Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/iRQf4aPXQjgB4kiEJ1zc0omC1k4.roa
File: iRQf4aPXQjgB4kiEJ1zc0omC1k4.roa (raw, json)
Hash identifier: f9in/l+ulWixC+uaJMlxyYvFnPjwIOTiyD+W1fPiyVE=
Subject key identifier: 89:14:1F:E1:A3:D7:42:38:01:E2:48:84:27:5C:DC:D2:89:82:D6:4E
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018471D10EF8DB294DB1AD7316D9D4CC9EAA
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/iRQf4aPXQjgB4kiEJ1zc0omC1k4.roa
Signing time: Sun 13 Nov 2022 16:27:17 +0000
ROA not before: Sun 13 Nov 2022 16:27:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 213.209.136.0/24 maxlen: 24
213.209.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:71:d1:0e:f8:db:29:4d:b1:ad:73:16:d9:d4:cc:9e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Nov 13 16:27:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89141fe1a3d7423801e24884275cdcd28982d64e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:76:d1:87:0c:6a:2f:11:e5:c9:56:24:34:5d:
cc:ef:63:b0:27:07:39:88:85:50:2f:16:7e:4b:aa:
06:57:7b:05:a7:30:2f:ce:7a:7b:d0:de:1b:9a:73:
ae:6a:b2:17:2d:49:23:8f:99:dd:a0:e4:f4:e7:a4:
62:e8:7a:b9:87:ad:fc:b7:3a:2c:d7:a0:d5:65:f2:
94:43:bc:5b:a3:28:7c:4f:da:2c:b5:f9:b9:3e:a7:
68:75:03:80:32:82:9b:b4:22:33:1b:74:5e:4d:34:
6d:ab:37:f6:26:51:e1:4f:2d:a3:2a:c1:40:db:e1:
6c:78:2f:3a:9a:b2:92:8d:eb:76:fe:90:db:ba:f4:
5a:c9:7e:34:ce:5a:cc:b9:74:5d:25:da:de:cf:57:
ab:cb:59:3d:0d:a7:aa:28:92:cc:4a:51:af:09:c1:
c6:42:98:8d:d9:8b:cb:14:0d:49:4e:11:2c:88:49:
0e:d6:47:48:3e:0e:95:0e:fd:a2:2a:87:bf:3c:0d:
40:5b:f3:d3:7a:45:74:46:3f:24:fa:df:58:17:05:
38:aa:ac:11:f5:1e:4a:27:03:25:7f:0b:82:96:ae:
d2:88:d0:ee:79:8e:89:f6:ea:14:5e:eb:17:66:0d:
e0:4d:37:c4:1b:77:21:6e:d7:fb:a0:67:e8:66:7c:
97:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:14:1F:E1:A3:D7:42:38:01:E2:48:84:27:5C:DC:D2:89:82:D6:4E
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/iRQf4aPXQjgB4kiEJ1zc0omC1k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.136.0/24
213.209.146.0/24
Signature Algorithm: sha256WithRSAEncryption
12:21:f3:67:41:8c:a1:35:39:14:da:bb:de:d0:f1:f6:16:41:
ef:b8:6d:50:71:4c:2b:5b:1c:aa:9b:fd:6e:93:a7:d0:5a:da:
7d:da:b1:e5:5e:04:c4:52:84:ed:08:e0:a5:34:97:28:a9:27:
0d:d5:63:73:55:52:03:62:7c:f2:e3:3b:3b:cb:5d:31:96:5e:
39:f8:6e:4c:23:9a:d5:a1:d5:81:71:51:bf:f4:fc:95:3f:c8:
4f:c5:7b:42:ec:ab:c7:0b:05:72:18:97:ac:f3:e8:db:2f:45:
1a:ad:3d:6d:66:e1:f1:a2:8a:ea:35:c4:bd:18:62:6e:df:bf:
e1:03:c2:48:3d:af:69:d3:63:8e:45:d6:80:41:a0:2d:00:34:
3a:a0:18:59:d2:6d:27:4b:8e:f1:3e:e1:c2:c9:72:9e:2d:6f:
b1:f6:1c:3b:7c:7f:d3:76:79:bc:c1:3e:04:67:68:c3:5b:2c:
0a:c3:8e:5a:a0:b0:42:6e:52:17:41:a2:94:20:cf:72:91:be:
91:4b:cb:55:47:4e:c0:12:6b:19:fb:28:ad:af:bd:6e:d3:75:
55:0b:64:2f:a4:3e:5f:18:ba:b9:bc:eb:50:66:05:fc:ac:98:
f2:6d:4f:32:c9:a7:d5:09:fe:9a:41:cc:8d:00:1c:69:19:4b:
5a:f0:44:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRx0Q742ylNsa1zFtnUzJ6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTEzMTYyNzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTE0MWZlMWEzZDc0MjM4MDFlMjQ4ODQyNzVjZGNkMjg5ODJkNjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXbRhwxqLxHlyVYkNF3M72OwJwc5
iIVQLxZ+S6oGV3sFpzAvznp70N4bmnOuarIXLUkjj5ndoOT056Ri6Hq5h638tzos
16DVZfKUQ7xboyh8T9ostfm5PqdodQOAMoKbtCIzG3ReTTRtqzf2JlHhTy2jKsFA
2+FseC86mrKSjet2/pDbuvRayX40zlrMuXRdJdrez1ery1k9DaeqKJLMSlGvCcHG
QpiN2YvLFA1JThEsiEkO1kdIPg6VDv2iKoe/PA1AW/PTekV0Rj8k+t9YFwU4qqwR
9R5KJwMlfwuClq7SiNDueY6J9uoUXusXZg3gTTfEG3chbtf7oGfoZnyXXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIkUH+Gj10I4AeJIhCdc3NKJgtZOMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvaVJRZjRhUFhRamdCNGtpRUoxemMwb21DMWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1dGIAwQA
1dGSMA0GCSqGSIb3DQEBCwUAA4IBAQASIfNnQYyhNTkU2rve0PH2FkHvuG1QcUwr
Wxyqm/1uk6fQWtp92rHlXgTEUoTtCOClNJcoqScN1WNzVVIDYnzy4zs7y10xll45
+G5MI5rVodWBcVG/9PyVP8hPxXtC7KvHCwVyGJes8+jbL0UarT1tZuHxoorqNcS9
GGJu37/hA8JIPa9p02OORdaAQaAtADQ6oBhZ0m0nS47xPuHCyXKeLW+x9hw7fH/T
dnm8wT4EZ2jDWywKw45aoLBCblIXQaKUIM9ykb6RS8tVR07AEmsZ+yitr71u03VV
C2QvpD5fGLq5vOtQZgX8rJjybU8yyafVCf6aQcyNABxpGUta8ETt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org