Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/upH0k_54VWG0GG1VrRaZ4UgXRYU.roa
File: upH0k_54VWG0GG1VrRaZ4UgXRYU.roa (raw, json)
Hash identifier: 2ibaNCTKD811gVCt7aIqFshDACIfdb3UmpTOHLSnL30=
Subject key identifier: BA:91:F4:93:FE:78:55:61:B4:18:6D:55:AD:16:99:E1:48:17:45:85
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 13EFDA37
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/upH0k_54VWG0GG1VrRaZ4UgXRYU.roa
Signing time: Sat 01 Jan 2022 11:55:25 +0000
ROA not before: Sat 01 Jan 2022 11:55:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41683
IP address blocks: 213.238.170.0/24 maxlen: 24
213.238.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 334486071 (0x13efda37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 11:55:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba91f493fe785561b4186d55ad1699e148174585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cd:b0:21:c6:4b:44:73:70:50:c2:40:86:32:
5c:11:0f:b5:7b:e1:88:7d:56:fe:f9:23:ef:72:c3:
e8:6b:cc:b0:0b:3d:cb:18:33:e4:a2:8e:02:f5:16:
b7:5d:13:32:9e:b4:62:04:36:51:b8:fc:25:c4:eb:
0a:d0:0b:4a:3f:25:c6:34:a8:f7:27:97:dc:98:25:
bf:fc:34:44:93:88:0c:1d:da:9f:10:db:01:33:ec:
a6:be:09:4a:73:8f:02:2f:2d:4d:35:5c:47:7d:ca:
18:e5:b3:59:27:22:9b:47:0f:9c:ee:19:e2:88:74:
2a:3c:43:f0:27:4a:c5:9c:55:85:7c:05:15:fe:78:
7b:f7:e9:14:a1:c7:9f:c6:c4:c7:1d:94:b2:e8:90:
85:64:39:0b:48:0b:85:03:a7:82:af:1e:e7:a3:84:
05:2d:e3:62:76:45:5f:de:05:03:a5:9e:bd:99:f7:
3c:57:ff:51:57:b4:fc:0f:f1:54:b4:9b:d7:7e:5f:
49:3c:f3:cf:9c:14:2b:08:f5:f0:f9:4c:9b:d6:9f:
e3:7f:2a:00:51:c6:87:21:ed:15:46:e1:9d:c3:04:
3b:1a:49:79:6b:87:eb:f8:9c:fe:84:5e:e1:74:01:
86:36:62:e2:dc:22:c8:b9:14:9a:c1:29:42:81:f0:
2d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:91:F4:93:FE:78:55:61:B4:18:6D:55:AD:16:99:E1:48:17:45:85
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/upH0k_54VWG0GG1VrRaZ4UgXRYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.170.0/24
213.238.176.0/24
Signature Algorithm: sha256WithRSAEncryption
51:46:e2:7c:6d:e5:6b:f8:92:6f:f1:fb:7f:17:b1:81:7e:c2:
63:5b:c5:bb:6d:ec:01:aa:e8:ad:e4:af:86:da:89:7f:15:69:
61:e4:72:a0:51:d7:df:b9:a2:8a:e8:fb:26:ac:38:2d:bb:40:
79:0d:13:66:93:72:6c:a9:6b:35:d5:68:d2:14:61:07:c7:b3:
e0:63:4f:42:97:60:1a:11:77:1b:97:ba:50:98:1f:de:93:d7:
54:2c:b6:d7:b1:bb:75:18:49:50:87:33:52:d2:9b:69:5e:f1:
79:93:69:02:36:63:da:3a:0b:6c:c4:e6:78:ea:76:02:f4:14:
3a:b7:c8:0f:00:6e:ee:9d:2e:4c:5e:b3:a3:40:bf:2b:83:97:
38:3e:a5:42:02:e4:f7:62:02:14:7a:66:9f:2b:0d:3b:d9:d0:
0b:bc:51:d5:a9:ff:03:4c:7e:a7:a6:42:2f:68:d7:29:79:12:
3d:a0:61:be:d1:ca:07:36:9f:24:83:d6:e0:8d:ab:4c:b9:fc:
f6:ac:5b:0f:63:e1:8a:d9:03:84:a1:3c:54:0c:fd:94:14:11:
be:f6:42:c8:c0:9c:4e:04:63:0e:54:ce:85:06:ff:64:c6:71:
f6:8a:ed:90:92:f2:c6:da:e7:36:2d:62:42:04:e2:32:c7:e8:
6f:a7:e8:c4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEE+/aNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGNiZGE3OGIxZDFiNjEzZGY1NjVmZjk5NzAwYjZhZWU5NDBkZTNmMB4XDTIyMDEw
MTExNTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE5MWY0OTNmZTc4
NTU2MWI0MTg2ZDU1YWQxNjk5ZTE0ODE3NDU4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXNsCHGS0RzcFDCQIYyXBEPtXvhiH1W/vkj73LD6GvMsAs9
yxgz5KKOAvUWt10TMp60YgQ2Ubj8JcTrCtALSj8lxjSo9yeX3Jglv/w0RJOIDB3a
nxDbATPspr4JSnOPAi8tTTVcR33KGOWzWScim0cPnO4Z4oh0KjxD8CdKxZxVhXwF
Ff54e/fpFKHHn8bExx2UsuiQhWQ5C0gLhQOngq8e56OEBS3jYnZFX94FA6WevZn3
PFf/UVe0/A/xVLSb135fSTzzz5wUKwj18PlMm9af438qAFHGhyHtFUbhncMEOxpJ
eWuH6/ic/oRe4XQBhjZi4twiyLkUmsEpQoHwLV0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS6kfST/nhVYbQYbVWtFpnhSBdFhTAfBgNVHSMEGDAWgBRUy9p4sdG2E99W
X/mXALau6UDePzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZNdmFlTEhSdGhQZlZsXzVsd0MycnVsQTNqOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8x
L3VwSDBrXzU0VldHMEdHMVZyUmFaNFVnWFJZVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8xL1ZNdmFlTEhSdGhQ
ZlZsXzVsd0MycnVsQTNqOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANXuqgMEANXusDANBgkqhkiG9w0B
AQsFAAOCAQEAUUbifG3la/iSb/H7fxexgX7CY1vFu23sAaroreSvhtqJfxVpYeRy
oFHX37miiuj7Jqw4LbtAeQ0TZpNybKlrNdVo0hRhB8ez4GNPQpdgGhF3G5e6UJgf
3pPXVCy217G7dRhJUIczUtKbaV7xeZNpAjZj2joLbMTmeOp2AvQUOrfIDwBu7p0u
TF6zo0C/K4OXOD6lQgLk92ICFHpmnysNO9nQC7xR1an/A0x+p6ZCL2jXKXkSPaBh
vtHKBzafJIPW4I2rTLn89qxbD2PhitkDhKE8VAz9lBQRvvZCyMCcTgRjDlTOhQb/
ZMZx9ortkJLyxtrnNi1iQgTiMsfob6foxA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:07 2023 by rpki-client on console-fra.rpki-client.org