Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/OY3Sm_0LeT4oi8NjW0Kf1XIJ94c.roa
File: OY3Sm_0LeT4oi8NjW0Kf1XIJ94c.roa (raw, json)
Hash identifier: V3RVqO/UbyWTcuzebLdmJ3deVU9Mhi8Idl4inVfYztM=
Subject key identifier: 39:8D:D2:9B:FD:0B:79:3E:28:8B:C3:63:5B:42:9F:D5:72:09:F7:87
Certificate issuer: /CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Certificate serial: 04F8A313
Authority key identifier: DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/OY3Sm_0LeT4oi8NjW0Kf1XIJ94c.roa
Signing time: Sat 01 Jan 2022 01:01:45 +0000
ROA not before: Sat 01 Jan 2022 01:01:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43145
IP address blocks: 217.66.101.0/24 maxlen: 24
217.66.102.0/24 maxlen: 24
217.66.103.0/24 maxlen: 24
217.66.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83403539 (0x4f8a313)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Validity
Not Before: Jan 1 01:01:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=398dd29bfd0b793e288bc3635b429fd57209f787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e3:e0:8f:85:6b:ab:dc:ec:09:b3:17:39:5c:
4a:c9:30:8b:4a:65:96:ff:44:ac:71:c5:80:14:25:
4b:15:8c:eb:56:fb:34:ab:8e:92:d7:5c:52:02:66:
85:3c:72:1d:15:05:cc:cb:46:df:2a:4a:95:1a:10:
9d:ed:ab:0f:3b:11:9f:d6:7a:53:3e:1d:6e:e1:f6:
23:ec:94:49:cc:9e:9d:5b:a1:73:a8:05:50:a5:00:
58:4d:92:6f:20:38:a9:9d:ef:4b:4c:bd:c1:b8:c2:
10:25:dc:71:43:6c:5a:02:3a:38:2a:6b:81:77:01:
04:f7:e7:4b:bb:53:c2:9d:fa:34:a4:f4:b0:72:b0:
95:27:98:4c:af:8b:d6:8d:65:59:74:58:fa:14:94:
03:3f:f4:c3:b6:2d:83:f6:10:6f:87:e7:38:42:c5:
0e:fe:84:1e:06:b4:e1:36:12:2a:3e:54:67:84:d3:
96:ae:6d:75:fc:7a:b5:84:f9:55:ac:f2:c8:8f:f1:
c6:ef:36:81:11:ab:bc:70:6e:40:77:37:7d:b3:ce:
61:50:50:0c:84:c4:27:a0:cb:17:8a:31:0b:94:cd:
dd:24:58:62:fd:a7:31:cc:38:22:5b:15:1b:1d:90:
49:05:1e:b1:42:12:6d:9d:88:ca:9e:bf:04:f7:cc:
63:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8D:D2:9B:FD:0B:79:3E:28:8B:C3:63:5B:42:9F:D5:72:09:F7:87
X509v3 Authority Key Identifier:
keyid:DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/OY3Sm_0LeT4oi8NjW0Kf1XIJ94c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/2vy2Q-aiHi-24hzQZTqwlenr7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.66.100.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:dd:40:0c:ef:2e:ea:1b:65:03:40:00:32:9e:62:14:7e:87:
73:71:39:90:46:58:3a:5b:e6:f2:70:ce:19:ae:34:91:15:ea:
73:37:53:41:6c:da:23:6b:6b:88:c3:30:e6:0c:0f:97:85:b2:
21:e1:94:7c:a0:12:55:4c:b1:e6:e2:c3:9b:e8:14:05:08:be:
48:b1:38:4e:1b:6d:72:8f:87:b7:82:6f:a8:78:5e:35:82:e9:
bf:2e:93:72:6c:56:6e:2c:64:29:50:e0:d9:24:b0:05:62:23:
ee:62:2d:11:c7:b1:e7:c0:af:74:f4:40:d2:e7:bd:94:6d:37:
c8:09:f7:1f:5c:af:a6:a5:8c:36:fc:68:16:25:d0:12:60:2c:
16:fa:9f:03:6a:28:66:66:66:c2:4e:52:47:f0:0e:ae:b5:f8:
60:60:68:da:8c:9c:8b:23:7b:30:71:cc:de:5d:ae:43:5b:ee:
d3:81:43:87:5e:77:56:af:64:2f:08:1e:9e:8e:cb:c8:ed:95:
25:a9:57:ba:74:6e:ae:f7:4e:e9:a2:4f:f6:68:c8:7c:fa:09:
3d:49:7a:99:a9:5f:11:be:18:15:37:44:a9:01:70:7c:4c:5a:
b3:93:51:5c:6b:32:29:a1:27:df:44:01:de:27:84:59:36:1b:
96:98:dd:49
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBPijEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWZjYjY0M2U2YTIxZTJmYjZlMjFjZDA2NTNhYjA5NWU5ZWJlZjEzMB4XDTIyMDEw
MTAxMDE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk4ZGQyOWJmZDBi
NzkzZTI4OGJjMzYzNWI0MjlmZDU3MjA5Zjc4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjj4I+Fa6vc7AmzFzlcSskwi0pllv9ErHHFgBQlSxWM61b7
NKuOktdcUgJmhTxyHRUFzMtG3ypKlRoQne2rDzsRn9Z6Uz4dbuH2I+yUScyenVuh
c6gFUKUAWE2SbyA4qZ3vS0y9wbjCECXccUNsWgI6OCprgXcBBPfnS7tTwp36NKT0
sHKwlSeYTK+L1o1lWXRY+hSUAz/0w7Ytg/YQb4fnOELFDv6EHga04TYSKj5UZ4TT
lq5tdfx6tYT5VazyyI/xxu82gRGrvHBuQHc3fbPOYVBQDITEJ6DLF4oxC5TN3SRY
Yv2nMcw4IlsVGx2QSQUesUISbZ2Iyp6/BPfMY9sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ5jdKb/Qt5PiiLw2NbQp/Vcgn3hzAfBgNVHSMEGDAWgBTa/LZD5qIeL7bi
HNBlOrCV6evvEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJ2eTJRLWFpSGktMjRoelFaVHF3bGVucjd4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMjdhMzc0LWM5ODQtNGIxOS1hYzdlLWRlMmRlMTVmOTBlZC8x
L09ZM1NtXzBMZVQ0b2k4TmpXMEtmMVhJSjk0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MjdhMzc0LWM5ODQtNGIxOS1hYzdlLWRlMmRlMTVmOTBlZC8xLzJ2eTJRLWFpSGkt
MjRoelFaVHF3bGVucjd4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtlCZDANBgkqhkiG9w0BAQsFAAOC
AQEAqt1ADO8u6htlA0AAMp5iFH6Hc3E5kEZYOlvm8nDOGa40kRXqczdTQWzaI2tr
iMMw5gwPl4WyIeGUfKASVUyx5uLDm+gUBQi+SLE4Thttco+Ht4JvqHheNYLpvy6T
cmxWbixkKVDg2SSwBWIj7mItEcex58CvdPRA0ue9lG03yAn3H1yvpqWMNvxoFiXQ
EmAsFvqfA2ooZmZmwk5SR/AOrrX4YGBo2oyciyN7MHHM3l2uQ1vu04FDh153Vq9k
Lwgeno7LyO2VJalXunRurvdO6aJP9mjIfPoJPUl6malfEb4YFTdEqQFwfExas5NR
XGsyKaEn30QB3ieEWTYblpjdSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:53 2024 by rpki-client on console-fra.rpki-client.org