Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/3sRJHEhmjhEYZOC_nwgG175piGE.roa
File: 3sRJHEhmjhEYZOC_nwgG175piGE.roa (raw, json)
Hash identifier: wCQJP+nxkkW1Vg4Oihqk5GiclW8qCeibWRpAILobsNI=
Subject key identifier: DE:C4:49:1C:48:66:8E:11:18:64:E0:BF:9F:08:06:D7:BE:69:88:61
Certificate issuer: /CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
Certificate serial: 01856F8B8DB67267E04F5D84A638A438E6F1
Authority key identifier: CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/3sRJHEhmjhEYZOC_nwgG175piGE.roa
Signing time: Sun 01 Jan 2023 22:54:54 +0000
ROA not before: Sun 01 Jan 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 213.170.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8d:b6:72:67:e0:4f:5d:84:a6:38:a4:38:e6:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
Validity
Not Before: Jan 1 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dec4491c48668e111864e0bf9f0806d7be698861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5a:cd:fd:d1:bb:91:6f:14:ce:e3:a0:91:df:
22:21:20:0c:c2:e1:17:0b:fb:45:1b:a5:b2:71:3f:
86:e8:34:d6:43:d1:92:7d:cf:5a:bd:2c:e5:24:f6:
1f:b4:60:66:ce:a1:ae:cd:b8:16:39:34:0a:d1:11:
3b:b1:a0:95:ae:82:7f:22:37:5d:a7:42:6c:8e:00:
76:a8:25:31:54:74:99:f2:d4:71:27:d2:69:ea:0d:
e9:86:ea:6e:13:6a:5e:39:eb:a8:28:36:f2:d3:50:
a0:1e:c9:15:a9:94:dd:34:ee:a4:6f:98:5b:e6:50:
6b:43:90:66:7f:72:e5:eb:48:55:ef:ad:1d:92:b3:
39:f7:33:86:b3:39:b2:58:8a:04:12:fc:b3:c4:e9:
6e:d2:71:c7:6b:c5:28:8a:68:5c:28:51:bb:b5:00:
04:a5:85:da:03:93:f5:74:63:6f:31:54:20:fe:86:
40:66:63:3b:4f:38:05:0b:d1:41:45:bb:a6:6d:4b:
cc:a8:85:f7:53:4e:dc:83:7a:fa:67:a9:ee:82:ca:
14:63:bd:b5:7c:3e:d7:19:47:f7:9e:f3:a5:bc:4b:
50:82:e5:af:2b:58:d7:ac:02:43:3b:2b:b5:da:2d:
90:42:12:7e:d4:13:7c:58:da:54:d0:5b:9c:30:16:
62:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C4:49:1C:48:66:8E:11:18:64:E0:BF:9F:08:06:D7:BE:69:88:61
X509v3 Authority Key Identifier:
keyid:CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/3sRJHEhmjhEYZOC_nwgG175piGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.170.203.0/24
Signature Algorithm: sha256WithRSAEncryption
88:c1:1f:a3:65:af:99:34:2f:17:83:31:1d:8b:63:04:01:45:
6d:58:60:42:f2:19:b4:43:ac:b4:24:ae:08:01:ea:0b:a1:79:
76:a2:54:25:ee:48:2f:22:e0:5a:be:1e:0d:92:87:20:f9:e0:
df:57:4d:5f:71:a8:43:0c:ee:4e:06:d3:ed:6a:8a:47:53:db:
43:93:b9:0f:2f:ed:db:3f:4a:53:10:46:02:68:59:d7:d6:af:
af:65:e1:6b:14:46:0a:7c:a8:73:8b:02:a4:d6:f3:86:59:14:
8a:24:97:9e:c9:e1:be:be:d4:50:59:65:31:ea:84:3e:1f:c5:
87:2c:60:8e:3c:f1:14:da:ff:8e:f4:3c:26:15:bd:64:31:9a:
75:22:26:d8:7e:89:0a:28:1d:1f:24:42:cc:c5:7d:64:3c:6b:
d5:bf:16:71:2b:7c:ae:46:44:4d:55:63:80:cc:4f:76:25:b4:
36:cb:92:55:f1:90:6d:8a:f3:6d:58:80:a4:21:fb:5a:ab:0f:
74:37:c0:f5:d4:09:3a:b1:1d:0f:87:26:4a:b6:15:ad:42:20:
ed:09:cc:d3:92:92:d4:10:51:96:9c:84:af:fb:7e:78:f2:58:
10:cd:c0:80:cb:ce:d1:6b:13:ee:62:d6:42:a3:3a:c1:bb:65:
f1:87:49:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi422cmfgT12EpjikOObxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYmY5NWI0N2FiMmI5OWMyMjJiZmU1NDUyMWVmZDFhYjY3
ZDI2N2YwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWM0NDkxYzQ4NjY4ZTExMTg2NGUwYmY5ZjA4MDZkN2JlNjk4ODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlrN/dG7kW8UzuOgkd8iISAMwuEX
C/tFG6WycT+G6DTWQ9GSfc9avSzlJPYftGBmzqGuzbgWOTQK0RE7saCVroJ/Ijdd
p0JsjgB2qCUxVHSZ8tRxJ9Jp6g3phupuE2peOeuoKDby01CgHskVqZTdNO6kb5hb
5lBrQ5Bmf3Ll60hV760dkrM59zOGszmyWIoEEvyzxOlu0nHHa8UoimhcKFG7tQAE
pYXaA5P1dGNvMVQg/oZAZmM7TzgFC9FBRbumbUvMqIX3U07cg3r6Z6nugsoUY721
fD7XGUf3nvOlvEtQguWvK1jXrAJDOyu12i2QQhJ+1BN8WNpU0FucMBZiDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7ESRxIZo4RGGTgv58IBte+aYhhMB8GA1UdIwQY
MBaAFMy/lbR6srmcIiv+VFIe/Rq2fSZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekwtVnRIcXl1WndpS181VVVoNzlHclo5Sm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMjliOTUtY2NiMy00NjdiLWFiN2Et
YWM1YjYxNDkzZTAxLzEvM3NSSkhFaG1qaEVZWk9DX253Z0cxNzVwaUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMjliOTUtY2NiMy00NjdiLWFiN2EtYWM1YjYxNDkzZTAx
LzEvekwtVnRIcXl1WndpS181VVVoNzlHclo5Sm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1arLMA0G
CSqGSIb3DQEBCwUAA4IBAQCIwR+jZa+ZNC8XgzEdi2MEAUVtWGBC8hm0Q6y0JK4I
AeoLoXl2olQl7kgvIuBavh4Nkocg+eDfV01fcahDDO5OBtPtaopHU9tDk7kPL+3b
P0pTEEYCaFnX1q+vZeFrFEYKfKhziwKk1vOGWRSKJJeeyeG+vtRQWWUx6oQ+H8WH
LGCOPPEU2v+O9DwmFb1kMZp1IibYfokKKB0fJELMxX1kPGvVvxZxK3yuRkRNVWOA
zE92JbQ2y5JV8ZBtivNtWICkIftaqw90N8D11Ak6sR0PhyZKthWtQiDtCczTkpLU
EFGWnISv+3548lgQzcCAy87RaxPuYtZCozrBu2Xxh0mK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:53 2025 by rpki-client