Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/S2oYOpNIbOfCN5fQMXT1uwBFS-U.roa
File: S2oYOpNIbOfCN5fQMXT1uwBFS-U.roa (raw, json)
Hash identifier: FI5EJLKWhB4a0p97mz0ZY1WgfqNhhbzH0lE6b++q7t4=
Subject key identifier: 4B:6A:18:3A:93:48:6C:E7:C2:37:97:D0:31:74:F5:BB:00:45:4B:E5
Certificate issuer: /CN=e4984f8f36ebf9f8f54c12174f463664d7b23aee
Certificate serial: 0184BEE6B238FD9A9ACBBAB8190FA24CB084
Authority key identifier: E4:98:4F:8F:36:EB:F9:F8:F5:4C:12:17:4F:46:36:64:D7:B2:3A:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5JhPjzbr-fj1TBIXT0Y2ZNeyOu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/S2oYOpNIbOfCN5fQMXT1uwBFS-U.roa
Signing time: Mon 28 Nov 2022 15:41:40 +0000
ROA not before: Mon 28 Nov 2022 15:41:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211251
IP address blocks: 213.171.64.0/23 maxlen: 23
213.171.66.0/23 maxlen: 23
213.171.68.0/23 maxlen: 23
79.98.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:e6:b2:38:fd:9a:9a:cb:ba:b8:19:0f:a2:4c:b0:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4984f8f36ebf9f8f54c12174f463664d7b23aee
Validity
Not Before: Nov 28 15:41:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b6a183a93486ce7c23797d03174f5bb00454be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ed:3f:5c:96:8b:85:34:1d:2f:2f:3c:3b:82:
cb:d5:7c:68:b8:31:53:eb:e8:17:ac:78:77:fa:a5:
74:c5:c2:17:0b:b0:96:e2:42:14:b5:90:e3:59:63:
be:ca:85:f7:3f:5b:b4:f6:05:70:14:9a:95:46:cb:
a9:5e:45:2e:d5:27:a6:4e:3b:de:3b:de:71:b0:df:
af:a0:db:97:72:07:cf:3b:5f:43:48:8b:1d:ac:3b:
23:32:c4:27:8c:30:a5:c7:5c:c2:f3:01:2f:6f:8e:
3e:53:1e:f0:70:ca:ad:76:fa:dc:57:8b:c7:0b:88:
d1:5c:6b:6e:55:d4:52:94:f3:4f:9b:0b:45:78:94:
45:34:7d:90:3a:e8:f6:e7:8c:f5:61:bf:84:fb:42:
4b:46:b7:41:df:78:71:b9:c3:87:c9:e1:d3:87:fe:
0e:c8:b6:f7:20:59:eb:e1:7c:38:58:14:d5:0f:80:
69:ee:45:ec:1d:d9:24:71:20:a5:87:74:35:64:b2:
f3:af:d1:63:a9:4a:35:72:92:a2:58:d1:a2:bc:96:
79:43:0f:13:a3:c9:c4:92:fa:05:f8:cc:f8:d0:68:
3d:11:db:27:20:de:de:49:4d:61:b6:1b:9e:72:71:
88:4d:7f:73:76:ee:03:30:2c:6e:bf:94:a2:8f:af:
7b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:6A:18:3A:93:48:6C:E7:C2:37:97:D0:31:74:F5:BB:00:45:4B:E5
X509v3 Authority Key Identifier:
keyid:E4:98:4F:8F:36:EB:F9:F8:F5:4C:12:17:4F:46:36:64:D7:B2:3A:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5JhPjzbr-fj1TBIXT0Y2ZNeyOu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/S2oYOpNIbOfCN5fQMXT1uwBFS-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/5JhPjzbr-fj1TBIXT0Y2ZNeyOu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.176.0/22
213.171.64.0-213.171.69.255
