Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/_xU6SkKEiiWRQ1MUZ-mW6whgLG4.roa
File: _xU6SkKEiiWRQ1MUZ-mW6whgLG4.roa (raw, json)
Hash identifier: KIEZDT90CbigskvFB4WRx2OvJA406qxoXT91qJauHjY=
Subject key identifier: FF:15:3A:4A:42:84:8A:25:91:43:53:14:67:E9:96:EB:08:60:2C:6E
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0AF89B4D
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/_xU6SkKEiiWRQ1MUZ-mW6whgLG4.roa
Signing time: Sat 01 Jan 2022 13:02:44 +0000
ROA not before: Sat 01 Jan 2022 13:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28884
IP address blocks: 213.87.112.0/23 maxlen: 23
213.87.118.0/23 maxlen: 23
213.87.224.0/23 maxlen: 23
213.87.114.0/23 maxlen: 23
213.87.116.0/23 maxlen: 23
213.87.124.0/23 maxlen: 23
213.87.120.0/23 maxlen: 23
213.87.122.0/23 maxlen: 23
213.87.126.0/23 maxlen: 23
213.87.184.0/23 maxlen: 23
2a00:1fa2:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184064845 (0xaf89b4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 13:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff153a4a42848a259143531467e996eb08602c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cc:91:99:1b:bf:c8:0c:43:e7:4d:ea:51:7d:
10:b6:74:88:a0:c3:43:95:88:d6:d7:b1:ab:05:fc:
8d:4e:44:aa:d4:07:f0:d8:c1:50:92:aa:d9:67:d4:
1d:2a:de:59:2a:ea:db:31:a1:85:a3:80:1f:eb:32:
43:fc:e7:58:96:bd:6a:62:cb:3f:67:bc:ae:95:74:
83:07:4a:8e:1e:27:b1:0b:45:79:14:3d:8c:c2:ac:
94:93:ab:55:c1:73:d7:42:f9:fc:36:17:3e:b3:57:
95:4f:86:0b:b0:fe:fd:6c:9a:1f:c0:78:6b:48:e8:
fd:4f:b9:2b:74:f6:1f:b3:47:be:30:eb:af:50:cb:
46:ab:dc:ac:ac:9c:c7:71:e7:a7:0b:a6:6e:4b:ad:
f8:4c:57:eb:24:5a:71:5e:50:f3:25:ce:1e:23:62:
ad:6c:46:39:6d:21:d1:24:8b:43:c4:82:11:f9:fc:
02:5f:40:21:d7:6d:8d:00:ae:19:d1:4c:be:39:c9:
ff:ab:41:29:b6:56:3f:74:47:4f:03:31:ac:c1:90:
77:fc:5f:78:56:3f:60:b8:8d:ec:e9:b7:99:06:b2:
2f:59:a9:a6:43:bb:a4:3e:04:88:e8:ad:e9:6a:7c:
6b:34:4d:06:9d:44:a3:73:90:16:ef:dc:68:e9:f3:
57:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:15:3A:4A:42:84:8A:25:91:43:53:14:67:E9:96:EB:08:60:2C:6E
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/_xU6SkKEiiWRQ1MUZ-mW6whgLG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.87.112.0/20
213.87.184.0/23
213.87.224.0/23
IPv6:
2a00:1fa2:8000::/33
Signature Algorithm: sha256WithRSAEncryption
64:f6:48:b2:5d:a7:c3:dd:dd:da:09:31:93:40:0f:72:43:74:
a8:20:b9:10:86:6c:32:ee:48:f7:63:01:fe:df:c0:69:8f:10:
