Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/Yd49aqmXUj5kD8tAy6cudfDeh7s.roa
File: Yd49aqmXUj5kD8tAy6cudfDeh7s.roa (raw, json)
Hash identifier: KHBuXejfimXY7Au1Y+laOG0W5CE+/jCT0Mn/Qq/r6Qc=
Subject key identifier: 61:DE:3D:6A:A9:97:52:3E:64:0F:CB:40:CB:A7:2E:75:F0:DE:87:BB
Certificate issuer: /CN=d79da465615c60094370833892da84c886e1c4ef
Certificate serial: 13984877
Authority key identifier: D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/Yd49aqmXUj5kD8tAy6cudfDeh7s.roa
Signing time: Sat 01 Jan 2022 09:02:59 +0000
ROA not before: Sat 01 Jan 2022 09:02:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16004
IP address blocks: 217.29.72.0/24 maxlen: 24
217.29.72.0/21 maxlen: 21
217.29.76.0/24 maxlen: 24
217.29.77.0/24 maxlen: 24
2001:1ac0::/64 maxlen: 64
2001:1ac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 328747127 (0x13984877)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79da465615c60094370833892da84c886e1c4ef
Validity
Not Before: Jan 1 09:02:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61de3d6aa997523e640fcb40cba72e75f0de87bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8f:95:96:5a:4f:b5:c9:d7:68:46:c2:e5:b3:
17:98:4a:39:b9:01:49:37:36:cf:31:d4:e9:4e:d0:
d5:d4:17:3f:66:e4:7d:c7:52:60:1c:70:46:1d:2b:
89:76:19:d5:61:40:be:1b:7e:9f:54:86:86:e9:94:
9d:b7:08:8e:03:b6:3b:ba:c3:7e:ae:30:47:28:7c:
6c:e9:79:32:cc:a1:8b:f6:98:21:76:92:c7:33:1f:
ac:18:ef:bb:f6:3c:3f:0c:9d:a8:c6:1c:ae:a3:1c:
f0:da:04:d0:26:72:7a:24:78:b6:5b:21:90:0a:b9:
a4:ab:f8:ea:bf:c4:47:3e:22:7a:23:46:80:56:77:
a8:0e:be:6a:c8:1e:1d:77:b4:1b:5c:39:fd:77:f3:
03:92:a4:5c:ae:e8:94:73:21:86:b0:93:e0:a6:d2:
64:1f:1b:e6:b2:01:d4:30:b0:46:3e:eb:5e:4b:14:
ec:be:cf:ff:76:a6:7e:e2:34:fb:9f:e0:93:ff:b8:
4d:45:d2:db:87:8b:0b:9b:6f:a7:6f:b9:c2:85:17:
2f:b5:37:d6:67:19:da:6a:19:21:aa:66:80:6d:87:
c1:7f:4e:5a:f4:31:ae:b5:05:a4:3d:51:16:a0:d5:
01:5d:f4:37:52:40:7a:24:06:9d:47:2a:ef:1c:f4:
be:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DE:3D:6A:A9:97:52:3E:64:0F:CB:40:CB:A7:2E:75:F0:DE:87:BB
X509v3 Authority Key Identifier:
keyid:D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/Yd49aqmXUj5kD8tAy6cudfDeh7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.29.72.0/21
IPv6:
2001:1ac0::/32
Signature Algorithm: sha256WithRSAEncryption
89:b7:d6:ae:f7:c0:89:f4:f5:7b:8b:82:29:5a:9d:cd:97:c0:
c6:9b:c7:bf:7d:05:84:75:54:1c:e2:81:62:97:a8:51:c4:87:
