Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/RFALjyRXCF6SDdYUiEQw_MxY7wo.roa
File: RFALjyRXCF6SDdYUiEQw_MxY7wo.roa (raw, json)
Hash identifier: ROk6jqSy1k6ifF+8TcWzyXAEGFOuHZ7+yFNjYQLfozI=
Subject key identifier: 44:50:0B:8F:24:57:08:5E:92:0D:D6:14:88:44:30:FC:CC:58:EF:0A
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 03002321
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/RFALjyRXCF6SDdYUiEQw_MxY7wo.roa
Signing time: Fri 22 Apr 2022 23:26:34 +0000
ROA not before: Fri 22 Apr 2022 23:26:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20915
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.25.0/24 maxlen: 24
87.254.0.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.0.0/19 maxlen: 19
87.254.3.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
87.254.12.0/24 maxlen: 24
87.254.13.0/24 maxlen: 24
217.25.0.0/20 maxlen: 20
87.254.19.0/24 maxlen: 24
2a00:eac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50340641 (0x3002321)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Apr 22 23:26:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44500b8f2457085e920dd614884430fccc58ef0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b2:df:2a:c9:9b:00:3c:56:5e:20:c7:79:04:
01:01:7d:29:fe:d9:71:7d:f9:6e:33:b5:87:cb:22:
ca:d9:89:9a:cd:67:62:15:3b:5a:b0:ca:85:26:57:
1d:3b:84:86:af:61:e6:b9:a2:74:24:2e:d0:32:2a:
7d:06:2a:3d:53:e8:1d:4f:1e:5e:60:66:d7:da:01:
ea:c8:b2:87:11:ca:4f:ab:94:b4:fb:ae:e4:af:f8:
3c:9a:c6:fb:0c:ef:1a:b2:d2:cf:0a:f6:93:2b:59:
76:7f:03:78:bd:e7:ea:27:d6:7c:2b:e3:35:25:2f:
49:d3:58:a9:49:a3:83:0b:9c:29:10:d0:fc:cc:b2:
c1:d8:c0:72:f5:4f:dc:e7:00:26:0c:f2:7d:54:18:
88:02:30:84:21:90:33:1a:bd:6d:29:65:41:54:fe:
bc:72:24:4b:93:1c:de:32:db:a8:a0:33:98:af:06:
42:4e:57:bf:96:5b:11:c1:3f:f5:88:e4:4f:39:ea:
67:d1:d2:85:7a:05:a6:64:b4:71:6a:2f:c5:e1:a0:
e9:82:68:fd:79:57:c2:2c:19:4e:ed:ae:57:cb:1d:
a0:06:38:3c:d3:e9:88:c2:2d:70:5d:45:bc:4f:d1:
2d:2b:fc:89:16:ec:bc:77:a0:17:0d:a0:4d:fc:c4:
85:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:50:0B:8F:24:57:08:5E:92:0D:D6:14:88:44:30:FC:CC:58:EF:0A
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/RFALjyRXCF6SDdYUiEQw_MxY7wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/19
217.25.0.0/20
IPv6:
2a00:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:98:42:e2:a9:26:ee:05:91:ba:32:47:1d:bf:c0:a2:ab:7d:
b2:d1:49:ae:eb:47:d6:e4:00:34:8f:33:06:de:de:c3:63:d5:
00:fb:03:95:c0:65:c9:a9:49:bd:b6:b5:cd:2c:17:31:63:27:
9c:85:f7:b0:2d:0b:90:7a:f9:fd:e0:b7:31:91:fa:45:1a:8b:
b3:5f:f3:b5:3c:d4:00:5b:65:21:50:81:83:c3:d1:d4:67:45:
40:9b:6d:4b:58:70:46:3c:33:44:7f:a8:6f:03:15:9c:f4:69:
6a:41:5e:9f:8a:1d:9e:c2:78:fc:69:96:e8:84:ca:b8:42:36:
a7:8b:0e:e5:47:ff:6d:7e:02:6d:ff:8f:93:99:f9:67:6d:da:
12:6a:d3:c8:f9:cf:28:a7:1e:00:0e:07:ca:ed:eb:64:21:1f:
17:83:3e:2e:1e:ec:76:a6:7b:06:19:df:92:1c:9b:bb:11:fb:
74:96:ca:30:62:59:d3:c5:b9:4b:60:8c:0b:0a:30:56:c2:b2:
12:65:6e:c0:28:49:04:e6:65:db:f3:d6:07:94:56:02:9d:93:
c6:72:f7:b1:0a:b3:a1:58:b4:bc:8d:1b:5e:68:77:80:af:30:
7c:04:33:77:17:a0:14:de:23:d6:9d:d5:92:43:95:e1:1d:ea:
f0:71:ad:12
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAwAjITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZmY4MGNiZGZlMTgzNTRhM2NmZGJhMmZlMDc5YWEyZWJjNThkY2Q0MB4XDTIyMDQy
MjIzMjYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ1MDBiOGYyNDU3
MDg1ZTkyMGRkNjE0ODg0NDMwZmNjYzU4ZWYwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCy3yrJmwA8Vl4gx3kEAQF9Kf7ZcX35bjO1h8siytmJms1n
YhU7WrDKhSZXHTuEhq9h5rmidCQu0DIqfQYqPVPoHU8eXmBm19oB6siyhxHKT6uU
tPuu5K/4PJrG+wzvGrLSzwr2kytZdn8DeL3n6ifWfCvjNSUvSdNYqUmjgwucKRDQ
/MyywdjAcvVP3OcAJgzyfVQYiAIwhCGQMxq9bSllQVT+vHIkS5Mc3jLbqKAzmK8G
Qk5Xv5ZbEcE/9YjkTznqZ9HShXoFpmS0cWovxeGg6YJo/XlXwiwZTu2uV8sdoAY4
PNPpiMItcF1FvE/RLSv8iRbsvHegFw2gTfzEhW0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBREUAuPJFcIXpIN1hSIRDD8zFjvCjAfBgNVHSMEGDAWgBQP+Ay9/hg1Sjz9
ui/geaouvFjc1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RfZ012ZjRZTlVvOF9ib3Y0SG1xTHJ4WTNOUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvMTI5NTY0LWYxZGItNGRjNS04OTA2LTZmY2RjZDVhYjY2MC8x
L1JGQUxqeVJYQ0Y2U0RkWVVpRVF3X014WTd3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
MTI5NTY0LWYxZGItNGRjNS04OTA2LTZmY2RjZDVhYjY2MC8xL0RfZ012ZjRZTlVv
OF9ib3Y0SG1xTHJ4WTNOUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBVf+AAMEBNkZADANBAIAAjAHAwUA
KgDqwDANBgkqhkiG9w0BAQsFAAOCAQEAiphC4qkm7gWRujJHHb/Aoqt9stFJrutH
1uQANI8zBt7ew2PVAPsDlcBlyalJvba1zSwXMWMnnIX3sC0LkHr5/eC3MZH6RRqL
s1/ztTzUAFtlIVCBg8PR1GdFQJttS1hwRjwzRH+obwMVnPRpakFen4odnsJ4/GmW
6ITKuEI2p4sO5Uf/bX4Cbf+Pk5n5Z23aEmrTyPnPKKceAA4Hyu3rZCEfF4M+Lh7s
dqZ7BhnfkhybuxH7dJbKMGJZ08W5S2CMCwowVsKyEmVuwChJBOZl2/PWB5RWAp2T
xnL3sQqzoVi0vI0bXmh3gK8wfAQzdxegFN4j1p3VkkOV4R3q8HGtEg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org