Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/_WlRDF28StM8jyxhEdvsiJIY3KM.roa
File: _WlRDF28StM8jyxhEdvsiJIY3KM.roa (raw, json)
Hash identifier: PVTJ5kJwKoI72B9LrQg+l5PgnV1b5rNgGOi3W8DjaqY=
Subject key identifier: FD:69:51:0C:5D:BC:4A:D3:3C:8F:2C:61:11:DB:EC:88:92:18:DC:A3
Certificate issuer: /CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Certificate serial: 018571B0FAA39A61B18BD4FDA4A9310E27E6
Authority key identifier: 9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/_WlRDF28StM8jyxhEdvsiJIY3KM.roa
Signing time: Mon 02 Jan 2023 08:55:01 +0000
ROA not before: Mon 02 Jan 2023 08:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33869
IP address blocks: 217.113.128.0/20 maxlen: 20
194.116.138.0/23 maxlen: 23
194.114.148.0/22 maxlen: 22
194.150.206.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:fa:a3:9a:61:b1:8b:d4:fd:a4:a9:31:0e:27:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Validity
Not Before: Jan 2 08:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd69510c5dbc4ad33c8f2c6111dbec889218dca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3a:db:f1:4a:94:6f:15:7b:ac:05:69:d4:57:
f6:fd:14:db:7f:a9:7a:d6:28:cb:e9:41:66:49:21:
58:c5:26:32:82:8d:92:a9:f7:70:8b:16:5d:20:3f:
ab:f8:8a:fa:d3:11:f8:04:02:0b:54:38:01:63:a7:
aa:2a:34:f3:42:7e:c6:b2:3d:a5:25:3e:70:20:37:
be:ed:88:d0:86:6c:01:e6:74:bf:cb:29:69:8c:2b:
9a:51:8b:ab:5b:c8:52:9e:1d:7a:0d:69:65:68:43:
c7:c7:4d:45:8c:ca:3e:ae:83:d1:cd:75:e0:86:ac:
ed:2d:ca:62:d8:59:98:7d:35:a7:f9:38:2c:08:c7:
41:47:7c:bb:da:6e:63:93:f1:d5:17:c6:c3:1f:a1:
46:38:1d:22:58:8f:ce:b0:69:2b:ad:0f:ba:e8:5d:
cb:27:0a:bc:3a:ac:e4:f8:fa:24:79:98:88:bb:69:
03:86:29:40:5b:ed:5c:20:8d:e7:c1:7c:a9:cf:41:
cf:43:52:a5:84:2b:79:77:e5:5e:3a:79:4e:d6:9d:
32:88:f6:fe:af:5c:f5:5f:cc:f6:9c:64:a4:5a:7c:
18:0a:da:ef:ec:ad:64:f9:1b:b0:0a:bc:15:68:f8:
63:99:b9:43:4d:fb:31:02:24:25:06:89:de:b0:c2:
7b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:69:51:0C:5D:BC:4A:D3:3C:8F:2C:61:11:DB:EC:88:92:18:DC:A3
X509v3 Authority Key Identifier:
keyid:9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/_WlRDF28StM8jyxhEdvsiJIY3KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.114.148.0/22
194.116.138.0/23
194.150.206.0/23
217.113.128.0/20
Signature Algorithm: sha256WithRSAEncryption
88:b0:26:36:ea:b4:79:4e:99:4f:d0:b0:e2:4c:27:20:0a:5b:
be:17:f6:1f:13:b8:ac:9b:77:78:b0:25:bc:3b:ab:44:7d:03:
d0:04:e9:53:48:ed:84:85:95:10:ff:d9:6e:79:14:fe:17:bd:
b5:d4:b8:ff:e5:66:e2:9a:e7:19:ab:e9:2b:4f:d4:a4:2a:c9:
6c:a4:4f:6e:30:42:01:28:fc:5e:2f:4a:b6:c6:49:21:f6:94:
c6:14:58:77:d1:4b:55:29:66:57:04:14:37:44:c1:8f:aa:48:
7c:3e:da:72:8b:84:25:87:e9:80:32:6c:96:f7:8f:af:6e:7f:
20:fd:3c:42:19:92:0a:1c:3c:87:1c:10:da:3c:62:b2:e0:f8:
b0:4a:73:8e:02:a3:e3:75:34:b3:0e:20:44:09:0b:16:5b:c8:
20:31:02:40:4c:8f:24:ef:1e:3a:47:2c:0b:ee:3a:4c:c4:c0:
c5:e3:35:f5:5c:f1:0a:cd:82:be:5b:04:88:73:fe:4e:6c:23:
c5:36:a0:0a:f8:1a:d8:53:14:12:1a:a2:74:c3:d1:e6:f1:78:
81:ec:8b:d6:4b:0f:93:46:02:01:b9:0b:be:89:c5:12:57:44:
30:8c:1e:c7:b9:3e:97:b9:2f:a6:d1:77:5d:ff:5b:15:f4:ea:
db:63:84:b7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxsPqjmmGxi9T9pKkxDifmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNmI3YjNlYTYwZWZiNGE1NzlhNGY1ZTIzN2VhN2E4OGQz
YmMwNzgwHhcNMjMwMTAyMDg1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDY5NTEwYzVkYmM0YWQzM2M4ZjJjNjExMWRiZWM4ODkyMThkY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDrb8UqUbxV7rAVp1Ff2/RTbf6l6
1ijL6UFmSSFYxSYygo2SqfdwixZdID+r+Ir60xH4BAILVDgBY6eqKjTzQn7Gsj2l
JT5wIDe+7YjQhmwB5nS/yylpjCuaUYurW8hSnh16DWllaEPHx01FjMo+roPRzXXg
hqztLcpi2FmYfTWn+TgsCMdBR3y72m5jk/HVF8bDH6FGOB0iWI/OsGkrrQ+66F3L
Jwq8Oqzk+PokeZiIu2kDhilAW+1cII3nwXypz0HPQ1KlhCt5d+VeOnlO1p0yiPb+
r1z1X8z2nGSkWnwYCtrv7K1k+RuwCrwVaPhjmblDTfsxAiQlBonesMJ7HQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP1pUQxdvErTPI8sYRHb7IiSGNyjMB8GA1UdIwQY
MBaAFJtrez6mDvtKV5pPXiN+p6iNO8B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAt
ZTc0ZDhkMWQ0ZTAyLzEvX1dsUkRGMjhTdE04anl4aEVkdnNpSklZM0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAtZTc0ZDhkMWQ0ZTAy
LzEvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwnKUAwQB
wnSKAwQBwpbOAwQE2XGAMA0GCSqGSIb3DQEBCwUAA4IBAQCIsCY26rR5TplP0LDi
TCcgClu+F/YfE7ism3d4sCW8O6tEfQPQBOlTSO2EhZUQ/9lueRT+F7211Lj/5Wbi
mucZq+krT9SkKslspE9uMEIBKPxeL0q2xkkh9pTGFFh30UtVKWZXBBQ3RMGPqkh8
Ptpyi4Qlh+mAMmyW94+vbn8g/TxCGZIKHDyHHBDaPGKy4PiwSnOOAqPjdTSzDiBE
CQsWW8ggMQJATI8k7x46RywL7jpMxMDF4zX1XPEKzYK+WwSIc/5ObCPFNqAK+BrY
UxQSGqJ0w9Hm8XiB7IvWSw+TRgIBuQu+icUSV0QwjB7HuT6XuS+m0Xdd/1sV9Orb
Y4S3
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:50 2025 by rpki-client