59:5a:b8:b9:44:7f:a3:d3:18:a0:b6:c3:09:0f:d9:59:e2:a3:
ee:af:f9:89:29:ec:25:32:52:79:5a:35:94:0a:fa:52:29:06:
80:14:1f:d0:91:e4:4a:bf:4e:cd:8f:28:59:94:86:6a:8a:b7:
51:2d:9b:82:a4:fe:cf:3b:ef:b0:65:34:e3:3d:aa:97:d3:5a:
0c:90:5c:b2:e0:b6:cc:41:35:ee:e3:6b:83:10:99:89:de:f3:
b3:02:80:ec:47:6d:7e:62:b8:70:19:29:bd:6e:d9:48:ea:82:
ce:a9:c8:63:ab:54:3f:01:69:86:96:50:68:fe:23:f7:0c:23:
61:d2:2c:87:43:bb:6a:f3:c8:3c:80:89:45:9a:1b:3a:6d:4d:
10:ec:98:70:51:eb:fa:61:fd:c2:45:a9:a0:a5:c4:70:37:33:
a4:d0:b2:d3:28:fd:f1:9a:75:83:56:ca:07:c7:08:34:1f:5c:
70:24:99:20:ff:ba:37:dd:10:ed:d8:3e:1d:9c:1c:9e:da:ab:
06:ed:de:9e:be:cf:1f:42:62:dd:ae:44:12:64:32:9c:77:37:
f6:91:25:11
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECvibTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWZlMWM4NTk0MDlhYzVkZTc0MTRjNDhmODY3Mzk5MTNiZTZiN2U1MB4XDTIyMDEw
MTEzMDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYxNTNhNGE0Mjg0
OGEyNTkxNDM1MzE0NjdlOTk2ZWIwODYwMmM2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7MkZkbv8gMQ+dN6lF9ELZ0iKDDQ5WI1texqwX8jU5EqtQH
8NjBUJKq2WfUHSreWSrq2zGhhaOAH+syQ/znWJa9amLLP2e8rpV0gwdKjh4nsQtF
eRQ9jMKslJOrVcFz10L5/DYXPrNXlU+GC7D+/WyaH8B4a0jo/U+5K3T2H7NHvjDr
r1DLRqvcrKycx3Hnpwumbkut+ExX6yRacV5Q8yXOHiNirWxGOW0h0SSLQ8SCEfn8
Al9AIddtjQCuGdFMvjnJ/6tBKbZWP3RHTwMxrMGQd/xfeFY/YLiN7Om3mQayL1mp
pkO7pD4EiOit6Wp8azRNBp1Eo3OQFu/caOnzV50CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBT/FTpKQoSKJZFDUxRn6ZbrCGAsbjAfBgNVHSMEGDAWgBSu/hyFlAmsXedB
TEj4ZzmRO+a35TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J2NGNoWlFKckYzblFVeEktR2M1a1R2bXQtVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvNDUxZjA0LWUzYzktNDRlYS1hNmExLTQyODQ1ODY3OWNlNC8x
L194VTZTa0tFaWlXUlExTVVaLW1XNndoZ0xHNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
NDUxZjA0LWUzYzktNDRlYS1hNmExLTQyODQ1ODY3OWNlNC8xL3J2NGNoWlFKckYz
blFVeEktR2M1a1R2bXQtVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowGAQCAAEwEgMEBNVXcAMEAdVXuAMEAdVX4DAOBAIA
AjAIAwYHKgAfooAwDQYJKoZIhvcNAQELBQADggEBAGT2SLJdp8Pd3doJMZNAD3JD
dKgguRCGbDLuSPdjAf7fwGmPEFlauLlEf6PTGKC2wwkP2Vnio+6v+Ykp7CUyUnla
NZQK+lIpBoAUH9CR5Eq/Ts2PKFmUhmqKt1Etm4Kk/s8777BlNOM9qpfTWgyQXLLg
tsxBNe7ja4MQmYne87MCgOxHbX5iuHAZKb1u2Ujqgs6pyGOrVD8BaYaWUGj+I/cM
I2HSLIdDu2rzyDyAiUWaGzptTRDsmHBR6/ph/cJFqaClxHA3M6TQstMo/fGadYNW
ygfHCDQfXHAkmSD/ujfdEO3YPh2cHJ7aqwbt3p6+zx9CYt2uRBJkMpx3N/aRJRE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:01 2025 by rpki-client