Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/9d8hf7M2hvadghgDQYfhsWVdm-0.roa
File: 9d8hf7M2hvadghgDQYfhsWVdm-0.roa (raw, json)
Hash identifier: V9TrZcYeUIJLxRiYnJyoXNbz/3E1ydrOZtlG90wB3z0=
Subject key identifier: F5:DF:21:7F:B3:36:86:F6:9D:82:18:03:41:87:E1:B1:65:5D:9B:ED
Certificate issuer: /CN=68a839cc8159fc5d3d75dedf62aadb81c40eabed
Certificate serial: 0184A95D037ABBCDA97D79FAB19798A5F715
Authority key identifier: 68:A8:39:CC:81:59:FC:5D:3D:75:DE:DF:62:AA:DB:81:C4:0E:AB:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKg5zIFZ_F09dd7fYqrbgcQOq-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/9d8hf7M2hvadghgDQYfhsWVdm-0.roa
Signing time: Thu 24 Nov 2022 11:19:15 +0000
ROA not before: Thu 24 Nov 2022 11:19:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 217.28.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:5d:03:7a:bb:cd:a9:7d:79:fa:b1:97:98:a5:f7:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a839cc8159fc5d3d75dedf62aadb81c40eabed
Validity
Not Before: Nov 24 11:19:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5df217fb33686f69d8218034187e1b1655d9bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ae:ee:b6:81:2e:7a:df:20:2a:67:f6:d0:97:
ed:6a:06:a0:93:f5:dd:a7:a9:42:4a:e8:4b:25:bb:
40:77:76:b1:d6:8a:2a:b5:cf:dc:c0:93:2d:1a:5d:
50:01:cb:2e:0e:6c:4f:6f:c6:e4:8b:b4:62:b0:cc:
be:cb:f8:18:af:ea:91:a8:ad:3d:f2:12:61:40:78:
90:3c:ed:e7:9d:8a:b5:19:be:b9:a0:a8:bb:d1:68:
b4:aa:6b:e2:2e:a2:17:70:09:b5:73:ab:90:c0:7f:
89:be:c0:ed:d4:21:9c:cf:62:4a:75:c8:10:d8:f7:
f7:08:21:e0:1c:70:74:55:0b:59:17:97:b0:f0:da:
15:34:ec:d8:bb:2b:ef:80:35:82:b2:bf:83:4d:d3:
82:b6:67:4d:78:46:0b:1f:a5:33:17:0c:78:0c:c5:
19:5a:75:18:9a:66:c9:38:ca:0e:b0:b5:a0:43:d3:
ac:02:4d:b9:1d:f8:ef:db:f9:43:24:42:75:19:a9:
4f:c7:99:e9:94:bb:85:26:bf:be:7c:dd:7a:48:dd:
9a:9e:7b:ca:3b:1f:f4:75:7a:67:a5:3f:da:b2:4a:
a7:b8:51:3b:b3:c6:a5:74:43:7f:8f:5a:b6:ca:63:
dd:7a:fc:63:c7:66:c8:1f:97:46:39:ba:85:c7:10:
32:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:DF:21:7F:B3:36:86:F6:9D:82:18:03:41:87:E1:B1:65:5D:9B:ED
X509v3 Authority Key Identifier:
keyid:68:A8:39:CC:81:59:FC:5D:3D:75:DE:DF:62:AA:DB:81:C4:0E:AB:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKg5zIFZ_F09dd7fYqrbgcQOq-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/9d8hf7M2hvadghgDQYfhsWVdm-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/aKg5zIFZ_F09dd7fYqrbgcQOq-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.129.0/24
Signature Algorithm: sha256WithRSAEncryption
