Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/l8uL9KSR6lIC3l3nH1RC7CvzE6E.roa
File: l8uL9KSR6lIC3l3nH1RC7CvzE6E.roa (raw, json)
Hash identifier: iPQ3TMzLvcDtedDbCVElgms8vVbpM+FzvUY87UWZixg=
Subject key identifier: 97:CB:8B:F4:A4:91:EA:52:02:DE:5D:E7:1F:54:42:EC:2B:F3:13:A1
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 018617BFC72E88FEBD52BF951FFF0F892670
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/l8uL9KSR6lIC3l3nH1RC7CvzE6E.roa
Signing time: Fri 03 Feb 2023 14:48:09 +0000
ROA not before: Fri 03 Feb 2023 14:48:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209956
IP address blocks: 213.238.166.0/24 maxlen: 24
213.238.189.0/24 maxlen: 24
213.238.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:bf:c7:2e:88:fe:bd:52:bf:95:1f:ff:0f:89:26:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Feb 3 14:48:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97cb8bf4a491ea5202de5de71f5442ec2bf313a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:03:a9:5d:8a:52:e7:1b:1e:33:14:5d:5a:a7:
4f:ac:8f:7f:ae:4d:46:4d:29:48:df:03:0b:a1:7f:
3b:2f:12:bb:9e:a9:7d:4d:ee:91:ba:02:c5:ee:4b:
b5:66:a8:af:b6:a5:31:d5:d8:96:21:09:cf:bf:ff:
6e:25:a5:3a:e6:06:9a:4c:ab:68:a5:5d:07:15:88:
03:79:ad:18:87:c6:05:c6:94:88:2a:fa:98:a4:b1:
86:12:a0:b2:6a:ed:28:08:67:86:b0:36:59:6c:c3:
8b:9e:68:f9:98:e5:a7:16:50:ef:f1:01:4f:2b:4b:
5b:64:14:8f:8c:7c:57:f7:36:d1:c9:c3:6b:ad:35:
c0:86:c9:06:38:d8:c3:30:75:87:40:ce:4e:d1:51:
b7:d7:81:f6:d8:c8:f4:8e:55:e0:ac:a9:ef:79:c9:
03:2a:77:11:0c:10:7a:f0:a3:a7:9f:37:a1:36:5b:
41:ff:d1:13:fe:21:59:43:c6:cd:f8:a2:a2:df:dc:
0c:55:fb:cf:d2:72:93:9c:00:d8:bc:1c:9a:9f:0c:
71:46:40:29:16:1d:e9:1a:b7:a6:20:ad:c6:57:ea:
99:3b:38:ce:b7:cf:a1:7e:18:ca:56:f1:7b:fe:87:
bb:8e:3f:b4:82:dc:41:0f:47:4d:c8:36:eb:8f:70:
c4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CB:8B:F4:A4:91:EA:52:02:DE:5D:E7:1F:54:42:EC:2B:F3:13:A1
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/l8uL9KSR6lIC3l3nH1RC7CvzE6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.166.0/24
213.238.187.0/24
213.238.189.0/24
Signature Algorithm: sha256WithRSAEncryption
56:5d:72:76:f9:77:ad:cc:c7:50:f3:98:b2:40:d1:af:65:a2:
af:65:01:32:fe:ac:45:7f:ca:b3:68:3b:43:c4:de:68:99:49:
66:c3:43:41:6c:23:64:c9:42:f0:06:b2:d7:5e:38:b9:35:71:
56:8c:fc:8b:1d:82:52:79:f6:f6:7b:fa:46:e4:86:77:09:0f:
f0:44:8c:84:b6:c4:e2:20:dd:29:1f:00:f5:9c:c8:66:26:19:
d5:e3:4c:da:c9:ff:cf:4f:87:6e:fc:96:d1:12:16:9c:cd:35:
0d:50:a1:75:a6:34:0d:dd:92:02:87:e0:41:27:c5:8a:9e:a1:
51:f4:81:e3:31:bc:13:05:80:58:e7:df:9f:d3:d3:72:2f:0e:
2e:fb:a0:e3:58:a1:66:e7:90:6e:ff:ab:7b:1c:00:81:88:1d:
9b:48:e0:6f:2f:29:e5:ef:b3:7f:9c:77:1d:80:b8:db:04:e3:
1c:37:ea:1f:cc:d6:91:de:08:b9:84:36:0f:18:b5:d6:64:19:
f4:66:36:50:92:de:26:75:04:ad:7c:e0:df:e2:ed:6b:30:f1:
f5:06:e5:76:73:83:1f:1b:ef:94:2d:c6:2d:7d:e8:0b:39:d3:
d4:8d:b7:4c:3f:83:c3:b0:39:3f:ef:f0:ad:53:98:c2:7c:f5:
73:28:b6:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYXv8cuiP69Ur+VH/8PiSZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjMwMjAzMTQ0ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2NiOGJmNGE0OTFlYTUyMDJkZTVkZTcxZjU0NDJlYzJiZjMxM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwOpXYpS5xseMxRdWqdPrI9/rk1G
TSlI3wMLoX87LxK7nql9Te6RugLF7ku1ZqivtqUx1diWIQnPv/9uJaU65gaaTKto
pV0HFYgDea0Yh8YFxpSIKvqYpLGGEqCyau0oCGeGsDZZbMOLnmj5mOWnFlDv8QFP
K0tbZBSPjHxX9zbRycNrrTXAhskGONjDMHWHQM5O0VG314H22Mj0jlXgrKnveckD
KncRDBB68KOnnzehNltB/9ET/iFZQ8bN+KKi39wMVfvP0nKTnADYvByanwxxRkAp
Fh3pGremIK3GV+qZOzjOt8+hfhjKVvF7/oe7jj+0gtxBD0dNyDbrj3DERwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJfLi/SkkepSAt5d5x9UQuwr8xOhMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvbDh1TDlLU1I2bElDM2wzbkgxUkM3Q3Z6RTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1e6mAwQA
1e67AwQA1e69MA0GCSqGSIb3DQEBCwUAA4IBAQBWXXJ2+XetzMdQ85iyQNGvZaKv
ZQEy/qxFf8qzaDtDxN5omUlmw0NBbCNkyULwBrLXXji5NXFWjPyLHYJSefb2e/pG
5IZ3CQ/wRIyEtsTiIN0pHwD1nMhmJhnV40zayf/PT4du/JbREhaczTUNUKF1pjQN
3ZICh+BBJ8WKnqFR9IHjMbwTBYBY59+f09NyLw4u+6DjWKFm55Bu/6t7HACBiB2b
SOBvLynl77N/nHcdgLjbBOMcN+ofzNaR3gi5hDYPGLXWZBn0ZjZQkt4mdQStfODf
4u1rMPH1BuV2c4MfG++ULcYtfegLOdPUjbdMP4PDsDk/7/CtU5jCfPVzKLZ2
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:53:37 2025 by rpki-client