Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/qn0ugsN_7BUoAoXocr0ES-kOg6c.roa
File: qn0ugsN_7BUoAoXocr0ES-kOg6c.roa (raw, json)
Hash identifier: fbvkAXBcZTJL3xWqPooveEz2z6jmWdDklfoBXdVUF1E=
Subject key identifier: AA:7D:2E:82:C3:7F:EC:15:28:02:85:E8:72:BD:04:4B:E9:0E:83:A7
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 08871AA9
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/qn0ugsN_7BUoAoXocr0ES-kOg6c.roa
Signing time: Sat 01 Jan 2022 03:50:54 +0000
ROA not before: Sat 01 Jan 2022 03:50:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31679
IP address blocks: 213.215.100.0/24 maxlen: 24
213.215.82.0/24 maxlen: 24
213.215.85.0/24 maxlen: 24
213.215.84.0/24 maxlen: 24
213.215.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143071913 (0x8871aa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 03:50:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa7d2e82c37fec15280285e872bd044be90e83a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:47:b8:11:84:24:5b:3c:01:68:c2:16:19:5a:
84:ca:cb:ed:54:e9:52:19:99:da:a3:81:fa:17:33:
16:9d:7e:34:bc:d9:ab:f4:1a:47:30:81:76:ae:a7:
6c:e9:e7:1d:6b:85:4e:b5:9e:ba:62:8f:3b:8e:e1:
b1:fa:f4:a0:d9:8d:21:8a:47:15:bd:c1:e8:6d:b0:
3a:f6:27:0c:59:8f:96:40:7d:36:1f:a0:f5:c2:dd:
57:4d:95:08:91:fb:42:59:19:73:7b:c4:af:b4:54:
36:9d:a7:eb:ef:eb:7d:35:d3:0e:4e:e0:36:50:4a:
90:a6:c8:54:e6:40:2f:03:82:0a:56:3d:e0:1d:b1:
4d:c3:65:95:2a:1f:28:97:3e:27:1f:b7:3b:fa:89:
a2:3a:76:71:9a:8d:38:95:8d:ec:6d:fb:a5:a9:bc:
9d:21:44:4d:fd:c1:3b:35:8b:f0:d9:df:d1:80:f9:
6c:ab:56:eb:ba:68:1f:c5:6e:e0:f3:e9:bd:b1:fd:
0d:36:31:4e:75:85:c5:7b:4e:84:8c:8b:ef:f1:ae:
d5:83:6d:b5:ca:92:ff:2b:5c:cf:a7:ae:4a:54:d9:
b9:f6:ec:31:38:d6:9b:a1:7c:23:33:74:ba:c1:9d:
9f:75:3c:4d:4c:da:63:34:fc:2f:d0:2d:a8:06:6b:
ec:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7D:2E:82:C3:7F:EC:15:28:02:85:E8:72:BD:04:4B:E9:0E:83:A7
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/qn0ugsN_7BUoAoXocr0ES-kOg6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.215.82.0-213.215.85.255
213.215.100.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:a6:b3:07:13:8d:bf:ca:15:34:e4:87:01:34:fe:32:fa:3f:
67:e5:5e:cb:61:23:a0:97:ea:14:a4:99:25:33:8d:22:02:bd:
62:bb:c2:f8:62:a3:d5:2a:13:69:70:e5:bf:e6:dd:cb:96:92:
d4:62:a0:bb:6b:86:08:ef:4c:87:49:a9:8c:ea:a2:c0:d8:bc:
44:54:b5:96:47:5b:67:f7:81:1c:7b:e8:7a:29:ff:b8:a0:50:
ff:8a:b3:fd:1d:7d:f2:19:64:ff:18:23:7b:ad:59:d8:93:51:
e4:7b:fe:b1:30:8a:94:c6:25:f1:ff:b0:38:6c:eb:4f:4d:6e:
f9:98:70:98:f3:59:65:67:ef:28:9c:5c:79:7f:5b:37:e5:16:
ea:ef:40:11:7f:f9:9f:b2:89:67:1e:e5:4b:ac:fa:a0:2f:06:
8c:2f:c8:02:3c:2b:88:e3:ef:a4:a2:4d:e9:63:8a:79:a6:be:
38:e2:eb:e6:2d:16:30:a4:40:0d:ab:2f:88:47:7a:19:46:69:
10:96:00:a7:35:e1:4b:ea:1c:81:1c:85:27:5d:71:f2:07:5b:
73:b8:f4:9a:00:4a:2e:14:4d:39:bb:fb:76:a2:2f:43:41:bf:
07:37:72:54:bf:b1:ed:4a:86:1f:73:e0:ae:6e:a5:aa:ae:a3:
90:9c:1b:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECIcaqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Y4ODE0MDFhYmFjYzg4Yzk0MWZkZjc0MGYxYWIxNTM2ZjA1ZGJhMB4XDTIyMDEw
MTAzNTA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE3ZDJlODJjMzdm
ZWMxNTI4MDI4NWU4NzJiZDA0NGJlOTBlODNhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxHuBGEJFs8AWjCFhlahMrL7VTpUhmZ2qOB+hczFp1+NLzZ
q/QaRzCBdq6nbOnnHWuFTrWeumKPO47hsfr0oNmNIYpHFb3B6G2wOvYnDFmPlkB9
Nh+g9cLdV02VCJH7QlkZc3vEr7RUNp2n6+/rfTXTDk7gNlBKkKbIVOZALwOCClY9
4B2xTcNllSofKJc+Jx+3O/qJojp2cZqNOJWN7G37pam8nSFETf3BOzWL8Nnf0YD5
bKtW67poH8Vu4PPpvbH9DTYxTnWFxXtOhIyL7/Gu1YNttcqS/ytcz6euSlTZufbs
MTjWm6F8IzN0usGdn3U8TUzaYzT8L9AtqAZr7DsCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSqfS6Cw3/sFSgChehyvQRL6Q6DpzAfBgNVHSMEGDAWgBTn+IFAGrrMiMlB
/fdA8asVNvBdujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVfaUJRQnE2eklqSlFmMzNRUEdyRlRid1hiby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvZjU1MzRhLWE2MTMtNDdiZS1iNDJiLWUyZmJjM2E2ODgwMC8x
L3FuMHVnc05fN0JVb0FvWG9jcjBFUy1rT2c2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
ZjU1MzRhLWE2MTMtNDdiZS1iNDJiLWUyZmJjM2E2ODgwMC8xLzVfaUJRQnE2eklq
SlFmMzNRUEdyRlRid1hiby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQB1ddSAwQB1ddUAwQA1ddkMA0G
CSqGSIb3DQEBCwUAA4IBAQB7prMHE42/yhU05IcBNP4y+j9n5V7LYSOgl+oUpJkl
M40iAr1iu8L4YqPVKhNpcOW/5t3LlpLUYqC7a4YI70yHSamM6qLA2LxEVLWWR1tn
94Ece+h6Kf+4oFD/irP9HX3yGWT/GCN7rVnYk1Hke/6xMIqUxiXx/7A4bOtPTW75
mHCY81llZ+8onFx5f1s35Rbq70ARf/mfsolnHuVLrPqgLwaML8gCPCuI4++kok3p
Y4p5pr444uvmLRYwpEANqy+IR3oZRmkQlgCnNeFL6hyBHIUnXXHyB1tzuPSaAEou
FE05u/t2oi9DQb8HN3JUv7HtSoYfc+CubqWqrqOQnBvG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:04 2023 by rpki-client on console-ams.rpki-client.org