Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/v0HyHL7rbMh_hzZDCTY6izMMlD0.roa
File: v0HyHL7rbMh_hzZDCTY6izMMlD0.roa (raw, json)
Hash identifier: YtxPC4h5a+hKXZW2ZRbsLWSC2bwNi3GpMGOZMArSGnE=
Subject key identifier: BF:41:F2:1C:BE:EB:6C:C8:7F:87:36:43:09:36:3A:8B:33:0C:94:3D
Certificate issuer: /CN=2c571d688aa503a2e566bbc876df0ba455c577ed
Certificate serial: 11304A27
Authority key identifier: 2C:57:1D:68:8A:A5:03:A2:E5:66:BB:C8:76:DF:0B:A4:55:C5:77:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/v0HyHL7rbMh_hzZDCTY6izMMlD0.roa
Signing time: Sat 01 Jan 2022 10:56:30 +0000
ROA not before: Sat 01 Jan 2022 10:56:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15796
IP address blocks: 213.55.206.0/24 maxlen: 24
213.55.147.0/24 maxlen: 24
213.55.192.0/24 maxlen: 24
213.55.193.0/24 maxlen: 24
213.55.194.0/24 maxlen: 24
213.55.195.0/24 maxlen: 24
213.55.128.0/17 maxlen: 24
213.55.131.0/24 maxlen: 24
213.55.132.0/24 maxlen: 24
51.154.0.0/16 maxlen: 16
213.55.128.0/24 maxlen: 24
213.55.141.0/24 maxlen: 24
2a04:ee42:53::/64 maxlen: 64
2a04:ee40::/29 maxlen: 29
2a04:ee42:2::/64 maxlen: 64
2a04:ee42:1::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 288377383 (0x11304a27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c571d688aa503a2e566bbc876df0ba455c577ed
Validity
Not Before: Jan 1 10:56:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf41f21cbeeb6cc87f87364309363a8b330c943d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ae:ea:0e:67:89:e3:e0:a1:a4:34:b5:20:fb:
c7:a3:ee:c1:5e:c2:4e:e3:61:c5:d2:a2:fb:15:e4:
3c:04:a6:ef:a9:ca:58:85:6a:a9:4b:77:57:d7:6d:
03:b7:de:86:a4:39:8a:df:1d:8b:e6:cf:0d:77:89:
28:85:0a:01:8b:21:c9:f8:69:ca:72:c0:9d:72:64:
11:f2:d9:53:dd:d1:55:85:bb:11:83:06:bc:31:f7:
07:3f:20:ed:81:85:bb:ec:0a:b2:1d:77:57:25:7e:
81:84:78:3b:00:2e:92:04:1e:ff:92:d3:25:8b:35:
ae:20:a3:9c:08:50:dc:ec:22:5d:07:1d:71:e7:2a:
1e:22:73:5a:77:12:64:c7:e8:56:4c:ca:84:29:0d:
11:24:36:51:0f:d2:02:ff:b5:6d:4e:17:ac:1b:8d:
21:b7:58:0f:28:ac:51:47:aa:e0:42:3f:4b:ab:63:
cf:eb:97:55:cc:ad:27:ac:2b:78:94:43:9a:e9:e7:
61:9c:95:fa:23:d6:c1:35:6a:16:d1:8e:69:6b:ea:
19:85:bf:1c:a0:43:84:81:02:d9:f9:b9:58:5a:b1:
2b:e9:f7:7f:ae:db:f3:ac:4f:db:f0:a4:06:6b:24:
fb:7c:34:47:9d:63:bb:e6:ae:e6:01:24:a3:61:ea:
95:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:41:F2:1C:BE:EB:6C:C8:7F:87:36:43:09:36:3A:8B:33:0C:94:3D
X509v3 Authority Key Identifier:
keyid:2C:57:1D:68:8A:A5:03:A2:E5:66:BB:C8:76:DF:0B:A4:55:C5:77:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/v0HyHL7rbMh_hzZDCTY6izMMlD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.154.0.0/16
