Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/7BeP6V9yVY3yp0UD9jtoyD0vwY0.roa
File: 7BeP6V9yVY3yp0UD9jtoyD0vwY0.roa (raw, json)
Hash identifier: oxBg6203RKtavoI1/M8T74XYNE2V2TZ/GVhYzKpwG18=
Subject key identifier: EC:17:8F:E9:5F:72:55:8D:F2:A7:45:03:F6:3B:68:C8:3D:2F:C1:8D
Certificate issuer: /CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Certificate serial: 018484C3550407401858C56A541424684936
Authority key identifier: 49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/7BeP6V9yVY3yp0UD9jtoyD0vwY0.roa
Signing time: Thu 17 Nov 2022 08:45:04 +0000
ROA not before: Thu 17 Nov 2022 08:45:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47292
IP address blocks: 217.23.98.0/24 maxlen: 24
217.23.96.0/24 maxlen: 24
217.23.97.0/24 maxlen: 24
217.23.102.0/24 maxlen: 24
217.23.100.0/24 maxlen: 24
217.23.101.0/24 maxlen: 24
217.23.105.0/24 maxlen: 24
217.23.99.0/24 maxlen: 24
217.23.103.0/24 maxlen: 24
217.23.104.0/24 maxlen: 24
217.23.108.0/24 maxlen: 24
217.23.109.0/24 maxlen: 24
217.23.107.0/24 maxlen: 24
217.23.106.0/24 maxlen: 24
217.23.110.0/24 maxlen: 24
217.23.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:c3:55:04:07:40:18:58:c5:6a:54:14:24:68:49:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Validity
Not Before: Nov 17 08:45:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec178fe95f72558df2a74503f63b68c83d2fc18d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d0:76:72:b6:a2:b1:af:31:cc:83:cf:bf:89:
38:4b:b4:6d:78:4e:b6:62:64:24:eb:c3:e2:9c:10:
44:dd:8c:3c:aa:b2:62:e7:86:cd:3e:ff:d4:2a:d2:
42:5c:7c:e7:85:2b:cb:7b:5b:97:e1:18:23:91:30:
d6:26:59:b0:5d:27:05:1b:df:34:7a:19:a1:ef:a3:
14:b7:85:3b:f9:31:ae:80:04:63:04:32:0d:93:4f:
bd:62:67:da:da:ce:84:7d:4b:b8:a5:f9:fc:80:12:
c3:01:72:00:df:35:27:36:9b:03:ff:1b:e3:83:c2:
3b:86:34:f2:00:bd:60:d7:d1:f8:0c:5d:00:bc:f2:
0c:0e:0c:ae:8c:f1:f4:f9:85:d6:c6:93:a8:a4:8b:
cb:41:1e:a2:45:42:a2:e3:57:aa:e9:0b:5f:35:04:
fd:d2:ca:81:cf:2b:b2:84:c5:a9:14:51:07:4a:4a:
42:49:8b:46:80:f1:49:b7:cd:98:1e:6d:6b:14:16:
84:43:a3:06:71:d0:64:43:0f:1f:4d:de:28:03:88:
de:c1:dc:34:6d:26:67:af:d2:64:c7:aa:df:8b:8e:
0a:f8:49:8b:d3:77:a1:9e:9a:94:69:82:51:68:01:
8b:5b:fd:56:4d:16:99:f7:23:24:7f:c4:4a:fd:6f:
d0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:17:8F:E9:5F:72:55:8D:F2:A7:45:03:F6:3B:68:C8:3D:2F:C1:8D
X509v3 Authority Key Identifier:
keyid:49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/7BeP6V9yVY3yp0UD9jtoyD0vwY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.23.96.0/20
