Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hjy9FhSDb2yqfxdU8Jil4qWUV3k.roa
File: hjy9FhSDb2yqfxdU8Jil4qWUV3k.roa (raw, json)
Hash identifier: Ya+ZdSvh3Z/zb7w9W/q62/XfjN3PTz4yJI0ngITji+0=
Subject key identifier: 86:3C:BD:16:14:83:6F:6C:AA:7F:17:54:F0:98:A5:E2:A5:94:57:79
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0338DEF0
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hjy9FhSDb2yqfxdU8Jil4qWUV3k.roa
Signing time: Fri 13 May 2022 14:55:40 +0000
ROA not before: Fri 13 May 2022 14:55:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20915
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.25.0/24 maxlen: 24
87.254.0.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
87.254.0.0/19 maxlen: 19
87.254.10.0/24 maxlen: 24
87.254.11.0/24 maxlen: 24
87.254.12.0/24 maxlen: 24
87.254.13.0/24 maxlen: 24
217.25.0.0/20 maxlen: 20
87.254.19.0/24 maxlen: 24
2a00:eac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54058736 (0x338def0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: May 13 14:55:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=863cbd1614836f6caa7f1754f098a5e2a5945779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c6:ab:a9:7e:59:df:7b:4c:07:12:6f:fa:9e:
99:ca:d7:cf:27:82:1e:fa:9f:06:1a:9e:db:95:c2:
3f:b5:93:e8:65:82:99:64:08:9f:e4:5d:80:12:04:
e5:57:f6:0f:a7:48:af:14:3c:b7:19:b3:8f:08:db:
79:bf:75:26:13:7f:8e:59:e6:a0:20:ed:b2:70:33:
3f:3b:84:f7:2c:e5:7a:69:f5:05:18:49:0d:ae:a7:
bc:ec:78:7e:f6:46:cb:56:67:54:3a:a3:43:d2:ca:
d5:7b:66:7c:83:42:08:69:4e:f5:98:4a:e1:fe:3d:
80:bf:ef:4c:a5:81:63:37:67:c0:c9:e7:ba:20:d1:
e1:60:33:c0:6b:9a:66:b6:69:9d:ae:f2:8c:04:ed:
9d:5c:de:7d:2f:d0:26:8b:3a:47:ac:3a:11:7c:e0:
5c:d8:5a:df:c6:5a:d7:6d:ee:3c:89:3e:b9:e8:a4:
dc:5f:46:e6:bc:32:92:be:19:3c:82:b2:79:0a:31:
40:22:01:81:b4:5a:f9:ed:0f:bc:e2:8f:f4:1c:34:
8d:48:5c:1d:46:c9:cd:47:0d:ff:7a:fa:df:9e:61:
d3:e9:02:9a:d7:f2:ac:06:62:5e:20:bd:24:28:09:
b4:3a:c6:e0:d2:62:b2:92:5d:63:a1:68:b9:78:21:
ed:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3C:BD:16:14:83:6F:6C:AA:7F:17:54:F0:98:A5:E2:A5:94:57:79
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/hjy9FhSDb2yqfxdU8Jil4qWUV3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/19
217.25.0.0/20
IPv6:
2a00:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
1e:f1:8a:bf:33:d3:c8:0a:d5:e6:04:6f:d4:a2:9a:8e:54:d1:
53:f0:e2:f5:22:46:d4:c7:34:ba:b9:0c:37:72:3b:ad:b0:52:
