Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/0NSRPAfrADUQepjGaF_d5tAOcpI.roa
File: 0NSRPAfrADUQepjGaF_d5tAOcpI.roa (raw, json)
Hash identifier: gnQ2g22PLfFG9AzrzEDgg/m02SKGnOxucc+IotWVacI=
Subject key identifier: D0:D4:91:3C:07:EB:00:35:10:7A:98:C6:68:5F:DD:E6:D0:0E:72:92
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 1754B0A7
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/0NSRPAfrADUQepjGaF_d5tAOcpI.roa
Signing time: Sat 01 Jan 2022 12:56:09 +0000
ROA not before: Sat 01 Jan 2022 12:56:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15703
IP address blocks: 213.193.232.0/24 maxlen: 24
213.193.232.0/21 maxlen: 21
213.193.240.0/21 maxlen: 21
213.193.250.0/23 maxlen: 23
213.193.252.0/23 maxlen: 23
213.193.254.0/23 maxlen: 23
213.239.128.0/18 maxlen: 24
213.193.192.0/21 maxlen: 21
213.193.208.0/21 maxlen: 21
213.193.209.0/24 maxlen: 24
213.193.212.0/24 maxlen: 24
213.193.216.0/22 maxlen: 22
80.247.192.0/19 maxlen: 19
213.193.220.0/22 maxlen: 22
193.28.152.0/24 maxlen: 24
87.233.0.0/16 maxlen: 24
2001:990::/32 maxlen: 32
2001:9a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 391426215 (0x1754b0a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: Jan 1 12:56:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0d4913c07eb0035107a98c6685fdde6d00e7292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3d:b8:43:c5:3f:8e:db:87:b5:b1:ea:af:4b:
53:72:b6:40:c9:ca:43:b1:7e:e2:5a:0f:7b:a8:af:
e3:15:fa:29:2f:cc:f9:4f:09:72:ca:41:df:2d:8d:
03:55:1a:1c:a8:b2:41:45:26:8a:56:64:c6:6a:14:
b5:7b:ba:47:79:c8:7e:1e:2e:f1:04:2f:be:ba:28:
f4:5e:c2:a8:6c:27:df:99:63:4f:aa:49:f5:dd:0a:
b0:d0:2d:75:61:7e:45:9e:b1:aa:dd:4d:34:b5:ab:
ac:2f:d0:40:9f:d1:b1:88:12:25:b0:07:0f:13:34:
79:41:dd:d4:1a:c1:57:5e:e1:be:11:92:ec:c7:d1:
12:4c:d5:97:cb:3e:b5:fa:b1:d6:77:8c:b4:fc:a3:
62:7b:50:e3:30:d8:21:86:ca:cd:2b:05:b2:45:52:
a4:a3:51:f8:2a:f8:c6:3b:65:48:47:5a:70:e9:71:
e9:2e:c4:11:86:a4:b5:ed:4f:f3:95:da:10:eb:8e:
97:fc:28:83:27:4c:49:94:17:c9:36:12:f0:6e:63:
74:33:3d:3b:bc:eb:13:8a:78:64:3f:8a:55:6a:61:
9f:11:cd:b5:cb:30:f4:a6:bc:06:fa:d8:61:6e:22:
ae:76:0c:5e:80:f3:a6:cd:ce:50:b7:29:28:46:4e:
c6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D4:91:3C:07:EB:00:35:10:7A:98:C6:68:5F:DD:E6:D0:0E:72:92
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/0NSRPAfrADUQepjGaF_d5tAOcpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.192.0/19
87.233.0.0/16
193.28.152.0/24
213.193.192.0/21
213.193.208.0/20
213.193.232.0-213.193.247.255
213.193.250.0-213.193.255.255
213.239.128.0/18
IPv6:
2001:990::/32
2001:9a8::/32
Signature Algorithm: sha256WithRSAEncryption
