Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/AeVczviBx8TzB8g5c9zr50L3K4g.roa
File: AeVczviBx8TzB8g5c9zr50L3K4g.roa (raw, json)
Hash identifier: uj1AEiZZgdQVA3JR35l4U1GELXQySyjJ5lUUskrc2RE=
Subject key identifier: 01:E5:5C:CE:F8:81:C7:C4:F3:07:C8:39:73:DC:EB:E7:42:F7:2B:88
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 0185701EDA63FE5BC8649C7C3C06A5546D9E
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/AeVczviBx8TzB8g5c9zr50L3K4g.roa
Signing time: Mon 02 Jan 2023 01:35:48 +0000
ROA not before: Mon 02 Jan 2023 01:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48729
IP address blocks: 213.193.232.0/24 maxlen: 24
213.193.212.0/24 maxlen: 24
213.193.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:da:63:fe:5b:c8:64:9c:7c:3c:06:a5:54:6d:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: Jan 2 01:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01e55ccef881c7c4f307c83973dcebe742f72b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9c:80:b1:b7:3b:d3:74:ec:97:ca:d8:61:b5:
77:08:f0:2a:5a:8d:a7:00:cb:39:36:36:f8:50:0c:
49:17:a3:46:ed:b1:27:83:09:67:db:ff:23:d6:ea:
84:0f:ad:c8:32:bf:e5:fa:8b:cd:c9:17:9a:c5:b3:
22:78:99:b7:98:d3:fa:ed:b0:95:aa:9a:40:02:e5:
bd:29:20:18:87:c3:a8:5c:1a:98:6f:25:ac:dd:e9:
d3:f5:7c:b5:1d:5d:58:45:78:dc:ef:4a:59:f1:39:
56:07:ad:af:c1:b3:ea:f4:e9:35:43:3c:3f:69:cb:
af:d9:f1:ef:af:03:a3:ca:ca:49:71:69:db:7e:de:
ea:43:4a:cd:d4:da:1f:30:48:61:0d:76:86:c9:a1:
b0:63:b4:43:9b:d4:d4:44:fe:96:84:26:21:e6:87:
fe:29:5c:75:23:94:a4:80:f2:d8:42:53:12:ff:9e:
96:3b:8b:47:de:43:e5:0a:5a:73:ef:99:87:32:27:
0a:cc:96:b0:71:94:2d:63:44:0b:e1:21:23:3c:ac:
61:ae:45:bd:98:88:58:29:d9:9b:22:2a:50:eb:db:
ca:8b:8b:12:83:5c:68:a8:a7:2b:52:0e:a7:fe:f2:
5e:d3:4d:74:5f:87:51:79:a5:b4:4a:9f:fe:91:d5:
a6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E5:5C:CE:F8:81:C7:C4:F3:07:C8:39:73:DC:EB:E7:42:F7:2B:88
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/AeVczviBx8TzB8g5c9zr50L3K4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.193.209.0/24
213.193.212.0/24
213.193.232.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:30:6c:19:72:18:33:40:fb:1e:ae:a3:af:d2:25:12:3a:a8:
7d:ad:35:ab:55:60:cb:b2:9c:88:9c:f3:84:ee:a7:d9:b1:5e:
fa:bb:10:a9:53:9c:cf:8d:2e:26:67:db:d0:89:cd:43:29:aa:
8d:39:92:85:f2:d1:ba:12:01:b0:c7:b1:93:50:a2:91:7b:f3:
1d:2d:35:f3:18:a9:06:ae:62:e0:0c:1c:39:dc:07:1d:99:d8:
cd:51:0e:56:43:16:b5:6a:2d:9a:87:60:d4:3e:27:3f:62:4f:
ab:39:23:fa:92:d0:bd:fc:ba:63:28:8e:23:4d:7a:b8:07:a1:
0a:99:6a:74:35:51:97:44:c8:55:61:83:7e:77:31:ad:96:c2:
ff:ae:26:9a:f4:fd:99:7f:5b:12:1d:19:66:a9:8e:97:c6:d3:
43:4f:32:79:f8:af:49:69:29:ab:50:21:03:3b:1c:e6:c9:28:
eb:9d:d6:f5:e2:e4:30:ef:b0:25:04:dc:e1:84:02:c5:f9:56:
96:77:2a:a7:8a:87:ad:dd:41:9f:b5:d6:8a:2e:12:05:70:d0:
d7:e5:fb:57:67:12:72:2a:1d:b0:f3:70:73:4a:ed:be:ca:0b:
59:f2:4d:7e:dd:dc:6e:4d:5e:03:83:4c:57:06:65:9c:cb:af:
00:cc:b2:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwHtpj/lvIZJx8PAalVG2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzM1ODY4MmRmM2RmOGJkYzcwMjQ1MDdmOTJlY2ZjNWFl
MDk3YmIwHhcNMjMwMTAyMDEzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWU1NWNjZWY4ODFjN2M0ZjMwN2M4Mzk3M2RjZWJlNzQyZjcyYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5yAsbc703Tsl8rYYbV3CPAqWo2n
AMs5Njb4UAxJF6NG7bEngwln2/8j1uqED63IMr/l+ovNyReaxbMieJm3mNP67bCV
qppAAuW9KSAYh8OoXBqYbyWs3enT9Xy1HV1YRXjc70pZ8TlWB62vwbPq9Ok1Qzw/
acuv2fHvrwOjyspJcWnbft7qQ0rN1NofMEhhDXaGyaGwY7RDm9TURP6WhCYh5of+
KVx1I5SkgPLYQlMS/56WO4tH3kPlClpz75mHMicKzJawcZQtY0QL4SEjPKxhrkW9
mIhYKdmbIipQ69vKi4sSg1xoqKcrUg6n/vJe0010X4dReaW0Sp/+kdWmswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAHlXM74gcfE8wfIOXPc6+dC9yuIMB8GA1UdIwQY
MBaAFMJzWGgt89+L3HAkUH+S7Pxa4Je7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDct
ZTg4NDY1YzQ2MTg2LzEvQWVWY3p2aUJ4OFR6QjhnNWM5enI1MEwzSzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDctZTg4NDY1YzQ2MTg2
LzEvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1cHRAwQA
1cHUAwQA1cHoMA0GCSqGSIb3DQEBCwUAA4IBAQDVMGwZchgzQPserqOv0iUSOqh9
rTWrVWDLspyInPOE7qfZsV76uxCpU5zPjS4mZ9vQic1DKaqNOZKF8tG6EgGwx7GT
UKKRe/MdLTXzGKkGrmLgDBw53AcdmdjNUQ5WQxa1ai2ah2DUPic/Yk+rOSP6ktC9
/LpjKI4jTXq4B6EKmWp0NVGXRMhVYYN+dzGtlsL/riaa9P2Zf1sSHRlmqY6XxtND
TzJ5+K9JaSmrUCEDOxzmySjrndb14uQw77AlBNzhhALF+VaWdyqnioet3UGftdaK
LhIFcNDX5ftXZxJyKh2w83BzSu2+ygtZ8k1+3dxuTV4Dg0xXBmWcy68AzLJa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:49 2025 by rpki-client