c7:eb:a2:c5:cd:4e:05:92:91:f0:a8:4d:0c:6c:4e:67:60:23:
fe:96:63:e7:3b:4c:e9:31:81:6e:a6:d7:ff:21:f7:d1:cc:0d:
fd:ae:13:96:f9:9a:98:6c:a8:37:c5:c8:a2:22:9d:42:8b:7f:
65:fd:5b:f3:c8:04:15:b9:ee:07:3a:d0:81:bf:db:68:ed:74:
a1:4e:1a:c0:31:e9:ae:5e:64:98:b4:b5:ea:eb:61:9d:10:76:
a8:17:88:55:89:ae:81:80:d6:af:bc:bc:9c:ce:ff:ae:ac:2c:
70:b6:c2:8e:13:cf:af:6f:c4:36:d3:d7:7c:27:68:11:7a:0c:
38:3a:4d:a2:a2:6e:a2:38:a5:a4:40:b9:fa:8e:c7:d6:02:4b:
17:f2:ae:b7:5d:ff:bd:32:8c:15:1a:0d:4a:65:c1:ee:03:49:
6c:66:a4:4d:eb:98:6f:70:d3:51:2f:7d:df:42:63:90:65:7c:
85:af:b1:12:f6:02:6f:6f:8c:c6:1f:92:0c:39:e5:59:3e:32:
3c:98:0a:c0:98:3e:47:81:ea:77:d4:54:54:8a:e8:dd:b9:26:
f8:79:10:00
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAzje8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZmY4MGNiZGZlMTgzNTRhM2NmZGJhMmZlMDc5YWEyZWJjNThkY2Q0MB4XDTIyMDUx
MzE0NTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODYzY2JkMTYxNDgz
NmY2Y2FhN2YxNzU0ZjA5OGE1ZTJhNTk0NTc3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjGq6l+Wd97TAcSb/qemcrXzyeCHvqfBhqe25XCP7WT6GWC
mWQIn+RdgBIE5Vf2D6dIrxQ8txmzjwjbeb91JhN/jlnmoCDtsnAzPzuE9yzlemn1
BRhJDa6nvOx4fvZGy1ZnVDqjQ9LK1XtmfINCCGlO9ZhK4f49gL/vTKWBYzdnwMnn
uiDR4WAzwGuaZrZpna7yjATtnVzefS/QJos6R6w6EXzgXNha38Za123uPIk+ueik
3F9G5rwykr4ZPIKyeQoxQCIBgbRa+e0PvOKP9Bw0jUhcHUbJzUcN/3r6355h0+kC
mtfyrAZiXiC9JCgJtDrG4NJispJdY6FouXgh7QUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSGPL0WFINvbKp/F1TwmKXipZRXeTAfBgNVHSMEGDAWgBQP+Ay9/hg1Sjz9
ui/geaouvFjc1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RfZ012ZjRZTlVvOF9ib3Y0SG1xTHJ4WTNOUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvMTI5NTY0LWYxZGItNGRjNS04OTA2LTZmY2RjZDVhYjY2MC8x
L2hqeTlGaFNEYjJ5cWZ4ZFU4SmlsNHFXVVYzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
MTI5NTY0LWYxZGItNGRjNS04OTA2LTZmY2RjZDVhYjY2MC8xL0RfZ012ZjRZTlVv
OF9ib3Y0SG1xTHJ4WTNOUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBVf+AAMEBNkZADANBAIAAjAHAwUA
KgDqwDANBgkqhkiG9w0BAQsFAAOCAQEAHvGKvzPTyArV5gRv1KKajlTRU/Di9SJG
1Mc0urkMN3I7rbBSx+uixc1OBZKR8KhNDGxOZ2Aj/pZj5ztM6TGBbqbX/yH30cwN
/a4TlvmamGyoN8XIoiKdQot/Zf1b88gEFbnuBzrQgb/baO10oU4awDHprl5kmLS1
6uthnRB2qBeIVYmugYDWr7y8nM7/rqwscLbCjhPPr2/ENtPXfCdoEXoMODpNoqJu
ojilpEC5+o7H1gJLF/Kut13/vTKMFRoNSmXB7gNJbGakTeuYb3DTUS9930JjkGV8
ha+xEvYCb2+Mxh+SDDnlWT4yPJgKwJg+R4Hqd9RUVIro3bkm+HkQAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:04 2024 by rpki-client on console-fra.rpki-client.org