Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/_h_6e3HczSjX6MdeMwCwOXQqCQ0.roa
File: _h_6e3HczSjX6MdeMwCwOXQqCQ0.roa (raw, json)
Hash identifier: estcWVbFPsLNDR5MNHKGpN5MTtIaTrYFUuAB4qnXrac=
Subject key identifier: FE:1F:FA:7B:71:DC:CD:28:D7:E8:C7:5E:33:00:B0:39:74:2A:09:0D
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 01847C70005246624844D40DE251D16EC4E6
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/_h_6e3HczSjX6MdeMwCwOXQqCQ0.roa
Signing time: Tue 15 Nov 2022 17:57:05 +0000
ROA not before: Tue 15 Nov 2022 17:57:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201382
IP address blocks: 213.208.171.0/24 maxlen: 24
84.47.166.0/24 maxlen: 24
85.91.107.0/24 maxlen: 24
85.91.108.0/22 maxlen: 22
85.91.108.0/24 maxlen: 24
84.47.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7c:70:00:52:46:62:48:44:d4:0d:e2:51:d1:6e:c4:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Nov 15 17:57:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe1ffa7b71dccd28d7e8c75e3300b039742a090d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9e:57:20:f9:51:bf:f2:4c:9f:00:51:86:56:
24:9c:ed:5c:bd:6f:fc:c5:8b:e8:d9:15:ad:99:58:
07:8c:b4:63:76:6b:fb:f6:ed:f0:3c:0e:fa:a2:70:
82:1d:d8:f4:cd:5e:93:22:cd:3e:e6:bf:cd:2c:2c:
f7:db:84:0c:f9:be:51:db:eb:47:3e:4f:8c:98:4f:
b1:c1:14:5c:8c:1f:61:87:83:6e:d7:b4:35:37:3d:
23:28:69:48:74:11:ac:1e:29:d4:50:b7:e4:cf:3f:
d2:88:44:c4:39:b8:2e:be:3d:70:04:db:33:c7:3f:
0e:af:be:31:de:71:c8:74:4b:91:0c:5e:a7:81:97:
00:bb:cd:55:da:7c:2b:4b:c8:f8:0f:90:41:f1:32:
bd:d7:b5:6b:35:8a:b7:de:cc:79:17:21:08:4c:d6:
98:57:5f:4e:25:7e:c8:85:85:b2:54:91:2e:ff:59:
03:fc:cc:dd:7b:8b:8c:42:30:ef:19:5e:a9:ef:54:
f2:da:b7:89:b3:98:97:20:ff:fa:50:97:73:bb:1d:
ee:8d:3a:e2:1d:32:76:ce:34:2a:fd:7d:89:55:7c:
23:aa:3c:1c:83:db:eb:f2:3b:bb:89:5a:ef:58:85:
50:d5:de:3f:bd:e5:dd:97:10:5e:97:9f:59:96:0a:
ff:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:1F:FA:7B:71:DC:CD:28:D7:E8:C7:5E:33:00:B0:39:74:2A:09:0D
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/_h_6e3HczSjX6MdeMwCwOXQqCQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.166.0/24
84.47.189.0/24
85.91.107.0-85.91.111.255
213.208.171.0/24
Signature Algorithm: sha256WithRSAEncryption
23:fa:1b:98:18:90:94:c2:56:73:04:6d:52:6d:e4:40:5b:11:
3d:7b:cd:a9:33:5a:3a:00:29:01:d1:99:87:8e:e9:2d:4d:a4:
89:c2:7f:ed:07:7d:03:03:ca:a4:6d:c4:07:33:76:7f:07:8e:
91:75:71:49:32:e4:ef:34:65:ba:fa:14:af:3d:9a:89:2a:66:
8b:b2:84:3f:15:52:3e:83:95:4f:7a:38:3c:9c:de:10:00:cd:
d7:0f:fc:d5:4a:0f:5c:69:f3:b5:c6:ef:ee:13:14:5f:20:3e:
1d:d6:99:f8:49:38:a1:93:41:db:a9:b6:18:16:fd:3e:92:cb:
ee:dc:bb:28:fd:e1:3a:ee:93:22:5f:60:be:7c:6f:bd:94:57:
f7:76:0f:ed:69:6f:e4:48:e4:d6:00:31:3a:c9:6e:92:ad:4c:
05:a1:40:83:20:0a:e5:05:d6:fd:83:a0:54:4f:40:d3:8a:e8:
9f:6f:bd:a2:29:18:4e:40:f4:81:27:19:38:55:85:f6:75:d8:
e8:dc:59:53:ea:33:d1:28:6f:4e:e5:31:d0:6f:43:a0:bf:01:
3e:cc:81:a9:10:0d:c0:e9:7f:04:87:94:10:11:0e:54:29:26:
8d:9a:45:80:f5:33:ff:db:9d:bd:19:13:17:37:79:21:56:f1:
a6:16:cd:c8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYR8cABSRmJIRNQN4lHRbsTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjIxMTE1MTc1NzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTFmZmE3YjcxZGNjZDI4ZDdlOGM3NWUzMzAwYjAzOTc0MmEwOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm55XIPlRv/JMnwBRhlYknO1cvW/8
xYvo2RWtmVgHjLRjdmv79u3wPA76onCCHdj0zV6TIs0+5r/NLCz324QM+b5R2+tH
Pk+MmE+xwRRcjB9hh4Nu17Q1Nz0jKGlIdBGsHinUULfkzz/SiETEObguvj1wBNsz
xz8Or74x3nHIdEuRDF6ngZcAu81V2nwrS8j4D5BB8TK917VrNYq33sx5FyEITNaY
V19OJX7IhYWyVJEu/1kD/Mzde4uMQjDvGV6p71Ty2reJs5iXIP/6UJdzux3ujTri
HTJ2zjQq/X2JVXwjqjwcg9vr8ju7iVrvWIVQ1d4/veXdlxBel59Zlgr/3wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFP4f+ntx3M0o1+jHXjMAsDl0KgkNMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvX2hfNmUzSGN6U2pYNk1kZU13Q3dPWFFxQ1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVC+mAwQA
VC+9MAwDBABVW2sDBARVW2ADBADV0KswDQYJKoZIhvcNAQELBQADggEBACP6G5gY
kJTCVnMEbVJt5EBbET17zakzWjoAKQHRmYeO6S1NpInCf+0HfQMDyqRtxAczdn8H
jpF1cUky5O80Zbr6FK89mokqZouyhD8VUj6DlU96ODyc3hAAzdcP/NVKD1xp87XG
7+4TFF8gPh3WmfhJOKGTQdupthgW/T6Sy+7cuyj94TrukyJfYL58b72UV/d2D+1p
b+RI5NYAMTrJbpKtTAWhQIMgCuUF1v2DoFRPQNOK6J9vvaIpGE5A9IEnGThVhfZ1
2OjcWVPqM9Eob07lMdBvQ6C/AT7MgakQDcDpfwSHlBARDlQpJo2aRYD1M//bnb0Z
Exc3eSFW8aYWzcg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:33 2024 by rpki-client on console-fra.rpki-client.org