Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/djPZ2Xa_P_gykszHwDPCDmM0jKY.roa
File: djPZ2Xa_P_gykszHwDPCDmM0jKY.roa (raw, json)
Hash identifier: SX8iWVQQ8ZNxqRMPpmxIYn/UJmQKzJww7GDPpDTpUY4=
Subject key identifier: 76:33:D9:D9:76:BF:3F:F8:32:92:CC:C7:C0:33:C2:0E:63:34:8C:A6
Certificate issuer: /CN=dc899c28664ee8194a64048e46c60c6e5f190c53
Certificate serial: 0AAFEAF7
Authority key identifier: DC:89:9C:28:66:4E:E8:19:4A:64:04:8E:46:C6:0C:6E:5F:19:0C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ImcKGZO6BlKZASORsYMbl8ZDFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/djPZ2Xa_P_gykszHwDPCDmM0jKY.roa
Signing time: Fri 25 Mar 2022 12:07:12 +0000
ROA not before: Fri 25 Mar 2022 12:07:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13173
IP address blocks: 213.167.93.0/24 maxlen: 24
213.167.94.0/23 maxlen: 23
185.70.156.0/22 maxlen: 24
213.167.64.0/19 maxlen: 24
213.167.64.0/24 maxlen: 24
213.167.69.0/24 maxlen: 24
213.167.67.0/24 maxlen: 24
213.167.77.0/24 maxlen: 24
213.167.72.0/24 maxlen: 24
213.167.78.0/24 maxlen: 24
213.167.74.0/23 maxlen: 23
213.167.80.0/23 maxlen: 23
213.167.82.0/24 maxlen: 24
213.167.82.0/23 maxlen: 23
213.167.91.0/24 maxlen: 24
2a00:f180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179301111 (0xaafeaf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc899c28664ee8194a64048e46c60c6e5f190c53
Validity
Not Before: Mar 25 12:07:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7633d9d976bf3ff83292ccc7c033c20e63348ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5a:11:df:6f:2d:c6:a7:f2:cb:5f:0c:de:a1:
18:28:cb:18:2b:7c:8c:c5:40:61:20:02:df:8f:17:
0f:16:7b:00:f5:3c:f5:06:63:79:dd:c2:22:b7:8c:
21:05:c2:99:48:03:2e:fb:5e:ac:93:4a:0c:45:d2:
59:74:ac:85:f3:c4:41:0f:45:7b:28:c9:07:71:49:
c4:77:6b:f6:95:29:30:72:7e:c8:ed:14:54:73:ba:
fc:1f:16:e7:6d:30:2c:12:85:d7:83:1b:4b:48:45:
cd:61:0d:2e:13:f0:50:d2:30:d2:67:13:fa:35:00:
32:73:a7:8e:d8:b2:2e:91:91:20:2d:26:97:b6:2c:
b9:31:7b:f8:6b:a1:e2:26:9a:1e:cd:9c:a1:e7:25:
04:4b:6b:bd:ec:5f:d2:64:c0:16:41:f4:be:e9:c6:
d4:55:6e:49:6b:ba:34:e1:dd:a7:ac:f8:05:0b:dc:
7c:c1:03:88:c8:c6:d8:36:87:48:33:6c:8a:7a:f6:
7b:00:2c:31:a7:bd:04:b3:07:5f:72:cf:64:1d:f9:
2e:83:42:40:de:45:f4:aa:ad:80:2e:ae:e6:b9:d5:
7e:aa:e6:13:f6:12:c9:03:4a:59:3a:e5:40:09:e4:
dd:b6:05:1a:b6:01:fb:f7:76:03:a9:73:89:f5:e0:
23:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:33:D9:D9:76:BF:3F:F8:32:92:CC:C7:C0:33:C2:0E:63:34:8C:A6
X509v3 Authority Key Identifier:
keyid:DC:89:9C:28:66:4E:E8:19:4A:64:04:8E:46:C6:0C:6E:5F:19:0C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ImcKGZO6BlKZASORsYMbl8ZDFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/djPZ2Xa_P_gykszHwDPCDmM0jKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/3ImcKGZO6BlKZASORsYMbl8ZDFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.156.0/22
