Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/xncHaqcLyYORH6vqmToHUaR_l3I.roa
File: xncHaqcLyYORH6vqmToHUaR_l3I.roa (raw, json)
Hash identifier: a17BMd64Tfby2Y+t7x7P84FAeiM8aAJ+QwDMhRYG5rw=
Subject key identifier: C6:77:07:6A:A7:0B:C9:83:91:1F:AB:EA:99:3A:07:51:A4:7F:97:72
Certificate issuer: /CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Certificate serial: 0184D349068BA2E4B2E4F11DDC11472D6E32
Authority key identifier: DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/xncHaqcLyYORH6vqmToHUaR_l3I.roa
Signing time: Fri 02 Dec 2022 14:41:28 +0000
ROA not before: Fri 02 Dec 2022 14:41:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15917
IP address blocks: 217.31.0.0/22 maxlen: 22
217.31.0.0/20 maxlen: 20
217.31.4.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:49:06:8b:a2:e4:b2:e4:f1:1d:dc:11:47:2d:6e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Validity
Not Before: Dec 2 14:41:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c677076aa70bc983911fabea993a0751a47f9772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b8:7b:a7:92:92:da:8a:8b:c3:a5:c2:d9:c4:
ed:2a:87:5c:da:cc:54:36:7d:75:e1:c0:e2:fd:ad:
22:3a:0c:a1:98:d8:b0:06:04:fb:ca:8c:f5:7c:50:
a5:39:d2:12:2d:30:31:c8:1a:7d:e8:cb:a7:79:07:
af:0f:b6:b3:6c:44:1d:aa:6a:e0:67:7f:bf:34:e2:
84:c8:fd:7d:36:6e:c5:02:66:83:88:19:5f:94:b2:
b3:6f:6a:47:a5:60:35:ae:17:2d:f2:b3:02:3c:61:
56:9d:17:53:c3:02:66:c3:10:2a:b0:11:83:ea:af:
d9:87:03:e0:94:65:20:20:87:0d:04:19:e8:85:6a:
50:3e:33:54:ab:ac:b5:99:1a:f9:88:55:9f:29:48:
47:f1:86:e1:06:8b:93:8c:9c:ec:1e:c7:13:96:6d:
7f:e9:85:9b:a1:b0:92:ca:13:c6:7b:91:e2:e1:59:
09:bf:c3:70:de:69:4c:bd:12:48:1e:41:01:47:04:
cc:88:54:3f:9a:44:0e:a0:d5:da:c6:9d:40:ef:d5:
cb:aa:d2:c7:69:87:b2:f2:dd:c7:6a:ed:3f:bd:5a:
8e:5d:34:94:92:e6:fd:55:62:c2:b4:ec:ac:c1:53:
40:dc:d6:34:26:7b:35:ed:4b:1c:d9:c4:3e:80:05:
8f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:77:07:6A:A7:0B:C9:83:91:1F:AB:EA:99:3A:07:51:A4:7F:97:72
X509v3 Authority Key Identifier:
keyid:DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/xncHaqcLyYORH6vqmToHUaR_l3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.31.0.0/20
Signature Algorithm: sha256WithRSAEncryption
94:63:64:b2:b2:91:a0:14:ea:25:a2:6b:06:b1:2b:fc:dc:52:
ff:60:25:1e:a4:bf:65:34:b3:29:bd:62:64:dc:35:69:ca:61:
1f:96:67:fa:cf:5a:e0:a3:16:49:00:be:e4:69:fb:a4:d7:8e:
6f:84:b5:3b:79:25:7e:2f:c7:de:3d:e1:bd:7a:73:10:f1:d7:
e7:56:42:12:56:0e:96:f6:7e:d8:ff:bc:6b:85:c6:42:e0:be:
36:2b:17:f5:28:7e:64:14:80:3f:6c:aa:68:eb:79:97:0b:e9:
19:66:6e:ef:32:a2:16:dd:f8:94:1d:75:bf:b9:66:d2:f0:c2:
a8:c2:18:ab:99:24:ca:d2:f5:30:8e:8d:59:cf:25:f7:4b:44:
b0:2a:40:e6:b7:0a:a9:98:cf:8b:68:e4:be:06:57:83:a8:13:
4f:17:3e:45:61:74:8f:a4:a9:3d:3a:5e:a6:4e:3d:f7:5e:0e:
df:78:56:34:0f:0d:f4:fe:bb:88:a7:dd:81:1d:70:5e:4c:9d:
dc:90:7b:35:11:1a:1d:f1:28:dc:74:ba:83:5c:d6:2a:d8:85:
c4:9b:d3:25:e8:ec:41:3a:d8:be:f5:70:82:ae:f1:93:65:20:
7b:5b:12:cf:85:5a:83:79:e6:6e:fe:f0:a0:75:ac:60:1f:32:
f4:b5:8e:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTTSQaLouSy5PEd3BFHLW4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNjY0MDM1N2FlNGFlMTBmYzBiM2U5ZDk4ZjJhMGNiMDEx
ODkwM2MwHhcNMjIxMjAyMTQ0MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjc3MDc2YWE3MGJjOTgzOTExZmFiZWE5OTNhMDc1MWE0N2Y5NzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLh7p5KS2oqLw6XC2cTtKodc2sxU
Nn114cDi/a0iOgyhmNiwBgT7yoz1fFClOdISLTAxyBp96MuneQevD7azbEQdqmrg
Z3+/NOKEyP19Nm7FAmaDiBlflLKzb2pHpWA1rhct8rMCPGFWnRdTwwJmwxAqsBGD
6q/ZhwPglGUgIIcNBBnohWpQPjNUq6y1mRr5iFWfKUhH8YbhBouTjJzsHscTlm1/
6YWbobCSyhPGe5Hi4VkJv8Nw3mlMvRJIHkEBRwTMiFQ/mkQOoNXaxp1A79XLqtLH
aYey8t3Hau0/vVqOXTSUkub9VWLCtOyswVNA3NY0Jns17Usc2cQ+gAWPrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZ3B2qnC8mDkR+r6pk6B1Gkf5dyMB8GA1UdIwQY
MBaAFN5mQDV65K4Q/As+nZjyoMsBGJA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAt
ZmY5N2Y2MmEwOTQ1LzEveG5jSGFxY0x5WU9SSDZ2cW1Ub0hVYVJfbDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAtZmY5N2Y2MmEwOTQ1
LzEvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2R8AMA0G
CSqGSIb3DQEBCwUAA4IBAQCUY2SyspGgFOolomsGsSv83FL/YCUepL9lNLMpvWJk
3DVpymEflmf6z1rgoxZJAL7kafuk145vhLU7eSV+L8fePeG9enMQ8dfnVkISVg6W
9n7Y/7xrhcZC4L42Kxf1KH5kFIA/bKpo63mXC+kZZm7vMqIW3fiUHXW/uWbS8MKo
whirmSTK0vUwjo1ZzyX3S0SwKkDmtwqpmM+LaOS+BleDqBNPFz5FYXSPpKk9Ol6m
Tj33Xg7feFY0Dw30/ruIp92BHXBeTJ3ckHs1ERod8SjcdLqDXNYq2IXEm9Ml6OxB
Oti+9XCCrvGTZSB7WxLPhVqDeeZu/vCgdaxgHzL0tY4Y
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:59:35 2025 by rpki-client