Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/aBXr2g7Xu0KRASzQWxKtk3Aatoo.roa
File: aBXr2g7Xu0KRASzQWxKtk3Aatoo.roa (raw, json)
Hash identifier: Na8KViann0EDvi9cG3mMP2jdhaG+LNyoEg0A2ny317g=
Subject key identifier: 68:15:EB:DA:0E:D7:BB:42:91:01:2C:D0:5B:12:AD:93:70:1A:B6:8A
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 01847C6FFF7654E4008F32E7DC6121EDC13A
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/aBXr2g7Xu0KRASzQWxKtk3Aatoo.roa
Signing time: Tue 15 Nov 2022 17:57:05 +0000
ROA not before: Tue 15 Nov 2022 17:57:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201381
IP address blocks: 213.208.171.0/24 maxlen: 24
84.47.167.0/24 maxlen: 24
85.91.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7c:6f:ff:76:54:e4:00:8f:32:e7:dc:61:21:ed:c1:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Nov 15 17:57:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6815ebda0ed7bb4291012cd05b12ad93701ab68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c2:83:26:bb:83:8f:1d:a8:b8:1e:64:60:ab:
aa:de:97:35:61:85:62:ee:66:67:f3:23:cb:8b:b7:
74:b6:e0:e1:f1:d6:2a:ea:41:68:f7:62:ad:c9:fc:
ac:0a:7a:5d:cb:16:b9:2a:d3:17:36:ed:c8:0d:3a:
d8:53:b9:f2:7b:f5:61:6e:fa:c5:ad:36:bc:b5:d4:
b4:ba:a5:40:70:52:e0:d0:63:b7:c5:b9:2a:88:3b:
1b:c9:ac:55:fb:d4:0f:b0:cb:1e:5c:1f:52:ff:fa:
51:ef:61:36:11:1b:21:65:34:98:1f:53:bd:fd:2f:
7f:fc:60:58:24:d0:2c:de:01:79:57:8a:5b:8c:85:
b0:87:ff:2e:7f:03:40:0b:a8:0c:3a:0a:77:c8:5c:
2c:e8:2c:4b:6d:b4:01:48:b6:2a:79:e7:83:b4:e7:
04:f0:28:84:7c:8b:6a:4c:9a:6b:d6:0a:f3:4e:15:
79:88:a5:47:ce:8c:c7:9d:bd:14:da:da:60:01:c1:
2c:a6:dc:e2:f1:25:81:8c:a3:3a:94:d2:c4:7b:b5:
bc:db:b3:82:66:9d:fa:d9:85:2a:2f:37:da:8b:b6:
d0:d3:58:dc:98:1f:89:48:10:9b:f0:04:69:44:5a:
e0:f9:d5:9b:91:89:3c:2f:1b:03:2e:0c:fe:58:12:
b7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:15:EB:DA:0E:D7:BB:42:91:01:2C:D0:5B:12:AD:93:70:1A:B6:8A
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/aBXr2g7Xu0KRASzQWxKtk3Aatoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.167.0/24
85.91.123.0/24
213.208.171.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:d6:17:83:d6:46:d8:41:da:07:80:77:25:d9:4a:f2:7c:5b:
5d:0e:71:71:73:9d:1b:05:30:cd:ca:51:e3:cc:5a:db:d3:b0:
c0:79:f0:d8:32:f4:fa:2e:cd:6d:13:7d:b5:2d:6e:f2:dc:4a:
23:c4:5e:4e:f2:a9:73:52:bb:91:4a:89:9b:64:65:b7:fc:9b:
76:9e:81:11:70:f9:cc:5c:2e:6e:12:c0:54:9c:46:c5:98:85:
44:96:41:69:f1:c2:ef:36:7f:b8:35:57:cf:6e:73:1e:fc:52:
00:fb:b2:de:5b:6b:20:d6:e2:4a:e3:0b:6c:52:85:60:ff:41:
67:86:65:ec:a8:c2:bb:3b:22:88:85:98:7f:33:9f:65:2b:66:
0b:ba:df:8c:14:db:9b:b5:40:a8:e5:1e:bf:aa:02:19:a4:5c:
e2:d8:2e:78:11:69:a3:95:c2:c7:04:4a:3e:68:06:19:de:01:
b8:1e:5e:3f:dd:0f:d1:39:86:0b:f5:ce:6c:c8:26:9a:c1:d3:
0b:1d:12:35:8f:87:6a:ba:79:f6:8a:9e:a5:d8:4f:5c:e8:e9:
aa:38:e4:ae:0e:e0:19:11:28:64:93:b3:88:6b:52:5f:ef:45:
8b:13:08:54:f3:e7:2f:a0:f1:74:90:db:1c:86:d8:f1:34:46:
6c:af:c2:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYR8b/92VOQAjzLn3GEh7cE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjIxMTE1MTc1NzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODE1ZWJkYTBlZDdiYjQyOTEwMTJjZDA1YjEyYWQ5MzcwMWFiNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcKDJruDjx2ouB5kYKuq3pc1YYVi
7mZn8yPLi7d0tuDh8dYq6kFo92KtyfysCnpdyxa5KtMXNu3IDTrYU7nye/VhbvrF
rTa8tdS0uqVAcFLg0GO3xbkqiDsbyaxV+9QPsMseXB9S//pR72E2ERshZTSYH1O9
/S9//GBYJNAs3gF5V4pbjIWwh/8ufwNAC6gMOgp3yFws6CxLbbQBSLYqeeeDtOcE
8CiEfItqTJpr1grzThV5iKVHzozHnb0U2tpgAcEsptzi8SWBjKM6lNLEe7W827OC
Zp362YUqLzfai7bQ01jcmB+JSBCb8ARpRFrg+dWbkYk8LxsDLgz+WBK3dwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGgV69oO17tCkQEs0FsSrZNwGraKMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvYUJYcjJnN1h1MEtSQVN6UVd4S3RrM0FhdG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVC+nAwQA
VVt7AwQA1dCrMA0GCSqGSIb3DQEBCwUAA4IBAQCu1heD1kbYQdoHgHcl2UryfFtd
DnFxc50bBTDNylHjzFrb07DAefDYMvT6Ls1tE321LW7y3EojxF5O8qlzUruRSomb
ZGW3/Jt2noERcPnMXC5uEsBUnEbFmIVElkFp8cLvNn+4NVfPbnMe/FIA+7LeW2sg
1uJK4wtsUoVg/0FnhmXsqMK7OyKIhZh/M59lK2YLut+MFNubtUCo5R6/qgIZpFzi
2C54EWmjlcLHBEo+aAYZ3gG4Hl4/3Q/ROYYL9c5syCaawdMLHRI1j4dqunn2ip6l
2E9c6OmqOOSuDuAZEShkk7OIa1Jf70WLEwhU8+cvoPF0kNschtjxNEZsr8Jn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:33 2023 by rpki-client on console-fra.rpki-client.org