Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/ALJ3AGvn9yZGSp2bLpza39OLPSE.roa
File: ALJ3AGvn9yZGSp2bLpza39OLPSE.roa (raw, json)
Hash identifier: RWL8RBSZZVX76hZQnZriV0doO9cn/oX29yq/AbgiAxg=
Subject key identifier: 00:B2:77:00:6B:E7:F7:26:46:4A:9D:9B:2E:9C:DA:DF:D3:8B:3D:21
Certificate issuer: /CN=af3038a717b154e1cfa47116832da26f28b2a304
Certificate serial: 01856F9E02501C524FE7B61DC580E3F0955B
Authority key identifier: AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/ALJ3AGvn9yZGSp2bLpza39OLPSE.roa
Signing time: Sun 01 Jan 2023 23:15:04 +0000
ROA not before: Sun 01 Jan 2023 23:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49214
IP address blocks: 217.22.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9e:02:50:1c:52:4f:e7:b6:1d:c5:80:e3:f0:95:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af3038a717b154e1cfa47116832da26f28b2a304
Validity
Not Before: Jan 1 23:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00b277006be7f726464a9d9b2e9cdadfd38b3d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:59:5c:9b:87:6f:e1:7a:30:fe:b2:48:cc:0f:
8e:3f:19:e6:8d:4b:b8:f0:dc:df:e7:2f:ae:43:cf:
20:f4:0f:06:fc:6d:d3:55:c0:3b:68:a4:d2:ba:51:
db:87:63:c8:82:62:e9:f4:07:a0:3f:d7:39:af:79:
33:0b:0e:77:dc:b8:b9:f2:e2:42:27:10:a6:31:74:
9d:7e:2b:2a:08:96:42:b4:3b:d1:64:2e:50:f1:2c:
1c:5d:c4:36:2b:3d:00:cb:3b:7d:a9:1a:23:00:6a:
3e:d5:fb:4a:15:c4:e6:2d:1b:68:40:61:0a:b0:e9:
59:ee:b4:61:34:40:6c:e3:5f:99:7c:4d:0c:a0:29:
f4:7a:41:9a:f2:01:3c:7c:b3:90:0b:43:c4:2d:c2:
7f:15:6b:05:d4:f8:d8:9a:4d:30:30:d6:89:98:ea:
0f:23:2f:23:e8:a8:ca:7f:d5:a7:6e:4e:4a:c5:f9:
b9:38:c1:8e:be:7e:81:fc:cc:25:93:06:4a:0a:96:
d9:3c:ce:d7:46:da:77:53:bb:dc:0d:d1:57:49:31:
39:3b:bf:ca:f0:a9:34:60:97:95:56:c1:8c:17:80:
5d:90:16:a7:4c:fe:fd:9f:84:2e:e2:e1:ce:17:52:
1d:59:e9:35:d0:e2:6d:d5:01:52:dc:a5:16:e3:58:
96:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B2:77:00:6B:E7:F7:26:46:4A:9D:9B:2E:9C:DA:DF:D3:8B:3D:21
X509v3 Authority Key Identifier:
keyid:AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/ALJ3AGvn9yZGSp2bLpza39OLPSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.22.32.0/20
Signature Algorithm: sha256WithRSAEncryption
69:bc:7b:6f:48:a1:1a:76:a6:81:9c:56:59:af:02:c4:02:41:
77:5b:0c:1b:95:25:aa:53:a1:ef:45:86:84:a8:ca:95:c9:95:
00:42:f8:f9:f1:3a:0d:aa:0c:56:32:00:54:52:f3:de:0a:c1:
91:42:ed:2c:18:95:2e:1a:2b:a6:44:27:91:06:d6:3b:8b:dc:
9a:34:1b:7a:88:ef:e1:c1:cf:15:cc:ff:c2:46:34:f6:3c:2a:
fc:3a:ae:26:62:b1:53:04:b1:08:fd:c3:49:7a:33:41:b0:e5:
21:08:f8:1a:af:7b:91:37:a5:23:22:ac:d5:f4:e8:4e:5b:a4:
5e:88:e4:34:96:32:28:a3:81:21:71:89:5f:f1:44:96:47:5c:
c3:db:29:5d:d8:52:cb:51:d0:33:8d:66:26:33:f3:fa:cd:0e:
11:66:da:98:36:a5:29:b8:0e:4c:fc:7d:dd:a4:71:71:4e:a2:
57:ae:d4:60:4e:2d:24:20:38:c0:e0:16:ce:24:bf:8f:36:09:
8b:ef:e7:ab:fd:bf:6e:97:26:04:70:b4:b7:1e:17:86:1d:4d:
a7:54:b5:df:8e:22:05:83:24:1b:e8:ac:b5:35:4f:da:bf:08:
7d:5c:08:31:7e:53:6b:e8:e3:b2:9b:c9:f6:8f:f0:49:4b:46:
e5:08:05:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvngJQHFJP57YdxYDj8JVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzAzOGE3MTdiMTU0ZTFjZmE0NzExNjgzMmRhMjZmMjhi
MmEzMDQwHhcNMjMwMTAxMjMxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGIyNzcwMDZiZTdmNzI2NDY0YTlkOWIyZTljZGFkZmQzOGIzZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Vlcm4dv4Xow/rJIzA+OPxnmjUu4
8Nzf5y+uQ88g9A8G/G3TVcA7aKTSulHbh2PIgmLp9AegP9c5r3kzCw533Li58uJC
JxCmMXSdfisqCJZCtDvRZC5Q8SwcXcQ2Kz0Ayzt9qRojAGo+1ftKFcTmLRtoQGEK
sOlZ7rRhNEBs41+ZfE0MoCn0ekGa8gE8fLOQC0PELcJ/FWsF1PjYmk0wMNaJmOoP
Iy8j6KjKf9Wnbk5Kxfm5OMGOvn6B/MwlkwZKCpbZPM7XRtp3U7vcDdFXSTE5O7/K
8Kk0YJeVVsGMF4BdkBanTP79n4Qu4uHOF1IdWek10OJt1QFS3KUW41iWPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACydwBr5/cmRkqdmy6c2t/Tiz0hMB8GA1UdIwQY
MBaAFK8wOKcXsVThz6RxFoMtom8osqMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82Y2ZiNzgtNjNiYy00ODIwLWI5MDMt
ODYwYzQ5ZDBlYjZhLzEvQUxKM0FHdm45eVpHU3AyYkxwemEzOU9MUFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82Y2ZiNzgtNjNiYy00ODIwLWI5MDMtODYwYzQ5ZDBlYjZh
LzEvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RYgMA0G
CSqGSIb3DQEBCwUAA4IBAQBpvHtvSKEadqaBnFZZrwLEAkF3WwwblSWqU6HvRYaE
qMqVyZUAQvj58ToNqgxWMgBUUvPeCsGRQu0sGJUuGiumRCeRBtY7i9yaNBt6iO/h
wc8VzP/CRjT2PCr8Oq4mYrFTBLEI/cNJejNBsOUhCPgar3uRN6UjIqzV9OhOW6Re
iOQ0ljIoo4EhcYlf8USWR1zD2yld2FLLUdAzjWYmM/P6zQ4RZtqYNqUpuA5M/H3d
pHFxTqJXrtRgTi0kIDjA4BbOJL+PNgmL7+er/b9ulyYEcLS3HheGHU2nVLXfjiIF
gyQb6Ky1NU/avwh9XAgxflNr6OOym8n2j/BJS0blCAW6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:13 2025 by rpki-client