Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/aGq9KmZ6LLH9JjhmgYOnOb9tQa0.roa
File: aGq9KmZ6LLH9JjhmgYOnOb9tQa0.roa (raw, json)
Hash identifier: mzx/I+upO8MHMuTtMDsP9ar0tPuXdsaJrb5LoSAE0dI=
Subject key identifier: 68:6A:BD:2A:66:7A:2C:B1:FD:26:38:66:81:83:A7:39:BF:6D:41:AD
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01847588FF77C29E27C1DC9950EE99C1ACFF
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/aGq9KmZ6LLH9JjhmgYOnOb9tQa0.roa
Signing time: Mon 14 Nov 2022 09:47:03 +0000
ROA not before: Mon 14 Nov 2022 09:47:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211415
IP address blocks: 217.25.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:88:ff:77:c2:9e:27:c1:dc:99:50:ee:99:c1:ac:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Nov 14 09:47:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=686abd2a667a2cb1fd2638668183a739bf6d41ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1c:72:2e:6f:ca:e2:2d:49:bf:b6:ca:84:6b:
3e:5a:8a:b7:31:a1:f4:04:ff:39:fc:b5:89:6a:92:
de:6b:d8:cd:10:67:60:5b:7b:42:54:88:44:31:bd:
73:10:65:c3:07:b1:ca:d8:7d:ff:65:1b:fe:cb:e0:
56:01:56:88:cc:75:46:9d:90:56:fb:79:63:de:7f:
ab:ba:aa:54:2d:a9:6e:94:74:b8:a1:9d:e3:c6:72:
6c:57:71:e0:e8:41:c3:6d:d1:10:df:f8:56:e0:ec:
33:04:9a:28:04:57:86:7b:29:08:5d:92:6e:56:4c:
71:f4:f7:07:55:b3:43:f3:fe:57:22:9c:02:f1:9b:
1e:15:de:de:1a:51:e8:66:6e:bf:cf:08:76:d5:d5:
61:6c:e6:ee:a0:99:a8:86:be:4e:4e:47:a4:13:49:
4a:4d:cd:cc:a5:68:1f:d3:6b:5c:00:e0:46:bf:f0:
f1:c7:a2:0e:34:f0:e2:21:1c:47:61:f4:13:1e:6e:
e0:98:30:e6:e6:43:50:aa:b1:2b:35:7e:21:55:d0:
5d:e7:1b:1a:19:3c:65:5e:99:56:ce:ca:6f:57:53:
18:14:5d:08:b0:c3:f8:31:d1:30:7b:41:ae:33:2d:
6e:13:0b:b2:01:0d:f0:da:4f:d6:60:de:b8:9e:2e:
77:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6A:BD:2A:66:7A:2C:B1:FD:26:38:66:81:83:A7:39:BF:6D:41:AD
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/aGq9KmZ6LLH9JjhmgYOnOb9tQa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.3.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:6b:79:d4:c1:10:66:76:5e:05:55:d0:f0:63:7b:c5:91:06:
ce:cd:e8:d5:57:8d:1f:b0:c6:08:fe:1b:25:d9:db:58:26:30:
35:7c:0a:22:84:45:63:df:87:0a:4d:55:5f:4c:ce:4a:3d:e8:
b9:fe:83:a2:8a:88:5f:0d:8b:08:c0:61:3c:8b:15:b5:fb:2e:
bf:4f:ab:d1:60:77:3c:08:63:16:e2:5e:89:d1:e9:fe:3d:41:
5c:fc:7d:1b:6c:15:f6:ee:51:e7:30:49:42:c3:91:b6:a9:c9:
0f:a8:f3:27:41:38:b4:b3:fd:42:bb:21:36:7e:39:b4:35:b8:
e5:c1:e0:ed:06:a3:df:b8:66:08:ef:49:8f:05:12:93:c5:3d:
5d:98:cb:fa:91:47:6a:5f:82:48:05:4b:92:e5:f6:99:b1:b3:
f9:d3:92:02:97:cc:d7:12:50:69:f0:22:2a:c6:6b:24:10:0c:
97:ce:d4:9b:9e:d7:6c:2a:f5:41:ac:48:25:1c:7e:00:57:c8:
b0:0b:32:ef:d9:73:eb:db:f1:5a:e9:68:f9:0e:35:e7:c5:e0:
e3:b0:db:d6:df:38:2f:f8:ee:b0:67:4c:1c:48:3f:1f:d7:c2:
f4:d7:b5:74:48:77:a8:a4:25:3d:cd:66:81:37:0b:b2:3d:2e:
6f:48:72:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR1iP93wp4nwdyZUO6Zwaz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIxMTE0MDk0NzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZhYmQyYTY2N2EyY2IxZmQyNjM4NjY4MTgzYTczOWJmNmQ0MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRxyLm/K4i1Jv7bKhGs+Woq3MaH0
BP85/LWJapLea9jNEGdgW3tCVIhEMb1zEGXDB7HK2H3/ZRv+y+BWAVaIzHVGnZBW
+3lj3n+ruqpULalulHS4oZ3jxnJsV3Hg6EHDbdEQ3/hW4OwzBJooBFeGeykIXZJu
Vkxx9PcHVbND8/5XIpwC8ZseFd7eGlHoZm6/zwh21dVhbObuoJmohr5OTkekE0lK
Tc3MpWgf02tcAOBGv/Dxx6IONPDiIRxHYfQTHm7gmDDm5kNQqrErNX4hVdBd5xsa
GTxlXplWzspvV1MYFF0IsMP4MdEwe0GuMy1uEwuyAQ3w2k/WYN64ni53uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhqvSpmeiyx/SY4ZoGDpzm/bUGtMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvYUdxOUttWjZMTEg5SmpobWdZT25PYjl0UWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkDMA0G
CSqGSIb3DQEBCwUAA4IBAQA7a3nUwRBmdl4FVdDwY3vFkQbOzejVV40fsMYI/hsl
2dtYJjA1fAoihEVj34cKTVVfTM5KPei5/oOiiohfDYsIwGE8ixW1+y6/T6vRYHc8
CGMW4l6J0en+PUFc/H0bbBX27lHnMElCw5G2qckPqPMnQTi0s/1CuyE2fjm0Nbjl
weDtBqPfuGYI70mPBRKTxT1dmMv6kUdqX4JIBUuS5faZsbP505ICl8zXElBp8CIq
xmskEAyXztSbntdsKvVBrEglHH4AV8iwCzLv2XPr2/Fa6Wj5DjXnxeDjsNvW3zgv
+O6wZ0wcSD8f18L017V0SHeopCU9zWaBNwuyPS5vSHLI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org