Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/P-d5gGf_9zqPx9AD5WXQzX5sR5I.roa
File: P-d5gGf_9zqPx9AD5WXQzX5sR5I.roa (raw, json)
Hash identifier: pls1WZ3MY2VmUM61KmnP5a0zfihsdcmK4Vvbi9T2dkA=
Subject key identifier: 3F:E7:79:80:67:FF:F7:3A:8F:C7:D0:03:E5:65:D0:CD:7E:6C:47:92
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018AB841E5A317F1371A5EA069397B7D8937
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/P-d5gGf_9zqPx9AD5WXQzX5sR5I.roa
Signing time: Thu 21 Sep 2023 15:00:40 +0000
ROA not before: Thu 21 Sep 2023 15:00:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43519
IP address blocks: 213.248.254.0/24 maxlen: 24
2a01:618:402::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b8:41:e5:a3:17:f1:37:1a:5e:a0:69:39:7b:7d:89:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 21 15:00:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fe7798067fff73a8fc7d003e565d0cd7e6c4792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d1:65:ef:02:f5:a9:74:6c:d2:52:d3:1d:db:
06:da:d4:50:ca:eb:1b:03:fe:53:92:4e:fd:61:1d:
c0:d6:f6:e5:67:73:83:4b:63:22:31:26:39:3a:36:
aa:5a:14:f9:b7:ff:a5:92:0d:66:8d:dd:77:91:bc:
71:1c:47:63:eb:68:a5:53:22:c2:52:14:d6:ae:47:
52:b3:95:00:a3:41:96:54:22:6e:fc:df:1f:4e:80:
4d:65:6f:f6:e6:9d:cf:92:5f:3c:c4:27:52:e4:83:
f7:0f:c2:b0:0a:eb:a0:00:a4:88:aa:5c:1b:6d:90:
13:c0:63:ff:03:52:fa:ec:f1:a7:e1:02:b0:11:ab:
d9:64:7b:07:f3:46:06:d6:e1:68:1c:7b:9f:81:5e:
c0:69:85:71:a5:14:fa:ef:09:2d:0c:05:a8:a3:a2:
eb:33:e3:d8:12:2d:76:69:13:e8:4b:4e:36:6a:d4:
9c:5e:b0:a3:c3:b0:01:af:e0:97:b3:01:5f:0d:d3:
12:da:43:2b:5b:46:c7:fb:ef:b4:54:7c:a1:2d:66:
b9:c2:72:2d:ab:03:8e:e8:75:65:dc:8b:10:49:9e:
a0:fc:0d:22:29:1b:13:c5:3c:44:8a:55:a3:51:9b:
65:42:90:38:b5:7a:d6:d2:1f:a3:91:72:7a:09:cf:
20:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E7:79:80:67:FF:F7:3A:8F:C7:D0:03:E5:65:D0:CD:7E:6C:47:92
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/P-d5gGf_9zqPx9AD5WXQzX5sR5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.254.0/24
IPv6:
2a01:618:400::-2a01:618:405:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
15:59:09:a9:47:48:2b:7a:de:2d:76:3e:79:75:2c:76:18:74:
67:ce:24:0d:b8:d6:26:1a:8a:8b:9b:e7:da:9c:14:7e:2a:e9:
d4:67:f5:16:64:d1:94:ac:66:a3:82:ab:df:a0:34:ce:19:9c:
d5:84:44:06:3b:80:de:72:48:1b:14:e9:02:0b:c3:45:c8:18:
5c:98:a8:db:50:dd:15:9a:73:63:27:94:a0:ca:00:ea:4f:3f:
20:3b:01:d8:e1:ee:34:91:fc:e8:dd:d5:9a:46:e4:c5:3c:98:
3e:77:c4:ec:e3:74:b4:8c:95:39:fd:c1:45:c9:73:11:3e:8f:
76:14:ae:bf:74:bb:d9:37:14:77:a8:45:8a:b1:d0:08:39:93:
88:bb:9c:89:5d:a4:7e:8b:26:77:14:f8:a8:c1:01:c6:d6:8b:
86:b8:ad:64:52:a1:54:ea:4a:b9:12:8b:75:1a:15:38:b4:66:
5e:37:a4:76:dc:98:70:c5:05:04:e0:58:45:0c:11:72:c6:a1:
ca:d9:5c:59:24:08:8f:9f:64:61:12:d8:f4:09:e8:42:12:53:
5c:ff:2f:84:31:d2:b0:f7:36:07:d7:86:c2:2a:ee:73:cb:d4:
44:10:93:a9:0e:93:59:67:48:e7:b3:ae:ed:01:31:ee:a4:8e:
c4:9e:87:d5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYq4QeWjF/E3Gl6gaTl7fYk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTIxMTUwMDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmU3Nzk4MDY3ZmZmNzNhOGZjN2QwMDNlNTY1ZDBjZDdlNmM0NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNFl7wL1qXRs0lLTHdsG2tRQyusb
A/5Tkk79YR3A1vblZ3ODS2MiMSY5OjaqWhT5t/+lkg1mjd13kbxxHEdj62ilUyLC
UhTWrkdSs5UAo0GWVCJu/N8fToBNZW/25p3Pkl88xCdS5IP3D8KwCuugAKSIqlwb
bZATwGP/A1L67PGn4QKwEavZZHsH80YG1uFoHHufgV7AaYVxpRT67wktDAWoo6Lr
M+PYEi12aRPoS042atScXrCjw7ABr+CXswFfDdMS2kMrW0bH+++0VHyhLWa5wnIt
qwOO6HVl3IsQSZ6g/A0iKRsTxTxEilWjUZtlQpA4tXrW0h+jkXJ6Cc8gLQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD/neYBn//c6j8fQA+Vl0M1+bEeSMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvUC1kNWdHZl85enFQeDlBRDVXWFF6WDVzUjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQA1fj+MBkE
AgACMBMwEQMGAioBBhgEAwcBKgEGGAQEMA0GCSqGSIb3DQEBCwUAA4IBAQAVWQmp
R0gret4tdj55dSx2GHRnziQNuNYmGoqLm+fanBR+KunUZ/UWZNGUrGajgqvfoDTO
GZzVhEQGO4DeckgbFOkCC8NFyBhcmKjbUN0VmnNjJ5SgygDqTz8gOwHY4e40kfzo
3dWaRuTFPJg+d8Ts43S0jJU5/cFFyXMRPo92FK6/dLvZNxR3qEWKsdAIOZOIu5yJ
XaR+iyZ3FPiowQHG1ouGuK1kUqFU6kq5Eot1GhU4tGZeN6R23JhwxQUE4FhFDBFy
xqHK2VxZJAiPn2RhEtj0CehCElNc/y+EMdKw9zYH14bCKu5zy9REEJOpDpNZZ0jn
s67tATHupI7EnofV
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:58 2025 by rpki-client