Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/guNNUSgluVrlZsABesnxqE_b-XQ.roa
File: guNNUSgluVrlZsABesnxqE_b-XQ.roa (raw, json)
Hash identifier: b/Vc+s51pqsjKHkp4+HU7hjyVNOUzXW2DfZVbd7XOT0=
Subject key identifier: 82:E3:4D:51:28:25:B9:5A:E5:66:C0:01:7A:C9:F1:A8:4F:DB:F9:74
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 018B61D42A2B2AEA788DA611ED4FCB0F7F34
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/guNNUSgluVrlZsABesnxqE_b-XQ.roa
Signing time: Tue 24 Oct 2023 13:16:16 +0000
ROA not before: Tue 24 Oct 2023 13:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216139
IP address blocks: 217.144.102.0/24 maxlen: 24
2a03:80c0:abba::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:d4:2a:2b:2a:ea:78:8d:a6:11:ed:4f:cb:0f:7f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Oct 24 13:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82e34d512825b95ae566c0017ac9f1a84fdbf974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:aa:18:f6:e0:93:c0:cf:32:01:4f:f7:5e:41:
bd:8d:ae:5a:cf:93:b1:d3:f2:4f:bd:f7:20:69:12:
0e:88:fe:a4:87:0c:71:4c:55:5e:29:33:d3:fb:7e:
52:a1:38:51:9e:0e:c0:3d:e9:14:b1:52:04:45:08:
70:d1:67:20:bb:1a:4b:d5:34:dd:1d:39:c9:b6:63:
79:64:3a:10:18:6b:a8:f4:40:ff:6b:bc:1b:c7:c2:
ed:5c:9d:fe:24:b8:22:c9:d1:2d:b9:77:8f:0d:2c:
a5:fa:f8:fd:90:b9:3f:ae:c7:28:01:22:37:93:64:
8f:39:13:46:c2:4c:39:1b:fd:85:c2:d8:60:7c:16:
80:f0:a1:21:4c:ff:55:bb:c1:9f:d7:98:96:53:d0:
f0:0e:a1:44:bb:1a:fd:eb:01:08:dc:41:5a:32:e7:
94:a1:c1:cd:46:50:66:01:1a:ab:e8:05:bf:fb:c3:
b7:6b:26:aa:ac:57:f2:63:7b:fc:26:5f:d9:c0:1d:
54:db:a2:c2:77:e0:a6:41:ae:24:2a:3f:96:27:c6:
e7:c6:f0:1f:b9:ed:55:65:c4:00:fd:a1:5f:e1:1d:
60:4d:3c:9a:fc:b5:6a:28:0b:2b:f4:47:ae:39:5c:
c8:f1:56:ee:9c:1a:4b:58:c5:50:c9:42:2d:7a:e1:
07:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E3:4D:51:28:25:B9:5A:E5:66:C0:01:7A:C9:F1:A8:4F:DB:F9:74
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/guNNUSgluVrlZsABesnxqE_b-XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.144.102.0/24
IPv6:
2a03:80c0:abba::/48
Signature Algorithm: sha256WithRSAEncryption
64:47:4f:37:31:de:1c:86:d5:55:3a:2f:da:cb:ab:01:ec:83:
02:94:84:ac:8e:2d:cb:90:61:20:4c:20:37:df:9d:4b:5f:76:
dd:4c:7d:97:04:39:c1:ad:6a:2c:31:4b:f7:31:d1:23:8b:44:
42:58:9e:2e:ef:36:e9:f8:40:11:22:d5:b1:cd:a9:72:73:5f:
de:3e:f4:d1:3d:5d:a9:c0:98:45:6a:a3:d6:0f:a4:62:0f:44:
fe:a6:83:6e:37:f4:cd:09:de:b9:25:15:aa:7c:5e:5f:92:5b:
ac:f7:cc:5c:63:e9:20:51:b1:1e:9c:83:65:70:f2:f3:cd:6b:
4a:ee:aa:3d:e5:e2:6d:fd:2e:47:19:a5:df:4b:06:47:54:1f:
d4:1d:65:da:32:c9:cc:3d:d9:ad:65:18:d7:ba:70:c2:a3:c5:
52:73:93:ac:4e:f0:98:89:d4:56:8b:7f:67:1a:6d:24:ce:20:
d0:61:85:1b:2b:73:6c:ea:7b:3a:cd:84:16:7e:a8:27:dc:6b:
d5:c1:6f:74:14:88:91:be:f9:93:fe:87:ca:82:06:b3:f7:4b:
2f:ed:a8:59:60:54:d4:9b:c5:5e:3f:8b:5e:09:37:8c:51:73:
9f:77:a6:6e:d0:c7:f1:6c:31:ab:87:63:aa:5e:de:46:ff:6f:
b2:93:38:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYth1CorKup4jaYR7U/LD380MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjMxMDI0MTMxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmUzNGQ1MTI4MjViOTVhZTU2NmMwMDE3YWM5ZjFhODRmZGJmOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqoY9uCTwM8yAU/3XkG9ja5az5Ox
0/JPvfcgaRIOiP6khwxxTFVeKTPT+35SoThRng7APekUsVIERQhw0WcguxpL1TTd
HTnJtmN5ZDoQGGuo9ED/a7wbx8LtXJ3+JLgiydEtuXePDSyl+vj9kLk/rscoASI3
k2SPORNGwkw5G/2FwthgfBaA8KEhTP9Vu8Gf15iWU9DwDqFEuxr96wEI3EFaMueU
ocHNRlBmARqr6AW/+8O3ayaqrFfyY3v8Jl/ZwB1U26LCd+CmQa4kKj+WJ8bnxvAf
ue1VZcQA/aFf4R1gTTya/LVqKAsr9EeuOVzI8VbunBpLWMVQyUIteuEHnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFILjTVEoJbla5WbAAXrJ8ahP2/l0MB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvZ3VOTlVTZ2x1VnJsWnNBQmVzbnhxRV9iLVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2ZBmMA8E
AgACMAkDBwAqA4DAq7owDQYJKoZIhvcNAQELBQADggEBAGRHTzcx3hyG1VU6L9rL
qwHsgwKUhKyOLcuQYSBMIDffnUtfdt1MfZcEOcGtaiwxS/cx0SOLREJYni7vNun4
QBEi1bHNqXJzX94+9NE9XanAmEVqo9YPpGIPRP6mg2439M0J3rklFap8Xl+SW6z3
zFxj6SBRsR6cg2Vw8vPNa0ruqj3l4m39LkcZpd9LBkdUH9QdZdoyycw92a1lGNe6
cMKjxVJzk6xO8JiJ1FaLf2cabSTOINBhhRsrc2zqezrNhBZ+qCfca9XBb3QUiJG+
+ZP+h8qCBrP3Sy/tqFlgVNSbxV4/i14JN4xRc593pm7Qx/FsMauHY6pe3kb/b7KT
OF8=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:25 2025 by rpki-client