Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/cCDUPnlR-PxuX-SpJ2_gshXvsWs.roa
File: cCDUPnlR-PxuX-SpJ2_gshXvsWs.roa (raw, json)
Hash identifier: euV9m538PQxbmFOElCHcb8MEVpB7eHNU3sRRS7+6IWA=
Subject key identifier: 70:20:D4:3E:79:51:F8:FC:6E:5F:E4:A9:27:6F:E0:B2:15:EF:B1:6B
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 018558BC1E159B5DA5E16AFE2880F9FB53B5
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/cCDUPnlR-PxuX-SpJ2_gshXvsWs.roa
Signing time: Wed 28 Dec 2022 12:36:41 +0000
ROA not before: Wed 28 Dec 2022 12:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 213.204.16.0/24 maxlen: 24
213.204.20.0/24 maxlen: 24
213.204.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:bc:1e:15:9b:5d:a5:e1:6a:fe:28:80:f9:fb:53:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: Dec 28 12:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7020d43e7951f8fc6e5fe4a9276fe0b215efb16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:be:1e:18:c6:f2:81:5a:79:36:a6:6a:ed:65:
0c:93:96:34:17:0f:59:0a:27:59:54:b3:20:49:46:
22:ca:45:97:97:a3:30:3b:3e:f9:a4:a5:c9:95:d7:
e0:42:c5:9b:f5:ff:b6:77:d6:ce:31:46:bc:cc:f9:
77:2a:31:5c:79:e2:b5:a7:b3:ec:5d:c2:d3:af:8f:
78:39:47:a0:95:56:65:f6:1e:de:bd:64:a2:a7:55:
33:8a:e0:f3:47:e3:1f:6b:0b:f8:b1:d0:34:36:71:
48:81:d8:ca:67:16:97:ff:fa:f9:f3:81:70:f9:f8:
c5:a2:39:72:35:97:93:58:81:0e:e6:e8:4c:78:1d:
d4:3b:6b:2c:5c:5a:7a:15:6f:11:45:85:9a:eb:49:
a5:1f:c7:2b:bd:7e:a2:6e:cc:86:e3:ae:69:8a:aa:
ff:83:df:3c:74:3a:1f:fc:bf:17:46:ca:d9:ad:5e:
72:40:ba:90:40:c6:85:a5:0e:d2:75:6a:e0:de:e5:
fa:c4:c2:e3:86:25:66:00:6b:b8:27:f5:13:d2:1e:
e8:17:a9:20:0a:2f:ab:30:98:02:b7:33:3f:48:9f:
c8:4e:ba:46:41:49:21:8e:19:c4:2f:f0:93:7a:8a:
9f:13:81:cc:37:b2:27:17:73:2c:3e:83:22:09:5b:
a5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:20:D4:3E:79:51:F8:FC:6E:5F:E4:A9:27:6F:E0:B2:15:EF:B1:6B
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/cCDUPnlR-PxuX-SpJ2_gshXvsWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.204.16.0/24
213.204.20.0/24
213.204.25.0/24
Signature Algorithm: sha256WithRSAEncryption
22:5d:7f:7e:6c:df:67:08:65:e2:f0:5f:99:be:30:17:cf:22:
c0:30:2a:f0:d0:df:76:1c:4e:a5:d9:c4:92:28:4f:f1:1b:40:
4a:f4:dc:9f:5e:87:50:df:05:fb:1c:f1:23:b9:a3:db:f5:13:
c0:27:31:ac:81:29:66:f0:85:ec:80:a7:26:df:de:88:d7:87:
d9:46:82:8b:b4:0d:57:a7:21:bf:91:21:88:8f:c6:68:55:ca:
c1:49:cc:b3:c2:30:0f:ae:a3:f0:df:35:ab:f5:28:f6:bd:6e:
da:6b:b4:81:eb:86:ff:fc:07:85:12:9c:18:5c:86:37:3d:9f:
bc:2b:7b:69:e4:6d:e3:31:1f:3b:70:88:f0:2c:a6:4a:87:f4:
36:2e:cf:b8:ea:12:1a:49:a8:cd:df:ec:dc:50:de:95:f8:db:
8f:60:0c:cb:9a:fd:10:9f:03:7a:16:53:f8:7e:c9:3a:6c:34:
4b:23:b6:63:ca:9c:2c:d1:04:bb:7a:ca:2f:7c:1c:10:b0:cc:
f2:26:c9:5c:17:59:97:19:d6:1b:12:f2:36:b8:94:03:ad:64:
c8:ca:d5:4a:9d:d0:da:27:f1:61:bb:48:d9:51:c8:40:64:75:
a5:26:82:f3:53:26:54:e0:fc:4f:cf:e6:38:c1:f6:71:7e:54:
e3:8a:53:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVYvB4Vm12l4Wr+KID5+1O1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjIxMjI4MTIzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDIwZDQzZTc5NTFmOGZjNmU1ZmU0YTkyNzZmZTBiMjE1ZWZiMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0r4eGMbygVp5NqZq7WUMk5Y0Fw9Z
CidZVLMgSUYiykWXl6MwOz75pKXJldfgQsWb9f+2d9bOMUa8zPl3KjFceeK1p7Ps
XcLTr494OUeglVZl9h7evWSip1UziuDzR+Mfawv4sdA0NnFIgdjKZxaX//r584Fw
+fjFojlyNZeTWIEO5uhMeB3UO2ssXFp6FW8RRYWa60mlH8crvX6ibsyG465piqr/
g988dDof/L8XRsrZrV5yQLqQQMaFpQ7SdWrg3uX6xMLjhiVmAGu4J/UT0h7oF6kg
Ci+rMJgCtzM/SJ/ITrpGQUkhjhnEL/CTeoqfE4HMN7InF3MsPoMiCVulowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHAg1D55Ufj8bl/kqSdv4LIV77FrMB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvY0NEVVBubFItUHh1WC1TcEoyX2dzaFh2c1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1cwQAwQA
1cwUAwQA1cwZMA0GCSqGSIb3DQEBCwUAA4IBAQAiXX9+bN9nCGXi8F+ZvjAXzyLA
MCrw0N92HE6l2cSSKE/xG0BK9NyfXodQ3wX7HPEjuaPb9RPAJzGsgSlm8IXsgKcm
396I14fZRoKLtA1XpyG/kSGIj8ZoVcrBScyzwjAPrqPw3zWr9Sj2vW7aa7SB64b/
/AeFEpwYXIY3PZ+8K3tp5G3jMR87cIjwLKZKh/Q2Ls+46hIaSajN3+zcUN6V+NuP
YAzLmv0QnwN6FlP4fsk6bDRLI7Zjypws0QS7esovfBwQsMzyJslcF1mXGdYbEvI2
uJQDrWTIytVKndDaJ/Fhu0jZUchAZHWlJoLzUyZU4PxPz+Y4wfZxflTjilOV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:41 2024 by rpki-client on console-fra.rpki-client.org