Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/IeKwj6-HlXMR6WAfcQ7HEBuJovg.roa
File: IeKwj6-HlXMR6WAfcQ7HEBuJovg.roa (raw, json)
Hash identifier: wS1YVuE/O0f4kZ75hhFadw7FuEFe0mqeSac0MyxtcXU=
Subject key identifier: 21:E2:B0:8F:AF:87:95:73:11:E9:60:1F:71:0E:C7:10:1B:89:A2:F8
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 022A5F39
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/IeKwj6-HlXMR6WAfcQ7HEBuJovg.roa
Signing time: Mon 10 Jan 2022 11:12:02 +0000
ROA not before: Mon 10 Jan 2022 11:12:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50130
IP address blocks: 31.129.228.0/24 maxlen: 24
31.129.234.0/24 maxlen: 24
213.5.192.0/24 maxlen: 24
213.5.193.0/24 maxlen: 24
213.5.194.0/24 maxlen: 24
213.5.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36331321 (0x22a5f39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Jan 10 11:12:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21e2b08faf87957311e9601f710ec7101b89a2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:82:de:87:6a:2f:cf:18:a6:e8:43:51:59:4c:
d6:bc:89:98:8e:b2:64:10:7e:ce:90:17:4c:e6:a9:
52:30:c6:44:a7:e5:4e:eb:33:06:b2:43:74:48:1c:
ee:05:aa:90:55:cf:a6:d7:f4:83:c5:9a:2d:3c:11:
3e:1a:da:5a:c0:c7:5d:1f:f8:20:6a:bb:59:08:3c:
a6:1e:f8:6c:b8:ff:16:41:31:50:8f:47:e2:63:98:
10:5c:43:bf:30:6b:da:13:d3:8f:ad:1a:21:fd:30:
3e:88:d2:9e:23:c3:6f:1c:4c:f9:f7:0c:05:14:cc:
60:a4:b5:20:03:e8:b8:1b:96:9d:fa:61:fd:cf:90:
a2:75:bb:29:02:3d:22:80:8d:85:27:ff:fd:41:5d:
5d:2a:90:3b:9b:47:5e:41:01:8e:66:ef:6b:44:2b:
d1:50:3c:b3:b7:dc:73:45:15:6b:6b:ff:4a:94:df:
8f:df:6f:49:2f:5e:98:e6:33:c2:27:17:49:e4:7d:
50:1d:fe:9d:0c:e6:5b:92:60:fe:08:2c:c1:51:e0:
d4:51:db:53:7c:56:ff:cf:b1:07:b0:11:f8:ee:65:
01:1b:8f:ab:42:c7:1c:bb:e4:64:32:f5:e9:0a:39:
c7:cf:dc:2b:08:9a:54:07:2f:56:3a:d6:af:42:b7:
c9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E2:B0:8F:AF:87:95:73:11:E9:60:1F:71:0E:C7:10:1B:89:A2:F8
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/IeKwj6-HlXMR6WAfcQ7HEBuJovg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.228.0/24
31.129.234.0/24
213.5.192.0/22
Signature Algorithm: sha256WithRSAEncryption
54:02:28:74:34:f4:38:d0:f7:45:b5:46:d2:77:6c:bc:1f:ff:
a2:c7:0b:f0:1b:35:51:84:a6:a2:9a:52:d6:cd:0f:d3:a5:83:
9a:4c:9c:b1:9c:f7:a4:cb:b3:e2:be:27:00:3a:4d:c3:43:6b:
e2:a8:fb:ab:dc:47:a8:69:6c:2a:c5:16:d5:e0:6f:42:06:df:
2c:80:30:03:05:c9:b1:ba:e2:dc:e9:d7:32:3c:1f:09:3b:67:
34:c6:c1:9f:26:e3:f2:92:47:d8:f9:a4:70:e7:3f:80:53:4e:
b8:9f:60:26:a7:b4:18:fd:de:e9:0b:8d:0c:ac:88:fa:2d:f2:
b5:e1:d9:b3:ac:1f:10:52:8a:2e:a6:97:30:af:f7:0d:c8:88:
e4:df:7c:65:74:50:bf:c3:69:0b:41:5b:20:bd:60:06:9d:1c:
d4:95:7e:3c:b5:e4:a2:5a:1c:fa:6a:35:5b:c3:c4:d8:54:6c:
48:1e:1e:af:f9:67:0d:9f:2f:b3:b6:4d:09:5b:dd:a8:71:2a:
eb:3a:e6:b2:90:03:0b:ae:12:9b:ff:54:7d:77:03:6c:d0:d5:
d7:96:86:7a:a5:19:f0:48:02:9e:ae:7c:58:ab:b6:49:b1:a6:
a3:87:44:41:fe:a5:03:5f:0c:bb:0a:41:a5:c9:60:16:05:78:
f2:fc:bf:5d
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAipfOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDQ0YzdjM2FkMzRiNjk3N2ZhMThhMjIzN2NhMzA2YjliZWUwOGUwMB4XDTIyMDEx
MDExMTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFlMmIwOGZhZjg3
OTU3MzExZTk2MDFmNzEwZWM3MTAxYjg5YTJmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGC3odqL88YpuhDUVlM1ryJmI6yZBB+zpAXTOapUjDGRKfl
TuszBrJDdEgc7gWqkFXPptf0g8WaLTwRPhraWsDHXR/4IGq7WQg8ph74bLj/FkEx
UI9H4mOYEFxDvzBr2hPTj60aIf0wPojSniPDbxxM+fcMBRTMYKS1IAPouBuWnfph
/c+QonW7KQI9IoCNhSf//UFdXSqQO5tHXkEBjmbva0Qr0VA8s7fcc0UVa2v/SpTf
j99vSS9emOYzwicXSeR9UB3+nQzmW5Jg/ggswVHg1FHbU3xW/8+xB7AR+O5lARuP
q0LHHLvkZDL16Qo5x8/cKwiaVAcvVjrWr0K3yS0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQh4rCPr4eVcxHpYB9xDscQG4mi+DAfBgNVHSMEGDAWgBRERMfDrTS2l3+h
iiI3yjBrm+4I4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JFVEh3NjAwdHBkX29Zb2lOOG93YTV2dUNPQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYzljOWZjLTU4NjQtNDE0ZS1hZTJhLTg2M2M5YjNkMzJiMC8x
L0llS3dqNi1IbFhNUjZXQWZjUTdIRUJ1Sm92Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
YzljOWZjLTU4NjQtNDE0ZS1hZTJhLTg2M2M5YjNkMzJiMC8xL1JFVEh3NjAwdHBk
X29Zb2lOOG93YTV2dUNPQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAB+B5AMEAB+B6gMEAtUFwDANBgkq
hkiG9w0BAQsFAAOCAQEAVAIodDT0OND3RbVG0ndsvB//oscL8Bs1UYSmoppS1s0P
06WDmkycsZz3pMuz4r4nADpNw0Nr4qj7q9xHqGlsKsUW1eBvQgbfLIAwAwXJsbri
3OnXMjwfCTtnNMbBnybj8pJH2PmkcOc/gFNOuJ9gJqe0GP3e6QuNDKyI+i3yteHZ
s6wfEFKKLqaXMK/3DciI5N98ZXRQv8NpC0FbIL1gBp0c1JV+PLXkoloc+mo1W8PE
2FRsSB4er/lnDZ8vs7ZNCVvdqHEq6zrmspADC64Sm/9UfXcDbNDV15aGeqUZ8EgC
nq58WKu2SbGmo4dEQf6lA18MuwpBpclgFgV48vy/XQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:23 2023 by rpki-client on console-fra.rpki-client.org