Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/545b06-8572-412f-a80f-3979ef0d32db/1/jb2s0V1ubXPjNpEZB1UzadTApM4.roa
File: jb2s0V1ubXPjNpEZB1UzadTApM4.roa (raw, json)
Hash identifier: cowcGZfY6eCBm90J5cuy4iujpWUUWhk9338oiHq9D4g=
Subject key identifier: 8D:BD:AC:D1:5D:6E:6D:73:E3:36:91:19:07:55:33:69:D4:C0:A4:CE
Certificate issuer: /CN=498fd453f5e35f9c77d1d706e565138adf82256a
Certificate serial: 130C7A05
Authority key identifier: 49:8F:D4:53:F5:E3:5F:9C:77:D1:D7:06:E5:65:13:8A:DF:82:25:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SY_UU_XjX5x30dcG5WUTit-CJWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/545b06-8572-412f-a80f-3979ef0d32db/1/jb2s0V1ubXPjNpEZB1UzadTApM4.roa
Signing time: Sat 01 Jan 2022 06:53:18 +0000
ROA not before: Sat 01 Jan 2022 06:53:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8376
IP address blocks: 217.29.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 319584773 (0x130c7a05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=498fd453f5e35f9c77d1d706e565138adf82256a
Validity
Not Before: Jan 1 06:53:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8dbdacd15d6e6d73e336911907553369d4c0a4ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:72:04:ac:2d:b9:e4:af:4b:76:c9:49:1e:08:
c3:bb:a3:80:c7:1c:fb:90:e0:2b:ee:8c:91:9c:d5:
2a:71:dd:58:c7:57:66:c0:cb:3d:b3:3d:d7:85:6d:
05:33:1d:2b:f2:e4:1d:5a:37:c0:8e:87:42:90:e8:
0f:e5:93:a6:d2:51:aa:90:08:4e:51:e7:09:65:fc:
b9:73:5a:ed:1a:6f:c3:ce:6e:77:34:b8:98:6b:57:
23:7a:bd:3b:b5:3d:05:15:67:f4:4d:4e:d1:ab:5c:
4a:eb:d9:56:d6:71:34:60:32:1c:22:3e:7f:d5:77:
49:09:25:cf:f3:01:92:16:88:78:dd:d0:1e:1b:6e:
8a:76:36:69:a9:54:85:b3:9a:42:70:24:4f:11:15:
83:36:13:dd:60:af:c1:fe:5d:e3:ce:7e:fc:83:74:
14:72:77:c6:3e:3d:e3:bf:67:78:eb:e9:b5:12:c9:
29:a2:ad:19:13:dc:da:a4:af:1a:71:63:b3:9c:8e:
a4:6b:b0:03:27:8b:f5:5a:f8:33:aa:fb:94:f4:cc:
7e:94:41:c9:4a:44:6f:b4:9f:ad:b8:f6:69:ed:83:
c8:c8:0c:a3:1a:30:29:75:44:58:1d:c2:50:2c:df:
42:74:8c:28:70:ea:8c:bb:be:2c:5f:2c:db:c6:de:
eb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:BD:AC:D1:5D:6E:6D:73:E3:36:91:19:07:55:33:69:D4:C0:A4:CE
X509v3 Authority Key Identifier:
keyid:49:8F:D4:53:F5:E3:5F:9C:77:D1:D7:06:E5:65:13:8A:DF:82:25:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SY_UU_XjX5x30dcG5WUTit-CJWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/545b06-8572-412f-a80f-3979ef0d32db/1/jb2s0V1ubXPjNpEZB1UzadTApM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/545b06-8572-412f-a80f-3979ef0d32db/1/SY_UU_XjX5x30dcG5WUTit-CJWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.29.242.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:59:e4:c5:fb:fa:a3:25:04:12:d5:1d:7e:30:67:c5:f9:72:
