Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/S1PXI_gkkM_99C1z98UGNmfeUNs.roa
File: S1PXI_gkkM_99C1z98UGNmfeUNs.roa (raw, json)
Hash identifier: 6D32XFC5Pdh1NDBAxsaIxnKBEDYyWzA4NiKKshVtj74=
Subject key identifier: 4B:53:D7:23:F8:24:90:CF:FD:F4:2D:73:F7:C5:06:36:67:DE:50:DB
Certificate issuer: /CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Certificate serial: 035D3869
Authority key identifier: FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/S1PXI_gkkM_99C1z98UGNmfeUNs.roa
Signing time: Sat 01 Jan 2022 00:53:14 +0000
ROA not before: Sat 01 Jan 2022 00:53:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 213.109.179.0/24 maxlen: 24
213.109.178.0/24 maxlen: 24
213.109.177.0/24 maxlen: 24
213.109.176.0/24 maxlen: 24
2a00:de61:300::/40 maxlen: 48
2a00:de61:200::/40 maxlen: 48
2a00:de61:100::/40 maxlen: 48
2a00:de61::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56440937 (0x35d3869)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Validity
Not Before: Jan 1 00:53:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b53d723f82490cffdf42d73f7c5063667de50db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ec:88:b4:3a:14:52:72:3f:3f:0a:c6:c4:8e:
39:d4:ad:7b:38:b3:b6:16:30:08:ae:53:ce:f6:29:
81:d7:b5:65:55:9d:d7:c2:0e:c0:54:13:a9:b1:cf:
b2:cc:96:3c:e4:08:40:3f:ea:e1:99:23:83:ce:5e:
69:a6:cc:b9:e8:25:ce:97:fd:be:da:54:9c:63:71:
d0:1a:15:a3:f2:bd:0c:61:d8:28:87:45:8c:41:eb:
30:95:a1:24:9d:1f:2a:18:68:33:cb:05:92:24:5f:
26:4c:7d:3e:8c:5f:37:df:2d:4f:0f:3c:6a:b6:0a:
24:69:33:57:8a:11:99:60:e6:74:b2:80:c3:97:54:
a0:d0:96:56:f0:b0:e0:59:d8:02:a8:6c:74:a4:8b:
c7:7e:c3:86:4a:9e:45:c2:e6:61:c6:32:6f:f4:4d:
01:39:81:f8:71:89:49:3c:86:5a:6b:7a:b8:e3:a9:
22:01:fc:cc:e6:7a:83:aa:d3:ad:06:33:de:2f:cd:
a2:2c:2d:02:55:b1:73:63:5f:09:01:a7:72:1e:d5:
78:77:f8:44:dc:fc:d5:e3:1f:7d:4d:f6:c7:d9:ae:
40:19:d1:c7:02:2e:27:c0:b0:cc:8b:7b:7a:48:87:
c1:1e:f0:56:cf:66:91:1e:56:2c:11:c3:36:77:db:
aa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:53:D7:23:F8:24:90:CF:FD:F4:2D:73:F7:C5:06:36:67:DE:50:DB
X509v3 Authority Key Identifier:
keyid:FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/S1PXI_gkkM_99C1z98UGNmfeUNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.176.0/22
IPv6:
2a00:de61::/38
Signature Algorithm: sha256WithRSAEncryption
31:48:2e:da:cc:3b:6f:0e:be:d0:ca:e1:63:d6:1e:fd:ec:15:
49:56:7d:c7:e9:e7:0d:67:9a:ab:73:33:3d:50:27:12:68:f9:
