Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/REcqjrP-fQjBkWkQ4tcsABQSctU.roa
File: REcqjrP-fQjBkWkQ4tcsABQSctU.roa (raw, json)
Hash identifier: VAcXj8fWMvKwL6sMvXuwOzjHqSLB7mPlqKSa7rnT0ik=
Subject key identifier: 44:47:2A:8E:B3:FE:7D:08:C1:91:69:10:E2:D7:2C:00:14:12:72:D5
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01835490F60B0C1BC7A8DBBD8E1FA1157F56
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/REcqjrP-fQjBkWkQ4tcsABQSctU.roa
Signing time: Mon 19 Sep 2022 07:05:29 +0000
ROA not before: Mon 19 Sep 2022 07:05:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 213.209.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:54:90:f6:0b:0c:1b:c7:a8:db:bd:8e:1f:a1:15:7f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 19 07:05:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44472a8eb3fe7d08c1916910e2d72c00141272d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:18:c0:fc:e8:5d:e9:54:67:0c:11:2f:cd:bb:
86:05:06:17:8b:43:1c:89:80:3e:d1:9e:24:dd:c7:
47:8b:69:33:34:96:02:0a:a8:fa:ab:3b:53:01:3c:
ca:bd:d5:bd:84:0e:f1:98:0f:33:d9:90:f6:a7:d2:
16:f2:c6:bd:86:0c:c5:cc:82:6d:70:31:30:c1:66:
02:ef:9b:b7:69:a4:50:ca:6f:55:e7:80:47:79:cd:
cd:4e:8f:96:d4:01:35:2a:d0:92:6a:3c:89:d0:39:
ec:b1:83:cd:6f:7d:1c:ea:a3:99:1f:78:eb:68:db:
b0:a0:fd:fd:79:e1:56:6c:8a:1e:2e:8b:71:c1:c0:
c5:5d:da:5c:02:aa:b4:36:1e:b3:25:95:b8:e5:03:
06:2d:13:62:45:90:82:92:66:ee:df:06:9f:b4:79:
38:40:c5:64:30:6c:fd:ff:c6:6c:82:ee:51:fd:0d:
77:60:fe:4a:dd:36:08:91:c4:d6:c9:0c:b9:b9:bc:
8a:38:93:15:20:8a:b6:2d:ad:f0:f4:87:11:f4:55:
34:39:f2:1a:89:8d:d2:81:ee:12:99:8d:be:db:d1:
96:4d:5b:b2:c9:55:4a:c5:e5:79:16:17:1c:e0:8d:
2e:67:91:19:5f:3e:26:c1:b1:3a:af:10:3d:c9:e5:
95:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:47:2A:8E:B3:FE:7D:08:C1:91:69:10:E2:D7:2C:00:14:12:72:D5
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/REcqjrP-fQjBkWkQ4tcsABQSctU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.150.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0c:d7:11:41:ea:c6:2d:84:a4:b3:fd:93:70:f7:81:5c:2b:
98:52:0f:e4:91:fb:46:8a:9a:37:6b:6d:42:c5:0d:a0:e1:5e:
05:6e:1b:d4:16:c0:f6:34:cb:f5:cc:09:08:96:de:4f:54:a7:
17:4b:a0:25:9d:a8:24:cf:2a:20:fc:7b:18:45:61:f7:71:35:
f9:0e:96:76:da:6e:b6:dd:83:b6:73:7a:dd:93:e0:7c:1a:e8:
7e:13:66:7b:a0:8a:1f:f0:b0:a8:58:54:5b:71:24:83:9f:b6:
99:5a:63:e1:30:f6:2b:bb:c3:f2:b6:16:14:a0:ea:ab:77:79:
86:dd:63:ee:a1:f2:b1:31:60:62:8b:19:02:bf:37:17:d3:db:
b5:3f:d4:e6:32:2f:38:22:62:b2:2c:af:c7:9e:c6:2b:5f:44:
6d:03:fb:36:07:91:25:62:2e:99:37:78:df:04:c9:fb:3a:a0:
33:81:c0:4a:bf:66:b5:45:ce:6f:59:d8:1a:c6:47:ba:79:0a:
e1:37:78:ad:40:fd:7a:d2:38:3d:5d:7b:48:75:76:16:ee:5c:
2d:47:a2:27:6e:13:ab:99:14:98:3e:e0:a0:9f:7e:51:f1:33:
d7:43:5c:2a:cc:d2:37:4f:ba:6c:78:13:58:51:28:f6:cb:d4:
cb:d8:f9:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNUkPYLDBvHqNu9jh+hFX9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwOTE5MDcwNTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDQ3MmE4ZWIzZmU3ZDA4YzE5MTY5MTBlMmQ3MmMwMDE0MTI3MmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRjA/Ohd6VRnDBEvzbuGBQYXi0Mc
iYA+0Z4k3cdHi2kzNJYCCqj6qztTATzKvdW9hA7xmA8z2ZD2p9IW8sa9hgzFzIJt
cDEwwWYC75u3aaRQym9V54BHec3NTo+W1AE1KtCSajyJ0DnssYPNb30c6qOZH3jr
aNuwoP39eeFWbIoeLotxwcDFXdpcAqq0Nh6zJZW45QMGLRNiRZCCkmbu3waftHk4
QMVkMGz9/8Zsgu5R/Q13YP5K3TYIkcTWyQy5ubyKOJMVIIq2La3w9IcR9FU0OfIa
iY3Sge4SmY2+29GWTVuyyVVKxeV5Fhcc4I0uZ5EZXz4mwbE6rxA9yeWVYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERHKo6z/n0IwZFpEOLXLAAUEnLVMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvUkVjcWpyUC1mUWpCa1drUTR0Y3NBQlFTY3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGWMA0G
CSqGSIb3DQEBCwUAA4IBAQBaDNcRQerGLYSks/2TcPeBXCuYUg/kkftGipo3a21C
xQ2g4V4FbhvUFsD2NMv1zAkIlt5PVKcXS6Alnagkzyog/HsYRWH3cTX5DpZ22m62
3YO2c3rdk+B8Guh+E2Z7oIof8LCoWFRbcSSDn7aZWmPhMPYru8PythYUoOqrd3mG
3WPuofKxMWBiixkCvzcX09u1P9TmMi84ImKyLK/HnsYrX0RtA/s2B5ElYi6ZN3jf
BMn7OqAzgcBKv2a1Rc5vWdgaxke6eQrhN3itQP160jg9XXtIdXYW7lwtR6InbhOr
mRSYPuCgn35R8TPXQ1wqzNI3T7pseBNYUSj2y9TL2Pno
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org