Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/k3_gm8IZFBvOxpV8WVek72g9R5Q.roa
File: k3_gm8IZFBvOxpV8WVek72g9R5Q.roa (raw, json)
Hash identifier: 97oAF+PF8NWAsZYIUIDAV/59dPlUgc3Hr9NO0TLTeec=
Subject key identifier: 93:7F:E0:9B:C2:19:14:1B:CE:C6:95:7C:59:57:A4:EF:68:3D:47:94
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01833B1E9FFC6E86FA2A2F493757003124CD
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/k3_gm8IZFBvOxpV8WVek72g9R5Q.roa
Signing time: Wed 14 Sep 2022 08:30:06 +0000
ROA not before: Wed 14 Sep 2022 08:30:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 217.25.12.0/24 maxlen: 24
217.25.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3b:1e:9f:fc:6e:86:fa:2a:2f:49:37:57:00:31:24:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Sep 14 08:30:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=937fe09bc219141bcec6957c5957a4ef683d4794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a7:92:92:35:18:2b:ff:44:83:ff:cf:06:d3:
d7:99:df:a6:72:19:12:b6:b9:6b:2c:77:fd:d0:d7:
dd:29:b5:51:c0:28:05:b2:f7:4f:4d:03:7a:df:ba:
34:82:37:99:7d:0a:ea:26:ab:3c:06:6c:f9:a6:fc:
68:bd:4b:a8:5a:fe:e5:40:a3:d8:6f:7e:d5:f8:b4:
06:74:ce:7d:8a:31:95:4d:22:a5:c6:1c:ed:ae:d8:
12:01:09:dc:35:3d:59:f5:8b:fe:50:0b:49:29:b8:
af:f3:8f:bf:01:0b:07:3c:15:dc:17:2b:28:c0:49:
e6:fa:41:df:79:d3:ff:46:59:96:bc:10:ce:28:ed:
d3:fa:2e:a5:29:d7:e6:20:41:9e:6d:0c:0c:dc:4e:
b7:8e:6c:47:13:f6:f3:c7:76:1c:f9:5a:3a:ef:c1:
9b:21:1a:d8:bd:cf:f1:3f:a8:84:64:f0:0a:93:4a:
90:97:4a:c0:32:09:dc:bb:d3:da:4e:79:4e:e3:7e:
ad:36:af:73:40:67:59:40:a2:8e:78:85:35:2b:0b:
e7:cc:02:d5:4e:1d:fb:ee:37:af:c5:c8:61:f2:eb:
a0:1d:53:c4:e5:74:70:1e:3f:d0:1f:ab:cb:1b:b5:
86:5c:79:84:cd:48:3f:47:f1:e9:50:09:58:10:09:
75:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7F:E0:9B:C2:19:14:1B:CE:C6:95:7C:59:57:A4:EF:68:3D:47:94
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/k3_gm8IZFBvOxpV8WVek72g9R5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.3.0/24
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
44:29:10:75:a2:06:a3:cb:91:7b:0b:dc:70:98:b3:55:13:a7:
14:05:aa:c8:49:61:fb:56:00:96:d1:1b:c2:3f:ef:69:f4:6a:
a9:5d:cd:1b:08:e4:02:a1:c7:fc:b9:85:55:33:e7:b4:6b:d7:
c3:ba:d6:cb:3f:2e:55:0a:98:86:ba:1b:6d:da:cb:ec:7c:f2:
d6:f7:51:ca:35:0e:c1:20:b9:23:c9:ce:18:c8:46:5b:3c:9b:
3a:4b:70:20:86:39:1e:38:04:0c:45:57:2b:ca:36:d0:14:3f:
a1:bc:0b:a6:7d:c4:83:7f:3d:8e:07:d3:e9:1c:62:22:09:da:
e8:56:46:46:04:d7:eb:bb:fe:4c:d8:bc:bc:d6:5a:16:6a:04:
a6:d7:43:e0:33:a3:55:3d:68:d9:87:9d:9a:9a:91:91:73:c6:
5f:81:37:69:b9:5b:b6:16:1e:79:6f:c7:52:58:e5:93:d4:29:
ab:30:c9:8b:3b:0a:c3:1b:b9:cf:47:14:79:ae:1a:61:30:ad:
19:3c:d7:1e:21:23:69:0f:8c:4c:ef:79:19:2f:f3:66:a5:7d:
a5:08:46:cf:86:ca:61:db:24:16:cc:a3:93:62:a5:b7:47:2c:
9a:f5:b1:75:88:2d:80:14:4a:6b:1c:55:e0:f4:68:02:c5:ed:
22:f5:f7:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM7Hp/8bob6Ki9JN1cAMSTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwOTE0MDgzMDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzdmZTA5YmMyMTkxNDFiY2VjNjk1N2M1OTU3YTRlZjY4M2Q0Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaeSkjUYK/9Eg//PBtPXmd+mchkS
trlrLHf90NfdKbVRwCgFsvdPTQN637o0gjeZfQrqJqs8Bmz5pvxovUuoWv7lQKPY
b37V+LQGdM59ijGVTSKlxhztrtgSAQncNT1Z9Yv+UAtJKbiv84+/AQsHPBXcFyso
wEnm+kHfedP/RlmWvBDOKO3T+i6lKdfmIEGebQwM3E63jmxHE/bzx3Yc+Vo678Gb
IRrYvc/xP6iEZPAKk0qQl0rAMgncu9PaTnlO436tNq9zQGdZQKKOeIU1KwvnzALV
Th377jevxchh8uugHVPE5XRwHj/QH6vLG7WGXHmEzUg/R/HpUAlYEAl1+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJN/4JvCGRQbzsaVfFlXpO9oPUeUMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvazNfZ204SVpGQnZPeHBWOFdWZWs3Mmc5UjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2RkDAwQA
2RkMMA0GCSqGSIb3DQEBCwUAA4IBAQBEKRB1ogajy5F7C9xwmLNVE6cUBarISWH7
VgCW0RvCP+9p9GqpXc0bCOQCocf8uYVVM+e0a9fDutbLPy5VCpiGuhtt2svsfPLW
91HKNQ7BILkjyc4YyEZbPJs6S3AghjkeOAQMRVcryjbQFD+hvAumfcSDfz2OB9Pp
HGIiCdroVkZGBNfru/5M2Ly81loWagSm10PgM6NVPWjZh52ampGRc8ZfgTdpuVu2
Fh55b8dSWOWT1CmrMMmLOwrDG7nPRxR5rhphMK0ZPNceISNpD4xM73kZL/NmpX2l
CEbPhsph2yQWzKOTYqW3Ryya9bF1iC2AFEprHFXg9GgCxe0i9ff2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org