Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/PlH7zrvRNvaFTc5eXCUIDiN0leA.roa
File: PlH7zrvRNvaFTc5eXCUIDiN0leA.roa (raw, json)
Hash identifier: wssBTTewJQnPbTyid8nmU9ZD5SLmBw4QpV5wvHkR/6g=
Subject key identifier: 3E:51:FB:CE:BB:D1:36:F6:85:4D:CE:5E:5C:25:08:0E:23:74:95:E0
Certificate issuer: /CN=822b30d89b1bcff699f641f88026942d16a72bcc
Certificate serial: 0185715E8796EC03E6670C80A7D0DA53B6B0
Authority key identifier: 82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/PlH7zrvRNvaFTc5eXCUIDiN0leA.roa
Signing time: Mon 02 Jan 2023 07:24:58 +0000
ROA not before: Mon 02 Jan 2023 07:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15525
IP address blocks: 213.13.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:87:96:ec:03:e6:67:0c:80:a7:d0:da:53:b6:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=822b30d89b1bcff699f641f88026942d16a72bcc
Validity
Not Before: Jan 2 07:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e51fbcebbd136f6854dce5e5c25080e237495e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a0:b2:52:fa:f9:50:13:5a:93:7d:f3:53:1c:
5e:b9:b5:dc:fd:c1:b2:fb:46:f4:c6:14:d3:83:fe:
38:11:29:b5:8c:e7:72:fd:b8:28:02:c8:86:45:24:
63:56:12:49:b8:9c:8a:87:e7:2e:00:a7:51:d7:35:
f4:70:2a:fc:90:1d:1c:63:9b:36:e4:98:43:aa:3b:
65:5e:1c:d4:2a:8c:fe:e7:36:a6:40:d8:9b:29:8b:
9e:40:b1:e4:d3:ab:df:34:c0:51:3a:d0:eb:cb:bb:
81:ca:0e:62:42:50:fc:f9:ef:26:84:fc:a0:f8:98:
18:21:d4:eb:19:d5:d6:18:e4:0f:06:3a:17:fb:42:
f9:85:e5:b2:56:f5:2a:2f:dd:02:5e:09:db:59:db:
7f:3f:83:51:ae:44:1a:b0:7a:19:a1:df:ec:14:6a:
21:b8:c3:d8:bc:78:20:6c:1d:b4:d0:f8:4b:fa:33:
cd:dc:25:9b:53:22:5f:a2:87:e0:63:ee:10:25:d1:
4a:07:64:07:1d:5f:15:fa:0c:28:49:74:f7:2f:68:
86:a0:ea:da:41:d8:cb:45:91:c3:a9:36:e4:52:49:
9e:d8:71:43:42:83:92:ee:a5:d6:98:90:0d:a5:cc:
5a:a5:09:dd:fe:30:f9:93:99:99:b2:87:6f:c7:43:
18:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:51:FB:CE:BB:D1:36:F6:85:4D:CE:5E:5C:25:08:0E:23:74:95:E0
X509v3 Authority Key Identifier:
keyid:82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/PlH7zrvRNvaFTc5eXCUIDiN0leA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.13.32.0/19
Signature Algorithm: sha256WithRSAEncryption
b8:df:22:29:2c:bd:79:8d:84:27:ed:12:11:92:a0:71:ef:7e:
92:3b:b0:ca:8f:40:ef:a3:20:17:7d:f6:6c:0e:44:29:86:69:
87:4e:04:64:54:b5:90:22:51:cb:52:a9:81:2b:17:d2:f6:cd:
cf:c0:5d:ea:3e:3e:ba:14:79:62:7c:8f:19:0b:40:9e:56:13:
90:99:28:05:fa:fe:82:6f:81:e5:55:7e:7b:ca:49:93:d4:81:
18:e8:70:f0:17:86:fd:60:26:69:34:03:56:d4:6c:56:01:59:
81:fb:f4:a3:6b:4c:db:a1:c1:ef:06:a0:c5:fa:1b:25:17:87:
fb:6e:dd:2f:bf:25:90:7f:db:88:40:22:36:5d:84:da:b8:ac:
34:50:f2:f4:62:f5:2e:9a:8e:61:e3:2c:06:70:28:1b:c3:a1:
cb:21:96:29:b7:1e:ac:d7:fa:c2:ae:5d:0a:0e:72:e8:1e:2e:
7f:78:f7:fe:0d:be:b7:35:c5:d9:99:db:a0:b9:8c:00:c9:5c:
19:a0:9e:ad:eb:ad:b6:d1:cb:8a:60:97:fc:aa:ef:b3:81:c6:
8d:00:b5:46:90:31:5a:c7:df:7c:af:ba:b6:3c:91:22:0d:ce:
29:f9:05:3c:71:5d:d2:12:86:1d:52:6e:9c:79:6e:d9:7c:3c:
ec:ec:0d:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXoeW7APmZwyAp9DaU7awMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMmIzMGQ4OWIxYmNmZjY5OWY2NDFmODgwMjY5NDJkMTZh
NzJiY2MwHhcNMjMwMTAyMDcyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTUxZmJjZWJiZDEzNmY2ODU0ZGNlNWU1YzI1MDgwZTIzNzQ5NWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6CyUvr5UBNak33zUxxeubXc/cGy
+0b0xhTTg/44ESm1jOdy/bgoAsiGRSRjVhJJuJyKh+cuAKdR1zX0cCr8kB0cY5s2
5JhDqjtlXhzUKoz+5zamQNibKYueQLHk06vfNMBROtDry7uByg5iQlD8+e8mhPyg
+JgYIdTrGdXWGOQPBjoX+0L5heWyVvUqL90CXgnbWdt/P4NRrkQasHoZod/sFGoh
uMPYvHggbB200PhL+jPN3CWbUyJfoofgY+4QJdFKB2QHHV8V+gwoSXT3L2iGoOra
QdjLRZHDqTbkUkme2HFDQoOS7qXWmJANpcxapQnd/jD5k5mZsodvx0MYDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD5R+8670Tb2hU3OXlwlCA4jdJXgMB8GA1UdIwQY
MBaAFIIrMNibG8/2mfZB+IAmlC0WpyvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEt
OTE0ZDVkYzUxOTdmLzEvUGxIN3pydlJOdmFGVGM1ZVhDVUlEaU4wbGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEtOTE0ZDVkYzUxOTdm
LzEvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1Q0gMA0G
CSqGSIb3DQEBCwUAA4IBAQC43yIpLL15jYQn7RIRkqBx736SO7DKj0DvoyAXffZs
DkQphmmHTgRkVLWQIlHLUqmBKxfS9s3PwF3qPj66FHlifI8ZC0CeVhOQmSgF+v6C
b4HlVX57ykmT1IEY6HDwF4b9YCZpNANW1GxWAVmB+/Sja0zbocHvBqDF+hslF4f7
bt0vvyWQf9uIQCI2XYTauKw0UPL0YvUumo5h4ywGcCgbw6HLIZYptx6s1/rCrl0K
DnLoHi5/ePf+Db63NcXZmduguYwAyVwZoJ6t66220cuKYJf8qu+zgcaNALVGkDFa
x998r7q2PJEiDc4p+QU8cV3SEoYdUm6ceW7ZfDzs7A2d
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:47 2025 by rpki-client