Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/tVspfxXtehZuSieU63tSXVdk9f8.roa
File: tVspfxXtehZuSieU63tSXVdk9f8.roa (raw, json)
Hash identifier: qHHqNGrhpjJcMpFNjnIyxwixCIj4cE/aSZnQqABvGGg=
Subject key identifier: B5:5B:29:7F:15:ED:7A:16:6E:4A:27:94:EB:7B:52:5D:57:64:F5:FF
Certificate issuer: /CN=7373c1ff55403d4792346493f769f8d033bef02c
Certificate serial: 185AA531
Authority key identifier: 73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/tVspfxXtehZuSieU63tSXVdk9f8.roa
Signing time: Tue 15 Feb 2022 23:26:47 +0000
ROA not before: Tue 15 Feb 2022 23:26:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2856
IP address blocks: 213.230.244.0/23 maxlen: 23
213.230.246.0/23 maxlen: 23
213.230.242.0/23 maxlen: 23
213.230.251.0/24 maxlen: 24
213.230.252.0/23 maxlen: 23
213.230.248.0/24 maxlen: 24
213.230.214.0/24 maxlen: 24
213.230.226.0/23 maxlen: 23
213.230.225.0/24 maxlen: 24
213.230.224.0/24 maxlen: 24
213.230.230.0/23 maxlen: 23
213.230.232.0/24 maxlen: 24
213.230.228.0/23 maxlen: 23
213.230.233.0/24 maxlen: 24
213.230.240.0/23 maxlen: 23
213.230.238.0/23 maxlen: 23
213.230.234.0/23 maxlen: 23
213.230.236.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 408593713 (0x185aa531)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7373c1ff55403d4792346493f769f8d033bef02c
Validity
Not Before: Feb 15 23:26:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b55b297f15ed7a166e4a2794eb7b525d5764f5ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e6:8b:a8:d8:98:6b:19:5c:9c:7c:e2:ca:5c:
d6:55:1a:80:28:38:fe:03:45:60:10:ea:68:3a:50:
a9:7a:07:7a:74:12:5b:75:5f:af:ee:c5:2a:f3:b2:
87:a4:f0:ec:85:63:5f:22:ed:0f:36:c4:75:8f:4a:
e8:ec:e6:de:d0:18:74:68:ba:ad:94:16:95:4b:28:
28:be:68:05:75:e5:17:77:17:3a:58:17:37:95:cf:
86:18:00:cb:1f:89:be:78:32:95:86:43:86:5b:86:
7f:81:bd:bb:fd:e2:ee:a8:63:b0:9c:5d:f1:f3:0a:
af:d1:e1:1a:48:cd:cf:42:83:57:a7:8a:69:00:f0:
ee:87:77:4f:66:a8:86:5c:49:f5:3a:fc:5d:82:16:
64:01:44:a3:e5:5a:1b:a8:f7:e0:e1:27:24:0f:4c:
67:b9:40:e2:cd:15:c8:2a:62:7a:a8:24:f5:d5:90:
e6:e6:43:72:d8:4c:f6:e9:76:de:ae:bb:2d:61:79:
75:80:57:28:b7:3e:94:09:ca:5b:6f:ac:d5:2a:ac:
58:ff:77:e4:60:8b:dc:ff:62:ab:bb:5e:5e:3d:7c:
77:48:5b:e4:72:3a:d6:61:3a:64:ff:a4:d4:e6:08:
e1:cb:7a:4c:df:dd:22:a5:29:37:0c:63:8c:09:9e:
7e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:5B:29:7F:15:ED:7A:16:6E:4A:27:94:EB:7B:52:5D:57:64:F5:FF
X509v3 Authority Key Identifier:
keyid:73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/tVspfxXtehZuSieU63tSXVdk9f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.230.214.0/24
213.230.224.0-213.230.248.255