eb:3f:aa:80:d1:2f:05:f3:0f:bb:39:cc:58:80:6f:e8:4c:41:
c0:a5:9c:57:a3:20:c1:19:b8:65:1c:07:60:45:44:43:87:24:
a8:6d:22:c7:5b:48:0e:52:2e:19:3b:9d:d2:f7:46:b0:e9:6e:
b4:50:5b:95:ef:ea:36:28:d6:3a:ac:70:15:09:45:c8:f6:47:
82:5b:9f:f0:60:6a:56:ac:c0:e0:ff:fa:26:13:e4:76:49:87:
9b:41:b8:98:52:1c:00:05:c5:2a:5a:38:b5:b1:fb:12:48:4d:
9f:22:3f:5f:6a:03:e2:70:67:33:28:8b:41:d6:50:9c:27:53:
3d:a9:de:2e:cd:cc:05:9c:0b:a9:4c:02:0d:22:6c:a8:6e:6f:
65:87:b6:c9:3d:b4:92:cd:d4:92:0a:4b:ae:14:46:23:04:67:
66:1b:23:0a:78:3c:a6:be:fd:19:c1:98:a5:22:e8:89:74:a9:
c2:2e:ee:65:ee:87:5f:e5:df:b9:0a:86:1b:a0:f6:16:9d:fd:
71:a9:88:ce:a1:1e:d2:83:e3:07:9f:4b:70:4e:be:a7:11:14:
aa:5a:94:dd
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEA104aTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTY0YTFmN2NhNDBiNTgxMTZlNmJjODM4ZTA2MmY5YzcxMjIyOGE0MB4XDTIyMDEw
MTAwNTMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI1M2Q3MjNmODI0
OTBjZmZkZjQyZDczZjdjNTA2MzY2N2RlNTBkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbsiLQ6FFJyPz8KxsSOOdStezizthYwCK5TzvYpgde1ZVWd
18IOwFQTqbHPssyWPOQIQD/q4Zkjg85eaabMueglzpf9vtpUnGNx0BoVo/K9DGHY
KIdFjEHrMJWhJJ0fKhhoM8sFkiRfJkx9PoxfN98tTw88arYKJGkzV4oRmWDmdLKA
w5dUoNCWVvCw4FnYAqhsdKSLx37DhkqeRcLmYcYyb/RNATmB+HGJSTyGWmt6uOOp
IgH8zOZ6g6rTrQYz3i/NoiwtAlWxc2NfCQGnch7VeHf4RNz81eMffU32x9muQBnR
xwIuJ8CwzIt7ekiHwR7wVs9mkR5WLBHDNnfbqokCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRLU9cj+CSQz/30LXP3xQY2Z95Q2zAfBgNVHSMEGDAWgBT6ZKH3ykC1gRbm
vIOOBi+ccSIopDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtbVNoOThwQXRZRVc1cnlEamdZdm5IRWlLS1EuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzNmL2JhMjdmYi0yNTUwLTQ5YWQtYjBlZi01YjgzZDBlOTYwMTIv
MS9TMVBYSV9na2tNXzk5QzF6OThVR05tZmVVTnMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNm
L2JhMjdmYi0yNTUwLTQ5YWQtYjBlZi01YjgzZDBlOTYwMTIvMS8xLW1TaDk4cEF0
WUVXNXJ5RGpnWXZuSEVpS0tRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQC1W2wMA4EAgACMAgDBgIqAN5h
ADANBgkqhkiG9w0BAQsFAAOCAQEAMUgu2sw7bw6+0MrhY9Ye/ewVSVZ9x+nnDWea
q3MzPVAnEmj56z+qgNEvBfMPuznMWIBv6ExBwKWcV6MgwRm4ZRwHYEVEQ4ckqG0i
x1tIDlIuGTud0vdGsOlutFBble/qNijWOqxwFQlFyPZHgluf8GBqVqzA4P/6JhPk
dkmHm0G4mFIcAAXFKlo4tbH7EkhNnyI/X2oD4nBnMyiLQdZQnCdTPaneLs3MBZwL
qUwCDSJsqG5vZYe2yT20ks3UkgpLrhRGIwRnZhsjCng8pr79GcGYpSLoiXSpwi7u
Ze6HX+XfuQqGG6D2Fp39camIzqEe0oPjB59LcE6+pxEUqlqU3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:39 2024 by rpki-client on console-fra.rpki-client.org