Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/G8rVR5LNs9Mn1mONxn9SHEOW5MU.roa
File: G8rVR5LNs9Mn1mONxn9SHEOW5MU.roa (raw, json)
Hash identifier: ITUUeOAEMkqtOiMEdHGU3m68bHlF4+5z4uq0aQXpaSk=
Subject key identifier: 1B:CA:D5:47:92:CD:B3:D3:27:D6:63:8D:C6:7F:52:1C:43:96:E4:C5
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018461027C20BE30D8F4A47FD205BC9BC1B2
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/G8rVR5LNs9Mn1mONxn9SHEOW5MU.roa
Signing time: Thu 10 Nov 2022 10:07:43 +0000
ROA not before: Thu 10 Nov 2022 10:07:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 217.25.12.0/24 maxlen: 24
217.25.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:02:7c:20:be:30:d8:f4:a4:7f:d2:05:bc:9b:c1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Nov 10 10:07:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bcad54792cdb3d327d6638dc67f521c4396e4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a9:5f:cc:72:c9:12:e6:29:da:ba:f6:3c:d9:
b8:b6:89:99:e0:80:e2:11:28:10:ae:dc:c2:92:1e:
37:ae:35:b0:92:66:7a:bb:83:d1:7b:c9:08:03:d2:
ea:08:17:5b:62:1f:be:29:cd:7f:95:0b:a5:0d:cb:
b8:0a:85:14:b4:91:e7:e9:2d:ed:29:2e:51:49:f5:
46:2c:56:84:6d:05:07:9d:d3:cb:f1:fd:66:69:33:
dc:69:a1:5a:ef:92:66:35:b8:01:ba:38:07:e8:1d:
02:a7:fb:0e:ad:cf:2b:1e:8e:9a:4c:c0:ae:b8:71:
54:d3:fd:99:80:cd:31:09:0d:1e:73:6d:a3:1e:d0:
8d:01:a5:81:fb:ea:d4:2a:67:b3:36:b1:b2:e2:5e:
e0:2e:e8:4e:d7:60:9a:48:a0:24:43:55:d0:47:73:
20:dd:15:ca:48:90:b3:c9:8b:2e:8f:b6:64:f2:93:
1a:ce:8c:b5:c8:31:55:36:73:b8:b3:be:a8:94:6b:
ca:4d:0e:56:da:ba:c9:39:20:01:ec:e1:28:40:76:
15:a6:fe:c7:fd:a8:30:d4:5d:39:d1:51:b9:d7:15:
a4:61:3d:e6:2b:ca:b7:35:d0:27:69:1e:00:96:7e:
bf:e0:2b:bc:42:f0:4d:d2:4f:49:ee:b9:87:41:4f:
dd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CA:D5:47:92:CD:B3:D3:27:D6:63:8D:C6:7F:52:1C:43:96:E4:C5
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/G8rVR5LNs9Mn1mONxn9SHEOW5MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.3.0/24
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d9:27:0a:83:42:da:26:93:d3:f8:a5:6c:24:cb:3e:89:e1:
b6:3e:91:83:12:59:01:d7:59:ce:bb:12:33:df:e0:1c:18:87:
5f:01:cb:ae:8d:71:3b:8c:68:e7:33:cd:50:5b:de:7d:16:82:
ed:23:07:c6:c2:e0:37:d4:90:b1:7d:5b:92:47:05:8a:83:12:
c9:dd:10:1b:db:61:17:87:a2:8b:16:73:f7:7d:c6:aa:c0:c4:
d2:af:00:1b:6c:0f:0f:22:41:76:6c:f9:47:5e:8c:c6:8b:87:
dd:63:b8:99:47:0a:7f:d6:0a:aa:ca:28:38:41:02:3d:c1:d5:
4c:05:5e:b4:21:2d:ef:a6:fc:45:8c:e3:98:b1:ca:b0:01:82:
2c:bc:4d:4a:4b:71:c5:37:f0:0b:e1:e6:8f:b2:d4:8c:34:5f:
11:b0:15:b0:95:a7:80:95:36:54:94:e4:bf:77:49:af:17:1a:
0d:87:14:2c:da:86:d4:9f:3e:f2:34:54:3f:e1:f4:f4:9c:1e:
89:f2:1d:a1:05:f7:5c:40:4f:7e:e1:a5:a4:1c:0c:f6:1d:a6:
eb:03:0d:18:c5:25:4a:f0:4b:36:a6:08:f4:01:99:24:69:74:
7e:ed:d5:bb:fe:00:e6:6e:b6:a8:5f:4e:56:66:11:8d:78:89:
04:23:8a:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRhAnwgvjDY9KR/0gW8m8GyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIxMTEwMTAwNzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmNhZDU0NzkyY2RiM2QzMjdkNjYzOGRjNjdmNTIxYzQzOTZlNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKlfzHLJEuYp2rr2PNm4tomZ4IDi
ESgQrtzCkh43rjWwkmZ6u4PRe8kIA9LqCBdbYh++Kc1/lQulDcu4CoUUtJHn6S3t
KS5RSfVGLFaEbQUHndPL8f1maTPcaaFa75JmNbgBujgH6B0Cp/sOrc8rHo6aTMCu
uHFU0/2ZgM0xCQ0ec22jHtCNAaWB++rUKmezNrGy4l7gLuhO12CaSKAkQ1XQR3Mg
3RXKSJCzyYsuj7Zk8pMazoy1yDFVNnO4s76olGvKTQ5W2rrJOSAB7OEoQHYVpv7H
/agw1F050VG51xWkYT3mK8q3NdAnaR4Aln6/4Cu8QvBN0k9J7rmHQU/dlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBvK1UeSzbPTJ9ZjjcZ/UhxDluTFMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvRzhyVlI1TE5zOU1uMW1PTnhuOVNIRU9XNU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2RkDAwQA
2RkMMA0GCSqGSIb3DQEBCwUAA4IBAQBY2ScKg0LaJpPT+KVsJMs+ieG2PpGDElkB
11nOuxIz3+AcGIdfAcuujXE7jGjnM81QW959FoLtIwfGwuA31JCxfVuSRwWKgxLJ
3RAb22EXh6KLFnP3fcaqwMTSrwAbbA8PIkF2bPlHXozGi4fdY7iZRwp/1gqqyig4
QQI9wdVMBV60IS3vpvxFjOOYscqwAYIsvE1KS3HFN/AL4eaPstSMNF8RsBWwlaeA
lTZUlOS/d0mvFxoNhxQs2obUnz7yNFQ/4fT0nB6J8h2hBfdcQE9+4aWkHAz2Habr
Aw0YxSVK8Es2pgj0AZkkaXR+7dW7/gDmbraoX05WZhGNeIkEI4r1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org