24:35:b6:ac:1b:9b:a7:ff:f0:8a:1e:ea:17:17:27:34:6a:88:
68:11:0e:e4:df:12:ce:4c:da:9f:cc:27:4c:1a:0e:f1:94:08:
df:1c:6e:33:c6:f5:52:ba:90:34:e8:10:be:b0:5d:7a:c9:cd:
2b:1b:a5:74:ae:d9:89:2b:16:91:53:51:1c:a7:3a:ef:24:83:
20:5a:26:ae:94:42:09:1a:c2:c2:1f:1e:f7:33:ea:d7:33:e5:
b5:88:39:a4:f1:f9:29:3d:36:64:ef:14:1d:a2:cc:c7:48:03:
84:e9:7e:e0:4f:e2:2a:4c:d9:8c:02:b7:ef:f1:f2:4f:98:16:
67:f3:d0:66:4b:d3:d6:55:52:fe:d2:73:46:d9:6f:80:83:58:
8b:6c:0d:fa:1a:c3:9d:a4:11:99:7d:d1:34:54:3c:25:52:dd:
25:86:87:b2:fd:0d:9d:80:02:c5:ae:10:fb:b6:41:0f:60:fb:
57:18:38:90:d6:1c:19:dc:84:b3:0a:d0:e1:d3:0b:e0:ea:77:
08:cd:f0:fd:1a:90:aa:71:14:13:2f:cf:ba:ef:a2:33:50:d5:
31:46:6b:b9:c3:58:cc:a2:95:24:a2:48:8e:3f:aa:d6:87:91:
c8:f3:62:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEwx6BTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OThmZDQ1M2Y1ZTM1ZjljNzdkMWQ3MDZlNTY1MTM4YWRmODIyNTZhMB4XDTIyMDEw
MTA2NTMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRiZGFjZDE1ZDZl
NmQ3M2UzMzY5MTE5MDc1NTMzNjlkNGMwYTRjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpyBKwtueSvS3bJSR4Iw7ujgMcc+5DgK+6MkZzVKnHdWMdX
ZsDLPbM914VtBTMdK/LkHVo3wI6HQpDoD+WTptJRqpAITlHnCWX8uXNa7Rpvw85u
dzS4mGtXI3q9O7U9BRVn9E1O0atcSuvZVtZxNGAyHCI+f9V3SQklz/MBkhaIeN3Q
HhtuinY2aalUhbOaQnAkTxEVgzYT3WCvwf5d485+/IN0FHJ3xj49479neOvptRLJ
KaKtGRPc2qSvGnFjs5yOpGuwAyeL9Vr4M6r7lPTMfpRByUpEb7Sfrbj2ae2DyMgM
oxowKXVEWB3CUCzfQnSMKHDqjLu+LF8s28be6z8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSNvazRXW5tc+M2kRkHVTNp1MCkzjAfBgNVHSMEGDAWgBRJj9RT9eNfnHfR
1wblZROK34IlajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NZX1VVX1hqWDV4MzBkY0c1V1VUaXQtQ0pXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvNTQ1YjA2LTg1NzItNDEyZi1hODBmLTM5NzllZjBkMzJkYi8x
L2piMnMwVjF1YlhQak5wRVpCMVV6YWRUQXBNNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
NTQ1YjA2LTg1NzItNDEyZi1hODBmLTM5NzllZjBkMzJkYi8xL1NZX1VVX1hqWDV4
MzBkY0c1V1VUaXQtQ0pXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkd8jANBgkqhkiG9w0BAQsFAAOC
AQEAb1nkxfv6oyUEEtUdfjBnxflyJDW2rBubp//wih7qFxcnNGqIaBEO5N8Szkza
n8wnTBoO8ZQI3xxuM8b1UrqQNOgQvrBdesnNKxuldK7ZiSsWkVNRHKc67ySDIFom
rpRCCRrCwh8e9zPq1zPltYg5pPH5KT02ZO8UHaLMx0gDhOl+4E/iKkzZjAK37/Hy
T5gWZ/PQZkvT1lVS/tJzRtlvgINYi2wN+hrDnaQRmX3RNFQ8JVLdJYaHsv0NnYAC
xa4Q+7ZBD2D7Vxg4kNYcGdyEswrQ4dML4Op3CM3w/RqQqnEUEy/Puu+iM1DVMUZr
ucNYzKKVJKJIjj+q1oeRyPNiiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:46 2024 by rpki-client on console-ams.rpki-client.org