57:b3:7d:02:d9:5f:52:6c:51:e6:a9:0c:82:1d:6c:64:13:39:
83:89:5a:5e:40:6c:02:d9:47:4e:5f:f7:96:8b:3d:d2:ce:3d:
6a:5c:78:fd:b2:6d:31:5f:f0:3b:4f:c0:b9:b9:de:14:4e:b2:
11:f1:66:4c:f8:05:ba:f0:69:a2:bd:67:f5:cd:e0:ae:11:a8:
54:ad:43:d0:d1:f0:25:81:90:c6:47:7b:c4:2e:50:77:e9:11:
72:47:0a:56:49:ed:e4:79:cb:3c:63:19:68:c6:d1:fe:76:b5:
e2:b2:8d:64:30:e1:88:bc:92:6e:62:f4:c3:03:06:8f:ce:5f:
19:f8:5b:97:fe:5a:11:91:0b:45:14:d3:c3:f8:eb:d0:a5:b1:
fd:d0:fe:34:97:a1:a4:cd:1a:05:41:df:d0:8b:4b:cc:2c:90:
b8:16:35:aa:1e:f5:5f:f7:61:df:cc:58:79:40:4e:cc:9d:6d:
78:32:62:7e:cb:56:7c:84:03:b6:41:11:ac:14:b6:0b:69:3c:
23:8d:a2:27:f3:ed:f1:3b:d0:97:4d:3c:a0:5f:5b:13:9d:6d:
d2:87:42:c3:05:6c:c0:d4:06:7d:d8:15:f3:e1:a4:32:03:e8:
73:a1:99:41:fb:17:44:a1:cd:d2:4f:fd:a2:c3:78:14:46:e5:
e6:54:a5:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSpXQN6u82pfXn6sZeYpfcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTgzOWNjODE1OWZjNWQzZDc1ZGVkZjYyYWFkYjgxYzQw
ZWFiZWQwHhcNMjIxMTI0MTExOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWRmMjE3ZmIzMzY4NmY2OWQ4MjE4MDM0MTg3ZTFiMTY1NWQ5YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK7utoEuet8gKmf20Jftagagk/Xd
p6lCSuhLJbtAd3ax1ooqtc/cwJMtGl1QAcsuDmxPb8bki7RisMy+y/gYr+qRqK09
8hJhQHiQPO3nnYq1Gb65oKi70Wi0qmviLqIXcAm1c6uQwH+JvsDt1CGcz2JKdcgQ
2Pf3CCHgHHB0VQtZF5ew8NoVNOzYuyvvgDWCsr+DTdOCtmdNeEYLH6UzFwx4DMUZ
WnUYmmbJOMoOsLWgQ9OsAk25Hfjv2/lDJEJ1GalPx5nplLuFJr++fN16SN2annvK
Ox/0dXpnpT/askqnuFE7s8aldEN/j1q2ymPdevxjx2bIH5dGObqFxxAySQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXfIX+zNob2nYIYA0GH4bFlXZvtMB8GA1UdIwQY
MBaAFGioOcyBWfxdPXXe32Kq24HEDqvtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtnNXpJRlpfRjA5ZGQ3ZllxcmJnY1FPcS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy83ZjYzMWQtZDBhMS00ZTIzLTk2Zjgt
MWIyYjJmYWYxY2FjLzEvOWQ4aGY3TTJodmFkZ2hnRFFZZmhzV1ZkbS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy83ZjYzMWQtZDBhMS00ZTIzLTk2ZjgtMWIyYjJmYWYxY2Fj
LzEvYUtnNXpJRlpfRjA5ZGQ3ZllxcmJnY1FPcS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyBMA0G
CSqGSIb3DQEBCwUAA4IBAQBXs30C2V9SbFHmqQyCHWxkEzmDiVpeQGwC2UdOX/eW
iz3Szj1qXHj9sm0xX/A7T8C5ud4UTrIR8WZM+AW68GmivWf1zeCuEahUrUPQ0fAl
gZDGR3vELlB36RFyRwpWSe3kecs8YxloxtH+drXiso1kMOGIvJJuYvTDAwaPzl8Z
+FuX/loRkQtFFNPD+OvQpbH90P40l6GkzRoFQd/Qi0vMLJC4FjWqHvVf92HfzFh5
QE7MnW14MmJ+y1Z8hAO2QRGsFLYLaTwjjaIn8+3xO9CXTTygX1sTnW3Sh0LDBWzA
1AZ92BXz4aQyA+hzoZlB+xdEoc3ST/2iw3gURuXmVKUw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:26 2023 by rpki-client on console-fra.rpki-client.org