Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/4S4xqi3ru3_KhwNCVD1BxTKjSrk.roa
File: 4S4xqi3ru3_KhwNCVD1BxTKjSrk.roa (raw, json)
Hash identifier: Hr4EeQoAyZY3wKCcSbMvzEB+u1rIYchRmMyDAK0Xuyk=
Subject key identifier: E1:2E:31:AA:2D:EB:BB:7F:CA:87:03:42:54:3D:41:C5:32:A3:4A:B9
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 0183DC30AE85AA9F2B66A5A20D377B8C7898
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/4S4xqi3ru3_KhwNCVD1BxTKjSrk.roa
Signing time: Sat 15 Oct 2022 15:08:41 +0000
ROA not before: Sat 15 Oct 2022 15:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15703
IP address blocks: 213.193.232.0/24 maxlen: 24
213.193.232.0/21 maxlen: 21
213.193.240.0/21 maxlen: 24
213.193.250.0/23 maxlen: 23
213.193.252.0/23 maxlen: 23
213.193.254.0/23 maxlen: 23
213.239.128.0/18 maxlen: 24
213.193.192.0/21 maxlen: 21
213.193.208.0/21 maxlen: 21
213.193.209.0/24 maxlen: 24
213.193.212.0/24 maxlen: 24
213.193.216.0/22 maxlen: 22
80.247.192.0/19 maxlen: 19
213.193.220.0/22 maxlen: 22
193.28.152.0/24 maxlen: 24
87.233.0.0/16 maxlen: 24
2001:990::/32 maxlen: 32
2001:9a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:dc:30:ae:85:aa:9f:2b:66:a5:a2:0d:37:7b:8c:78:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: Oct 15 15:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e12e31aa2debbb7fca870342543d41c532a34ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:11:30:ad:6d:70:5d:c5:89:00:90:e4:a6:f5:
7a:91:e2:ce:2e:69:a7:da:74:dc:45:f7:d9:60:0a:
26:57:27:13:58:ed:67:16:0a:a7:6f:6c:50:36:b1:
34:32:c5:56:cd:0c:a1:8c:21:ba:a3:6c:fc:84:e8:
e7:4f:a5:b0:5c:57:67:36:3a:6c:f6:03:55:ab:51:
ff:67:fd:66:bf:70:df:46:87:31:e1:30:17:f8:48:
bc:88:b9:5b:8f:55:23:a6:52:70:2e:9a:36:6b:2e:
da:e4:1c:18:62:e2:8a:be:e0:e2:72:62:eb:54:3e:
04:8d:5b:dc:82:29:28:d0:cc:71:7c:f3:e4:dd:dd:
c0:e2:82:d8:4e:a0:1b:25:60:18:14:06:30:66:57:
ce:1f:92:b4:90:13:57:91:42:ca:7d:c4:bf:5d:f9:
92:19:64:8c:56:95:35:24:10:2b:cc:48:55:fa:01:
a9:fd:02:34:4e:d9:d8:c1:30:c7:e3:bb:52:ba:28:
bc:d7:44:54:25:55:5f:56:1b:77:43:13:c8:20:d6:
e3:ad:90:b6:76:6a:57:b8:52:59:53:14:e2:8a:e5:
85:0f:70:61:73:35:d2:bd:90:75:6f:a2:f5:ca:a1:
e4:91:47:9f:cc:f3:4f:e2:6b:a2:60:bb:ac:94:ef:
82:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:2E:31:AA:2D:EB:BB:7F:CA:87:03:42:54:3D:41:C5:32:A3:4A:B9
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/4S4xqi3ru3_KhwNCVD1BxTKjSrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.192.0/19
87.233.0.0/16
193.28.152.0/24
213.193.192.0/21
213.193.208.0/20
213.193.232.0-213.193.247.255