8d:bc:f4:25:47:9f:6f:df:12:17:0f:1e:c9:91:ef:5d:fb:6e:
f5:e0:4b:69:fd:aa:a3:65:0c:f9:78:3a:41:97:b2:6e:a3:84:
b3:31:5b:a0:42:c0:64:af:2f:72:c0:e0:52:1e:f2:65:e5:1a:
f0:4c:2f:46:b0:a9:8f:2e:2d:fa:9a:49:e2:37:47:b5:0e:5b:
0e:2e:d5:8d:c8:72:69:eb:6a:b2:b2:64:e4:68:a7:ac:b6:e3:
97:0b:9b:35:cf:35:25:88:12:cf:e2:5b:7d:e8:c3:1d:21:d5:
61:c1:b1:9a:11:c6:47:8f:42:65:32:2b:e3:ae:56:2f:f7:b3:
93:a5:12:d6:6b:17:ca:0a:56:40:05:00:e3:41:e8:26:48:3c:
20:e5:85:f3:97:1e:71:36:22:70:76:c6:04:66:dd:25:da:bd:
ec:0d:1c:03:b5:c4:7d:9b:e6:39:b3:26:f3:88:ee:6e:71:34:
96:ab:0b:93:fb:67:f8:7d:d4:84:be:6b:6b:1a:33:23:14:8f:
df:c8:fb:9a:66:5d:a4:7e:d4:7e:9a:48:62:d7:ba:d0:67:05:
1f:55:f2:64:c1:0a:c7:c4:fc:92:b2:61:90:6f:f0:fb:82:11:
59:6e:99:24:20:49:2d:71:d6:08:4c:ed:33:71:47:cc:0a:3f:
92:8f:a9:98
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIEF1SwpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MjczNTg2ODJkZjNkZjhiZGM3MDI0NTA3ZjkyZWNmYzVhZTA5N2JiMB4XDTIyMDEw
MTEyNTYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBkNDkxM2MwN2Vi
MDAzNTEwN2E5OGM2Njg1ZmRkZTZkMDBlNzI5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKc9uEPFP47bh7Wx6q9LU3K2QMnKQ7F+4loPe6iv4xX6KS/M
+U8JcspB3y2NA1UaHKiyQUUmilZkxmoUtXu6R3nIfh4u8QQvvroo9F7CqGwn35lj
T6pJ9d0KsNAtdWF+RZ6xqt1NNLWrrC/QQJ/RsYgSJbAHDxM0eUHd1BrBV17hvhGS
7MfREkzVl8s+tfqx1neMtPyjYntQ4zDYIYbKzSsFskVSpKNR+Cr4xjtlSEdacOlx
6S7EEYakte1P85XaEOuOl/wogydMSZQXyTYS8G5jdDM9O7zrE4p4ZD+KVWphnxHN
tcsw9Ka8BvrYYW4irnYMXoDzps3OULcpKEZOxtsCAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBTQ1JE8B+sANRB6mMZoX93m0A5ykjAfBgNVHSMEGDAWgBTCc1hoLfPfi9xw
JFB/kuz8WuCXuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duTllhQzN6MzR2Y2NDUlFmNUxzX0ZyZ2w3cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvZjQ0OWIzLWQ4YTgtNDkzZS05YmQ3LWU4ODQ2NWM0NjE4Ni8x
LzBOU1JQQWZyQURVUWVwakdhRl9kNXRBT2NwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
ZjQ0OWIzLWQ4YTgtNDkzZS05YmQ3LWU4ODQ2NWM0NjE4Ni8xL3duTllhQzN6MzR2
Y2NDUlFmNUxzX0ZyZ2w3cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwRAQCAAEwPgMEBVD3wAMDAFfpAwQAwRyYAwQD1cHA
AwQE1cHQMAwDBAPVwegDBAPVwfAwCwMEAdXB+gMDAdXAAwQG1e+AMBQEAgACMA4D
BQAgAQmQAwUAIAEJqDANBgkqhkiG9w0BAQsFAAOCAQEAjbz0JUefb98SFw8eyZHv
Xftu9eBLaf2qo2UM+Xg6QZeybqOEszFboELAZK8vcsDgUh7yZeUa8EwvRrCpjy4t
+ppJ4jdHtQ5bDi7VjchyaetqsrJk5GinrLbjlwubNc81JYgSz+JbfejDHSHVYcGx
mhHGR49CZTIr465WL/ezk6US1msXygpWQAUA40HoJkg8IOWF85cecTYicHbGBGbd
Jdq97A0cA7XEfZvmObMm84jubnE0lqsLk/tn+H3UhL5raxozIxSP38j7mmZdpH7U
fppIYte60GcFH1XyZMEKx8T8krJhkG/w+4IRWW6ZJCBJLXHWCEztM3FHzAo/ko+p
mA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:08 2024 by rpki-client on console-fra.rpki-client.org