Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/t7oAhGss4p9Z3703hZDdkQ7I1BA.roa
File: t7oAhGss4p9Z3703hZDdkQ7I1BA.roa (raw, json)
Hash identifier: 7Ldk8jNOPlFE3UYAmYRbB1Zw4iBzoln5VOtds3BErME=
Subject key identifier: B7:BA:00:84:6B:2C:E2:9F:59:DF:BD:37:85:90:DD:91:0E:C8:D4:10
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0807ECA8
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/t7oAhGss4p9Z3703hZDdkQ7I1BA.roa
Signing time: Sat 01 Jan 2022 11:54:15 +0000
ROA not before: Sat 01 Jan 2022 11:54:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199527
IP address blocks: 213.252.242.0/24 maxlen: 24
213.252.251.0/24 maxlen: 24
213.252.253.0/24 maxlen: 24
213.252.250.0/24 maxlen: 24
213.252.210.0/24 maxlen: 24
213.252.209.0/24 maxlen: 24
213.252.208.0/24 maxlen: 24
2a00:f501:a001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134737064 (0x807eca8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 1 11:54:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7ba00846b2ce29f59dfbd378590dd910ec8d410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:24:54:7b:46:a5:d5:82:fb:d0:8a:ff:aa:1e:
38:ef:38:cb:c8:a7:30:6f:9b:af:8c:db:0f:83:a6:
84:c2:06:57:1c:04:3a:42:fe:4b:e0:7b:51:bb:ef:
44:fd:48:9d:6b:e9:c0:e2:8e:a7:8b:fc:52:74:76:
52:92:fa:13:87:a7:e2:e4:26:c3:71:4d:21:73:93:
80:fb:d6:40:ea:76:56:56:f2:75:79:7f:01:d8:90:
50:64:c4:57:f0:7f:bd:13:37:7d:29:0e:69:51:ec:
03:38:d8:64:68:2a:43:c5:7d:de:56:f4:d6:42:46:
cc:95:54:4c:da:8c:e0:d3:fa:7d:21:a2:c6:7b:6e:
34:4f:c6:2e:16:30:a7:6d:cd:1f:96:ff:99:73:cf:
65:ce:65:af:99:9a:12:58:e5:0c:2c:e4:44:59:20:
f5:36:80:73:70:b7:f9:cd:e3:0c:be:3b:64:5c:79:
ae:e2:0f:43:7f:66:1a:49:8a:b7:b3:63:c2:6e:ca:
bb:02:de:1f:02:ed:56:7d:3f:e8:04:f3:f5:75:7d:
0d:9e:97:6a:83:0d:23:5c:74:38:6c:3a:b7:19:89:
d6:91:a5:2a:7c:c7:56:48:03:09:09:3f:d4:1d:9b:
bd:33:c8:d5:96:1b:29:d3:72:a8:6c:b0:fc:f2:70:
9c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BA:00:84:6B:2C:E2:9F:59:DF:BD:37:85:90:DD:91:0E:C8:D4:10
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/t7oAhGss4p9Z3703hZDdkQ7I1BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.252.208.0-213.252.210.255
213.252.242.0/24
213.252.250.0/23
213.252.253.0/24
IPv6:
2a00:f501:a001::/48
Signature Algorithm: sha256WithRSAEncryption
39:8d:ca:5c:9f:78:f5:b1:b7:9f:2e:18:e9:27:36:60:fa:df:
23:2c:d6:a6:cd:e7:62:3f:5a:4f:4e:97:96:52:42:ea:3d:8c:
0e:17:1d:78:2f:6b:0a:3f:df:17:ac:df:c2:d9:36:66:62:ba:
