Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/pweBM9K4VLSsFHmK0OrnSXGtYOk.roa
File: pweBM9K4VLSsFHmK0OrnSXGtYOk.roa (raw, json)
Hash identifier: jzz0sN4P9eXtfdrY/RyqMHLEExugXilhDHkgwperTg0=
Subject key identifier: A7:07:81:33:D2:B8:54:B4:AC:14:79:8A:D0:EA:E7:49:71:AD:60:E9
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018437EB2CF4361164147BDB939828F06B08
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/pweBM9K4VLSsFHmK0OrnSXGtYOk.roa
Signing time: Wed 02 Nov 2022 10:37:50 +0000
ROA not before: Wed 02 Nov 2022 10:37:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 217.25.1.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:eb:2c:f4:36:11:64:14:7b:db:93:98:28:f0:6b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Nov 2 10:37:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7078133d2b854b4ac14798ad0eae74971ad60e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c0:b8:36:c1:c4:ff:59:cb:c2:e6:11:57:b9:
9d:29:84:94:66:ef:a8:12:30:86:d6:e6:14:e6:4e:
e4:7a:e5:fc:fc:6d:8b:ce:ce:ba:30:a1:76:de:52:
8a:aa:63:b8:b1:f7:54:6a:9a:54:90:bc:77:01:60:
c0:0e:84:73:e1:bc:37:9e:39:ac:82:e2:e3:d3:c8:
5d:44:e1:bd:57:18:83:17:e7:3e:53:d2:43:47:17:
a1:bb:55:14:61:d0:e1:95:0c:b7:bd:35:41:29:f6:
12:7c:c3:6c:10:81:1d:c0:c1:35:78:41:4d:02:11:
74:5f:13:fd:86:98:40:76:8f:8d:bf:1f:6d:ef:51:
de:24:52:4f:b9:4c:7b:a7:6f:10:87:c9:98:da:81:
c4:ac:da:dd:b7:de:4e:8c:8e:de:b9:53:be:8b:7d:
84:4f:b5:e4:7e:89:29:0c:5f:ec:b5:9f:8b:91:1c:
50:cc:af:c7:eb:b1:df:62:49:f3:a5:79:31:07:f6:
51:1c:c8:57:9f:aa:e2:70:d1:41:f0:97:4d:aa:4a:
32:f0:2a:b6:b6:f8:aa:dd:15:bd:a1:cd:97:d3:26:
45:14:29:e8:f7:47:db:32:0d:49:22:9b:14:6a:8a:
90:fe:e0:2a:8e:7a:83:9a:77:c5:a3:df:4b:e9:19:
88:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:07:81:33:D2:B8:54:B4:AC:14:79:8A:D0:EA:E7:49:71:AD:60:E9
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/pweBM9K4VLSsFHmK0OrnSXGtYOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.18.0/24
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:5d:49:60:f3:97:5f:da:d1:3c:f6:56:22:9a:a8:4a:bf:17:
d5:e0:88:d8:e0:b6:4e:70:03:46:6b:60:46:ee:05:48:93:7a:
de:fb:83:9e:b3:4c:b8:73:c2:9e:5c:78:f4:93:1b:90:ac:fb:
bf:da:d1:08:84:fd:98:f2:12:6c:2d:79:17:7d:5b:96:db:28:
1d:c0:33:ac:e5:87:7e:b4:c5:74:75:15:ec:37:0d:a6:38:68:
bd:a8:ad:a8:de:f2:69:0a:73:22:19:a6:8e:96:20:48:b1:d4:
75:c5:70:da:27:51:2f:71:71:18:28:ff:8f:c8:ca:f3:41:78:
48:62:a9:1c:f9:b3:ca:00:eb:47:c8:95:4f:8e:c2:b6:f6:64:
cd:ce:42:f6:f2:c1:02:d8:94:29:79:b0:8d:52:1c:0e:1b:0c:
b4:34:be:21:24:e5:70:0e:e5:e4:fa:83:5c:a3:a1:ba:bc:97:
4c:bf:23:cf:92:f2:48:88:cc:6d:5b:c7:32:bf:02:7e:00:ec:
4d:36:46:f9:f2:54:ae:2b:80:64:ac:24:91:30:8c:ec:b3:5a:
7b:3c:c9:ec:c3:5f:ce:a2:ff:c9:6c:e0:ec:29:5d:80:62:08:
92:8e:d0:86:74:83:2e:1c:81:30:32:77:4c:45:76:13:fb:0d:
b0:54:26:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQ36yz0NhFkFHvbk5go8GsIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIxMTAyMTAzNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzA3ODEzM2QyYjg1NGI0YWMxNDc5OGFkMGVhZTc0OTcxYWQ2MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsC4NsHE/1nLwuYRV7mdKYSUZu+o
EjCG1uYU5k7keuX8/G2Lzs66MKF23lKKqmO4sfdUappUkLx3AWDADoRz4bw3njms
guLj08hdROG9VxiDF+c+U9JDRxehu1UUYdDhlQy3vTVBKfYSfMNsEIEdwME1eEFN
AhF0XxP9hphAdo+Nvx9t71HeJFJPuUx7p28Qh8mY2oHErNrdt95OjI7euVO+i32E
T7XkfokpDF/stZ+LkRxQzK/H67HfYknzpXkxB/ZRHMhXn6ricNFB8JdNqkoy8Cq2
tviq3RW9oc2X0yZFFCno90fbMg1JIpsUaoqQ/uAqjnqDmnfFo99L6RmI4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKcHgTPSuFS0rBR5itDq50lxrWDpMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvcHdlQk05SzRWTFNzRkhtSzBPcm5TWEd0WU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/4SAwQA
2RkBMA0GCSqGSIb3DQEBCwUAA4IBAQCOXUlg85df2tE89lYimqhKvxfV4IjY4LZO
cANGa2BG7gVIk3re+4Oes0y4c8KeXHj0kxuQrPu/2tEIhP2Y8hJsLXkXfVuW2ygd
wDOs5Yd+tMV0dRXsNw2mOGi9qK2o3vJpCnMiGaaOliBIsdR1xXDaJ1EvcXEYKP+P
yMrzQXhIYqkc+bPKAOtHyJVPjsK29mTNzkL28sEC2JQpebCNUhwOGwy0NL4hJOVw
DuXk+oNco6G6vJdMvyPPkvJIiMxtW8cyvwJ+AOxNNkb58lSuK4BkrCSRMIzss1p7
PMnsw1/Oov/JbODsKV2AYgiSjtCGdIMuHIEwMndMRXYT+w2wVCZC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org