Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/SPvwvuGDtqO_ylF61zutfb1BdaA.roa
File: SPvwvuGDtqO_ylF61zutfb1BdaA.roa (raw, json)
Hash identifier: hKdPVAOTatJzRzSHwpt2Cg8O4ja5WakmeX+MfWqlCI0=
Subject key identifier: 48:FB:F0:BE:E1:83:B6:A3:BF:CA:51:7A:D7:3B:AD:7D:BD:41:75:A0
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 018543BA51A343A7F380BD0DB7D38DE44955
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/SPvwvuGDtqO_ylF61zutfb1BdaA.roa
Signing time: Sat 24 Dec 2022 10:42:42 +0000
ROA not before: Sat 24 Dec 2022 10:42:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9137
IP address blocks: 213.204.0.0/19 maxlen: 19
2a02:5640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:ba:51:a3:43:a7:f3:80:bd:0d:b7:d3:8d:e4:49:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: Dec 24 10:42:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48fbf0bee183b6a3bfca517ad73bad7dbd4175a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8a:53:2a:a9:b3:0f:bb:93:08:4d:96:b3:48:
5e:f6:8f:65:8b:9d:29:70:23:bc:2e:62:a8:0c:b0:
9e:7d:e8:a2:14:82:48:23:56:ee:38:33:1d:bc:6e:
45:86:7a:c4:75:a8:14:bd:51:c6:12:47:42:20:94:
52:20:b5:de:e4:27:25:ee:b1:be:93:72:0e:c0:1d:
64:c0:61:fa:70:fa:3d:dd:4b:aa:55:c5:c9:64:46:
3b:94:16:f5:0c:c7:50:c2:81:17:0a:d7:0d:53:cb:
f0:d8:7b:1c:49:2c:bb:b5:db:82:84:77:8f:74:f3:
56:63:69:b0:06:f4:41:af:47:6e:69:72:3c:79:c7:
71:db:b9:ac:24:dc:3f:3c:79:56:d0:2b:c8:14:76:
08:72:85:fc:a4:d5:79:66:a6:a3:1e:f3:53:d4:a0:
5e:48:1f:fc:20:cd:ff:8f:96:fe:09:77:fd:63:ff:
3e:7b:ae:9b:2f:12:5d:a8:3a:bc:1d:1f:d2:0b:b7:
f5:a3:ae:ba:ba:33:1e:93:53:33:a0:07:67:a7:b6:
ee:4b:00:23:5c:21:60:c2:a0:c3:fb:4c:3c:01:7a:
91:96:76:29:9d:3a:b7:b7:6c:37:31:7d:5c:f2:ee:
e6:48:04:f5:24:df:71:99:3b:9e:85:91:1f:7b:3e:
38:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FB:F0:BE:E1:83:B6:A3:BF:CA:51:7A:D7:3B:AD:7D:BD:41:75:A0
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/SPvwvuGDtqO_ylF61zutfb1BdaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.204.0.0/19
IPv6:
2a02:5640::/29
Signature Algorithm: sha256WithRSAEncryption
17:05:32:9a:82:f0:74:6e:e7:04:b3:85:ba:b9:f4:0a:5f:9b:
0c:71:6e:73:03:94:7c:3c:0b:75:f6:84:5f:db:52:09:3c:29:
af:48:33:36:b5:36:de:19:d9:ff:7b:b0:1f:ad:4c:fc:b3:71:
06:59:bb:1a:f2:7b:a4:02:af:96:95:eb:51:57:d0:97:e1:7d:
6e:5a:6b:12:e1:99:78:51:ae:3c:7a:a9:56:eb:44:5a:3c:d4:
7a:3e:e0:38:b7:55:a5:43:4e:5b:32:d2:9c:d2:0b:cb:3f:b3:
42:ca:da:9f:2e:7a:85:f1:23:b8:de:82:81:1f:1e:55:83:22:
da:3b:08:ef:41:80:c9:9c:db:1b:83:8a:a0:2d:dc:cb:da:b8:
f4:5a:31:cc:75:f6:62:30:86:b6:bf:e8:d0:a9:10:e7:09:ca:
31:bf:bc:03:e9:49:2b:bb:5b:dd:41:9c:84:ba:77:f9:7b:be:
f0:91:4b:70:89:c2:80:5f:30:aa:d9:ef:b8:10:70:5f:51:90:
ff:2e:b1:4f:15:37:5c:2f:d2:f8:e1:9a:fa:85:7a:1d:9c:02:
89:4c:5e:a4:30:29:05:9e:18:1c:4b:13:4b:2d:5b:1d:51:7b:
26:f1:b6:c8:2a:d8:35:8b:e3:52:00:52:08:34:29:4a:96:45:
b2:dc:6e:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVDulGjQ6fzgL0Nt9ON5ElVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjIxMjI0MTA0MjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGZiZjBiZWUxODNiNmEzYmZjYTUxN2FkNzNiYWQ3ZGJkNDE3NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIpTKqmzD7uTCE2Ws0he9o9li50p
cCO8LmKoDLCefeiiFIJII1buODMdvG5FhnrEdagUvVHGEkdCIJRSILXe5Ccl7rG+
k3IOwB1kwGH6cPo93UuqVcXJZEY7lBb1DMdQwoEXCtcNU8vw2HscSSy7tduChHeP
dPNWY2mwBvRBr0duaXI8ecdx27msJNw/PHlW0CvIFHYIcoX8pNV5ZqajHvNT1KBe
SB/8IM3/j5b+CXf9Y/8+e66bLxJdqDq8HR/SC7f1o666ujMek1MzoAdnp7buSwAj
XCFgwqDD+0w8AXqRlnYpnTq3t2w3MX1c8u7mSAT1JN9xmTuehZEfez44ZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEj78L7hg7ajv8pRetc7rX29QXWgMB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvU1B2d3Z1R0R0cU9feWxGNjF6dXRmYjFCZGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1cwAMA0E
AgACMAcDBQMqAlZAMA0GCSqGSIb3DQEBCwUAA4IBAQAXBTKagvB0bucEs4W6ufQK
X5sMcW5zA5R8PAt19oRf21IJPCmvSDM2tTbeGdn/e7AfrUz8s3EGWbsa8nukAq+W
letRV9CX4X1uWmsS4Zl4Ua48eqlW60RaPNR6PuA4t1WlQ05bMtKc0gvLP7NCytqf
LnqF8SO43oKBHx5VgyLaOwjvQYDJnNsbg4qgLdzL2rj0WjHMdfZiMIa2v+jQqRDn
Ccoxv7wD6Ukru1vdQZyEunf5e77wkUtwicKAXzCq2e+4EHBfUZD/LrFPFTdcL9L4
4Zr6hXodnAKJTF6kMCkFnhgcSxNLLVsdUXsm8bbIKtg1i+NSAFIINClKlkWy3G54
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:41 2024 by rpki-client on console-fra.rpki-client.org