Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/yKhbhjtipZU0xd2QOwzP_qvsKM8.roa
File: yKhbhjtipZU0xd2QOwzP_qvsKM8.roa (raw, json)
Hash identifier: lUWcLmb+AFn370EyI0/SBwW5rVxqX+9L25GCokmKIac=
Subject key identifier: C8:A8:5B:86:3B:62:A5:95:34:C5:DD:90:3B:0C:CF:FE:AB:EC:28:CF
Certificate issuer: /CN=ada5d52b3ca87454575b65b720eef81a262a5f3a
Certificate serial: CC27F2
Authority key identifier: AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/yKhbhjtipZU0xd2QOwzP_qvsKM8.roa
Signing time: Sat 01 Jan 2022 12:58:40 +0000
ROA not before: Sat 01 Jan 2022 12:58:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201160
IP address blocks: 217.8.123.0/24 maxlen: 24
217.8.122.0/24 maxlen: 24
217.8.121.0/24 maxlen: 24
217.8.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13379570 (0xcc27f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada5d52b3ca87454575b65b720eef81a262a5f3a
Validity
Not Before: Jan 1 12:58:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8a85b863b62a59534c5dd903b0ccffeabec28cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:71:a1:d6:95:e9:98:1e:48:23:ac:8d:5e:08:
7d:5b:ae:8d:74:98:b9:cb:c2:b6:41:dc:da:c4:6a:
04:0d:f3:e4:06:0d:5b:68:87:1f:9b:3f:1c:82:43:
bd:63:9a:6d:c2:e6:cf:15:5e:ed:eb:7f:83:d9:51:
c3:07:e9:78:9a:09:1b:9d:d9:90:06:be:f5:61:27:
dd:df:bd:56:b1:ce:e8:42:f8:d6:81:0b:ed:5f:24:
cf:c0:78:94:b7:5f:bd:b8:ce:60:05:25:22:2a:0d:
71:fd:bd:9d:8a:34:5a:55:91:8d:4c:5f:98:74:56:
a7:09:cd:4c:36:93:a7:92:59:3a:02:73:b0:fe:70:
28:c7:28:16:a1:91:e6:6a:5d:bf:f8:43:7f:8d:2b:
71:38:de:63:4f:f1:f7:02:6c:91:f2:54:57:c5:c5:
15:02:cc:d9:04:16:c5:08:49:bf:35:45:c3:ee:45:
4c:da:3d:c5:7a:cf:33:1b:fc:4e:1f:f9:66:e8:7f:
3f:6d:01:a2:43:a1:1a:62:e0:3f:8a:01:58:95:42:
00:06:96:e7:0f:9f:12:e2:c0:a5:7a:de:1a:c2:90:
18:f0:90:2b:df:13:31:ad:98:f8:f8:39:4c:82:02:
e8:fc:e8:b0:8a:38:4e:26:92:6b:c1:65:c4:a2:71:
22:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A8:5B:86:3B:62:A5:95:34:C5:DD:90:3B:0C:CF:FE:AB:EC:28:CF
X509v3 Authority Key Identifier:
keyid:AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/yKhbhjtipZU0xd2QOwzP_qvsKM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.8.120.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:8a:6b:cf:d3:6f:06:46:aa:58:25:98:74:72:0d:48:cb:2b:
63:3e:1a:cc:14:9d:6f:5f:b2:7d:b9:90:00:ef:f3:d6:85:d2:
0b:20:65:b1:41:da:b3:50:02:29:34:0e:9b:57:a3:7c:c5:ed:
81:5b:5e:31:00:90:2b:ff:1e:3e:18:55:95:a3:97:4b:fb:37:
d2:4e:9d:32:08:d8:ae:f5:fb:ad:c9:74:5c:70:99:91:7f:3f:
78:8c:c6:88:46:a0:f6:5f:e3:e9:11:7e:3d:28:1d:25:a0:ea:
3c:e1:58:15:f3:ed:68:18:b1:03:95:89:84:58:f5:91:e0:e0:
57:2b:4c:b9:8e:3b:23:b0:11:82:d9:31:1d:d9:5a:ee:8e:dc:
35:14:98:cc:cb:1f:65:c8:da:16:88:d1:85:48:f1:d3:bc:0b:
60:a9:b2:04:07:7a:76:d5:ea:a4:42:ed:52:64:53:4e:29:68:
83:2f:d8:12:ad:b2:09:b4:e5:12:ae:37:3f:8a:45:a9:27:a1:
91:d6:4e:02:9a:41:e7:7e:4c:6f:c7:8b:b3:aa:52:b7:79:ca:
ac:f6:51:d7:9f:97:5d:5f:c9:04:1d:9f:fc:de:fe:12:cb:b4:
ad:a8:20:46:70:db:1f:db:ab:54:61:33:77:88:fe:d2:1f:26:
95:71:b3:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMwn8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGE1ZDUyYjNjYTg3NDU0NTc1YjY1YjcyMGVlZjgxYTI2MmE1ZjNhMB4XDTIyMDEw
MTEyNTg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhhODViODYzYjYy
YTU5NTM0YzVkZDkwM2IwY2NmZmVhYmVjMjhjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZxodaV6ZgeSCOsjV4IfVuujXSYucvCtkHc2sRqBA3z5AYN
W2iHH5s/HIJDvWOabcLmzxVe7et/g9lRwwfpeJoJG53ZkAa+9WEn3d+9VrHO6EL4
1oEL7V8kz8B4lLdfvbjOYAUlIioNcf29nYo0WlWRjUxfmHRWpwnNTDaTp5JZOgJz
sP5wKMcoFqGR5mpdv/hDf40rcTjeY0/x9wJskfJUV8XFFQLM2QQWxQhJvzVFw+5F
TNo9xXrPMxv8Th/5Zuh/P20BokOhGmLgP4oBWJVCAAaW5w+fEuLApXreGsKQGPCQ
K98TMa2Y+Pg5TIIC6PzosIo4TiaSa8FlxKJxIgkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTIqFuGO2KllTTF3ZA7DM/+q+wozzAfBgNVHSMEGDAWgBStpdUrPKh0VFdb
Zbcg7vgaJipfOjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JhWFZLenlvZEZSWFcyVzNJTzc0R2lZcVh6by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvNWQ4NDUzLTAzODAtNDc1ZS05ZWRjLWQxOGFiNGY3ZjVkZi8x
L3lLaGJoanRpcFpVMHhkMlFPd3pQX3F2c0tNOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
NWQ4NDUzLTAzODAtNDc1ZS05ZWRjLWQxOGFiNGY3ZjVkZi8xL3JhWFZLenlvZEZS
WFcyVzNJTzc0R2lZcVh6by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtkIeDANBgkqhkiG9w0BAQsFAAOC
AQEAX4prz9NvBkaqWCWYdHINSMsrYz4azBSdb1+yfbmQAO/z1oXSCyBlsUHas1AC
KTQOm1ejfMXtgVteMQCQK/8ePhhVlaOXS/s30k6dMgjYrvX7rcl0XHCZkX8/eIzG
iEag9l/j6RF+PSgdJaDqPOFYFfPtaBixA5WJhFj1keDgVytMuY47I7ARgtkxHdla
7o7cNRSYzMsfZcjaFojRhUjx07wLYKmyBAd6dtXqpELtUmRTTilogy/YEq2yCbTl
Eq43P4pFqSehkdZOAppB535Mb8eLs6pSt3nKrPZR15+XXV/JBB2f/N7+Esu0ragg
RnDbH9urVGEzd4j+0h8mlXGzeQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:20 2023 by rpki-client on console.sobornost.net