Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/frI_fE5NWRgIG6mGFJhcVyrhWRw.roa
File: frI_fE5NWRgIG6mGFJhcVyrhWRw.roa (raw, json)
Hash identifier: pWa90QNsdnTzju7kpu9R/sAWw4OzzB+8yTupqQ3EP1o=
Subject key identifier: 7E:B2:3F:7C:4E:4D:59:18:08:1B:A9:86:14:98:5C:57:2A:E1:59:1C
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 0182E06F0A5268B4F8960DE0035FBCEAFDE9
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/frI_fE5NWRgIG6mGFJhcVyrhWRw.roa
Signing time: Sat 27 Aug 2022 17:52:29 +0000
ROA not before: Sat 27 Aug 2022 17:52:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39159
IP address blocks: 213.8.65.0/24 maxlen: 24
81.5.20.0/24 maxlen: 24
212.199.62.0/24 maxlen: 24
213.8.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e0:6f:0a:52:68:b4:f8:96:0d:e0:03:5f:bc:ea:fd:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Aug 27 17:52:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7eb23f7c4e4d5918081ba98614985c572ae1591c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e6:40:e1:ce:3b:34:50:3d:01:9c:c3:a6:88:
8d:93:52:17:d6:f0:22:62:26:12:6a:0a:79:3d:8a:
60:17:de:6c:5e:bf:54:15:c7:50:44:71:33:9e:e4:
f5:3f:cd:43:02:d2:36:da:84:2b:2e:ea:ce:f8:9f:
e9:79:05:f6:ce:5d:21:c7:0f:ad:af:54:4c:06:b3:
c4:8d:95:01:6e:ae:3e:7a:8e:7a:e1:9c:db:6e:94:
ee:d3:67:c4:00:9e:cd:2a:6b:fa:78:96:52:ec:96:
79:ca:8b:a1:a0:30:7b:0b:94:9d:8b:b0:38:a3:92:
e7:bf:4d:26:8b:a2:b9:e0:57:ee:4b:2f:16:06:65:
6c:cf:2a:e3:2a:fd:99:ae:1f:48:77:ab:5c:87:0b:
34:e9:56:4f:6f:95:32:b4:6c:ec:60:3a:e2:c6:46:
04:99:2d:11:3d:31:04:0b:e9:dd:c6:60:4b:af:33:
7b:7d:53:04:00:ab:a8:ab:61:e1:31:03:3b:7e:35:
f6:1f:17:5b:28:40:3b:07:4f:00:18:98:1c:2e:e2:
36:66:f6:66:f2:9b:31:7e:bd:af:15:f1:a2:5a:b6:
7e:d2:6b:49:a5:3c:57:e5:41:40:01:54:b0:91:cc:
38:9d:a4:2c:b5:98:64:15:97:54:8c:79:17:4b:bc:
2e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B2:3F:7C:4E:4D:59:18:08:1B:A9:86:14:98:5C:57:2A:E1:59:1C
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/frI_fE5NWRgIG6mGFJhcVyrhWRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.20.0/24
212.199.62.0/24
213.8.65.0/24
213.8.151.0/24
Signature Algorithm: sha256WithRSAEncryption
22:44:e0:f0:44:8b:97:73:3b:6f:17:fc:87:04:18:0e:0e:48:
8a:bd:f7:68:da:23:f3:2c:bf:01:b8:25:31:fa:1a:09:97:c3:
11:c9:eb:75:9a:3b:f4:98:07:61:65:fc:30:1d:4f:33:77:70:
b6:0d:c0:7a:a6:d4:65:9f:a6:a2:5e:d6:72:8b:d6:b3:a7:45:
a9:f0:ae:1d:61:8c:e3:a7:3b:67:3b:c6:2f:21:6b:1a:ca:22:
67:bf:e7:ad:e3:46:46:d6:e0:d7:50:9c:16:48:53:b9:03:a0:
91:22:ca:79:f7:6f:d4:e9:11:1e:6b:6c:a6:e6:a3:55:47:45:
d7:ca:ca:40:9d:d1:b4:33:82:61:8f:66:50:f8:68:cc:47:ee:
ba:b1:07:b4:7b:0d:b7:ea:95:a7:c5:f4:08:20:24:d6:ad:03:
23:98:ac:33:a5:b5:90:bf:88:31:8e:62:6a:2a:3d:a7:34:ea:
9b:74:be:03:2b:03:ec:fb:24:f9:27:5f:a7:50:15:fb:c0:06:
74:f9:c8:dc:c2:f9:2a:7b:c1:03:4d:f5:fc:25:05:ca:a7:be:
8d:b1:48:43:54:58:26:7a:ed:ca:f2:ea:4e:de:c2:ce:7b:a9:
c3:f3:2e:05:5c:f9:f2:09:28:86:b2:c5:54:e1:68:87:76:d5:
d9:6b:44:75
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYLgbwpSaLT4lg3gA1+86v3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjIwODI3MTc1MjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWIyM2Y3YzRlNGQ1OTE4MDgxYmE5ODYxNDk4NWM1NzJhZTE1OTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneZA4c47NFA9AZzDpoiNk1IX1vAi
YiYSagp5PYpgF95sXr9UFcdQRHEznuT1P81DAtI22oQrLurO+J/peQX2zl0hxw+t
r1RMBrPEjZUBbq4+eo564ZzbbpTu02fEAJ7NKmv6eJZS7JZ5youhoDB7C5Sdi7A4
o5Lnv00mi6K54FfuSy8WBmVszyrjKv2Zrh9Id6tchws06VZPb5UytGzsYDrixkYE
mS0RPTEEC+ndxmBLrzN7fVMEAKuoq2HhMQM7fjX2HxdbKEA7B08AGJgcLuI2ZvZm
8psxfr2vFfGiWrZ+0mtJpTxX5UFAAVSwkcw4naQstZhkFZdUjHkXS7wu8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH6yP3xOTVkYCBuphhSYXFcq4VkcMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xL2ZySV9mRTVOV1JnSUc2bUdGSmhjVnlyaFdSdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABRBRQD
BADUxz4DBADVCEEDBADVCJcwDQYJKoZIhvcNAQELBQADggEBACJE4PBEi5dzO28X
/IcEGA4OSIq992jaI/MsvwG4JTH6GgmXwxHJ63WaO/SYB2Fl/DAdTzN3cLYNwHqm
1GWfpqJe1nKL1rOnRanwrh1hjOOnO2c7xi8haxrKIme/563jRkbW4NdQnBZIU7kD
oJEiynn3b9TpER5rbKbmo1VHRdfKykCd0bQzgmGPZlD4aMxH7rqxB7R7DbfqlafF
9AggJNatAyOYrDOltZC/iDGOYmoqPac06pt0vgMrA+z7JPknX6dQFfvABnT5yNzC
+Sp7wQNN9fwlBcqnvo2xSENUWCZ67cry6k7ews57qcPzLgVc+fIJKIayxVThaId2
1dlrRHU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:12 2024 by rpki-client on console-ams.rpki-client.org