Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/9c1b08-b5ac-4bbd-b8c3-0e0fd03b1104/1/bDj-xH4e4isnpe7hOJgYhjT9RXc.roa
File: bDj-xH4e4isnpe7hOJgYhjT9RXc.roa (raw, json)
Hash identifier: R2N+QMs6lc7QcaB1oiH9QZho6twPWv86UYI+J10j28g=
Subject key identifier: 6C:38:FE:C4:7E:1E:E2:2B:27:A5:EE:E1:38:98:18:86:34:FD:45:77
Certificate issuer: /CN=0af1238100370a2c05fb06800afde6906daaf2d8
Certificate serial: 018570799F78BB340FAA407C454E5893938A
Authority key identifier: 0A:F1:23:81:00:37:0A:2C:05:FB:06:80:0A:FD:E6:90:6D:AA:F2:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvEjgQA3CiwF-waACv3mkG2q8tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/9c1b08-b5ac-4bbd-b8c3-0e0fd03b1104/1/bDj-xH4e4isnpe7hOJgYhjT9RXc.roa
Signing time: Mon 02 Jan 2023 03:14:56 +0000
ROA not before: Mon 02 Jan 2023 03:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51682
IP address blocks: 213.232.96.0/24 maxlen: 24
213.232.96.0/23 maxlen: 23
213.232.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:9f:78:bb:34:0f:aa:40:7c:45:4e:58:93:93:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af1238100370a2c05fb06800afde6906daaf2d8
Validity
Not Before: Jan 2 03:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c38fec47e1ee22b27a5eee13898188634fd4577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:7e:4d:a0:d6:2b:bb:12:c5:a1:ac:0f:ee:
98:c2:ca:09:18:a9:00:5c:c2:d5:3d:ee:94:af:5c:
b3:f7:a7:01:65:08:71:f9:dd:a4:a6:05:a9:76:5c:
48:d1:98:0b:89:d4:5f:e0:3a:74:46:07:e2:4d:68:
f7:92:9b:7c:7b:2f:d9:81:ce:ce:19:08:cd:7e:d7:
6f:57:a5:1e:41:56:6c:ce:ed:04:d1:01:e1:6d:95:
67:04:39:6e:29:72:bf:ff:f5:67:1b:cc:d2:01:38:
9d:99:6c:98:19:fd:27:c1:63:7e:49:b8:0a:8e:18:
40:38:49:46:d6:bb:f0:e6:70:87:47:70:29:d1:e7:
cb:bb:4a:9c:a6:32:4c:01:49:f1:60:27:b9:83:ae:
3d:6c:1c:05:77:dd:56:4b:0b:29:65:19:ec:75:71:
89:04:fa:41:18:4b:b2:02:06:29:e5:f3:4c:02:37:
63:d7:92:be:b5:76:fe:f3:27:6d:2a:7c:46:03:f5:
9a:17:e2:a8:a7:fc:55:bf:cc:b9:b2:f1:45:c8:4c:
ce:34:c9:d5:22:4c:0d:eb:82:47:79:0c:8a:32:49:
e8:67:b5:c7:1e:0f:03:4b:15:ce:1a:9a:58:98:42:
34:01:92:ed:52:1d:b4:ee:47:e0:98:ef:34:19:60:
c0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:38:FE:C4:7E:1E:E2:2B:27:A5:EE:E1:38:98:18:86:34:FD:45:77
X509v3 Authority Key Identifier:
keyid:0A:F1:23:81:00:37:0A:2C:05:FB:06:80:0A:FD:E6:90:6D:AA:F2:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvEjgQA3CiwF-waACv3mkG2q8tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/9c1b08-b5ac-4bbd-b8c3-0e0fd03b1104/1/bDj-xH4e4isnpe7hOJgYhjT9RXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/9c1b08-b5ac-4bbd-b8c3-0e0fd03b1104/1/CvEjgQA3CiwF-waACv3mkG2q8tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.96.0/23
