Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/AMRLs7mhv2I2Tvv6kglLvbTfX8Y.roa
File: AMRLs7mhv2I2Tvv6kglLvbTfX8Y.roa (raw, json)
Hash identifier: AOX/cJCimFoP2eigsXnIIJGkqY776+lQ6KGuZfsp9Fc=
Subject key identifier: 00:C4:4B:B3:B9:A1:BF:62:36:4E:FB:FA:92:09:4B:BD:B4:DF:5F:C6
Certificate issuer: /CN=b9b5aa9feeb00a5127487f34384077ae7970f81a
Certificate serial: 02483CF3
Authority key identifier: B9:B5:AA:9F:EE:B0:0A:51:27:48:7F:34:38:40:77:AE:79:70:F8:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubWqn-6wClEnSH80OEB3rnlw-Bo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/AMRLs7mhv2I2Tvv6kglLvbTfX8Y.roa
Signing time: Sat 01 Jan 2022 11:00:16 +0000
ROA not before: Sat 01 Jan 2022 11:00:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29079
IP address blocks: 217.25.50.0/24 maxlen: 24
217.25.49.0/24 maxlen: 24
217.25.51.0/24 maxlen: 24
217.25.48.0/24 maxlen: 24
217.25.48.0/20 maxlen: 20
217.25.57.0/24 maxlen: 24
217.25.56.0/24 maxlen: 24
217.25.52.0/24 maxlen: 24
217.25.58.0/24 maxlen: 24
217.25.53.0/24 maxlen: 24
217.25.55.0/24 maxlen: 24
217.25.54.0/24 maxlen: 24
217.25.63.0/24 maxlen: 24
217.25.59.0/24 maxlen: 24
217.25.60.0/24 maxlen: 24
217.25.62.0/24 maxlen: 24
217.25.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38288627 (0x2483cf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b5aa9feeb00a5127487f34384077ae7970f81a
Validity
Not Before: Jan 1 11:00:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00c44bb3b9a1bf62364efbfa92094bbdb4df5fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a7:c4:60:09:95:fc:b4:e8:b8:e3:69:08:8f:
98:b7:7d:e9:48:6b:f7:fd:7a:f6:f2:e4:01:ba:8e:
5b:92:f5:da:97:c6:fa:a6:39:bb:2b:38:02:91:0c:
00:0b:35:dd:42:25:6f:56:62:54:b6:8d:bd:be:3a:
d8:3a:17:54:a1:10:93:8b:ac:20:4f:65:0b:eb:a5:
87:9b:82:17:fd:ab:89:62:24:23:9a:1a:92:09:aa:
ca:ce:be:c0:18:2b:8b:b1:59:63:e1:95:c1:99:4b:
7a:8b:01:ea:07:d4:43:b9:80:15:bc:39:47:83:e4:
37:a2:e5:72:60:c2:9f:f0:d5:89:f1:ea:cc:0a:44:
46:91:e7:49:e5:f0:db:f6:ee:e9:f1:4b:64:7c:ab:
69:10:ba:68:e5:57:e0:0c:e0:3f:7e:dc:e2:c5:b1:
14:96:f4:03:6d:2b:87:8a:8e:35:3b:50:88:14:c3:
69:fc:58:a9:f6:fc:a8:0a:0a:24:61:c0:a4:42:62:
76:c7:14:e4:f5:21:cc:ae:f2:6a:5d:c1:6c:6d:d9:
1e:66:b0:cc:ca:bf:36:b6:4f:d2:53:0e:51:8b:e8:
06:15:e3:b3:ee:6d:ff:a1:fc:de:72:2a:7f:c9:db:
7b:56:7b:15:c3:0f:5b:9f:dc:37:9b:c0:00:b7:4d:
d3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C4:4B:B3:B9:A1:BF:62:36:4E:FB:FA:92:09:4B:BD:B4:DF:5F:C6
X509v3 Authority Key Identifier:
keyid:B9:B5:AA:9F:EE:B0:0A:51:27:48:7F:34:38:40:77:AE:79:70:F8:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubWqn-6wClEnSH80OEB3rnlw-Bo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/AMRLs7mhv2I2Tvv6kglLvbTfX8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/1432ce-f5d2-4393-ab23-88a0d5fdcf9b/1/ubWqn-6wClEnSH80OEB3rnlw-Bo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.48.0/20
