Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/_nyg8RuKmRsqUcnxptjD4S_6QBk.roa
File: _nyg8RuKmRsqUcnxptjD4S_6QBk.roa (raw, json)
Hash identifier: 8297XXbpRhEUaeROZu4ur/e+njEUo/NzKCj4l2JE+I0=
Subject key identifier: FE:7C:A0:F1:1B:8A:99:1B:2A:51:C9:F1:A6:D8:C3:E1:2F:FA:40:19
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 0183BD1F31FC7B5C70589064E44185224210
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/_nyg8RuKmRsqUcnxptjD4S_6QBk.roa
Signing time: Sun 09 Oct 2022 14:21:21 +0000
ROA not before: Sun 09 Oct 2022 14:21:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15815
IP address blocks: 217.14.96.0/20 maxlen: 22
2a00:7da0::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:bd:1f:31:fc:7b:5c:70:58:90:64:e4:41:85:22:42:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Oct 9 14:21:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe7ca0f11b8a991b2a51c9f1a6d8c3e12ffa4019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:52:58:d7:0a:54:84:3a:6b:eb:4f:5e:06:ee:
90:f1:15:7a:93:91:c1:a6:51:d0:e6:91:a3:d6:0e:
f4:94:47:8d:d4:c4:a1:b9:c2:9a:5e:d5:d0:55:8d:
d9:b3:a7:43:6f:d6:41:f6:33:43:cb:ec:13:13:e8:
fe:5f:d3:f6:55:c3:3a:b9:34:e7:7b:5b:5c:fe:0d:
af:86:7f:25:11:a2:82:e8:82:24:7f:44:fb:29:fa:
a9:9c:83:e8:60:2d:f9:73:de:cb:6a:98:9c:9e:b0:
71:4f:07:59:59:aa:b9:88:c9:ec:5b:2f:52:6a:fe:
44:fa:2f:9a:07:c4:1a:a3:d3:59:ba:52:28:99:d4:
5c:58:7d:e7:e7:5e:e8:ba:ce:1e:fa:c0:86:8e:d5:
29:ee:60:b9:e5:a8:60:9c:02:3e:82:a9:23:43:d4:
b6:2d:e0:c5:d6:8a:23:7d:40:03:c9:9b:c0:80:81:
9e:54:00:33:14:fe:90:18:8e:91:d5:80:cd:7d:fd:
b0:cd:d8:0a:4d:4e:08:1f:15:0f:9b:18:29:96:e0:
2a:53:28:bd:8a:ae:67:e0:e5:6d:47:70:77:b6:d6:
17:31:3a:1e:e4:9b:b1:15:2c:1d:3a:97:80:32:82:
ab:a7:51:17:b2:7a:10:ff:27:09:32:9f:4e:6e:df:
d1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7C:A0:F1:1B:8A:99:1B:2A:51:C9:F1:A6:D8:C3:E1:2F:FA:40:19
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/_nyg8RuKmRsqUcnxptjD4S_6QBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.14.96.0/20
IPv6:
2a00:7da0::/32
Signature Algorithm: sha256WithRSAEncryption
34:a4:a3:d9:fa:44:f8:d8:88:d4:a0:e7:ff:57:9b:21:9b:23:
a7:4b:97:21:da:4b:cf:be:e6:d0:c4:14:a9:37:56:cd:22:cd:
5e:c7:37:ca:ad:94:c8:12:34:ac:1a:ab:05:57:f5:b0:f5:a1:
de:76:c4:42:f3:02:1f:e4:1a:71:56:66:f5:71:53:26:9f:6a:
92:58:7c:7b:7c:e8:26:e6:8f:97:1c:b1:5f:5f:cf:aa:6c:a6:
32:ed:5e:7f:72:e8:3f:a5:05:85:76:ae:b7:a0:c5:a3:e8:c5:
8d:a4:4f:d3:dd:69:7e:fd:9e:42:9d:63:66:3f:bb:c3:7f:57:
66:eb:58:2a:d9:aa:04:85:4f:6e:c0:11:70:71:a4:3c:b5:c9:
16:cd:bf:7c:cd:b4:46:5f:1b:64:a6:a0:d3:23:e3:02:04:4a:
0e:67:7c:e8:72:c9:bc:5e:26:14:94:42:1d:cb:52:b3:4f:d3:
67:1a:07:cc:a6:a0:8e:5a:0c:7d:16:a0:4d:6e:44:1f:1f:e0:
70:04:03:e3:ab:4c:03:6d:77:98:7d:cb:f5:a0:13:71:bb:0d:
3f:54:d7:8c:38:1d:39:72:e2:70:68:07:a1:87:3b:02:b3:14:
87:7a:96:2b:f7:7e:ad:43:01:cb:8e:c4:c4:2a:73:2a:73:c8:
13:c3:6f:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYO9HzH8e1xwWJBk5EGFIkIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjIxMDA5MTQyMTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTdjYTBmMTFiOGE5OTFiMmE1MWM5ZjFhNmQ4YzNlMTJmZmE0MDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVJY1wpUhDpr609eBu6Q8RV6k5HB
plHQ5pGj1g70lEeN1MShucKaXtXQVY3Zs6dDb9ZB9jNDy+wTE+j+X9P2VcM6uTTn
e1tc/g2vhn8lEaKC6IIkf0T7KfqpnIPoYC35c97LapicnrBxTwdZWaq5iMnsWy9S
av5E+i+aB8Qao9NZulIomdRcWH3n517ous4e+sCGjtUp7mC55ahgnAI+gqkjQ9S2
LeDF1oojfUADyZvAgIGeVAAzFP6QGI6R1YDNff2wzdgKTU4IHxUPmxgpluAqUyi9
iq5n4OVtR3B3ttYXMToe5JuxFSwdOpeAMoKrp1EXsnoQ/ycJMp9Obt/RzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP58oPEbipkbKlHJ8abYw+Ev+kAZMB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvX255ZzhSdUttUnNxVWNueHB0akQ0U182UUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2Q5gMA0E
AgACMAcDBQAqAH2gMA0GCSqGSIb3DQEBCwUAA4IBAQA0pKPZ+kT42IjUoOf/V5sh
myOnS5ch2kvPvubQxBSpN1bNIs1exzfKrZTIEjSsGqsFV/Ww9aHedsRC8wIf5Bpx
Vmb1cVMmn2qSWHx7fOgm5o+XHLFfX8+qbKYy7V5/cug/pQWFdq63oMWj6MWNpE/T
3Wl+/Z5CnWNmP7vDf1dm61gq2aoEhU9uwBFwcaQ8tckWzb98zbRGXxtkpqDTI+MC
BEoOZ3zocsm8XiYUlEIdy1KzT9NnGgfMpqCOWgx9FqBNbkQfH+BwBAPjq0wDbXeY
fcv1oBNxuw0/VNeMOB05cuJwaAehhzsCsxSHepYr936tQwHLjsTEKnMqc8gTw295
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:34 2023 by rpki-client on console.sobornost.net