Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/1-kRg1Ajr3sxZmJqTr7EQ2FnqfRU.roa
File: 1-kRg1Ajr3sxZmJqTr7EQ2FnqfRU.roa (raw, json)
Hash identifier: Jabulpu0RCj8i1Y2EBuOfJ+pIF2WLSQn3y7WU0oZWKo=
Subject key identifier: FA:44:60:D4:08:EB:DE:CC:59:98:9A:93:AF:B1:10:D8:59:EA:7D:15
Certificate issuer: /CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Certificate serial: 018A83EFDF996EC586192FC098F8F8DCA19E
Authority key identifier: DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/1-kRg1Ajr3sxZmJqTr7EQ2FnqfRU.roa
Signing time: Mon 11 Sep 2023 11:10:50 +0000
ROA not before: Mon 11 Sep 2023 11:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29637
IP address blocks: 217.66.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:ef:df:99:6e:c5:86:19:2f:c0:98:f8:f8:dc:a1:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Validity
Not Before: Sep 11 11:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa4460d408ebdecc59989a93afb110d859ea7d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:19:d8:da:88:84:7c:44:56:e6:82:42:37:df:
87:a7:54:c0:78:c0:98:f7:d2:77:9f:9a:04:e8:ba:
8f:46:9e:fc:2d:79:cf:6b:a0:c5:99:02:3f:23:a6:
e0:70:ea:45:4e:b6:62:9b:bb:66:a0:49:61:4c:e0:
d4:3c:06:1b:67:ff:c8:d3:2b:e4:87:13:bb:ed:fb:
47:be:13:53:7d:5e:97:0d:7c:02:b3:5c:9c:3b:8c:
c5:8c:b6:cd:b1:2b:ae:31:54:5c:e9:3b:7f:3c:2c:
9f:a9:c1:92:b5:d4:fe:25:8e:88:da:df:2e:53:1d:
99:20:e6:ca:79:30:e4:be:ef:5b:ba:53:4b:20:f6:
0c:21:b6:89:7d:de:b2:50:4c:df:f8:86:39:d1:3e:
27:f1:f3:84:27:8b:06:47:d2:38:c7:72:e2:46:29:
7b:a7:45:29:32:68:eb:31:26:4c:22:eb:16:2b:b2:
40:bf:e3:a2:20:2a:e5:1d:43:b6:99:02:56:08:ca:
41:f4:08:ae:fb:2f:77:6d:39:6f:fe:41:90:e7:2f:
a3:dd:81:06:e9:c5:f9:f3:70:78:b5:08:3e:8d:6d:
c1:d7:78:42:44:ed:c2:f9:a9:2d:7f:be:d7:8d:60:
99:f3:52:64:24:8a:1a:64:6c:81:93:ac:9d:15:a2:
f8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:44:60:D4:08:EB:DE:CC:59:98:9A:93:AF:B1:10:D8:59:EA:7D:15
X509v3 Authority Key Identifier:
keyid:DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/1-kRg1Ajr3sxZmJqTr7EQ2FnqfRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/2vy2Q-aiHi-24hzQZTqwlenr7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.66.96.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:d8:dd:1b:15:f2:85:50:b0:26:a8:9c:d4:0c:13:7c:02:28:
e6:1e:bc:d3:ff:7a:54:bd:c7:5d:bd:34:00:3c:8f:d3:ba:26:
16:37:c2:3d:d8:3c:f1:95:7c:bc:5a:fc:9e:b5:c2:72:0c:b3:
92:17:d3:40:50:41:e9:7f:6c:0c:94:73:ca:b5:8e:39:85:84:
c5:ba:38:ab:f4:b3:7b:24:4d:4e:da:b9:b3:cd:8e:98:74:47:
3c:4d:eb:6b:de:bb:eb:3c:1a:bf:e1:ec:0d:c5:72:ef:f4:45:
56:10:4f:b2:b8:8c:eb:b3:9f:1f:21:32:32:a4:4e:79:3d:63:
b4:72:8d:15:55:3c:51:c3:11:d0:01:19:f5:c4:c0:ad:46:c5:
54:b1:89:09:b0:ab:a7:bd:f2:10:b4:cc:8a:a6:87:b7:a2:a2:
1d:52:71:61:99:e0:41:12:1d:b9:43:7b:26:6c:b4:5c:f6:a0:
69:93:c0:ab:76:59:73:8d:ae:05:6c:db:be:95:5e:2e:85:b4:
32:aa:8c:06:c4:b3:dc:9d:11:77:98:71:22:6d:07:8f:8a:ba:
cc:75:f4:cc:11:6e:cf:f0:d6:10:0c:e7:c8:da:d0:0a:77:b9:
de:e8:f0:3e:90:50:ce:46:b5:00:cd:72:c8:5d:27:16:88:85:
99:9f:80:85
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqD79+ZbsWGGS/AmPj43KGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmNiNjQzZTZhMjFlMmZiNmUyMWNkMDY1M2FiMDk1ZTll
YmVmMTMwHhcNMjMwOTExMTExMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ0NjBkNDA4ZWJkZWNjNTk5ODlhOTNhZmIxMTBkODU5ZWE3ZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRnY2oiEfERW5oJCN9+Hp1TAeMCY
99J3n5oE6LqPRp78LXnPa6DFmQI/I6bgcOpFTrZim7tmoElhTODUPAYbZ//I0yvk
hxO77ftHvhNTfV6XDXwCs1ycO4zFjLbNsSuuMVRc6Tt/PCyfqcGStdT+JY6I2t8u
Ux2ZIObKeTDkvu9bulNLIPYMIbaJfd6yUEzf+IY50T4n8fOEJ4sGR9I4x3LiRil7
p0UpMmjrMSZMIusWK7JAv+OiICrlHUO2mQJWCMpB9Aiu+y93bTlv/kGQ5y+j3YEG
6cX583B4tQg+jW3B13hCRO3C+aktf77XjWCZ81JkJIoaZGyBk6ydFaL4AwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpEYNQI697MWZiak6+xENhZ6n0VMB8GA1UdIwQY
MBaAFNr8tkPmoh4vtuIc0GU6sJXp6+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2Ut
ZGUyZGUxNWY5MGVkLzEvMS1rUmcxQWpyM3N4Wm1KcVRyN0VRMkZucWZSVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmQvMjdhMzc0LWM5ODQtNGIxOS1hYzdlLWRlMmRlMTVmOTBl
ZC8xLzJ2eTJRLWFpSGktMjRoelFaVHF3bGVucjd4TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtlCYDAN
BgkqhkiG9w0BAQsFAAOCAQEAodjdGxXyhVCwJqic1AwTfAIo5h680/96VL3HXb00
ADyP07omFjfCPdg88ZV8vFr8nrXCcgyzkhfTQFBB6X9sDJRzyrWOOYWExbo4q/Sz
eyRNTtq5s82OmHRHPE3ra9676zwav+HsDcVy7/RFVhBPsriM67OfHyEyMqROeT1j
tHKNFVU8UcMR0AEZ9cTArUbFVLGJCbCrp73yELTMiqaHt6KiHVJxYZngQRIduUN7
Jmy0XPagaZPAq3ZZc42uBWzbvpVeLoW0MqqMBsSz3J0Rd5hxIm0Hj4q6zHX0zBFu
z/DWEAznyNrQCne53ujwPpBQzka1AM1yyF0nFoiFmZ+AhQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:04 2025 by rpki-client