213.230.251.0-213.230.253.255
Signature Algorithm: sha256WithRSAEncryption
97:48:b0:55:04:9f:90:35:72:e4:de:c1:92:c2:72:7e:97:67:
db:71:97:c2:79:a1:97:d0:b9:21:18:0d:8f:ce:bc:50:43:7a:
d0:d5:69:94:4d:6e:44:02:1b:4e:8c:6b:48:a6:90:6c:ff:6e:
21:58:52:b3:3c:7f:57:26:87:cf:6b:65:86:7b:56:60:59:40:
f0:85:90:d2:07:3d:b5:21:93:84:68:c8:20:bd:75:b4:bb:44:
78:b2:47:67:15:ec:e5:07:a3:45:43:1f:31:2c:cb:2b:49:3a:
44:65:f1:f4:58:d5:5e:e9:58:a9:e1:f5:4e:73:78:ec:60:8f:
73:9e:b8:0f:c1:bd:be:a8:7f:38:36:de:9f:10:40:8c:a2:fd:
51:c0:c2:d0:5f:61:9a:29:6e:e5:09:98:93:7d:df:86:3b:d9:
50:19:4f:40:f7:27:20:29:dd:5f:ca:55:3e:c4:d7:7b:03:7b:
2a:bf:b3:81:f5:bb:12:3a:d4:69:39:61:4d:40:14:04:77:4c:
25:40:b8:67:18:84:d3:84:46:2a:49:9c:24:65:23:b4:14:7d:
aa:eb:74:65:98:35:de:7c:52:f1:96:9c:ee:90:12:68:04:2d:
e0:91:d1:a8:e4:d0:12:ac:b2:43:91:7d:b2:39:46:9e:46:5d:
0f:64:cf:e7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEGFqlMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzczYzFmZjU1NDAzZDQ3OTIzNDY0OTNmNzY5ZjhkMDMzYmVmMDJjMB4XDTIyMDIx
NTIzMjY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU1YjI5N2YxNWVk
N2ExNjZlNGEyNzk0ZWI3YjUyNWQ1NzY0ZjVmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7mi6jYmGsZXJx84spc1lUagCg4/gNFYBDqaDpQqXoHenQS
W3Vfr+7FKvOyh6Tw7IVjXyLtDzbEdY9K6Ozm3tAYdGi6rZQWlUsoKL5oBXXlF3cX
OlgXN5XPhhgAyx+JvngylYZDhluGf4G9u/3i7qhjsJxd8fMKr9HhGkjNz0KDV6eK
aQDw7od3T2aohlxJ9Tr8XYIWZAFEo+VaG6j34OEnJA9MZ7lA4s0VyCpieqgk9dWQ
5uZDcthM9ul23q67LWF5dYBXKLc+lAnKW2+s1SqsWP935GCL3P9iq7teXj18d0hb
5HI61mE6ZP+k1OYI4ct6TN/dIqUpNwxjjAmefpMCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBS1Wyl/Fe16Fm5KJ5Tre1JdV2T1/zAfBgNVHSMEGDAWgBRzc8H/VUA9R5I0
ZJP3afjQM77wLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2MzUEJfMVZBUFVlU05HU1Q5Mm40MERPLThDdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvMWFmZjEwLWRkMjktNDM5Zi04ZDIzLWJjOWE1ZjY2MDVmYy8x
L3RWc3BmeFh0ZWhadVNpZVU2M3RTWFZkazlmOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
MWFmZjEwLWRkMjktNDM5Zi04ZDIzLWJjOWE1ZjY2MDVmYy8xL2MzUEJfMVZBUFVl
U05HU1Q5Mm40MERPLThDdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIgMEANXm1jAMAwQF1ebgAwQA1eb4MAwD
BADV5vsDBAHV5vwwDQYJKoZIhvcNAQELBQADggEBAJdIsFUEn5A1cuTewZLCcn6X
Z9txl8J5oZfQuSEYDY/OvFBDetDVaZRNbkQCG06Ma0imkGz/biFYUrM8f1cmh89r
ZYZ7VmBZQPCFkNIHPbUhk4RoyCC9dbS7RHiyR2cV7OUHo0VDHzEsyytJOkRl8fRY
1V7pWKnh9U5zeOxgj3OeuA/Bvb6ofzg23p8QQIyi/VHAwtBfYZopbuUJmJN934Y7
2VAZT0D3JyAp3V/KVT7E13sDeyq/s4H1uxI61Gk5YU1AFAR3TCVAuGcYhNOERipJ
nCRlI7QUfarrdGWYNd58UvGWnO6QEmgELeCR0ajk0BKsskORfbI5Rp5GXQ9kz+c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:52 2024 by rpki-client on console-fra.rpki-client.org