhiOUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEtYzQ3ZTE4ZGYwMzcx
LzEvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cfTMA0G
CSqGSIb3DQEBCwUAA4IBAQBpUYb61DnZHFEM24hN2MLNDzAykIX4lwAHS1H5UXvt
YMGMzEzSLWCxmq+rwlRQPu4nkFDkXnUcHLFJ4MR+Stf/tdFYZz20Hxz392vPMdCG
kdF1UzDKyPdap0VKJus7SiXRlPNs/jj8N+4VLPSHL6HIVqmle/heAmrIZ4F2rbRh
uekdJbVLiAiKWwBNEj3RN+p6ZgivhiGAESjNWpQGDQ/CHXBxPAjarH4oxAgPq/ct
dWsVPEhQQANhTTpwRmcjYoijl/NviHYBgr4oDU7wdpzpQBmmAvX6IAVVfqBj4C8v
S55+UbAQ3HfU/pR3mnO32w67iljLL43D+eKT2G+cF3Un
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:52 2025 by rpki-client