Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/sdt1mBkFuvai9CYTiLAH8Iv9q8s.roa
File: sdt1mBkFuvai9CYTiLAH8Iv9q8s.roa (raw, json)
Hash identifier: UdXBiWbMJlCCMJ1URhfdsBY546gQBmBmbeaTtbCUQkw=
Subject key identifier: B1:DB:75:98:19:05:BA:F6:A2:F4:26:13:88:B0:07:F0:8B:FD:AB:CB
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 018B3E23F7C7FE99E4D5C76C7F3C0838578D
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/sdt1mBkFuvai9CYTiLAH8Iv9q8s.roa
Signing time: Tue 17 Oct 2023 14:57:06 +0000
ROA not before: Tue 17 Oct 2023 14:57:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216139
IP address blocks: 217.144.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3e:23:f7:c7:fe:99:e4:d5:c7:6c:7f:3c:08:38:57:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Oct 17 14:57:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1db75981905baf6a2f4261388b007f08bfdabcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:c3:b2:25:6c:21:41:0b:28:fa:b9:d3:b6:
92:65:cb:3a:9e:28:e4:06:fe:62:ea:3e:91:0e:40:
3a:22:7b:ef:ee:a8:d1:08:cb:2b:9f:8a:23:29:2f:
91:4b:4b:1b:11:10:da:f5:32:65:6a:1d:76:a0:1e:
68:34:b9:95:a5:8d:82:51:e5:99:d6:3a:c0:35:1e:
83:5e:af:ef:81:dd:7e:27:f9:d9:67:b6:ae:89:68:
25:9a:a3:84:f0:0e:7e:15:96:e3:f6:08:50:02:e8:
35:2c:49:92:e1:0b:f0:c5:52:59:87:75:81:35:28:
20:61:84:3d:10:48:18:a1:51:bc:f9:ca:b5:12:4d:
c6:33:fc:e8:d6:14:68:4c:f7:a5:1e:cd:6d:5c:84:
42:4e:fb:bd:da:f9:07:1a:e9:22:03:41:50:eb:4d:
a2:79:ba:3b:fc:78:72:73:83:87:3f:77:15:71:92:
43:9e:df:40:42:39:37:f6:97:f8:2d:a3:2f:12:60:
35:5e:89:95:1c:90:24:12:af:22:be:0a:2c:24:8e:
24:95:b2:5e:39:eb:f4:c4:1d:bb:ca:3b:a4:58:d5:
6b:e2:e1:7a:14:e0:46:c2:ae:55:06:92:2d:51:12:
95:f6:e6:e0:b6:be:7a:5a:71:c3:79:68:20:01:e0:
cc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:DB:75:98:19:05:BA:F6:A2:F4:26:13:88:B0:07:F0:8B:FD:AB:CB
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/sdt1mBkFuvai9CYTiLAH8Iv9q8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.144.102.0/24
Signature Algorithm: sha256WithRSAEncryption
30:6d:53:34:41:4a:7f:92:70:b4:98:bd:89:20:db:0f:65:9a:
ab:55:46:b6:b9:88:5d:0b:3a:8b:7a:c6:3b:3e:c7:80:1d:64:
fd:3c:a2:d1:a5:ab:19:ec:3c:d2:bd:e7:5a:d4:92:be:02:b9:
7a:e5:da:42:84:20:de:a1:52:6c:ef:1a:71:c9:0b:14:2f:95:
cc:f2:b2:e3:cc:c0:a3:c3:a0:10:da:96:7f:87:0c:5d:ef:af:
fe:0a:39:09:28:55:c5:2d:d2:d3:45:06:fb:93:50:73:80:68:
83:29:e8:8d:d9:06:e3:6d:d4:f0:0e:2a:5d:c2:cc:ad:d8:56:
ff:16:f7:bf:63:6f:0c:85:bb:f3:de:fe:30:7e:cb:d9:4e:9b:
cf:2d:ec:bf:ca:18:f8:8d:ff:69:38:e2:64:70:5c:de:a3:f9:
c2:27:c9:27:2d:68:9f:bc:ad:3b:00:a2:28:dd:49:1c:49:8d:
c3:b5:be:df:76:4f:dc:39:2f:0d:04:24:52:d7:01:27:e0:83:
1b:1c:9c:08:8b:b2:2d:07:e8:eb:99:47:f8:c9:40:53:ee:0c:
6f:34:cc:7b:b9:e0:f9:72:12:f9:77:5e:61:e6:ef:af:18:5c:
f9:4a:56:c7:ad:3e:55:3d:8c:e3:fb:bc:cc:1d:0f:6f:c6:4a:
e3:8b:bb:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs+I/fH/pnk1cdsfzwIOFeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjMxMDE3MTQ1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWRiNzU5ODE5MDViYWY2YTJmNDI2MTM4OGIwMDdmMDhiZmRhYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovbDsiVsIUELKPq507aSZcs6nijk
Bv5i6j6RDkA6Invv7qjRCMsrn4ojKS+RS0sbERDa9TJlah12oB5oNLmVpY2CUeWZ
1jrANR6DXq/vgd1+J/nZZ7auiWglmqOE8A5+FZbj9ghQAug1LEmS4QvwxVJZh3WB
NSggYYQ9EEgYoVG8+cq1Ek3GM/zo1hRoTPelHs1tXIRCTvu92vkHGukiA0FQ602i
ebo7/Hhyc4OHP3cVcZJDnt9AQjk39pf4LaMvEmA1XomVHJAkEq8ivgosJI4klbJe
Oev0xB27yjukWNVr4uF6FOBGwq5VBpItURKV9ubgtr56WnHDeWggAeDMkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHbdZgZBbr2ovQmE4iwB/CL/avLMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvc2R0MW1Ca0Z1dmFpOUNZVGlMQUg4SXY5cThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZBmMA0G
CSqGSIb3DQEBCwUAA4IBAQAwbVM0QUp/knC0mL2JINsPZZqrVUa2uYhdCzqLesY7
PseAHWT9PKLRpasZ7DzSveda1JK+Arl65dpChCDeoVJs7xpxyQsUL5XM8rLjzMCj
w6AQ2pZ/hwxd76/+CjkJKFXFLdLTRQb7k1BzgGiDKeiN2QbjbdTwDipdwsyt2Fb/
Fve/Y28Mhbvz3v4wfsvZTpvPLey/yhj4jf9pOOJkcFzeo/nCJ8knLWifvK07AKIo
3UkcSY3Dtb7fdk/cOS8NBCRS1wEn4IMbHJwIi7ItB+jrmUf4yUBT7gxvNMx7ueD5
chL5d15h5u+vGFz5SlbHrT5VPYzj+7zMHQ9vxkrji7vH
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:27 2025 by rpki-client