213.55.128.0/17
IPv6:
2a04:ee40::/29
Signature Algorithm: sha256WithRSAEncryption
b0:60:5c:9a:50:b7:c8:50:8c:93:7d:e2:12:01:66:c8:ff:d4:
83:23:55:1d:12:3a:07:cc:65:9e:a9:5e:9b:e7:cb:08:64:a2:
8b:d8:16:04:ee:87:2c:17:5e:d4:d6:de:3a:60:80:1b:8e:0f:
b5:b9:b0:c0:5c:df:7c:1d:33:d8:92:14:43:38:da:53:0c:c2:
b7:80:8c:d4:46:72:cb:a2:7e:15:5e:4f:6e:49:04:95:5e:cc:
ba:fc:15:0e:e0:25:07:5c:44:2e:d4:8c:0d:f7:a3:82:73:ee:
01:b8:99:e6:2a:32:f5:50:d9:77:49:a1:ca:96:ee:37:88:bc:
1e:41:42:99:66:d5:0b:61:52:b9:f5:fd:b6:30:4b:58:cf:fb:
84:33:ca:b2:77:e2:1a:6a:46:d3:51:9f:44:ac:51:a3:a7:45:
a1:a9:00:6a:40:aa:64:c3:e1:1a:a8:7c:f0:a9:5d:55:e7:46:
84:8b:c3:9c:24:00:1f:1e:38:5a:71:86:b5:5a:84:98:a3:00:
53:cb:fa:69:e1:35:59:d0:be:b8:22:de:b5:b3:cf:9a:18:19:
e0:8c:6a:6f:a8:ca:c6:82:17:72:a7:8d:0d:d8:3f:58:f2:f8:
2f:d7:06:36:d2:23:d6:fa:be:7b:85:c6:3e:56:88:77:ce:f1:
44:b9:5f:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEETBKJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YzU3MWQ2ODhhYTUwM2EyZTU2NmJiYzg3NmRmMGJhNDU1YzU3N2VkMB4XDTIyMDEw
MTEwNTYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY0MWYyMWNiZWVi
NmNjODdmODczNjQzMDkzNjNhOGIzMzBjOTQzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMau6g5niePgoaQ0tSD7x6PuwV7CTuNhxdKi+xXkPASm76nK
WIVqqUt3V9dtA7fehqQ5it8di+bPDXeJKIUKAYshyfhpynLAnXJkEfLZU93RVYW7
EYMGvDH3Bz8g7YGFu+wKsh13VyV+gYR4OwAukgQe/5LTJYs1riCjnAhQ3OwiXQcd
cecqHiJzWncSZMfoVkzKhCkNESQ2UQ/SAv+1bU4XrBuNIbdYDyisUUeq4EI/S6tj
z+uXVcytJ6wreJRDmunnYZyV+iPWwTVqFtGOaWvqGYW/HKBDhIEC2fm5WFqxK+n3
f67b86xP2/CkBmsk+3w0R51ju+au5gEko2HqlTsCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBS/QfIcvutsyH+HNkMJNjqLMwyUPTAfBgNVHSMEGDAWgBQsVx1oiqUDouVm
u8h23wukVcV37TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xGY2RhSXFsQTZMbFpydklkdDhMcEZYRmQtMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvNjNlYjQyLWEwZTEtNGYxYy1iY2M5LTg3NTI0MDE0ZGJmYi8x
L3YwSHlITDdyYk1oX2h6WkRDVFk2aXpNTWxEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
NjNlYjQyLWEwZTEtNGYxYy1iY2M5LTg3NTI0MDE0ZGJmYi8xL0xGY2RhSXFsQTZM
bFpydklkdDhMcEZYRmQtMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDADOaAwQH1TeAMA0EAgACMAcDBQMq
BO5AMA0GCSqGSIb3DQEBCwUAA4IBAQCwYFyaULfIUIyTfeISAWbI/9SDI1UdEjoH
zGWeqV6b58sIZKKL2BYE7ocsF17U1t46YIAbjg+1ubDAXN98HTPYkhRDONpTDMK3
gIzURnLLon4VXk9uSQSVXsy6/BUO4CUHXEQu1IwN96OCc+4BuJnmKjL1UNl3SaHK
lu43iLweQUKZZtULYVK59f22MEtYz/uEM8qyd+IaakbTUZ9ErFGjp0WhqQBqQKpk
w+EaqHzwqV1V50aEi8OcJAAfHjhacYa1WoSYowBTy/pp4TVZ0L64It61s8+aGBng
jGpvqMrGghdyp40N2D9Y8vgv1wY20iPW+r57hcY+Voh3zvFEuV/M
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:23 2025 by rpki-client