Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/x33AfJs6qazKiw03nW9M0X_VBDs.roa
File: x33AfJs6qazKiw03nW9M0X_VBDs.roa (raw, json)
Hash identifier: E6DKhy+WoTlGuDTiJqrm82UxBmbB0LCkXxGjLiWAFFk=
Subject key identifier: C7:7D:C0:7C:9B:3A:A9:AC:CA:8B:0D:37:9D:6F:4C:D1:7F:D5:04:3B
Certificate issuer: /CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Certificate serial: 238B93E4
Authority key identifier: 5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/x33AfJs6qazKiw03nW9M0X_VBDs.roa
Signing time: Sat 01 Jan 2022 11:59:12 +0000
ROA not before: Sat 01 Jan 2022 11:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199305
IP address blocks: 213.140.142.0/24 maxlen: 24
2a02:2298:410::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 596349924 (0x238b93e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Validity
Not Before: Jan 1 11:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c77dc07c9b3aa9acca8b0d379d6f4cd17fd5043b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:af:b8:74:42:15:0a:fd:d9:50:7b:01:0a:c1:
4e:a1:f1:d5:d7:ec:1c:2e:45:50:ac:0c:5f:3f:bf:
79:b7:2e:64:7b:b7:29:1c:34:d6:6a:9d:32:f1:0c:
ea:a2:97:0c:62:de:84:ad:8e:4f:57:35:1e:c3:ef:
bf:55:bf:46:34:84:0b:c4:90:36:f6:7e:c0:92:00:
90:31:4a:25:fc:2f:83:94:fa:1f:be:5a:96:07:3a:
4d:81:04:41:31:4c:7e:e3:3e:d1:32:bc:c4:56:38:
cb:aa:7e:1a:b8:1b:8a:1e:4c:2e:df:b6:cd:83:48:
af:cb:61:76:ed:ab:47:48:95:d4:1f:da:24:f5:51:
e7:44:78:3b:0a:b4:65:be:d0:19:aa:8d:5f:dd:e7:
8e:9e:af:0d:3e:30:79:79:5f:7f:13:cb:db:82:93:
5d:7f:cc:d0:74:20:b0:ff:44:65:80:54:be:ec:6f:
c0:28:4c:58:24:b8:c5:3e:44:99:05:68:20:47:d6:
8b:32:ff:a8:bf:44:70:5e:a6:cf:be:fc:6e:f5:11:
48:56:9d:59:99:92:82:07:04:17:00:4c:23:16:02:
8a:39:7f:b9:f5:af:2b:7c:a9:0d:a3:ad:04:89:e2:
85:f7:95:72:59:a5:b0:e5:74:25:1f:73:80:23:0d:
76:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7D:C0:7C:9B:3A:A9:AC:CA:8B:0D:37:9D:6F:4C:D1:7F:D5:04:3B
X509v3 Authority Key Identifier:
keyid:5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/x33AfJs6qazKiw03nW9M0X_VBDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.140.142.0/24
IPv6:
2a02:2298:410::/48
Signature Algorithm: sha256WithRSAEncryption
4b:0f:26:aa:d3:42:d0:89:ab:5e:bb:da:41:b7:95:24:cc:eb:
86:88:dd:ee:fb:fd:62:eb:48:77:eb:56:47:f2:76:0d:a3:24:
96:a8:c7:5e:b6:64:ad:a1:4f:a5:9d:a8:f5:4b:30:b0:d3:9d:
13:c9:64:90:bd:c3:b9:17:7e:40:cf:81:99:6f:f8:6e:e9:38:
3b:29:4c:41:1e:95:28:43:33:b4:df:cc:40:3a:0a:ad:63:ad:
c1:9e:da:fd:73:20:5d:35:43:9a:94:1c:16:3f:a8:9c:31:a9:
c8:38:a5:cf:c2:6f:8e:b7:0a:c2:90:a1:98:f5:90:3b:f5:c0:
98:d6:9a:b0:34:5a:70:23:68:7f:7e:96:1e:75:80:14:cc:9b:
1d:d8:ef:cd:1d:80:c5:e9:fa:e8:02:b7:42:e9:7b:e9:76:a6:
d5:ef:2a:aa:91:d8:35:39:84:cd:58:6f:ad:e3:88:f1:b7:8d:
98:08:b9:83:80:6a:07:32:1d:63:84:25:e1:3b:77:e7:ea:68:
7e:8d:c8:bc:02:09:6c:de:5b:1f:06:92:40:f7:53:72:60:32:
0d:9b:de:1f:ce:d0:15:eb:a7:d7:9a:66:c0:c8:b2:64:87:41:
d2:bb:04:1f:7a:e5:bb:36:bc:d6:dd:2b:4b:01:3f:0a:08:2c:
6e:5e:b1:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEI4uT5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDhhOWZkN2M1MTkyNmUyMmVhOGFhMzNiM2I4ODM4ZTkzZThiZWRkMB4XDTIyMDEw
MTExNTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc3ZGMwN2M5YjNh
YTlhY2NhOGIwZDM3OWQ2ZjRjZDE3ZmQ1MDQzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANevuHRCFQr92VB7AQrBTqHx1dfsHC5FUKwMXz+/ebcuZHu3
KRw01mqdMvEM6qKXDGLehK2OT1c1HsPvv1W/RjSEC8SQNvZ+wJIAkDFKJfwvg5T6
H75algc6TYEEQTFMfuM+0TK8xFY4y6p+Grgbih5MLt+2zYNIr8thdu2rR0iV1B/a
JPVR50R4Owq0Zb7QGaqNX93njp6vDT4weXlffxPL24KTXX/M0HQgsP9EZYBUvuxv
wChMWCS4xT5EmQVoIEfWizL/qL9EcF6mz778bvURSFadWZmSggcEFwBMIxYCijl/
ufWvK3ypDaOtBInihfeVclmlsOV0JR9zgCMNdisCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTHfcB8mzqprMqLDTedb0zRf9UEOzAfBgNVHSMEGDAWgBRdip/XxRkm4i6o
qjOzuIOOk+i+3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hZcWYxOFVaSnVJdXFLb3pzN2lEanBQb3Z0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYmI4NjFkLTMzMGYtNGE5Ny05ZjljLTY2YzUzZjJiMWYwMi8x
L3gzM0FmSnM2cWF6S2l3MDNuVzlNMFhfVkJEcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YmI4NjFkLTMzMGYtNGE5Ny05ZjljLTY2YzUzZjJiMWYwMi8xL1hZcWYxOFVaSnVJ
dXFLb3pzN2lEanBQb3Z0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEANWMjjAPBAIAAjAJAwcAKgIimAQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBLDyaq00LQiateu9pBt5UkzOuGiN3u+/1i60h3
61ZH8nYNoySWqMdetmStoU+lnaj1SzCw050TyWSQvcO5F35Az4GZb/hu6Tg7KUxB
HpUoQzO038xAOgqtY63Bntr9cyBdNUOalBwWP6icManIOKXPwm+OtwrCkKGY9ZA7
9cCY1pqwNFpwI2h/fpYedYAUzJsd2O/NHYDF6froArdC6XvpdqbV7yqqkdg1OYTN
WG+t44jxt42YCLmDgGoHMh1jhCXhO3fn6mh+jci8Agls3lsfBpJA91NyYDINm94f
ztAV66fXmmbAyLJkh0HSuwQfeuW7NrzW3StLAT8KCCxuXrEl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:17 2024 by rpki-client on console-ams.rpki-client.org