Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4c9fbe-1725-4116-9ef3-0af2c5c4cc0f/1/aShzCRveyC_DvN3sZS6pCafNYA0.roa
File: aShzCRveyC_DvN3sZS6pCafNYA0.roa (raw, json)
Hash identifier: XWvpKIJc2NH3So8E6inzp1mPAVg2ZNQYvFR+kJcuAOA=
Subject key identifier: 69:28:73:09:1B:DE:C8:2F:C3:BC:DD:EC:65:2E:A9:09:A7:CD:60:0D
Certificate issuer: /CN=a3de4c3b6daa5a698bf307cc391282ab2987d617
Certificate serial: 018572310DFE89F4EB890F2A94FE7AE4EFE7
Authority key identifier: A3:DE:4C:3B:6D:AA:5A:69:8B:F3:07:CC:39:12:82:AB:29:87:D6:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o95MO22qWmmL8wfMORKCqymH1hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c9fbe-1725-4116-9ef3-0af2c5c4cc0f/1/aShzCRveyC_DvN3sZS6pCafNYA0.roa
Signing time: Mon 02 Jan 2023 11:14:55 +0000
ROA not before: Mon 02 Jan 2023 11:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57711
IP address blocks: 171.25.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:0d:fe:89:f4:eb:89:0f:2a:94:fe:7a:e4:ef:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3de4c3b6daa5a698bf307cc391282ab2987d617
Validity
Not Before: Jan 2 11:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=692873091bdec82fc3bcddec652ea909a7cd600d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c7:7d:06:15:82:9b:ff:c8:ac:5e:cd:bd:8a:
49:24:8e:cf:8c:a2:08:ba:c2:8e:4a:82:2d:16:93:
cc:93:8c:37:0f:9e:37:2b:d6:91:95:ea:d9:68:2b:
6a:ac:d6:1a:14:55:c6:22:23:db:2a:e2:07:64:a8:
36:d6:d4:b4:94:e8:28:ce:45:6e:d5:84:bb:4b:1e:
d1:77:9c:3f:02:9a:05:37:17:80:1d:b8:ef:2a:d9:
a0:0b:60:aa:f6:84:0b:77:37:c6:18:28:ed:cc:28:
03:d9:a8:61:d1:96:6a:ba:ee:ac:a8:3c:0f:36:5c:
cf:e5:de:e4:fb:99:d7:fe:0a:9e:27:f2:53:39:16:
7d:95:4e:b7:c0:c0:c9:02:45:1b:69:f7:bb:a7:c0:
37:38:88:fe:2e:f8:5b:6f:96:14:08:42:8f:0c:04:
ef:94:4f:74:d2:a9:aa:07:00:69:ac:d4:7c:06:24:
ae:20:38:d3:4d:1f:e2:6d:92:61:b9:d3:b8:34:a6:
bd:89:3b:a4:da:eb:28:5d:8a:d4:7d:16:ff:48:e6:
c9:d4:f9:49:ae:e6:ed:40:63:b6:41:2d:18:ea:b0:
d2:8c:97:7a:66:3e:65:d0:2a:88:ca:99:97:cd:1f:
c0:fa:c0:b7:23:3c:e4:ad:50:45:b1:27:0c:e3:f2:
36:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:28:73:09:1B:DE:C8:2F:C3:BC:DD:EC:65:2E:A9:09:A7:CD:60:0D
X509v3 Authority Key Identifier:
keyid:A3:DE:4C:3B:6D:AA:5A:69:8B:F3:07:CC:39:12:82:AB:29:87:D6:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o95MO22qWmmL8wfMORKCqymH1hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c9fbe-1725-4116-9ef3-0af2c5c4cc0f/1/aShzCRveyC_DvN3sZS6pCafNYA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c9fbe-1725-4116-9ef3-0af2c5c4cc0f/1/o95MO22qWmmL8wfMORKCqymH1hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.248.0/22
