Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/958c2c-b4c3-432d-9ab1-0cc83b00fc58/1/1-e5CbCvNuBwVzRKAERg942U-rMU.roa
File: 1-e5CbCvNuBwVzRKAERg942U-rMU.roa (raw, json)
Hash identifier: Eu/sdh0hgcb2fX+XT0bnLaRAw9jj9kg9aXxMwI2/dE0=
Subject key identifier: F9:EE:42:6C:2B:CD:B8:1C:15:CD:12:80:11:18:3D:E3:65:3E:AC:C5
Certificate issuer: /CN=79101035d53377c5a72bedca522fc1456e0b8419
Certificate serial: 01857030788D05677EAB24308517C6907E57
Authority key identifier: 79:10:10:35:D5:33:77:C5:A7:2B:ED:CA:52:2F:C1:45:6E:0B:84:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eRAQNdUzd8WnK-3KUi_BRW4LhBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/958c2c-b4c3-432d-9ab1-0cc83b00fc58/1/1-e5CbCvNuBwVzRKAERg942U-rMU.roa
Signing time: Mon 02 Jan 2023 01:55:02 +0000
ROA not before: Mon 02 Jan 2023 01:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38980
IP address blocks: 217.23.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:78:8d:05:67:7e:ab:24:30:85:17:c6:90:7e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79101035d53377c5a72bedca522fc1456e0b8419
Validity
Not Before: Jan 2 01:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9ee426c2bcdb81c15cd128011183de3653eacc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:dc:86:63:0b:59:fe:7f:b3:2c:0e:ba:27:a6:
27:0a:6d:50:e4:59:64:b6:05:57:7e:fd:25:cf:3a:
73:b8:7e:d7:0f:2b:96:ea:8e:e4:e9:80:c4:40:67:
c2:bd:d0:e8:ea:e2:ae:69:55:ac:43:02:a9:3a:72:
10:6d:ee:a6:b4:88:0e:e0:e6:19:4a:0a:19:64:bb:
af:9a:57:b1:29:81:e9:bf:98:1a:c1:c0:34:e5:99:
ad:dc:68:b5:00:97:f1:66:7e:d7:b9:64:7d:18:df:
a2:09:9b:05:0b:ac:2f:fc:77:4f:16:67:87:37:83:
fe:68:9b:f7:96:ae:60:77:be:d9:49:55:9d:26:f8:
9a:92:69:ca:ef:4c:d8:d1:31:bd:57:0d:11:01:6d:
6b:6c:7e:08:fc:7f:a6:cd:3b:de:b7:db:88:03:f5:
67:61:91:65:3b:c3:aa:f9:86:29:47:c4:55:b1:31:
dc:7f:81:f8:08:bd:1a:cf:88:99:1a:ea:c6:a1:59:
20:ff:84:26:73:8f:8e:b2:df:d0:90:8b:a2:ca:3f:
4d:77:4f:14:e4:7f:c9:d2:75:99:cb:63:43:fa:a7:
72:10:58:34:2c:43:c7:9a:c8:df:cd:d2:67:d3:e8:
c3:bf:38:c0:16:e4:eb:09:28:5c:95:60:16:a9:a5:
1a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:EE:42:6C:2B:CD:B8:1C:15:CD:12:80:11:18:3D:E3:65:3E:AC:C5
X509v3 Authority Key Identifier:
keyid:79:10:10:35:D5:33:77:C5:A7:2B:ED:CA:52:2F:C1:45:6E:0B:84:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eRAQNdUzd8WnK-3KUi_BRW4LhBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/958c2c-b4c3-432d-9ab1-0cc83b00fc58/1/1-e5CbCvNuBwVzRKAERg942U-rMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/958c2c-b4c3-432d-9ab1-0cc83b00fc58/1/eRAQNdUzd8WnK-3KUi_BRW4LhBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.23.120.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:1f:63:02:76:bd:c9:66:f5:89:d1:10:5e:62:f0:e4:33:cd:
