Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/odKRgy-b3zO6Ev-UyT867LSqcdk.roa
File: odKRgy-b3zO6Ev-UyT867LSqcdk.roa (raw, json)
Hash identifier: kO5OtjvyiOtKwootMw+4yh3ydPi68YIfyT+X9h736Hg=
Subject key identifier: A1:D2:91:83:2F:9B:DF:33:BA:12:FF:94:C9:3F:3A:EC:B4:AA:71:D9
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0182883614D62D73984E875E9E33FC75FE2A
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/odKRgy-b3zO6Ev-UyT867LSqcdk.roa
Signing time: Wed 10 Aug 2022 14:43:41 +0000
ROA not before: Wed 10 Aug 2022 14:43:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.2.0/24 maxlen: 24
185.210.168.0/22 maxlen: 24
217.25.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:88:36:14:d6:2d:73:98:4e:87:5e:9e:33:fc:75:fe:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Aug 10 14:43:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1d291832f9bdf33ba12ff94c93f3aecb4aa71d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0b:75:4b:4a:21:78:54:81:d6:38:84:62:61:
81:e3:ab:e2:9b:a1:6f:f9:eb:99:d3:bb:30:95:6d:
a6:bf:d7:e6:55:ea:bf:89:bd:e4:5e:8e:40:a4:79:
82:95:ae:c4:a2:8d:f6:dd:77:6b:09:02:7d:36:aa:
09:03:80:5a:14:05:44:1d:ce:ac:63:d3:07:8d:db:
60:91:a4:77:64:e7:ad:98:c8:b6:d2:a9:c8:5b:9f:
c7:28:ae:9e:46:a5:bb:92:76:6e:70:89:36:00:98:
dc:ff:de:0c:ee:12:63:97:48:ad:bd:1f:4d:0c:71:
3d:c2:21:8a:25:05:40:13:f6:6d:27:82:4e:2b:91:
57:c5:dc:3b:cb:47:15:5c:88:d7:cf:92:2f:96:96:
1a:01:c2:4e:bc:c2:97:f5:c9:90:89:a5:7f:17:9b:
71:5c:59:82:5b:72:d8:fe:95:bf:78:d3:67:8a:b4:
8c:6b:46:99:40:9a:a2:dc:27:08:cf:49:b2:d7:3f:
88:78:d5:81:88:4e:76:70:24:2b:b0:44:9c:46:4b:
c5:63:da:46:db:6d:91:70:f8:7e:c9:e5:c9:d3:6f:
da:de:9b:c1:50:18:41:0c:93:92:cc:7a:68:b9:95:
aa:b7:5c:af:49:12:e5:f6:be:fd:f5:74:96:56:ae:
e9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D2:91:83:2F:9B:DF:33:BA:12:FF:94:C9:3F:3A:EC:B4:AA:71:D9
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/odKRgy-b3zO6Ev-UyT867LSqcdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
185.210.168.0/22
217.25.3.0/24
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
83:dc:49:d9:81:45:cc:35:c6:5f:fa:5a:80:c2:17:f3:7e:ef:
52:62:85:4c:ac:4d:2d:49:04:14:bc:87:c7:d7:7a:1d:14:73:
70:f4:af:82:b1:34:e1:0f:81:c1:6d:60:1f:58:c4:03:41:c5:
00:b4:93:d6:1e:ee:e9:bf:4d:9f:84:c6:d4:b9:7e:d8:4b:ad:
62:f9:69:91:5f:f9:9a:16:d9:0e:5b:23:86:4d:11:44:96:8f:
2b:ea:7d:c7:cf:59:16:b3:e7:29:ec:da:6c:da:1f:01:e8:c4:
28:18:47:be:ad:c2:09:3d:2e:df:22:cf:43:51:42:ba:a4:87:
b6:d0:00:11:8c:f2:b2:c5:f2:4c:82:db:18:bb:07:79:fa:e8:
47:1e:9b:b4:3c:54:9a:9a:f7:c8:3e:ba:00:2f:88:a5:63:8f:
cf:aa:d7:f6:e3:65:9d:51:14:8a:e0:b4:f6:04:2c:74:7c:7e:
ac:c7:2a:47:82:9e:69:09:66:32:a8:e7:96:bd:fe:5b:c5:27:
2d:ab:d3:0e:08:38:c4:dd:18:20:ae:3b:03:46:97:11:2c:c4:
a6:70:12:82:43:aa:cf:2e:d3:56:1c:5e:8e:34:f8:f6:6f:4e:
03:dc:e3:75:ae:22:14:f3:c4:aa:98:cc:6c:67:0f:7f:d4:7a:
4a:ef:62:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYKINhTWLXOYTodenjP8df4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwODEwMTQ0MzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQyOTE4MzJmOWJkZjMzYmExMmZmOTRjOTNmM2FlY2I0YWE3MWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAt1S0oheFSB1jiEYmGB46vim6Fv
+euZ07swlW2mv9fmVeq/ib3kXo5ApHmCla7Eoo323XdrCQJ9NqoJA4BaFAVEHc6s
Y9MHjdtgkaR3ZOetmMi20qnIW5/HKK6eRqW7knZucIk2AJjc/94M7hJjl0itvR9N
DHE9wiGKJQVAE/ZtJ4JOK5FXxdw7y0cVXIjXz5IvlpYaAcJOvMKX9cmQiaV/F5tx
XFmCW3LY/pW/eNNnirSMa0aZQJqi3CcIz0my1z+IeNWBiE52cCQrsEScRkvFY9pG
222RcPh+yeXJ02/a3pvBUBhBDJOSzHpouZWqt1yvSRLl9r799XSWVq7p4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKHSkYMvm98zuhL/lMk/Ouy0qnHZMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvb2RLUmd5LWIzek82RXYtVXlUODY3TFNxY2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4CAwQC
udKoAwQA2RkDAwQA2RkMMA0GCSqGSIb3DQEBCwUAA4IBAQCD3EnZgUXMNcZf+lqA
whfzfu9SYoVMrE0tSQQUvIfH13odFHNw9K+CsTThD4HBbWAfWMQDQcUAtJPWHu7p
v02fhMbUuX7YS61i+WmRX/maFtkOWyOGTRFElo8r6n3Hz1kWs+cp7Nps2h8B6MQo
GEe+rcIJPS7fIs9DUUK6pIe20AARjPKyxfJMgtsYuwd5+uhHHpu0PFSamvfIProA
L4ilY4/Pqtf242WdURSK4LT2BCx0fH6sxypHgp5pCWYyqOeWvf5bxSctq9MOCDjE
3RggrjsDRpcRLMSmcBKCQ6rPLtNWHF6ONPj2b04D3ON1riIU88SqmMxsZw9/1HpK
72K6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org