Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/ryEFSYmwVu9rNVbBIOHdS1TFFKI.roa
File: ryEFSYmwVu9rNVbBIOHdS1TFFKI.roa (raw, json)
Hash identifier: zwfmQ4mdk+mXhS2dL0PhdjUhquqck3n7U9pfbkgCFgA=
Subject key identifier: AF:21:05:49:89:B0:56:EF:6B:35:56:C1:20:E1:DD:4B:54:C5:14:A2
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 01843C5A86A278A7E7E3B37DD72252A5FA8E
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/ryEFSYmwVu9rNVbBIOHdS1TFFKI.roa
Signing time: Thu 03 Nov 2022 07:17:56 +0000
ROA not before: Thu 03 Nov 2022 07:17:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198504
IP address blocks: 84.17.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:5a:86:a2:78:a7:e7:e3:b3:7d:d7:22:52:a5:fa:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Nov 3 07:17:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af21054989b056ef6b3556c120e1dd4b54c514a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2a:86:2b:1c:04:b2:c5:32:b2:b4:06:ab:85:
12:e7:81:45:cc:2d:d1:0e:6f:79:3c:86:84:ea:57:
4e:96:47:56:6b:9b:be:95:06:2c:fe:db:60:b7:b3:
3b:c9:8a:ba:d8:12:1b:f3:33:85:f0:1e:bd:19:83:
1f:4d:86:94:5d:49:1e:95:4e:44:8c:f5:7c:a2:6f:
63:21:52:f8:8a:c0:5b:07:e5:5a:7a:f1:1b:af:dd:
bb:a5:91:4f:25:4c:f5:29:3b:9d:78:0d:44:a7:54:
41:11:6f:e5:a9:b8:e2:3a:ea:05:06:0e:47:ee:cf:
93:f5:cd:70:39:61:c4:53:8d:22:e0:c7:58:b9:12:
d5:fb:bb:25:70:2c:a9:2c:d0:91:21:b9:2a:ae:e8:
97:0a:e2:57:cf:6d:70:18:e9:18:a6:b7:fb:eb:b1:
ca:72:8f:95:bb:ba:ac:e5:25:18:05:d8:4e:5e:04:
a2:59:22:eb:3e:1a:a9:0e:69:20:f5:6f:b6:2e:7d:
d3:ec:dc:13:63:58:a7:72:bd:35:7e:ad:6f:1f:73:
e9:57:81:25:55:a0:bb:1f:f6:1f:1c:d4:84:c5:f5:
bb:83:4b:57:c0:9f:2b:31:d2:71:61:7d:61:e9:18:
85:80:c1:71:cc:e4:1f:af:47:48:9f:6a:eb:56:ff:
e3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:21:05:49:89:B0:56:EF:6B:35:56:C1:20:E1:DD:4B:54:C5:14:A2
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/ryEFSYmwVu9rNVbBIOHdS1TFFKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.73.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:04:aa:5f:d1:5d:4a:b2:6f:b0:13:60:30:e7:52:03:53:39:
d2:b5:74:f7:06:ea:72:c2:17:81:89:85:34:fe:85:ba:fe:d5:
d0:41:28:8a:9d:4d:59:ab:bb:0e:ce:06:a6:de:96:ca:62:fd:
04:ff:29:ba:85:85:15:49:e7:28:42:36:f7:8d:b5:9d:d1:77:
04:65:cd:78:e2:46:db:d5:32:fb:22:4a:28:bc:cc:b8:d8:22:
48:fd:45:29:ee:a1:be:98:58:d1:a6:42:fe:9f:19:f6:4a:4b:
44:df:1a:90:6c:0b:d7:57:5d:00:65:c7:74:f2:99:19:aa:3a:
34:60:5a:88:39:6d:03:05:4c:13:9b:9e:c5:ff:9a:15:7d:ca:
e8:e7:19:0b:e2:0c:a4:3f:a2:f4:c1:45:e7:c8:9c:81:87:ba:
f5:a8:01:45:64:93:da:1e:95:7a:a5:a0:cd:16:61:8d:c4:59:
72:09:71:54:83:91:b7:6f:8f:c1:21:48:f5:f8:e8:63:5f:12:
f6:9d:1b:70:eb:7b:b1:3a:eb:6e:55:c6:1e:f0:9e:91:f6:46:
58:e1:df:84:c5:c2:b9:0d:f6:34:6e:74:a0:29:f0:e9:28:8b:
b5:55:31:e3:f7:16:21:de:70:e1:d7:fb:d0:e5:12:9f:22:ab:
be:0d:36:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ8WoaieKfn47N91yJSpfqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjIxMTAzMDcxNzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIxMDU0OTg5YjA1NmVmNmIzNTU2YzEyMGUxZGQ0YjU0YzUxNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yqGKxwEssUysrQGq4US54FFzC3R
Dm95PIaE6ldOlkdWa5u+lQYs/ttgt7M7yYq62BIb8zOF8B69GYMfTYaUXUkelU5E
jPV8om9jIVL4isBbB+VaevEbr927pZFPJUz1KTudeA1Ep1RBEW/lqbjiOuoFBg5H
7s+T9c1wOWHEU40i4MdYuRLV+7slcCypLNCRIbkqruiXCuJXz21wGOkYprf767HK
co+Vu7qs5SUYBdhOXgSiWSLrPhqpDmkg9W+2Ln3T7NwTY1incr01fq1vH3PpV4El
VaC7H/YfHNSExfW7g0tXwJ8rMdJxYX1h6RiFgMFxzOQfr0dIn2rrVv/jmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8hBUmJsFbvazVWwSDh3UtUxRSiMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvcnlFRlNZbXdWdTlyTlZiQklPSGRTMVRGRktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVBFJMA0G
CSqGSIb3DQEBCwUAA4IBAQANBKpf0V1Ksm+wE2Aw51IDUznStXT3BupywheBiYU0
/oW6/tXQQSiKnU1Zq7sOzgam3pbKYv0E/ym6hYUVSecoQjb3jbWd0XcEZc144kbb
1TL7IkoovMy42CJI/UUp7qG+mFjRpkL+nxn2SktE3xqQbAvXV10AZcd08pkZqjo0
YFqIOW0DBUwTm57F/5oVfcro5xkL4gykP6L0wUXnyJyBh7r1qAFFZJPaHpV6paDN
FmGNxFlyCXFUg5G3b4/BIUj1+OhjXxL2nRtw63uxOutuVcYe8J6R9kZY4d+ExcK5
DfY0bnSgKfDpKIu1VTHj9xYh3nDh1/vQ5RKfIqu+DTYH
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:17 2023 by rpki-client on console-ams.rpki-client.org