Signature Algorithm: sha256WithRSAEncryption
95:f4:c8:12:ab:f5:a2:c4:16:29:71:c7:29:40:be:b5:8f:a5:
9b:7b:96:b2:2f:da:af:0e:75:62:3c:f8:b7:c2:8e:7d:97:81:
20:f0:d3:d3:de:08:b0:58:49:2a:4c:35:ec:f2:2e:44:75:02:
3c:a3:db:66:08:9a:44:2d:d0:53:c5:bf:17:ee:2e:be:d0:37:
09:d4:71:2b:13:ed:80:51:e3:78:35:2f:7b:53:ef:1f:16:37:
6c:1e:d1:c8:00:b5:97:b5:17:46:3a:51:91:96:bd:1c:52:9e:
c5:c1:9f:e4:c6:b6:e5:e0:b3:63:7b:7b:e5:db:9c:73:e0:24:
4f:60:ab:62:03:4f:3c:23:0d:01:56:b8:6e:a1:d3:a0:b0:a1:
dc:ef:49:12:fc:07:99:a4:3e:27:85:46:c5:b4:fd:ec:2d:1c:
d8:3d:26:36:8a:81:89:73:1c:8f:3e:c7:e2:91:49:e3:de:fb:
9a:de:d4:ea:5a:f0:1b:d0:f7:5d:55:b6:6f:e5:46:99:8e:27:
e6:b5:39:e7:d7:85:55:cd:ee:9e:bc:dd:c1:12:28:0e:44:03:
57:ed:d9:9f:38:dc:bb:c8:9d:00:f5:74:c6:9a:f1:eb:7e:c6:
75:a0:e3:13:72:5e:ee:e7:59:8b:8a:ad:12:7f:91:bc:bd:46:
90:4a:19:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweZ94uzQPqkB8RU5Yk5OKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjEyMzgxMDAzNzBhMmMwNWZiMDY4MDBhZmRlNjkwNmRh
YWYyZDgwHhcNMjMwMTAyMDMxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzM4ZmVjNDdlMWVlMjJiMjdhNWVlZTEzODk4MTg4NjM0ZmQ0NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppJ+TaDWK7sSxaGsD+6YwsoJGKkA
XMLVPe6Ur1yz96cBZQhx+d2kpgWpdlxI0ZgLidRf4Dp0RgfiTWj3kpt8ey/Zgc7O
GQjNftdvV6UeQVZszu0E0QHhbZVnBDluKXK///VnG8zSATidmWyYGf0nwWN+SbgK
jhhAOElG1rvw5nCHR3Ap0efLu0qcpjJMAUnxYCe5g649bBwFd91WSwspZRnsdXGJ
BPpBGEuyAgYp5fNMAjdj15K+tXb+8ydtKnxGA/WaF+Kop/xVv8y5svFFyEzONMnV
IkwN64JHeQyKMknoZ7XHHg8DSxXOGppYmEI0AZLtUh207kfgmO80GWDA1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGw4/sR+HuIrJ6Xu4TiYGIY0/UV3MB8GA1UdIwQY
MBaAFArxI4EANwosBfsGgAr95pBtqvLYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZFamdRQTNDaXdGLXdhQUN2M21rRzJxOHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy85YzFiMDgtYjVhYy00YmJkLWI4YzMt
MGUwZmQwM2IxMTA0LzEvYkRqLXhINGU0aXNucGU3aE9KZ1loalQ5UlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy85YzFiMDgtYjVhYy00YmJkLWI4YzMtMGUwZmQwM2IxMTA0
LzEvQ3ZFamdRQTNDaXdGLXdhQUN2M21rRzJxOHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1ehgMA0G
CSqGSIb3DQEBCwUAA4IBAQCV9MgSq/WixBYpcccpQL61j6Wbe5ayL9qvDnViPPi3
wo59l4Eg8NPT3giwWEkqTDXs8i5EdQI8o9tmCJpELdBTxb8X7i6+0DcJ1HErE+2A
UeN4NS97U+8fFjdsHtHIALWXtRdGOlGRlr0cUp7FwZ/kxrbl4LNje3vl25xz4CRP
YKtiA088Iw0BVrhuodOgsKHc70kS/AeZpD4nhUbFtP3sLRzYPSY2ioGJcxyPPsfi
kUnj3vua3tTqWvAb0PddVbZv5UaZjifmtTnn14VVze6evN3BEigORANX7dmfONy7
yJ0A9XTGmvHrfsZ1oOMTcl7u51mLiq0Sf5G8vUaQShnR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:32 2025 by rpki-client