Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/mDXWcR0Zv73hxRI_oYycZxiycPA.roa
File: mDXWcR0Zv73hxRI_oYycZxiycPA.roa (raw, json)
Hash identifier: qDJisDyJIqOZpqkSHpm5wXQUBqzMf6hW9Z7AurI4wmg=
Subject key identifier: 98:35:D6:71:1D:19:BF:BD:E1:C5:12:3F:A1:8C:9C:67:18:B2:70:F0
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01845CE0257112C137329240EA84547F9ECB
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/mDXWcR0Zv73hxRI_oYycZxiycPA.roa
Signing time: Wed 09 Nov 2022 14:51:44 +0000
ROA not before: Wed 09 Nov 2022 14:51:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 217.25.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:e0:25:71:12:c1:37:32:92:40:ea:84:54:7f:9e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Nov 9 14:51:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9835d6711d19bfbde1c5123fa18c9c6718b270f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ac:be:79:54:0e:69:0a:45:46:9c:9a:1f:d6:
7f:54:22:b4:7c:df:e2:c0:cb:fb:a7:62:26:31:6d:
d6:ed:15:28:a1:68:67:86:a0:d4:5e:86:25:03:77:
16:9c:06:45:02:2b:06:0a:a8:90:1e:35:75:f0:2b:
fe:01:c5:29:66:dc:48:7c:bf:f1:b3:9a:9f:1d:6d:
2e:ae:82:a6:ff:2f:29:f5:c7:07:5e:20:d3:27:1e:
e2:47:c3:90:03:ab:a5:53:77:f1:ef:d2:fe:ff:e6:
16:0b:b1:a9:fa:91:a3:54:0b:07:1c:ea:11:46:33:
5e:c4:59:98:3f:27:54:de:7e:ca:19:f9:92:48:8d:
d0:a3:42:91:6b:87:4d:33:70:87:92:73:5e:a9:53:
84:99:ec:6c:e7:67:0f:3f:ce:d7:bf:e8:40:e0:a5:
b4:7d:4d:98:5d:ae:bc:6c:bf:64:de:d5:9a:e8:46:
bb:c6:6b:b2:16:1d:09:8a:1f:7e:c2:d2:89:e5:de:
3c:d2:f7:52:d9:87:87:40:de:9d:9e:1d:08:2a:72:
44:72:60:8e:70:f3:17:3e:30:fb:d0:5c:da:01:0e:
61:24:8d:46:17:43:1f:5e:b1:f1:95:c7:3b:96:92:
a5:b3:54:45:a2:94:de:16:b2:2b:56:36:79:96:b6:
e3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:35:D6:71:1D:19:BF:BD:E1:C5:12:3F:A1:8C:9C:67:18:B2:70:F0
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/mDXWcR0Zv73hxRI_oYycZxiycPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:06:d6:bc:0d:75:0a:82:e9:2f:6d:87:ee:eb:17:02:62:76:
e5:73:2f:74:2e:a6:fc:46:42:fa:0a:6e:76:53:84:19:b1:36:
3f:e7:b9:2b:28:c9:dd:e4:b3:db:0e:b6:e0:c5:f7:59:f9:74:
4a:06:f5:22:7c:c2:7d:ca:6a:a7:63:38:46:6c:1a:bb:6f:ea:
d5:72:af:cd:3b:d3:dc:9a:fe:6c:19:f4:6b:8b:99:17:96:94:
d7:1c:11:c6:70:59:1f:d5:dd:d5:9e:c4:83:23:a1:10:2a:28:
6b:2c:06:73:27:be:b6:6e:b4:f0:9f:1e:5f:71:d1:d8:a6:d8:
2a:40:97:62:c1:93:bb:c7:26:4a:da:19:1d:a6:fb:53:ea:6e:
9b:25:56:09:5f:3a:0d:2d:33:40:2b:b3:2e:7c:ad:db:0b:81:
51:94:fb:1b:af:62:78:c1:92:11:39:3a:a1:27:e2:88:77:fa:
33:97:e9:b2:44:d8:fc:5c:f0:69:18:8e:87:51:b5:fe:d1:04:
1c:ce:0e:b6:00:a2:28:79:1e:0a:4d:81:08:07:35:da:07:3a:
c2:e2:62:99:14:b4:69:32:4a:5d:ab:fd:c3:c2:be:4b:c7:dd:
4d:d8:54:10:7e:cb:bd:7d:30:64:ea:72:fe:6c:72:28:40:95:
64:74:ea:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRc4CVxEsE3MpJA6oRUf57LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIxMTA5MTQ1MTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM1ZDY3MTFkMTliZmJkZTFjNTEyM2ZhMThjOWM2NzE4YjI3MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqy+eVQOaQpFRpyaH9Z/VCK0fN/i
wMv7p2ImMW3W7RUooWhnhqDUXoYlA3cWnAZFAisGCqiQHjV18Cv+AcUpZtxIfL/x
s5qfHW0uroKm/y8p9ccHXiDTJx7iR8OQA6ulU3fx79L+/+YWC7Gp+pGjVAsHHOoR
RjNexFmYPydU3n7KGfmSSI3Qo0KRa4dNM3CHknNeqVOEmexs52cPP87Xv+hA4KW0
fU2YXa68bL9k3tWa6Ea7xmuyFh0Jih9+wtKJ5d480vdS2YeHQN6dnh0IKnJEcmCO
cPMXPjD70FzaAQ5hJI1GF0MfXrHxlcc7lpKls1RFopTeFrIrVjZ5lrbjMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJg11nEdGb+94cUSP6GMnGcYsnDwMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvbURYV2NSMFp2NzNoeFJJX29ZeWNaeGl5Y1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkDMA0G
CSqGSIb3DQEBCwUAA4IBAQANBta8DXUKgukvbYfu6xcCYnblcy90Lqb8RkL6Cm52
U4QZsTY/57krKMnd5LPbDrbgxfdZ+XRKBvUifMJ9ymqnYzhGbBq7b+rVcq/NO9Pc
mv5sGfRri5kXlpTXHBHGcFkf1d3VnsSDI6EQKihrLAZzJ762brTwnx5fcdHYptgq
QJdiwZO7xyZK2hkdpvtT6m6bJVYJXzoNLTNAK7MufK3bC4FRlPsbr2J4wZIROTqh
J+KId/ozl+myRNj8XPBpGI6HUbX+0QQczg62AKIoeR4KTYEIBzXaBzrC4mKZFLRp
Mkpdq/3Dwr5Lx91N2FQQfsu9fTBk6nL+bHIoQJVkdOo0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org