4d:c1:5a:71:3b:af:08:ee:e1:6e:c1:97:2b:3e:1c:45:fe:f5:
88:a3:bf:ab:c1:56:f6:f9:4a:94:1b:48:06:26:46:e3:ad:15:
bc:0f:63:07:a1:55:f0:14:08:21:18:c3:da:89:af:a8:05:bf:
28:d3:d6:f6:85:30:0e:db:89:0a:5e:45:76:7c:70:62:cf:bc:
3c:fa:21:2d:1f:df:06:62:9c:38:41:ec:b3:31:44:88:05:0c:
85:3d:cb:72:af:dc:fd:ee:a2:5a:64:c7:97:fb:f6:c0:85:24:
d7:7b:82:47:07:44:80:52:4d:55:9a:08:28:5c:58:a5:ae:56:
80:f5:b6:cd:c0:7d:ae:8a:b1:6d:c8:b8:fc:12:38:e4:55:69:
86:ec:9b:ee:11:51:bf:aa:6f:61:e4:1c:de:ab:2a:c9:0b:97:
73:7c:22:1a:c2:8f:88:4d:95:3e:99:bb:4d:b7:3a:a6:72:13:
7a:a5:b6:3e:de:86:c0:f7:ed:ce:58:6e:32:12:a5:b6:19:1b:
56:6f:f7:07:ba:f1:68:99:bf:40:36:ac:e1:5b:c3:bf:80:9c:
43:64:5e:11:96:75:3a:52:37:c0:02:12:92:0f:d7:2c:40:2c:
ed:3c:27:4c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwMHiNBWd+qyQwhRfGkH5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MTAxMDM1ZDUzMzc3YzVhNzJiZWRjYTUyMmZjMTQ1NmUw
Yjg0MTkwHhcNMjMwMTAyMDE1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWVlNDI2YzJiY2RiODFjMTVjZDEyODAxMTE4M2RlMzY1M2VhY2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtyGYwtZ/n+zLA66J6YnCm1Q5Flk
tgVXfv0lzzpzuH7XDyuW6o7k6YDEQGfCvdDo6uKuaVWsQwKpOnIQbe6mtIgO4OYZ
SgoZZLuvmlexKYHpv5gawcA05Zmt3Gi1AJfxZn7XuWR9GN+iCZsFC6wv/HdPFmeH
N4P+aJv3lq5gd77ZSVWdJviakmnK70zY0TG9Vw0RAW1rbH4I/H+mzTvet9uIA/Vn
YZFlO8Oq+YYpR8RVsTHcf4H4CL0az4iZGurGoVkg/4Qmc4+Ost/QkIuiyj9Nd08U
5H/J0nWZy2ND+qdyEFg0LEPHmsjfzdJn0+jDvzjAFuTrCShclWAWqaUa9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPnuQmwrzbgcFc0SgBEYPeNlPqzFMB8GA1UdIwQY
MBaAFHkQEDXVM3fFpyvtylIvwUVuC4QZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVJBUU5kVXpkOFduSy0zS1VpX0JSVzRMaEJrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS85NThjMmMtYjRjMy00MzJkLTlhYjEt
MGNjODNiMDBmYzU4LzEvMS1lNUNiQ3ZOdUJ3VnpSS0FFUmc5NDJVLXJNVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmEvOTU4YzJjLWI0YzMtNDMyZC05YWIxLTBjYzgzYjAwZmM1
OC8xL2VSQVFOZFV6ZDhXbkstM0tVaV9CUlc0TGhCay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkXeDAN
BgkqhkiG9w0BAQsFAAOCAQEAqh9jAna9yWb1idEQXmLw5DPNTcFacTuvCO7hbsGX
Kz4cRf71iKO/q8FW9vlKlBtIBiZG460VvA9jB6FV8BQIIRjD2omvqAW/KNPW9oUw
DtuJCl5FdnxwYs+8PPohLR/fBmKcOEHsszFEiAUMhT3Lcq/c/e6iWmTHl/v2wIUk
13uCRwdEgFJNVZoIKFxYpa5WgPW2zcB9roqxbci4/BI45FVphuyb7hFRv6pvYeQc
3qsqyQuXc3wiGsKPiE2VPpm7Tbc6pnITeqW2Pt6GwPftzlhuMhKlthkbVm/3B7rx
aJm/QDas4VvDv4CcQ2ReEZZ1OlI3wAISkg/XLEAs7TwnTA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:13 2025 by rpki-client