Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/xv40X9TKaIkbzIQv3Lg-T6Ij8I8.roa
File: xv40X9TKaIkbzIQv3Lg-T6Ij8I8.roa (raw, json)
Hash identifier: ZFa9vk+EhCHU8Cb+TIjhG7/zqb3sljcYg7n7azKWoTk=
Subject key identifier: C6:FE:34:5F:D4:CA:68:89:1B:CC:84:2F:DC:B8:3E:4F:A2:23:F0:8F
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 0185701ED9F3F7A8DDDF096DD2C93800F29B
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/xv40X9TKaIkbzIQv3Lg-T6Ij8I8.roa
Signing time: Mon 02 Jan 2023 01:35:48 +0000
ROA not before: Mon 02 Jan 2023 01:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47886
IP address blocks: 213.193.232.0/24 maxlen: 24
213.193.212.0/24 maxlen: 24
213.193.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:d9:f3:f7:a8:dd:df:09:6d:d2:c9:38:00:f2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: Jan 2 01:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6fe345fd4ca68891bcc842fdcb83e4fa223f08f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:50:41:f3:60:24:49:da:37:aa:0e:94:38:56:
11:88:34:fc:f3:44:d1:28:eb:a1:4c:c4:05:04:eb:
d2:de:8d:a1:4f:4c:8d:9c:12:d5:68:b4:4c:59:a2:
40:60:37:47:34:10:af:20:f9:48:56:0f:51:c1:ff:
18:55:58:90:20:f9:6b:55:c9:33:72:4c:f1:b4:17:
ce:ae:89:dd:e6:aa:3d:46:07:f5:75:a8:97:90:97:
98:33:09:af:54:57:d7:4d:88:cc:a9:ed:56:e3:aa:
74:9d:69:78:34:6c:23:ff:c9:f6:07:18:d0:d8:da:
ab:3b:60:d8:7e:70:39:83:10:b0:7d:e4:41:f8:51:
7c:dc:c4:c4:e2:ee:80:b9:e8:d0:76:f5:91:c4:88:
48:7b:a2:21:64:0c:5d:96:d4:c5:eb:38:a7:5c:1a:
6b:7a:b5:5b:11:dd:d3:96:18:fa:be:3b:dc:92:36:
f9:86:43:37:3c:24:0b:eb:36:88:32:8f:2d:69:73:
55:43:e2:8f:25:67:3f:09:dd:5d:58:6a:a4:ca:fb:
41:50:3a:70:ce:dd:1b:e1:79:21:c6:5a:80:7e:38:
2d:40:a6:87:17:38:c0:42:f7:32:a9:36:89:e5:59:
de:b8:d8:24:4b:30:4c:0d:d2:ed:b2:5f:70:07:6f:
69:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FE:34:5F:D4:CA:68:89:1B:CC:84:2F:DC:B8:3E:4F:A2:23:F0:8F
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/xv40X9TKaIkbzIQv3Lg-T6Ij8I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.193.209.0/24
213.193.212.0/24
213.193.232.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:ff:6d:93:16:f2:6b:95:8f:19:0e:75:9c:b2:d1:2e:cf:46:
da:99:9f:8e:7d:c0:e8:22:07:28:96:b5:86:13:7a:b7:34:f5:
0f:6c:cb:8c:d2:5e:7a:83:cb:f1:2f:ef:9a:01:6f:5f:90:b0:
f0:7c:c3:70:17:2d:63:85:b4:1e:86:4c:0e:1f:91:0c:d1:e3:
82:ef:7d:75:ce:e5:2c:e2:34:be:35:15:51:0f:2e:65:de:18:
04:f9:ad:f3:b7:8c:d8:ad:5d:bd:e9:45:11:4b:ac:56:a8:6b:
06:95:a3:ad:21:f3:d6:1a:3d:91:7b:fa:78:e2:ef:bd:4b:5f:
93:64:f6:76:b9:c5:cf:20:c0:3c:e2:cc:1d:ba:39:62:bd:ad:
eb:8c:1c:df:bf:84:f8:1a:c5:3c:f9:5b:2a:ba:42:a9:d1:ef:
d4:7c:0b:40:9e:de:a9:4c:88:36:1c:41:a3:af:da:1a:55:fc:
02:6e:16:1a:35:5f:91:b2:e1:f7:c6:39:12:85:2b:78:d6:f5:
c2:fd:29:9e:ca:f9:01:45:aa:5e:61:74:1e:0d:db:62:81:b2:
6b:47:7f:cc:69:40:76:25:0a:26:63:78:df:74:24:1b:5e:f2:
58:de:35:9c:7c:36:57:6a:0f:ac:0b:b0:75:55:d5:47:c8:a9:
27:3e:d2:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwHtnz96jd3wlt0sk4APKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzM1ODY4MmRmM2RmOGJkYzcwMjQ1MDdmOTJlY2ZjNWFl
MDk3YmIwHhcNMjMwMTAyMDEzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmZlMzQ1ZmQ0Y2E2ODg5MWJjYzg0MmZkY2I4M2U0ZmEyMjNmMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFBB82AkSdo3qg6UOFYRiDT880TR
KOuhTMQFBOvS3o2hT0yNnBLVaLRMWaJAYDdHNBCvIPlIVg9Rwf8YVViQIPlrVckz
ckzxtBfOrond5qo9Rgf1daiXkJeYMwmvVFfXTYjMqe1W46p0nWl4NGwj/8n2BxjQ
2NqrO2DYfnA5gxCwfeRB+FF83MTE4u6AuejQdvWRxIhIe6IhZAxdltTF6zinXBpr
erVbEd3Tlhj6vjvckjb5hkM3PCQL6zaIMo8taXNVQ+KPJWc/Cd1dWGqkyvtBUDpw
zt0b4XkhxlqAfjgtQKaHFzjAQvcyqTaJ5VneuNgkSzBMDdLtsl9wB29pfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMb+NF/UymiJG8yEL9y4Pk+iI/CPMB8GA1UdIwQY
MBaAFMJzWGgt89+L3HAkUH+S7Pxa4Je7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDct
ZTg4NDY1YzQ2MTg2LzEveHY0MFg5VEthSWtieklRdjNMZy1UNklqOEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDctZTg4NDY1YzQ2MTg2
LzEvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1cHRAwQA
1cHUAwQA1cHoMA0GCSqGSIb3DQEBCwUAA4IBAQC4/22TFvJrlY8ZDnWcstEuz0ba
mZ+OfcDoIgcolrWGE3q3NPUPbMuM0l56g8vxL++aAW9fkLDwfMNwFy1jhbQehkwO
H5EM0eOC7311zuUs4jS+NRVRDy5l3hgE+a3zt4zYrV296UURS6xWqGsGlaOtIfPW
Gj2Re/p44u+9S1+TZPZ2ucXPIMA84swdujliva3rjBzfv4T4GsU8+VsqukKp0e/U
fAtAnt6pTIg2HEGjr9oaVfwCbhYaNV+RsuH3xjkShSt41vXC/SmeyvkBRapeYXQe
DdtigbJrR3/MaUB2JQomY3jfdCQbXvJY3jWcfDZXag+sC7B1VdVHyKknPtK8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:02 2025 by rpki-client