Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/8lnNT5V7bkQz8yCh87c5BOx9uhQ.roa
File: 8lnNT5V7bkQz8yCh87c5BOx9uhQ.roa (raw, json)
Hash identifier: e6JvuzyBcFOr4b8MP4qlLGJt917wjPHdMblY1kfq3rE=
Subject key identifier: F2:59:CD:4F:95:7B:6E:44:33:F3:20:A1:F3:B7:39:04:EC:7D:BA:14
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0F9A73EA
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/8lnNT5V7bkQz8yCh87c5BOx9uhQ.roa
Signing time: Sat 01 Jan 2022 00:51:04 +0000
ROA not before: Sat 01 Jan 2022 00:51:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15613
IP address blocks: 213.173.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261780458 (0xf9a73ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 1 00:51:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f259cd4f957b6e4433f320a1f3b73904ec7dba14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bf:df:06:fc:f9:e8:5b:22:77:92:5e:66:8a:
3f:ca:e1:11:b0:4b:7e:e8:ab:f9:8f:2f:9e:fc:bd:
1a:0d:eb:49:25:a8:29:f5:c9:f1:5f:27:27:2b:eb:
d5:e4:e7:1b:70:fb:c2:e0:bd:ca:94:ee:2f:81:1a:
00:76:1a:9e:31:cd:7c:79:78:1f:f5:a5:29:96:41:
09:de:c7:36:33:9a:7e:34:0d:25:d7:17:7f:ab:c9:
41:09:53:39:5c:66:21:c7:c6:be:7a:92:35:fa:9c:
d2:df:e9:d7:ca:45:c4:d5:d0:bc:8e:bb:de:b5:89:
84:48:f0:0b:aa:a7:db:94:85:4f:da:69:47:d5:56:
4d:a7:d5:b7:ec:da:3c:0e:db:9a:08:f7:c2:71:e0:
31:9f:5f:ca:5e:2f:75:48:ce:6f:51:18:1c:bf:d6:
f5:1f:a5:99:f9:ea:a6:38:d8:c9:72:eb:dd:b1:7b:
17:2f:30:ff:3f:05:72:ca:1b:b0:4a:0e:54:11:6a:
32:12:9e:7c:8a:73:3e:4c:62:c3:88:2f:96:ae:29:
05:df:53:03:e4:45:70:15:22:81:e6:00:e9:6e:6d:
90:8f:72:f1:f4:ba:ad:a4:7e:70:3a:4c:e8:0d:80:
a0:36:4c:70:79:7e:bf:29:e7:4d:d6:25:eb:6b:56:
a1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:59:CD:4F:95:7B:6E:44:33:F3:20:A1:F3:B7:39:04:EC:7D:BA:14
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/8lnNT5V7bkQz8yCh87c5BOx9uhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.173.171.0/24
Signature Algorithm: sha256WithRSAEncryption
98:30:4e:2b:09:f5:71:90:b5:ed:e5:82:d4:14:78:65:54:45:
89:44:ed:20:d9:dc:f5:40:3f:58:03:a4:67:70:41:de:d8:de:
1b:41:b9:d1:4f:13:1d:bc:30:52:d7:34:e5:5a:9a:c4:6e:ba:
0b:99:ae:9b:cd:2a:f5:84:ba:a7:82:be:3f:ef:96:76:1b:38:
67:e8:86:d0:44:f6:84:50:53:5b:e0:9e:c7:09:76:69:82:00:
81:6d:35:c8:e7:7a:87:c1:ea:55:80:b8:f4:03:39:0f:52:53:
e3:f4:4e:f2:52:5f:05:75:47:d4:93:4f:1d:e3:fb:c4:c9:a5:
3b:4b:27:16:62:18:95:4a:94:8b:ad:c5:fb:dd:de:19:6d:c4:
f7:37:7b:e9:44:1e:5f:62:c0:e6:32:18:be:07:a5:ac:29:66:
03:33:d6:73:46:25:3b:ec:b2:36:9b:ae:62:cf:77:fd:76:78:
ae:bb:38:9e:80:d1:b9:d5:df:c1:b1:8b:f8:d1:af:7a:50:a8:
c6:79:a6:a8:e8:8c:c9:2f:cb:4d:34:0d:1e:00:ca:03:b1:16:
ec:34:14:b6:52:2b:21:de:1f:82:df:9a:95:9f:3c:79:47:b0:
79:4a:4a:96:3e:2d:26:76:b5:72:b2:f1:13:af:78:e1:9c:6b:
0b:62:14:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED5pz6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDEw
MTAwNTEwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI1OWNkNGY5NTdi
NmU0NDMzZjMyMGExZjNiNzM5MDRlYzdkYmExNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALq/3wb8+ehbIneSXmaKP8rhEbBLfuir+Y8vnvy9Gg3rSSWo
KfXJ8V8nJyvr1eTnG3D7wuC9ypTuL4EaAHYanjHNfHl4H/WlKZZBCd7HNjOafjQN
JdcXf6vJQQlTOVxmIcfGvnqSNfqc0t/p18pFxNXQvI673rWJhEjwC6qn25SFT9pp
R9VWTafVt+zaPA7bmgj3wnHgMZ9fyl4vdUjOb1EYHL/W9R+lmfnqpjjYyXLr3bF7
Fy8w/z8FcsobsEoOVBFqMhKefIpzPkxiw4gvlq4pBd9TA+RFcBUigeYA6W5tkI9y
8fS6raR+cDpM6A2AoDZMcHl+vynnTdYl62tWoQ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTyWc1PlXtuRDPzIKHztzkE7H26FDAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
Lzhsbk5UNVY3YmtRejh5Q2g4N2M1Qk94OXVoUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWtqzANBgkqhkiG9w0BAQsFAAOC
AQEAmDBOKwn1cZC17eWC1BR4ZVRFiUTtINnc9UA/WAOkZ3BB3tjeG0G50U8THbww
Utc05VqaxG66C5mum80q9YS6p4K+P++Wdhs4Z+iG0ET2hFBTW+Cexwl2aYIAgW01
yOd6h8HqVYC49AM5D1JT4/RO8lJfBXVH1JNPHeP7xMmlO0snFmIYlUqUi63F+93e
GW3E9zd76UQeX2LA5jIYvgelrClmAzPWc0YlO+yyNpuuYs93/XZ4rrs4noDRudXf
wbGL+NGvelCoxnmmqOiMyS/LTTQNHgDKA7EW7DQUtlIrId4fgt+alZ88eUeweUpK
lj4tJna1crLxE6944ZxrC2IUew==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org