f8:7c:69:bb:e2:7c:3f:70:a3:66:5f:c8:2a:33:00:bc:d9:1b:
5c:e8:c8:ef:aa:f8:69:8e:0c:a9:71:a6:de:4b:1a:f2:7f:2b:
d6:80:46:ef:88:f4:13:d7:2b:e1:2c:fa:86:0f:91:83:43:1a:
a2:af:7d:49:1e:63:f3:9c:cb:52:70:ac:b9:fa:93:8d:58:cc:
e4:5e:73:e5:36:e3:ca:b9:0f:31:cf:58:2f:42:22:54:c8:61:
11:92:2e:61:da:3f:e6:0e:a2:0d:97:6f:00:00:b0:ad:ad:4d:
a1:f1:ae:c7:76:1f:9b:3c:be:42:6a:b1:c5:b3:89:ab:74:56:
58:51:46:59:26:93:d9:17:66:87:76:5a:b0:0c:59:d6:e2:af:
83:6e:a4:b5:0c:b2:58:58:12:7f:8c:d2:02:bd:1a:a4:bc:28:
9b:79:dd:1c:57:36:de:a0:65:ec:67:7a:e1:d9:b0:a3:79:ee:
70:46:5e:16:ba:07:ae:73:d9:80:eb:ba:dc:51:51:d2:19:c4:
ee:c0:0c:dd:34:da:9b:e8:bf:ae:da:d0:25:f5:72:11:d1:e8:
9f:6e:94:6a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEE5hIdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzlkYTQ2NTYxNWM2MDA5NDM3MDgzMzg5MmRhODRjODg2ZTFjNGVmMB4XDTIyMDEw
MTA5MDI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFkZTNkNmFhOTk3
NTIzZTY0MGZjYjQwY2JhNzJlNzVmMGRlODdiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+PlZZaT7XJ12hGwuWzF5hKObkBSTc2zzHU6U7Q1dQXP2bk
fcdSYBxwRh0riXYZ1WFAvht+n1SGhumUnbcIjgO2O7rDfq4wRyh8bOl5Msyhi/aY
IXaSxzMfrBjvu/Y8PwydqMYcrqMc8NoE0CZyeiR4tlshkAq5pKv46r/ERz4ieiNG
gFZ3qA6+asgeHXe0G1w5/XfzA5KkXK7olHMhhrCT4KbSZB8b5rIB1DCwRj7rXksU
7L7P/3amfuI0+5/gk/+4TUXS24eLC5tvp2+5woUXL7U31mcZ2moZIapmgG2HwX9O
WvQxrrUFpD1RFqDVAV30N1JAeiQGnUcq7xz0vgUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRh3j1qqZdSPmQPy0DLpy518N6HuzAfBgNVHSMEGDAWgBTXnaRlYVxgCUNw
gziS2oTIhuHE7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzE1MmtaV0ZjWUFsRGNJTTRrdHFFeUliaHhPOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvZDc5Yzk4LWMyN2QtNDViMy04NmQ5LWRhZDNiYjEzYzBhMi8x
L1lkNDlhcW1YVWo1a0Q4dEF5NmN1ZGZEZWg3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
ZDc5Yzk4LWMyN2QtNDViMy04NmQ5LWRhZDNiYjEzYzBhMi8xLzE1MmtaV0ZjWUFs
RGNJTTRrdHFFeUliaHhPOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA9kdSDANBAIAAjAHAwUAIAEawDAN
BgkqhkiG9w0BAQsFAAOCAQEAibfWrvfAifT1e4uCKVqdzZfAxpvHv30FhHVUHOKB
YpeoUcSH+Hxpu+J8P3CjZl/IKjMAvNkbXOjI76r4aY4MqXGm3ksa8n8r1oBG74j0
E9cr4Sz6hg+Rg0Maoq99SR5j85zLUnCsufqTjVjM5F5z5TbjyrkPMc9YL0IiVMhh
EZIuYdo/5g6iDZdvAACwra1NofGux3Yfmzy+QmqxxbOJq3RWWFFGWSaT2Rdmh3Za
sAxZ1uKvg26ktQyyWFgSf4zSAr0apLwom3ndHFc23qBl7Gd64dmwo3nucEZeFroH
rnPZgOu63FFR0hnE7sAM3TTam+i/rtrQJfVyEdHon26Uag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:44 2024 by rpki-client on console-ams.rpki-client.org