Signature Algorithm: sha256WithRSAEncryption
85:92:e9:49:41:73:f8:a7:4f:be:80:b8:be:bc:1c:d6:3d:52:
1d:bc:40:e4:ca:be:fa:d4:7e:f0:bb:d8:e2:65:f7:c3:53:ce:
7a:2f:88:93:32:16:77:37:56:fe:f3:b0:17:f1:be:0b:aa:c3:
4a:9d:ae:cc:6d:51:32:f4:2a:3d:3d:5e:f5:29:d7:36:5f:ba:
dd:2b:8e:92:cd:37:59:4b:6d:36:93:e8:e3:31:8f:f6:6a:84:
2c:e5:ae:2b:4b:b9:94:bb:6f:b0:8b:a9:82:60:d6:4b:9d:81:
dc:d0:44:95:76:6b:50:ed:75:b0:69:4b:6b:a3:41:0e:dc:54:
28:9d:3d:d2:af:36:f8:e5:0c:53:2f:a9:3f:6c:15:6c:09:d5:
71:86:a4:8d:da:d1:e9:3f:e3:76:4f:49:1f:ac:21:53:17:a1:
c5:7c:c6:e3:70:cf:27:52:1d:b5:32:03:ea:54:58:d5:f4:98:
41:8a:13:92:19:fb:80:c9:34:be:f1:9a:f5:2d:1b:00:64:61:
af:0c:c1:d1:56:c7:3a:39:29:7a:92:f8:5f:40:32:e8:13:35:
e5:a2:56:f9:0b:29:1b:80:20:c1:aa:ba:cf:65:51:6a:a5:a4:
13:8a:c5:74:c8:de:94:9f:e2:ac:02:53:17:60:12:c1:ec:6a:
a0:23:a4:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMQ3+ifTriQ8qlP565O/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZGU0YzNiNmRhYTVhNjk4YmYzMDdjYzM5MTI4MmFiMjk4
N2Q2MTcwHhcNMjMwMTAyMTExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTI4NzMwOTFiZGVjODJmYzNiY2RkZWM2NTJlYTkwOWE3Y2Q2MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisd9BhWCm//IrF7NvYpJJI7PjKII
usKOSoItFpPMk4w3D543K9aRlerZaCtqrNYaFFXGIiPbKuIHZKg21tS0lOgozkVu
1YS7Sx7Rd5w/ApoFNxeAHbjvKtmgC2Cq9oQLdzfGGCjtzCgD2ahh0ZZquu6sqDwP
NlzP5d7k+5nX/gqeJ/JTORZ9lU63wMDJAkUbafe7p8A3OIj+Lvhbb5YUCEKPDATv
lE900qmqBwBprNR8BiSuIDjTTR/ibZJhudO4NKa9iTuk2usoXYrUfRb/SObJ1PlJ
rubtQGO2QS0Y6rDSjJd6Zj5l0CqIypmXzR/A+sC3IzzkrVBFsScM4/I2fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkocwkb3sgvw7zd7GUuqQmnzWANMB8GA1UdIwQY
MBaAFKPeTDttqlppi/MHzDkSgqsph9YXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzk1TU8yMnFXbW1MOHdmTU9SS0NxeW1IMWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YzlmYmUtMTcyNS00MTE2LTllZjMt
MGFmMmM1YzRjYzBmLzEvYVNoekNSdmV5Q19Edk4zc1pTNnBDYWZOWUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YzlmYmUtMTcyNS00MTE2LTllZjMtMGFmMmM1YzRjYzBm
LzEvbzk1TU8yMnFXbW1MOHdmTU9SS0NxeW1IMWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqxn4MA0G
CSqGSIb3DQEBCwUAA4IBAQCFkulJQXP4p0++gLi+vBzWPVIdvEDkyr761H7wu9ji
ZffDU856L4iTMhZ3N1b+87AX8b4LqsNKna7MbVEy9Co9PV71Kdc2X7rdK46SzTdZ
S202k+jjMY/2aoQs5a4rS7mUu2+wi6mCYNZLnYHc0ESVdmtQ7XWwaUtro0EO3FQo
nT3Srzb45QxTL6k/bBVsCdVxhqSN2tHpP+N2T0kfrCFTF6HFfMbjcM8nUh21MgPq
VFjV9JhBihOSGfuAyTS+8Zr1LRsAZGGvDMHRVsc6OSl6kvhfQDLoEzXlolb5Cykb
gCDBqrrPZVFqpaQTisV0yN6Un+KsAlMXYBLB7GqgI6Ru
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:33 2025 by rpki-client