a7:9a:97:35:c0:d6:be:15:ef:8e:57:b0:f0:70:98:82:74:b2:
3e:73:a8:63:3c:80:a4:11:26:3d:79:0d:3c:9a:e9:32:89:50:
06:a0:6d:bf:d8:2b:29:4c:e8:85:3f:1c:d4:51:f5:19:11:fd:
b0:15:74:91:3b:73:a5:d3:4e:38:a2:e1:1f:75:54:3d:91:53:
84:bd:06:96:2c:c3:44:0d:12:b6:64:ce:5f:dc:fd:03:9d:3c:
c5:cf:9a:9c:81:46:14:66:6d:fb:e8:9d:dd:66:3e:27:70:21:
af:88:50:fe:8c:82:d6:5e:92:b7:31:62:89:f9:88:0f:16:c6:
b1:4d:e0:17:d0:14:3f:ec:c0:fe:81:03:d8:c3:b8:62:05:88:
71:52:50:a3:4a:8f:eb:e6:5d:ce:18:16:bc:82:99:75:60:9f:
b0:07:bc:02:0d:85:04:d3:89:6c:de:a3:8f:de:93:df:6f:8b:
f9:24:72:82:44:49:10:5d:54:73:ad:2d:ec:81:07:cb:c8:19:
7a:42:86:67
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIECAfsqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MGRkODFhODMzZDliMDQzYzdmZmQ2MzVhNTk4N2Y1MzY5NzExODBkMB4XDTIyMDEw
MTExNTQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdiYTAwODQ2YjJj
ZTI5ZjU5ZGZiZDM3ODU5MGRkOTEwZWM4ZDQxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8kVHtGpdWC+9CK/6oeOO84y8inMG+br4zbD4OmhMIGVxwE
OkL+S+B7UbvvRP1InWvpwOKOp4v8UnR2UpL6E4en4uQmw3FNIXOTgPvWQOp2Vlby
dXl/AdiQUGTEV/B/vRM3fSkOaVHsAzjYZGgqQ8V93lb01kJGzJVUTNqM4NP6fSGi
xntuNE/GLhYwp23NH5b/mXPPZc5lr5maEljlDCzkRFkg9TaAc3C3+c3jDL47ZFx5
ruIPQ39mGkmKt7Njwm7KuwLeHwLtVn0/6ATz9XV9DZ6XaoMNI1x0OGw6txmJ1pGl
KnzHVkgDCQk/1B2bvTPI1ZYbKdNyqGyw/PJwnLcCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBS3ugCEayzin1nfvTeFkN2RDsjUEDAfBgNVHSMEGDAWgBTw3YGoM9mwQ8f/
1jWlmH9TaXEYDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhOMkJxRFBac0VQSF85WTFwWmhfVTJseEdBMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYThlYmU0LWQwYjMtNGU3ZC1hZjI1LTA0NjgwNDI0ODZkYy8x
L3Q3b0FoR3NzNHA5WjM3MDNoWkRka1E3STFCQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YThlYmU0LWQwYjMtNGU3ZC1hZjI1LTA0NjgwNDI0ODZkYy8xLzhOMkJxRFBac0VQ
SF85WTFwWmhfVTJseEdBMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwJgQCAAEwIDAMAwQE1fzQAwQA1fzSAwQA1fzyAwQB
1fz6AwQA1fz9MA8EAgACMAkDBwAqAPUBoAEwDQYJKoZIhvcNAQELBQADggEBADmN
ylyfePWxt58uGOknNmD63yMs1qbN52I/Wk9Ol5ZSQuo9jA4XHXgvawo/3xes38LZ
NmZiuqealzXA1r4V745XsPBwmIJ0sj5zqGM8gKQRJj15DTya6TKJUAagbb/YKylM
6IU/HNRR9RkR/bAVdJE7c6XTTjii4R91VD2RU4S9BpYsw0QNErZkzl/c/QOdPMXP
mpyBRhRmbfvond1mPidwIa+IUP6MgtZekrcxYon5iA8WxrFN4BfQFD/swP6BA9jD
uGIFiHFSUKNKj+vmXc4YFryCmXVgn7AHvAINhQTTiWzeo4/ek99vi/kkcoJESRBd
VHOtLeyBB8vIGXpChmc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:26 2023 by rpki-client on console-fra.rpki-client.org