Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/1-hjSdLRFswsbDnX90e_1XwOrad4.roa
File: 1-hjSdLRFswsbDnX90e_1XwOrad4.roa (raw, json)
Hash identifier: ASCaeg1ECQQFlBnwRLaLtFQTgz7svOBpaHJRCClSyxo=
Subject key identifier: FA:18:D2:74:B4:45:B3:0B:1B:0E:75:FD:D1:EF:F5:5F:03:AB:69:DE
Certificate issuer: /CN=0c10137944e887ad07569ed4d412846732d0af70
Certificate serial: 33263E
Authority key identifier: 0C:10:13:79:44:E8:87:AD:07:56:9E:D4:D4:12:84:67:32:D0:AF:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBATeUToh60HVp7U1BKEZzLQr3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/1-hjSdLRFswsbDnX90e_1XwOrad4.roa
Signing time: Tue 22 Feb 2022 08:25:00 +0000
ROA not before: Tue 22 Feb 2022 08:25:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9163
IP address blocks: 213.208.54.0/24 maxlen: 24
213.208.57.0/24 maxlen: 24
213.208.55.0/24 maxlen: 24
213.208.58.0/24 maxlen: 24
213.208.56.0/24 maxlen: 24
213.208.52.0/24 maxlen: 24
213.208.53.0/24 maxlen: 24
213.208.61.0/24 maxlen: 24
213.208.62.0/24 maxlen: 24
213.208.63.0/24 maxlen: 24
213.208.59.0/24 maxlen: 24
213.208.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3352126 (0x33263e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c10137944e887ad07569ed4d412846732d0af70
Validity
Not Before: Feb 22 08:25:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa18d274b445b30b1b0e75fdd1eff55f03ab69de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:01:86:64:63:55:d0:9f:34:52:0f:06:af:4c:
a0:b2:ee:39:3f:30:a3:cd:a9:30:b3:f0:c5:6b:1a:
ba:61:e8:1d:b2:16:38:f1:53:7b:70:a7:b1:92:b2:
6f:c8:8b:af:8f:b5:02:17:36:e1:bc:71:fe:b0:9c:
b1:88:a7:34:c8:cc:e4:d0:df:46:83:8b:da:8e:93:
2c:4d:d3:92:78:9a:df:0c:5b:2e:bb:a9:3d:6e:de:
fb:dd:22:16:d2:70:bc:f0:5e:f3:67:3f:7d:b4:03:
89:23:54:eb:c3:97:2d:8f:e9:a6:dc:93:5e:14:42:
2c:07:75:f1:f3:83:f8:64:0c:56:3e:81:c6:0c:8d:
26:5c:8f:62:e3:3e:3d:44:47:48:86:cd:b5:9d:d5:
4c:38:04:42:45:3d:e9:01:6f:69:f6:04:56:cf:fa:
54:13:3c:31:8b:1d:89:a8:1d:c6:ca:67:f0:64:04:
05:b1:7b:8f:1a:d8:67:95:e7:f6:b0:ba:01:8b:d9:
23:24:93:39:e0:3d:dd:ce:a4:14:f9:75:e1:a3:62:
0d:64:37:38:64:21:5f:96:66:68:bf:66:31:73:6f:
65:12:8d:4f:e6:fe:c0:f0:75:ff:87:f4:ee:92:b2:
f2:83:ad:b5:21:7e:e9:1f:90:4b:2d:c8:57:d0:90:
18:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:18:D2:74:B4:45:B3:0B:1B:0E:75:FD:D1:EF:F5:5F:03:AB:69:DE
X509v3 Authority Key Identifier:
keyid:0C:10:13:79:44:E8:87:AD:07:56:9E:D4:D4:12:84:67:32:D0:AF:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBATeUToh60HVp7U1BKEZzLQr3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/1-hjSdLRFswsbDnX90e_1XwOrad4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/DBATeUToh60HVp7U1BKEZzLQr3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.208.52.0-213.208.63.255
