Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/l2jDXtzvxo-0KzNJHemrPPkW5io.roa
File: l2jDXtzvxo-0KzNJHemrPPkW5io.roa (raw, json)
Hash identifier: A+qFj7KCLoUDX7iUw7Aen8O++mwGpCy1Q/6EHV4H/aA=
Subject key identifier: 97:68:C3:5E:DC:EF:C6:8F:B4:2B:33:49:1D:E9:AB:3C:F9:16:E6:2A
Certificate issuer: /CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Certificate serial: 371B6D33
Authority key identifier: A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/l2jDXtzvxo-0KzNJHemrPPkW5io.roa
Signing time: Sat 01 Jan 2022 09:03:38 +0000
ROA not before: Sat 01 Jan 2022 09:03:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20836
IP address blocks: 217.171.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924544307 (0x371b6d33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Validity
Not Before: Jan 1 09:03:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9768c35edcefc68fb42b33491de9ab3cf916e62a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e1:da:0e:93:c2:85:8e:fe:d9:0a:e7:a7:03:
63:f2:d6:89:00:ad:36:d2:0a:c9:5b:df:5e:e1:56:
10:b8:88:53:7c:e0:2d:1b:99:ee:62:88:6d:5c:b0:
97:6a:0a:88:21:66:a9:af:c9:22:ee:ac:f4:69:42:
33:c9:ad:59:97:1a:df:9a:4c:d1:8b:6b:7c:6b:41:
5e:db:75:94:8b:51:0b:36:5d:ed:1f:fd:d2:b8:6c:
ed:15:59:4a:52:46:1f:0a:f7:b8:cf:c3:72:5e:38:
6a:77:31:b0:28:2e:bb:5d:61:b3:3f:97:1f:fd:f2:
35:1a:4b:6c:87:e9:a9:76:86:41:00:1f:6e:b4:3e:
47:c0:83:cc:10:6a:8a:57:03:bf:71:ae:b8:04:d6:
92:63:77:a3:c8:65:b9:2a:62:22:b6:85:34:09:5b:
cd:b1:f0:e1:f0:f0:d8:d7:d4:16:7f:04:f0:3a:c9:
ca:ae:9d:3e:c7:f8:8d:1f:49:cd:b2:6a:52:e6:17:
91:84:1b:77:95:77:25:d4:01:0f:45:a9:d9:3e:9d:
5b:c5:74:67:2e:5b:db:ae:c9:c2:73:c9:dc:44:f0:
85:24:f9:38:e5:e9:3b:a8:64:c1:ac:98:7c:22:da:
1a:94:3f:69:01:41:c8:9c:13:28:65:10:fe:26:a5:
c8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:68:C3:5E:DC:EF:C6:8F:B4:2B:33:49:1D:E9:AB:3C:F9:16:E6:2A
X509v3 Authority Key Identifier:
keyid:A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/l2jDXtzvxo-0KzNJHemrPPkW5io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.171.32.0/20
Signature Algorithm: sha256WithRSAEncryption
02:82:7b:8c:98:33:43:6e:3c:3a:c0:90:1c:92:47:08:67:6c:
76:09:8d:f1:c3:ba:39:a9:73:3a:a4:76:d0:24:52:e4:0a:f6:
ee:70:c3:6e:31:b7:58:db:38:08:9a:1f:ce:97:63:92:84:e7:
a5:d0:2f:36:f2:8c:79:d4:37:1d:3a:db:07:de:08:ca:b1:fc:
e9:ad:fe:9c:65:24:ab:87:85:57:af:48:46:b6:68:c0:cd:49:
f3:d7:64:19:d6:e6:e9:5d:c0:20:b4:4f:f3:8e:32:80:e7:90:
42:8a:6d:91:d7:5a:63:c0:a9:91:15:47:75:38:91:6c:2c:2b:
c2:b0:52:d0:80:55:9c:9d:9c:d1:80:03:22:3b:dc:17:a2:27:
2a:fc:fb:e8:d6:17:82:3e:f7:ae:49:d2:d9:14:91:88:42:98:
97:88:fb:b1:1e:64:99:ea:71:38:ad:6c:a0:8f:3e:da:29:90:
fd:bf:01:28:2a:85:c6:51:3d:ce:9b:86:ec:c7:b5:5a:9b:b5:
62:e4:e7:3f:72:c9:56:87:e7:58:a0:d7:61:bb:a5:08:48:4a:
43:69:26:95:fc:34:7c:ee:b9:00:25:44:6c:91:32:15:e3:ed:
d0:eb:83:ca:5f:fa:0f:85:62:04:be:35:9b:40:9b:15:c6:e3:
49:57:be:b9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENxttMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MTZiMGQ4YWI0OTQzNjU1MGI2YWJmNDViNzkwMzVhZWM2YWZmMjNjMB4XDTIyMDEw
MTA5MDMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc2OGMzNWVkY2Vm
YzY4ZmI0MmIzMzQ5MWRlOWFiM2NmOTE2ZTYyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbh2g6TwoWO/tkK56cDY/LWiQCtNtIKyVvfXuFWELiIU3zg
LRuZ7mKIbVywl2oKiCFmqa/JIu6s9GlCM8mtWZca35pM0YtrfGtBXtt1lItRCzZd
7R/90rhs7RVZSlJGHwr3uM/Dcl44ancxsCguu11hsz+XH/3yNRpLbIfpqXaGQQAf
brQ+R8CDzBBqilcDv3GuuATWkmN3o8hluSpiIraFNAlbzbHw4fDw2NfUFn8E8DrJ
yq6dPsf4jR9JzbJqUuYXkYQbd5V3JdQBD0Wp2T6dW8V0Zy5b267JwnPJ3ETwhST5
OOXpO6hkwayYfCLaGpQ/aQFByJwTKGUQ/ialyDcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXaMNe3O/Gj7QrM0kd6as8+RbmKjAfBgNVHSMEGDAWgBShaw2KtJQ2VQtq
v0W3kDWuxq/yPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29Xc05pclNVTmxVTGFyOUZ0NUExcnNhdjhqdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNWY0NTE4LTgyZTktNDI5Mi1hNTRlLTE1Y2M5ZGM3YmQ4Ny8x
L2wyakRYdHp2eG8tMEt6TkpIZW1yUFBrVzVpby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NWY0NTE4LTgyZTktNDI5Mi1hNTRlLTE1Y2M5ZGM3YmQ4Ny8xL29Xc05pclNVTmxV
TGFyOUZ0NUExcnNhdjhqdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNmrIDANBgkqhkiG9w0BAQsFAAOC
AQEAAoJ7jJgzQ248OsCQHJJHCGdsdgmN8cO6OalzOqR20CRS5Ar27nDDbjG3WNs4
CJofzpdjkoTnpdAvNvKMedQ3HTrbB94IyrH86a3+nGUkq4eFV69IRrZowM1J89dk
Gdbm6V3AILRP844ygOeQQoptkddaY8CpkRVHdTiRbCwrwrBS0IBVnJ2c0YADIjvc
F6InKvz76NYXgj73rknS2RSRiEKYl4j7sR5kmepxOK1soI8+2imQ/b8BKCqFxlE9
zpuG7Me1Wpu1YuTnP3LJVofnWKDXYbulCEhKQ2kmlfw0fO65ACVEbJEyFePt0OuD
yl/6D4ViBL41m0CbFcbjSVe+uQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:55 2025 by rpki-client