Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/WoRF41ynvGI4pzrKwa7i5EXBlSU.roa
File: WoRF41ynvGI4pzrKwa7i5EXBlSU.roa (raw, json)
Hash identifier: ibpG0NdZoNOrYjcrM1OODc2kNXkemRGcjPYF/67RLv8=
Subject key identifier: 5A:84:45:E3:5C:A7:BC:62:38:A7:3A:CA:C1:AE:E2:E4:45:C1:95:25
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01845CE024E23AA7E52DC15DC58F2A07E497
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/WoRF41ynvGI4pzrKwa7i5EXBlSU.roa
Signing time: Wed 09 Nov 2022 14:51:43 +0000
ROA not before: Wed 09 Nov 2022 14:51:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 217.25.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:e0:24:e2:3a:a7:e5:2d:c1:5d:c5:8f:2a:07:e4:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Nov 9 14:51:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a8445e35ca7bc6238a73acac1aee2e445c19525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:dd:a6:33:ce:ea:ab:e1:dc:6e:38:80:88:7f:
93:d2:9b:43:df:73:f6:27:df:78:10:b1:66:a9:37:
23:01:c9:82:40:da:d8:00:71:03:7e:cb:e6:4d:14:
ed:59:95:a5:a3:07:27:60:bf:10:d2:a7:44:8b:e5:
11:b0:49:6b:39:ab:ba:47:d2:67:f0:f6:96:ca:d9:
3f:3c:4e:c5:8c:e8:09:1b:0c:90:94:69:56:59:3e:
e5:84:dc:eb:78:f2:78:6c:44:cb:0b:0e:e2:61:bc:
55:23:87:81:ab:ee:ff:32:1e:4b:40:b7:0e:21:2f:
e5:39:2c:2b:27:52:87:f3:fd:bf:07:0a:40:ca:ef:
22:4f:58:90:4f:bd:7e:9f:7a:b5:41:56:1a:be:72:
56:5b:60:fd:ab:7b:e2:d6:3c:b3:aa:7c:d1:e0:a1:
e3:34:e8:22:c1:e0:41:8f:08:3c:b7:53:28:b4:ca:
5a:12:08:12:0d:9e:d9:5c:0c:1d:7d:ab:74:c8:f1:
37:06:c1:b7:ba:bf:10:1e:97:8f:21:38:98:16:0f:
85:db:df:65:6f:bf:17:d7:c0:9f:31:1f:75:f6:0c:
12:c4:df:00:59:46:b4:3d:6f:cf:0f:88:c8:6d:f5:
42:92:0e:d1:6e:25:a7:cd:46:77:df:14:81:f9:ae:
33:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:84:45:E3:5C:A7:BC:62:38:A7:3A:CA:C1:AE:E2:E4:45:C1:95:25
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/WoRF41ynvGI4pzrKwa7i5EXBlSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
24:07:0f:0e:b9:23:d0:54:f7:66:10:a4:fb:eb:f9:23:8c:a4:
f6:8a:bc:93:b2:4c:69:8b:5b:89:7d:74:20:fb:fb:45:a2:1b:
ca:0c:34:37:d0:80:3a:11:ee:4c:76:ec:5d:6f:41:77:38:fd:
05:64:5e:5a:ba:05:c1:04:73:d1:96:1f:13:18:6c:f4:e1:a9:
23:36:e5:4d:a1:ea:43:a6:f5:10:23:bb:cb:f4:94:96:c3:b0:
02:b7:0d:9e:6f:86:36:dd:f0:e7:82:90:40:93:17:09:0b:d3:
0f:72:4e:a9:85:41:46:ae:6c:0a:8d:06:b1:15:82:ba:74:68:
52:47:df:a3:23:d7:02:9e:e4:19:8f:9f:bc:5f:6d:7d:3b:27:
99:2d:11:76:7c:47:29:8d:26:6f:cf:d1:44:b9:40:93:43:cc:
74:83:98:82:90:54:b7:4d:0c:d1:e8:61:e8:b0:e5:97:9e:a7:
e4:96:f5:7b:af:87:cc:e8:51:82:f9:f4:36:c9:20:21:fc:c5:
b9:c1:a0:d2:61:0e:20:c0:07:15:4e:04:d2:44:12:51:a9:58:
92:5f:7b:bf:45:f2:2d:23:05:60:c4:91:78:79:03:15:af:b8:
1f:d1:cf:fa:56:ba:7b:2e:b0:fb:19:1a:16:57:7b:0c:e9:36:
85:03:68:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRc4CTiOqflLcFdxY8qB+SXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIxMTA5MTQ1MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTg0NDVlMzVjYTdiYzYyMzhhNzNhY2FjMWFlZTJlNDQ1YzE5NTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd2mM87qq+HcbjiAiH+T0ptD33P2
J994ELFmqTcjAcmCQNrYAHEDfsvmTRTtWZWlowcnYL8Q0qdEi+URsElrOau6R9Jn
8PaWytk/PE7FjOgJGwyQlGlWWT7lhNzrePJ4bETLCw7iYbxVI4eBq+7/Mh5LQLcO
IS/lOSwrJ1KH8/2/BwpAyu8iT1iQT71+n3q1QVYavnJWW2D9q3vi1jyzqnzR4KHj
NOgiweBBjwg8t1MotMpaEggSDZ7ZXAwdfat0yPE3BsG3ur8QHpePITiYFg+F299l
b78X18CfMR919gwSxN8AWUa0PW/PD4jIbfVCkg7RbiWnzUZ33xSB+a4zUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqEReNcp7xiOKc6ysGu4uRFwZUlMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvV29SRjQxeW52R0k0cHpyS3dhN2k1RVhCbFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkMMA0G
CSqGSIb3DQEBCwUAA4IBAQAkBw8OuSPQVPdmEKT76/kjjKT2iryTskxpi1uJfXQg
+/tFohvKDDQ30IA6Ee5Mduxdb0F3OP0FZF5augXBBHPRlh8TGGz04akjNuVNoepD
pvUQI7vL9JSWw7ACtw2eb4Y23fDngpBAkxcJC9MPck6phUFGrmwKjQaxFYK6dGhS
R9+jI9cCnuQZj5+8X219OyeZLRF2fEcpjSZvz9FEuUCTQ8x0g5iCkFS3TQzR6GHo
sOWXnqfklvV7r4fM6FGC+fQ2ySAh/MW5waDSYQ4gwAcVTgTSRBJRqViSX3u/RfIt
IwVgxJF4eQMVr7gf0c/6Vrp7LrD7GRoWV3sM6TaFA2jb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org