213.167.64.0/19
IPv6:
2a00:f180::/32
Signature Algorithm: sha256WithRSAEncryption
04:6c:62:29:d9:9c:bd:15:b7:20:8f:fc:21:6c:f9:2f:91:f1:
e7:12:89:45:b5:4b:74:8e:7a:a3:1b:37:45:b2:71:04:62:0e:
b5:b2:8c:61:9f:d2:62:1f:50:8e:24:20:e3:99:40:48:81:fc:
5f:48:a1:63:92:b2:e5:a5:2e:3c:f4:98:fa:d8:32:04:9f:3a:
f2:2e:aa:cf:64:d6:5b:b5:6a:f7:c8:40:2d:ed:17:27:9a:c9:
e4:93:5a:e0:04:30:63:c3:30:a6:f9:0c:9b:7d:af:08:43:99:
46:95:d9:af:7c:81:a6:d3:62:4b:ba:50:73:d4:50:b7:7d:7d:
6c:21:2c:89:f2:39:7e:24:46:ce:d7:8b:18:2d:7c:78:6f:04:
00:29:a9:a6:f9:dd:7e:79:07:4f:bd:0b:78:08:d5:a8:e1:d7:
48:2c:49:9f:e8:f7:f7:ca:75:cd:e4:19:8d:7a:11:83:2c:08:
fe:71:e2:41:03:c3:a1:42:f3:3d:77:d7:b4:79:db:d5:68:51:
ce:ab:0a:47:e2:da:4d:f0:e5:0a:90:9b:d9:94:b7:83:c2:c1:
cd:ae:2b:b0:0c:4a:8b:89:dc:bd:11:c3:90:6b:d5:07:a8:6e:
af:3f:32:17:17:14:22:42:35:00:5a:86:c0:53:76:fc:f0:33:
60:52:cd:3b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECq/q9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Yzg5OWMyODY2NGVlODE5NGE2NDA0OGU0NmM2MGM2ZTVmMTkwYzUzMB4XDTIyMDMy
NTEyMDcxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzYzM2Q5ZDk3NmJm
M2ZmODMyOTJjY2M3YzAzM2MyMGU2MzM0OGNhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJlaEd9vLcan8stfDN6hGCjLGCt8jMVAYSAC348XDxZ7APU8
9QZjed3CIreMIQXCmUgDLvterJNKDEXSWXSshfPEQQ9FeyjJB3FJxHdr9pUpMHJ+
yO0UVHO6/B8W520wLBKF14MbS0hFzWENLhPwUNIw0mcT+jUAMnOnjtiyLpGRIC0m
l7YsuTF7+Guh4iaaHs2coeclBEtrvexf0mTAFkH0vunG1FVuSWu6NOHdp6z4BQvc
fMEDiMjG2DaHSDNsinr2ewAsMae9BLMHX3LPZB35LoNCQN5F9KqtgC6u5rnVfqrm
E/YSyQNKWTrlQAnk3bYFGrYB+/d2A6lzifXgI7UCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR2M9nZdr8/+DKSzMfAM8IOYzSMpjAfBgNVHSMEGDAWgBTciZwoZk7oGUpk
BI5GxgxuXxkMUzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNJbWNLR1pPNkJsS1pBU09Sc1lNYmw4WkRGTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvNTZkNmE4LTA3NTItNGNiZC04ODQ1LTUyZmUxMDUxMzEyOS8x
L2RqUFoyWGFfUF9neWtzekh3RFBDRG1NMGpLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
NTZkNmE4LTA3NTItNGNiZC04ODQ1LTUyZmUxMDUxMzEyOS8xLzNJbWNLR1pPNkJs
S1pBU09Sc1lNYmw4WkRGTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlGnAMEBdWnQDANBAIAAjAHAwUA
KgDxgDANBgkqhkiG9w0BAQsFAAOCAQEABGxiKdmcvRW3II/8IWz5L5Hx5xKJRbVL
dI56oxs3RbJxBGIOtbKMYZ/SYh9QjiQg45lASIH8X0ihY5Ky5aUuPPSY+tgyBJ86
8i6qz2TWW7Vq98hALe0XJ5rJ5JNa4AQwY8MwpvkMm32vCEOZRpXZr3yBptNiS7pQ
c9RQt319bCEsifI5fiRGzteLGC18eG8EACmppvndfnkHT70LeAjVqOHXSCxJn+j3
98p1zeQZjXoRgywI/nHiQQPDoULzPXfXtHnb1WhRzqsKR+LaTfDlCpCb2ZS3g8LB
za4rsAxKi4ncvRHDkGvVB6hurz8yFxcUIkI1AFqGwFN2/PAzYFLNOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:30 2024 by rpki-client on console-fra.rpki-client.org