Signature Algorithm: sha256WithRSAEncryption
6b:23:70:70:eb:ae:52:09:51:a5:b6:50:d4:28:4d:2b:11:92:
aa:d9:df:83:84:d5:7c:ab:40:02:20:78:82:04:12:ee:e1:64:
d3:88:70:ed:e1:28:07:00:71:45:c8:17:c3:03:88:47:4c:2e:
f6:97:49:81:fe:73:e5:b8:e0:a9:d4:67:c9:40:2d:a8:4f:25:
15:5d:e3:75:a6:b1:dc:c0:da:4f:c6:7c:a9:17:ee:cc:8f:b3:
55:ab:e3:3f:d6:dd:dc:c4:a4:08:e5:0b:c3:85:0e:69:98:ba:
16:f7:fc:b0:a4:2b:0b:57:8a:a8:88:f4:33:44:d4:54:2e:22:
8d:d2:31:c2:71:99:04:1a:53:27:af:da:2d:f5:80:98:da:c2:
f8:45:7d:74:14:dc:51:c9:3d:bb:99:0c:76:c0:1c:e7:4c:94:
7c:6b:90:bf:5b:bc:87:b9:21:77:38:1f:16:7c:5c:58:e6:9f:
b4:8f:b8:4c:e3:db:91:45:a0:89:dc:fa:73:ac:25:a6:c8:76:
aa:c8:dc:22:ef:f0:68:5a:ec:b2:1f:62:c2:83:c7:b5:b0:54:
8f:62:e1:92:5c:9e:d5:03:c3:b8:67:b5:26:17:64:15:f9:fa:
16:19:1c:3b:67:83:40:c8:d1:b9:8b:1e:ff:8a:34:a8:f5:58:
26:35:44:ca
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkg88zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWI1YWE5ZmVlYjAwYTUxMjc0ODdmMzQzODQwNzdhZTc5NzBmODFhMB4XDTIyMDEw
MTExMDAxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBjNDRiYjNiOWEx
YmY2MjM2NGVmYmZhOTIwOTRiYmRiNGRmNWZjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMenxGAJlfy06LjjaQiPmLd96Uhr9/169vLkAbqOW5L12pfG
+qY5uys4ApEMAAs13UIlb1ZiVLaNvb462DoXVKEQk4usIE9lC+ulh5uCF/2riWIk
I5oakgmqys6+wBgri7FZY+GVwZlLeosB6gfUQ7mAFbw5R4PkN6LlcmDCn/DVifHq
zApERpHnSeXw2/bu6fFLZHyraRC6aOVX4AzgP37c4sWxFJb0A20rh4qONTtQiBTD
afxYqfb8qAoKJGHApEJidscU5PUhzK7yal3BbG3ZHmawzMq/NrZP0lMOUYvoBhXj
s+5t/6H83nIqf8nbe1Z7FcMPW5/cN5vAALdN00cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQAxEuzuaG/YjZO+/qSCUu9tN9fxjAfBgNVHSMEGDAWgBS5taqf7rAKUSdI
fzQ4QHeueXD4GjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ViV3FuLTZ3Q2xFblNIODBPRUIzcm5sdy1Cby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvMTQzMmNlLWY1ZDItNDM5My1hYjIzLTg4YTBkNWZkY2Y5Yi8x
L0FNUkxzN21odjJJMlR2djZrZ2xMdmJUZlg4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
MTQzMmNlLWY1ZDItNDM5My1hYjIzLTg4YTBkNWZkY2Y5Yi8xL3ViV3FuLTZ3Q2xF
blNIODBPRUIzcm5sdy1Cby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNkZMDANBgkqhkiG9w0BAQsFAAOC
AQEAayNwcOuuUglRpbZQ1ChNKxGSqtnfg4TVfKtAAiB4ggQS7uFk04hw7eEoBwBx
RcgXwwOIR0wu9pdJgf5z5bjgqdRnyUAtqE8lFV3jdaax3MDaT8Z8qRfuzI+zVavj
P9bd3MSkCOULw4UOaZi6Fvf8sKQrC1eKqIj0M0TUVC4ijdIxwnGZBBpTJ6/aLfWA
mNrC+EV9dBTcUck9u5kMdsAc50yUfGuQv1u8h7khdzgfFnxcWOaftI+4TOPbkUWg
idz6c6wlpsh2qsjcIu/waFrssh9iwoPHtbBUj2Lhklye1QPDuGe1JhdkFfn6Fhkc
O2eDQMjRuYse/4o0qPVYJjVEyg==
-----END CERTIFICATE-----
Generated at Sun May 4 02:23:34 2025 by rpki-client