Signature Algorithm: sha256WithRSAEncryption
7d:b1:62:6d:14:c4:33:0a:b4:b8:5f:88:4b:72:1f:2e:e9:a7:
ec:a9:8b:8f:2f:ab:53:dc:e1:fd:44:33:10:d9:b0:5c:79:55:
52:f1:92:e7:be:c3:b3:ed:90:2f:a1:1d:a6:d4:89:40:2b:85:
50:7a:f6:93:f0:a6:83:d2:7b:b8:bb:de:df:15:4c:9e:8b:3b:
b6:1a:1c:2b:48:9e:46:36:3d:0a:f9:60:7e:f6:f6:21:e2:ab:
c8:91:95:6e:9d:8d:af:ba:15:2f:3d:02:9c:88:68:78:ce:89:
5c:58:c9:af:fd:8c:0f:c4:2d:65:a3:c3:c9:ca:be:6b:52:8c:
e7:e1:dc:32:ee:0c:28:ad:64:17:64:9f:c2:9d:11:77:c3:93:
bc:4d:a8:ac:5b:79:5e:3a:a3:dc:6f:a1:3a:c6:fa:bb:3b:4d:
09:b9:f6:65:b8:6d:04:bc:7b:52:d0:0a:c1:96:6e:e3:45:db:
06:0e:e4:22:89:87:c4:70:be:c4:f9:35:7e:e8:d7:42:55:49:
8a:b6:3a:e5:56:b7:db:6e:d9:08:97:c0:82:70:c5:1d:21:39:
8e:0c:4b:1d:dd:1b:d2:82:4f:57:27:3a:d6:65:56:83:8a:4d:
c9:0f:f4:ee:be:fc:2e:ab:be:19:ee:53:dd:27:8d:2e:16:d1:
8f:6c:0a:1f
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIDMyY+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBj
MTAxMzc5NDRlODg3YWQwNzU2OWVkNGQ0MTI4NDY3MzJkMGFmNzAwHhcNMjIwMjIy
MDgyNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmYTE4ZDI3NGI0NDVi
MzBiMWIwZTc1ZmRkMWVmZjU1ZjAzYWI2OWRlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwAGGZGNV0J80Ug8Gr0ygsu45PzCjzakws/DFaxq6YegdshY4
8VN7cKexkrJvyIuvj7UCFzbhvHH+sJyxiKc0yMzk0N9Gg4vajpMsTdOSeJrfDFsu
u6k9bt773SIW0nC88F7zZz99tAOJI1Trw5ctj+mm3JNeFEIsB3Xx84P4ZAxWPoHG
DI0mXI9i4z49REdIhs21ndVMOARCRT3pAW9p9gRWz/pUEzwxix2JqB3GymfwZAQF
sXuPGthnlef2sLoBi9kjJJM54D3dzqQU+XXho2INZDc4ZCFflmZov2Yxc29lEo1P
5v7A8HX/h/TukrLyg621IX7pH5BLLchX0JAYdQIDAQABo4ICEjCCAg4wHQYDVR0O
BBYEFPoY0nS0RbMLGw51/dHv9V8Dq2neMB8GA1UdIwQYMBaAFAwQE3lE6IetB1ae
1NQShGcy0K9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
REJBVGVVVG9oNjBIVnA3VTFCS0VaekxRcjNBLmNlcjCBjgYIKwYBBQUHAQsEgYEw
fzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83YS81ODRhNDYtM2ZkYy00MjViLWIyYjYtZjAzYWFlMTMwMzJmLzEv
MS1oalNkTFJGc3dzYkRuWDkwZV8xWHdPcmFkNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NTg0YTQ2LTNmZGMtNDI1Yi1iMmI2LWYwM2FhZTEzMDMyZi8xL0RCQVRlVVRvaDYw
SFZwN1UxQktFWnpMUXIzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQC1dA0AwQG1dAAMA0GCSqGSIb3
DQEBCwUAA4IBAQB9sWJtFMQzCrS4X4hLch8u6afsqYuPL6tT3OH9RDMQ2bBceVVS
8ZLnvsOz7ZAvoR2m1IlAK4VQevaT8KaD0nu4u97fFUyeizu2GhwrSJ5GNj0K+WB+
9vYh4qvIkZVunY2vuhUvPQKciGh4zolcWMmv/YwPxC1lo8PJyr5rUozn4dwy7gwo
rWQXZJ/CnRF3w5O8TaisW3leOqPcb6E6xvq7O00JufZluG0EvHtS0ArBlm7jRdsG
DuQiiYfEcL7E+TV+6NdCVUmKtjrlVrfbbtkIl8CCcMUdITmODEsd3RvSgk9XJzrW
ZVaDik3JD/Tuvvwuq74Z7lPdJ40uFtGPbAof
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:38:05 2025 by rpki-client