Signature Algorithm: sha256WithRSAEncryption
20:70:d8:f7:83:1a:51:63:a1:c9:85:6f:64:2c:1e:72:d5:04:
04:7e:cd:f1:cc:1c:55:a2:74:7d:f7:9e:93:0b:83:6b:35:84:
89:21:29:78:08:63:53:47:f2:9e:be:42:e0:e3:15:13:a2:35:
c6:4a:f0:80:90:e0:64:6f:05:83:b0:e5:9c:c6:af:c7:cf:e8:
02:34:18:b6:50:62:75:91:47:bb:5d:52:34:9f:4c:32:9a:4d:
4b:7a:32:1c:28:9b:88:a9:f3:92:c9:41:2d:b3:18:74:c3:e1:
e0:ac:9b:78:24:e0:e2:06:19:b6:99:67:d5:95:73:0a:2a:0a:
c2:f2:d0:93:11:2a:4a:a0:70:3a:5e:44:75:98:d7:6c:d4:42:
54:90:af:d2:77:e3:4d:60:8e:2e:f4:54:71:7a:d6:a3:9b:35:
87:2a:71:c6:4d:04:99:29:c8:2e:11:50:a2:d1:f8:f3:b9:ad:
ca:81:55:01:28:26:b6:89:2f:99:7a:a4:92:77:d6:79:a3:d7:
33:a9:87:5e:b3:05:8b:45:1d:a2:fd:d8:f2:64:5c:bd:17:ad:
45:5a:71:7b:1f:b4:c9:ed:93:ba:c0:d3:34:f3:89:d1:7f:4a:
f2:96:57:2a:30:06:2c:ef:80:8f:bf:9c:fa:46:5c:ef:23:4c:
c1:b2:96:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSEw1UEB0AYWMVqVBQkaEk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODRkMGNjNjcwM2JmOTQyYzZkYWM4OWRmZjFhN2JmNjYz
MmVhOGIwHhcNMjIxMTE3MDg0NTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzE3OGZlOTVmNzI1NThkZjJhNzQ1MDNmNjNiNjhjODNkMmZjMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdB2craisa8xzIPPv4k4S7RteE62
YmQk68PinBBE3Yw8qrJi54bNPv/UKtJCXHznhSvLe1uX4RgjkTDWJlmwXScFG980
ehmh76MUt4U7+TGugARjBDINk0+9Ymfa2s6EfUu4pfn8gBLDAXIA3zUnNpsD/xvj
g8I7hjTyAL1g19H4DF0AvPIMDgyujPH0+YXWxpOopIvLQR6iRUKi41eq6QtfNQT9
0sqBzyuyhMWpFFEHSkpCSYtGgPFJt82YHm1rFBaEQ6MGcdBkQw8fTd4oA4jewdw0
bSZnr9Jkx6rfi44K+EmL03ehnpqUaYJRaAGLW/1WTRaZ9yMkf8RK/W/QNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOwXj+lfclWN8qdFA/Y7aMg9L8GNMB8GA1UdIwQY
MBaAFEmE0MxnA7+ULG2sid/xp79mMuqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjIt
MTQ3MGJjY2VlYjFiLzEvN0JlUDZWOXlWWTN5cDBVRDlqdG95RDB2d1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjItMTQ3MGJjY2VlYjFi
LzEvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RdgMA0G
CSqGSIb3DQEBCwUAA4IBAQAgcNj3gxpRY6HJhW9kLB5y1QQEfs3xzBxVonR9956T
C4NrNYSJISl4CGNTR/KevkLg4xUTojXGSvCAkOBkbwWDsOWcxq/Hz+gCNBi2UGJ1
kUe7XVI0n0wymk1LejIcKJuIqfOSyUEtsxh0w+HgrJt4JODiBhm2mWfVlXMKKgrC
8tCTESpKoHA6XkR1mNds1EJUkK/Sd+NNYI4u9FRxetajmzWHKnHGTQSZKcguEVCi
0fjzua3KgVUBKCa2iS+ZeqSSd9Z5o9czqYdeswWLRR2i/djyZFy9F61FWnF7H7TJ
7ZO6wNM084nRf0ryllcqMAYs74CPv5z6RlzvI0zBspZ6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:08 2023 by rpki-client on console-fra.rpki-client.org