Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/24281e-e1ea-4f69-b53d-7f0338e49ee1/1/hUDwYzmqeemTSR804HVa5aaBBUw.roa
File: hUDwYzmqeemTSR804HVa5aaBBUw.roa (raw, json)
Hash identifier: u4UaY4zraPfJ5AcVLjcmFQImFlxE6FVWXhJxfY3tbSI=
Subject key identifier: 85:40:F0:63:39:AA:79:E9:93:49:1F:34:E0:75:5A:E5:A6:81:05:4C
Certificate issuer: /CN=42ebfd8917b58f0686d93eb48de421ec01370ac9
Certificate serial: 07FD0B23
Authority key identifier: 42:EB:FD:89:17:B5:8F:06:86:D9:3E:B4:8D:E4:21:EC:01:37:0A:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Quv9iRe1jwaG2T60jeQh7AE3Csk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/24281e-e1ea-4f69-b53d-7f0338e49ee1/1/hUDwYzmqeemTSR804HVa5aaBBUw.roa
Signing time: Sat 01 Jan 2022 00:52:35 +0000
ROA not before: Sat 01 Jan 2022 00:52:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20658
IP address blocks: 217.170.224.0/24 maxlen: 24
217.170.225.0/24 maxlen: 24
217.170.226.0/24 maxlen: 24
217.170.230.0/24 maxlen: 24
217.170.231.0/24 maxlen: 24
217.170.232.0/24 maxlen: 24
217.170.233.0/24 maxlen: 24
217.170.227.0/24 maxlen: 24
217.170.228.0/24 maxlen: 24
217.170.229.0/24 maxlen: 24
217.170.237.0/24 maxlen: 24
217.170.238.0/24 maxlen: 24
217.170.239.0/24 maxlen: 24
217.170.234.0/24 maxlen: 24
217.170.235.0/24 maxlen: 24
217.170.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134023971 (0x7fd0b23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ebfd8917b58f0686d93eb48de421ec01370ac9
Validity
Not Before: Jan 1 00:52:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8540f06339aa79e993491f34e0755ae5a681054c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:da:6a:6b:3b:96:11:a9:42:07:52:da:a0:4d:
c3:c5:a7:ca:b6:3f:16:d5:84:99:14:b6:23:4b:ef:
2b:11:06:d9:c7:90:3f:63:b3:81:90:26:99:6b:7c:
a1:88:f8:69:55:98:8c:fc:49:fa:49:0d:49:6c:bd:
80:a3:23:21:c3:f7:d1:01:7f:a3:57:95:65:66:64:
11:f9:53:d6:8d:11:aa:09:0f:3f:ce:94:80:59:86:
81:22:a4:fc:e8:90:bd:1b:3e:b9:ac:1f:95:93:0a:
44:62:38:48:35:6e:00:8e:b5:3f:ff:ee:65:3b:b5:
34:f7:3d:b3:96:ed:e9:66:2a:28:a6:64:c9:c8:c7:
ac:f4:0b:54:b6:ba:41:8a:17:27:8a:f5:a5:d1:47:
c7:60:6a:e9:d7:13:59:7f:9d:0a:8d:d1:e3:28:3b:
0a:f8:c7:bf:39:e1:21:48:d9:8e:29:f7:9a:06:de:
de:af:06:a2:ea:ad:54:f3:5a:14:c6:9f:91:c4:29:
7f:dc:a2:16:c4:5f:d8:4f:f8:6d:87:0a:c2:c4:69:
6d:98:5a:24:5d:0c:02:49:8f:2e:20:72:9f:c0:12:
7f:a9:79:11:f9:b0:dd:f4:b7:51:ec:21:ea:34:57:
9d:fe:10:df:3a:54:61:8b:29:80:74:03:f8:8c:56:
40:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:40:F0:63:39:AA:79:E9:93:49:1F:34:E0:75:5A:E5:A6:81:05:4C
X509v3 Authority Key Identifier:
keyid:42:EB:FD:89:17:B5:8F:06:86:D9:3E:B4:8D:E4:21:EC:01:37:0A:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Quv9iRe1jwaG2T60jeQh7AE3Csk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/24281e-e1ea-4f69-b53d-7f0338e49ee1/1/hUDwYzmqeemTSR804HVa5aaBBUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/24281e-e1ea-4f69-b53d-7f0338e49ee1/1/Quv9iRe1jwaG2T60jeQh7AE3Csk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.224.0/20
Signature Algorithm: sha256WithRSAEncryption
68:8e:60:30:0f:87:dd:d8:db:f3:49:46:4c:a8:16:7b:00:32:
6f:36:72:25:6f:a6:f7:2b:2f:2f:f4:8d:a9:ef:ff:d8:b7:7b:
78:59:6b:1c:e6:c8:d4:bc:69:d0:ce:ba:bd:9b:32:89:f7:42:
89:a5:31:77:60:60:d2:49:03:49:9c:f6:ef:c8:ad:b5:4f:42:
4f:0c:7f:8e:0d:f4:c5:eb:cd:c6:a5:15:1f:82:96:a6:be:b2:
12:5d:9c:3b:db:36:d4:6f:bf:80:65:52:9b:73:1e:e8:d5:a2:
10:02:c0:8a:64:9d:9f:7b:3e:a9:a1:82:a8:62:6d:c2:44:46:
6a:10:59:25:ae:38:ba:11:b9:57:7e:bc:c1:76:72:c4:9f:92:
a4:9e:3d:bb:22:37:0f:65:18:c4:f5:e0:c4:96:8b:a4:24:da:
2a:f6:16:02:a0:60:88:af:38:cd:ac:94:e3:ac:47:bf:04:3d:
06:ee:5a:d2:16:ad:7e:05:e8:ff:55:4e:c6:5d:e4:57:a6:e6:
8c:50:ce:f1:49:ba:ac:3e:e2:b5:7d:c9:0f:b6:ef:88:42:d9:
a6:b1:5c:5e:27:16:d0:50:6f:52:90:ac:7a:ed:74:de:f2:86:
e6:5a:d3:75:6a:f3:2b:6b:66:31:9d:92:20:6a:5f:73:29:d7:
0c:e0:60:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB/0LIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmViZmQ4OTE3YjU4ZjA2ODZkOTNlYjQ4ZGU0MjFlYzAxMzcwYWM5MB4XDTIyMDEw
MTAwNTIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU0MGYwNjMzOWFh
NzllOTkzNDkxZjM0ZTA3NTVhZTVhNjgxMDU0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/aams7lhGpQgdS2qBNw8WnyrY/FtWEmRS2I0vvKxEG2ceQ
P2OzgZAmmWt8oYj4aVWYjPxJ+kkNSWy9gKMjIcP30QF/o1eVZWZkEflT1o0RqgkP
P86UgFmGgSKk/OiQvRs+uawflZMKRGI4SDVuAI61P//uZTu1NPc9s5bt6WYqKKZk
ycjHrPQLVLa6QYoXJ4r1pdFHx2Bq6dcTWX+dCo3R4yg7CvjHvznhIUjZjin3mgbe
3q8GouqtVPNaFMafkcQpf9yiFsRf2E/4bYcKwsRpbZhaJF0MAkmPLiByn8ASf6l5
Efmw3fS3Uewh6jRXnf4Q3zpUYYspgHQD+IxWQB8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSFQPBjOap56ZNJHzTgdVrlpoEFTDAfBgNVHSMEGDAWgBRC6/2JF7WPBobZ
PrSN5CHsATcKyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1F1djlpUmUxandhRzJUNjBqZVFoN0FFM0Nzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvMjQyODFlLWUxZWEtNGY2OS1iNTNkLTdmMDMzOGU0OWVlMS8x
L2hVRHdZem1xZWVtVFNSODA0SFZhNWFhQkJVdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
MjQyODFlLWUxZWEtNGY2OS1iNTNkLTdmMDMzOGU0OWVlMS8xL1F1djlpUmUxandh
RzJUNjBqZVFoN0FFM0Nzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNmq4DANBgkqhkiG9w0BAQsFAAOC
AQEAaI5gMA+H3djb80lGTKgWewAybzZyJW+m9ysvL/SNqe//2Ld7eFlrHObI1Lxp
0M66vZsyifdCiaUxd2Bg0kkDSZz278ittU9CTwx/jg30xevNxqUVH4KWpr6yEl2c
O9s21G+/gGVSm3Me6NWiEALAimSdn3s+qaGCqGJtwkRGahBZJa44uhG5V368wXZy
xJ+SpJ49uyI3D2UYxPXgxJaLpCTaKvYWAqBgiK84zayU46xHvwQ9Bu5a0hatfgXo
/1VOxl3kV6bmjFDO8Um6rD7itX3JD7bviELZprFcXicW0FBvUpCseu103vKG5lrT
dWrzK2tmMZ2SIGpfcynXDOBgyQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:25 2025 by rpki-client