Signature Algorithm: sha256WithRSAEncryption
4f:ff:0f:cc:ec:ce:55:77:0d:2b:c4:69:b3:b7:53:4d:d2:cb:
42:7b:a3:5a:a0:81:95:e4:ab:c2:80:97:34:be:6e:91:b1:82:
26:5e:b2:ca:a2:82:b8:83:81:5e:48:f5:f1:9b:96:29:51:65:
22:ee:57:1e:63:8d:ed:55:f3:54:96:ad:a6:0b:88:1f:1b:38:
15:64:2a:8f:d7:07:a7:47:8f:74:93:8d:6b:d7:5e:a8:82:74:
6c:8c:4b:78:75:23:0a:9b:fe:7b:da:71:85:d6:3c:90:55:41:
fe:ae:df:ab:4f:0c:97:c2:c5:14:27:3f:33:5c:60:22:98:25:
10:19:d4:1c:84:7e:dc:41:f6:d5:9a:27:06:e6:2b:89:ac:42:
dd:a3:ca:b7:e2:4d:23:1e:8f:25:e3:52:8b:b5:6e:51:e9:4f:
87:5f:19:b2:d6:05:82:b6:f8:98:c6:0c:dc:0c:78:41:c0:07:
e1:51:6c:68:ce:18:60:b5:3c:a0:06:f0:01:1a:2f:29:80:ea:
c0:f9:6f:cc:c7:7c:6b:2e:cf:ec:d9:14:d5:c5:a6:b1:7b:84:
6f:b2:8f:74:bf:0d:cb:39:ea:ec:54:37:17:ca:c8:f4:5f:3e:
35:a7:e4:df:fe:7d:e6:43:1e:b1:cb:d1:f6:6e:27:43:3f:e1:
5d:ae:ca:47
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYS+5rI4/Zqay7q4GQ+iTLCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OTg0ZjhmMzZlYmY5ZjhmNTRjMTIxNzRmNDYzNjY0ZDdi
MjNhZWUwHhcNMjIxMTI4MTU0MTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjZhMTgzYTkzNDg2Y2U3YzIzNzk3ZDAzMTc0ZjViYjAwNDU0YmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu0/XJaLhTQdLy88O4LL1XxouDFT
6+gXrHh3+qV0xcIXC7CW4kIUtZDjWWO+yoX3P1u09gVwFJqVRsupXkUu1SemTjve
O95xsN+voNuXcgfPO19DSIsdrDsjMsQnjDClx1zC8wEvb44+Ux7wcMqtdvrcV4vH
C4jRXGtuVdRSlPNPmwtFeJRFNH2QOuj254z1Yb+E+0JLRrdB33hxucOHyeHTh/4O
yLb3IFnr4Xw4WBTVD4Bp7kXsHdkkcSClh3Q1ZLLzr9FjqUo1cpKiWNGivJZ5Qw8T
o8nEkvoF+Mz40Gg9EdsnIN7eSU1hthuecnGITX9zdu4DMCxuv5Sij6970wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEtqGDqTSGznwjeX0DF09bsARUvlMB8GA1UdIwQY
MBaAFOSYT4826/n49UwSF09GNmTXsjruMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUpoUGp6YnItZmoxVEJJWFQwWTJaTmV5T3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81N2Q5MDgtMjA3ZC00OTdjLWFiMTgt
ZGU3YmUxZTVjNzc2LzEvUzJvWU9wTkliT2ZDTjVmUU1YVDF1d0JGUy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81N2Q5MDgtMjA3ZC00OTdjLWFiMTgtZGU3YmUxZTVjNzc2
LzEvNUpoUGp6YnItZmoxVEJJWFQwWTJaTmV5T3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCT2KwMAwD
BAbVq0ADBAHVq0QwDQYJKoZIhvcNAQELBQADggEBAE//D8zszlV3DSvEabO3U03S
y0J7o1qggZXkq8KAlzS+bpGxgiZessqigriDgV5I9fGblilRZSLuVx5jje1V81SW
raYLiB8bOBVkKo/XB6dHj3STjWvXXqiCdGyMS3h1Iwqb/nvacYXWPJBVQf6u36tP
DJfCxRQnPzNcYCKYJRAZ1ByEftxB9tWaJwbmK4msQt2jyrfiTSMejyXjUou1blHp
T4dfGbLWBYK2+JjGDNwMeEHAB+FRbGjOGGC1PKAG8AEaLymA6sD5b8zHfGsuz+zZ
FNXFprF7hG+yj3S/Dcs56uxUNxfKyPRfPjWn5N/+feZDHrHL0fZuJ0M/4V2uykc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:36 2024 by rpki-client on console-fra.rpki-client.org