Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/8lQMynXt7KefC2j3ExW1JGO1qqg.roa
File: 8lQMynXt7KefC2j3ExW1JGO1qqg.roa (raw, json)
Hash identifier: yvLIxsvsVlT4UZg5mI907rbXksGWa7BVd6g0IHBZVdw=
Subject key identifier: F2:54:0C:CA:75:ED:EC:A7:9F:0B:68:F7:13:15:B5:24:63:B5:AA:A8
Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Certificate serial: 01836A2DC5D9FA3FD4A5854FCF6A6C5C8D68
Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/8lQMynXt7KefC2j3ExW1JGO1qqg.roa
Signing time: Fri 23 Sep 2022 11:48:48 +0000
ROA not before: Fri 23 Sep 2022 11:48:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196975
IP address blocks: 217.9.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:2d:c5:d9:fa:3f:d4:a5:85:4f:cf:6a:6c:5c:8d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Validity
Not Before: Sep 23 11:48:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2540cca75edeca79f0b68f71315b52463b5aaa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:09:c7:b2:07:ef:cc:83:00:9c:66:d1:81:c0:
fc:a0:33:49:53:ef:31:fd:c1:9f:f6:ac:5f:28:99:
b0:0c:3b:3e:77:e0:a4:fe:1c:39:19:ca:08:a3:d2:
ce:17:16:b7:44:73:45:7d:53:c7:c4:6c:d3:3a:1f:
96:ac:d8:19:46:67:8c:51:1f:f8:ee:72:42:d5:ce:
b4:30:ce:28:9e:ad:6f:f2:36:b9:0b:74:49:f0:32:
59:e7:ac:ee:9c:5b:32:bf:db:82:2b:18:87:19:b4:
b2:36:7a:9d:0a:c3:de:63:5e:6b:49:6b:82:f5:3d:
e4:82:45:b3:be:08:27:30:7b:54:ad:16:ec:5d:8f:
03:39:11:97:5d:5c:fb:14:8a:41:e1:df:58:b8:70:
60:e4:ba:e5:05:6b:10:44:d6:ae:87:de:94:22:17:
a1:39:8a:02:98:05:12:57:c3:ab:3c:58:bb:96:23:
70:1a:c9:b7:d8:cf:ff:06:a7:de:79:1d:b4:22:ce:
dc:b0:21:58:a1:7d:ab:51:2a:43:db:31:28:65:03:
5b:61:cd:cd:6d:28:fa:fc:34:67:6f:86:14:ac:60:
ee:dd:dd:d9:9d:eb:57:ae:48:95:c6:00:ee:91:6e:
00:b5:44:59:2a:61:3a:d4:e2:94:97:7e:59:32:a4:
9c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:54:0C:CA:75:ED:EC:A7:9F:0B:68:F7:13:15:B5:24:63:B5:AA:A8
X509v3 Authority Key Identifier:
keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/8lQMynXt7KefC2j3ExW1JGO1qqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:72:62:b0:d1:61:c0:c7:da:f0:28:e1:31:a2:1d:32:cb:70:
d6:92:95:16:93:a4:0c:24:82:00:7d:cb:f6:d7:98:f0:8d:a4:
43:96:3c:c7:7b:a3:60:df:d8:4c:7b:ea:3f:72:a9:85:36:4b:
ec:fc:06:3e:b8:74:8f:62:b8:83:dc:b8:fd:fd:7c:5e:f5:85:
d3:ca:38:bd:ee:6d:3c:bd:dd:99:db:7a:47:45:f1:b7:80:5a:
82:cd:3b:88:07:8f:c4:a5:9f:18:9b:9d:6a:dc:0e:37:52:4a:
87:15:8e:d5:38:6d:cc:a6:2b:d7:34:81:29:e9:40:fd:87:a2:
4c:81:07:05:6e:37:1a:d1:6b:27:54:4e:af:47:82:94:e9:48:
d2:98:03:f8:f5:bd:cf:b7:20:f4:ba:a3:36:8e:04:d0:71:6c:
30:49:4b:c7:d5:cb:0c:25:9c:b5:b1:9f:8a:61:e7:23:4b:9e:
a4:96:b0:f1:6f:f1:83:7e:c7:1e:b4:4d:74:28:c2:fb:51:e9:
d7:89:6d:3d:af:73:e3:16:51:0e:d1:b7:26:a7:4d:45:86:7d:
f4:b2:be:d2:68:4e:ec:94:8d:65:61:29:e6:0c:bb:78:3a:50:
01:b8:d5:dc:82:ec:7f:15:a0:6f:72:b5:18:7b:cc:86:78:88:
02:cb:74:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNqLcXZ+j/UpYVPz2psXI1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZWUxODJkOWM0M2E1Y2U3MDY4ZGZkOWJhN2FhOGVkOTBl
NWUwYmEwHhcNMjIwOTIzMTE0ODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjU0MGNjYTc1ZWRlY2E3OWYwYjY4ZjcxMzE1YjUyNDYzYjVhYWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwnHsgfvzIMAnGbRgcD8oDNJU+8x
/cGf9qxfKJmwDDs+d+Ck/hw5GcoIo9LOFxa3RHNFfVPHxGzTOh+WrNgZRmeMUR/4
7nJC1c60MM4onq1v8ja5C3RJ8DJZ56zunFsyv9uCKxiHGbSyNnqdCsPeY15rSWuC
9T3kgkWzvggnMHtUrRbsXY8DORGXXVz7FIpB4d9YuHBg5LrlBWsQRNauh96UIheh
OYoCmAUSV8OrPFi7liNwGsm32M//BqfeeR20Is7csCFYoX2rUSpD2zEoZQNbYc3N
bSj6/DRnb4YUrGDu3d3ZnetXrkiVxgDukW4AtURZKmE61OKUl35ZMqScqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJUDMp17eynnwto9xMVtSRjtaqoMB8GA1UdIwQY
MBaAFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDkt
NmI1ZjY4NTIyYTdkLzEvOGxRTXluWHQ3S2VmQzJqM0V4VzFKR08xcXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDktNmI1ZjY4NTIyYTdk
LzEvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2QkDMA0G
CSqGSIb3DQEBCwUAA4IBAQCpcmKw0WHAx9rwKOExoh0yy3DWkpUWk6QMJIIAfcv2
15jwjaRDljzHe6Ng39hMe+o/cqmFNkvs/AY+uHSPYriD3Lj9/Xxe9YXTyji97m08
vd2Z23pHRfG3gFqCzTuIB4/EpZ8Ym51q3A43UkqHFY7VOG3MpivXNIEp6UD9h6JM
gQcFbjca0WsnVE6vR4KU6UjSmAP49b3PtyD0uqM2jgTQcWwwSUvH1csMJZy1sZ+K
YecjS56klrDxb/GDfscetE10KML7UenXiW09r3PjFlEO0bcmp01Fhn30sr7SaE7s
lI1lYSnmDLt4OlABuNXcgux/FaBvcrUYe8yGeIgCy3Rg
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:15:20 2025 by rpki-client