213.193.250.0-213.193.255.255
213.239.128.0/18
IPv6:
2001:990::/32
2001:9a8::/32
Signature Algorithm: sha256WithRSAEncryption
76:0e:67:8f:b0:b1:e9:e1:bb:24:25:07:63:46:e9:84:63:66:
81:61:49:21:7c:25:ff:a1:35:cf:eb:e7:9e:0f:34:91:f2:77:
08:55:8f:76:87:6f:99:e0:6f:ba:4f:8a:c4:87:64:a6:66:66:
70:c0:d5:0f:19:bf:47:a5:62:bc:e3:e7:46:8e:67:8d:43:b7:
1a:3b:5d:f7:3f:08:37:20:ce:7b:b8:97:08:59:63:cc:26:8c:
82:38:eb:1f:cd:db:1c:46:f0:21:97:f0:d5:ba:35:00:22:a7:
5e:a9:e0:10:6c:69:7a:81:65:e9:cb:39:bf:34:2d:af:fd:50:
dd:d4:12:1e:d8:b2:a3:a7:7b:a7:d3:ff:3e:cd:df:37:05:fa:
ee:94:6a:5e:23:34:9a:0a:f7:32:c6:96:84:4f:98:db:c7:c8:
5b:fd:28:c8:12:5f:d5:f7:e7:a4:0a:63:c6:00:0c:9c:de:15:
cd:84:70:bc:97:e8:25:87:be:56:6e:fd:7f:bf:bd:4e:95:74:
56:77:08:85:50:c8:3d:e7:a7:03:dc:c2:9d:39:60:4d:7d:ee:
15:ea:40:cc:aa:3a:6d:88:41:c5:86:a4:87:57:7c:63:45:e7:
34:06:10:81:b2:35:c6:d6:ce:89:53:b3:13:ce:7d:05:c7:d6:
5f:20:e6:69
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYPcMK6Fqp8rZqWiDTd7jHiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzM1ODY4MmRmM2RmOGJkYzcwMjQ1MDdmOTJlY2ZjNWFl
MDk3YmIwHhcNMjIxMDE1MTUwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTJlMzFhYTJkZWJiYjdmY2E4NzAzNDI1NDNkNDFjNTMyYTM0YWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiREwrW1wXcWJAJDkpvV6keLOLmmn
2nTcRffZYAomVycTWO1nFgqnb2xQNrE0MsVWzQyhjCG6o2z8hOjnT6WwXFdnNjps
9gNVq1H/Z/1mv3DfRocx4TAX+Ei8iLlbj1UjplJwLpo2ay7a5BwYYuKKvuDicmLr
VD4EjVvcgiko0MxxfPPk3d3A4oLYTqAbJWAYFAYwZlfOH5K0kBNXkULKfcS/XfmS
GWSMVpU1JBArzEhV+gGp/QI0TtnYwTDH47tSuii810RUJVVfVht3QxPIINbjrZC2
dmpXuFJZUxTiiuWFD3BhczXSvZB1b6L1yqHkkUefzPNP4muiYLuslO+CBwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFOEuMaot67t/yocDQlQ9QcUyo0q5MB8GA1UdIwQY
MBaAFMJzWGgt89+L3HAkUH+S7Pxa4Je7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDct
ZTg4NDY1YzQ2MTg2LzEvNFM0eHFpM3J1M19LaHdOQ1ZEMUJ4VEtqU3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDctZTg4NDY1YzQ2MTg2
LzEvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQFUPfAAwMA
V+kDBADBHJgDBAPVwcADBATVwdAwDAMEA9XB6AMEA9XB8DALAwQB1cH6AwMB1cAD
BAbV74AwFAQCAAIwDgMFACABCZADBQAgAQmoMA0GCSqGSIb3DQEBCwUAA4IBAQB2
DmePsLHp4bskJQdjRumEY2aBYUkhfCX/oTXP6+eeDzSR8ncIVY92h2+Z4G+6T4rE
h2SmZmZwwNUPGb9HpWK84+dGjmeNQ7caO133Pwg3IM57uJcIWWPMJoyCOOsfzdsc
RvAhl/DVujUAIqdeqeAQbGl6gWXpyzm/NC2v/VDd1BIe2LKjp3un0/8+zd83Bfru
lGpeIzSaCvcyxpaET5jbx8hb/SjIEl/V9+ekCmPGAAyc3hXNhHC8l+glh75Wbv1/
v71OlXRWdwiFUMg956cD3MKdOWBNfe4V6kDMqjptiEHFhqSHV3xjRec0BhCBsjXG
1s6JU7MTzn0Fx9ZfIOZp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:53 2025 by rpki-client