Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/31b11f-2b6b-4252-990b-516ca84fe5fe/1/UFnaNwxNtZTnZppHg-eySfJTDDk.roa
File: UFnaNwxNtZTnZppHg-eySfJTDDk.roa (raw, json)
Hash identifier: KZfMYR2f8i3NUfL7M6UrAwddw5P/ZUmtc4EikoH9Voc=
Subject key identifier: 50:59:DA:37:0C:4D:B5:94:E7:66:9A:47:83:E7:B2:49:F2:53:0C:39
Certificate issuer: /CN=e66e7726ff53a13c80ccbca4d5d394e4e8aef542
Certificate serial: 01B349EB
Authority key identifier: E6:6E:77:26:FF:53:A1:3C:80:CC:BC:A4:D5:D3:94:E4:E8:AE:F5:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5m53Jv9ToTyAzLyk1dOU5Oiu9UI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/31b11f-2b6b-4252-990b-516ca84fe5fe/1/UFnaNwxNtZTnZppHg-eySfJTDDk.roa
Signing time: Sat 01 Jan 2022 09:03:24 +0000
ROA not before: Sat 01 Jan 2022 09:03:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209786
IP address blocks: 213.139.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28527083 (0x1b349eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e66e7726ff53a13c80ccbca4d5d394e4e8aef542
Validity
Not Before: Jan 1 09:03:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5059da370c4db594e7669a4783e7b249f2530c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:97:48:e5:8c:6e:59:67:8f:fc:6c:22:2e:de:
3e:5b:32:3b:da:5c:f0:1f:e5:45:9e:7d:67:95:20:
b0:84:88:b2:a1:91:08:53:e6:eb:77:e7:78:6d:34:
7d:b4:72:2e:08:11:85:70:9d:84:d2:09:d3:72:a0:
24:c5:2b:da:a8:fd:01:45:f3:80:d6:3e:d9:0b:6f:
b4:c4:34:64:0d:b9:2d:84:45:a3:f4:ae:47:7b:58:
5e:ae:67:7f:4c:fa:3b:25:20:b8:bf:f9:b0:61:4b:
e5:9f:0d:4b:fa:71:b9:f6:8b:f4:52:47:8c:7c:49:
9e:ed:24:9e:6e:6a:e2:c4:50:45:28:dd:44:62:fc:
c3:1a:19:e9:cc:df:37:ae:91:b1:2f:80:2c:c6:da:
21:49:41:3c:7a:dd:a7:78:ed:8c:52:d3:e2:03:63:
6f:98:65:c5:3e:4d:10:18:35:18:2f:2e:2a:5a:e2:
b7:6d:68:40:1a:12:50:3d:50:e2:a8:e4:dc:31:a7:
64:d7:a7:c3:86:5b:02:4c:72:c9:6d:dc:7c:e6:b3:
c9:06:f0:8b:83:52:29:1b:84:37:25:72:e3:74:74:
39:10:b6:cc:7e:45:1e:02:a0:b2:07:84:70:ce:1d:
e2:22:2f:ab:cc:8f:19:29:27:5a:c2:31:9b:1a:7d:
04:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:59:DA:37:0C:4D:B5:94:E7:66:9A:47:83:E7:B2:49:F2:53:0C:39
X509v3 Authority Key Identifier:
keyid:E6:6E:77:26:FF:53:A1:3C:80:CC:BC:A4:D5:D3:94:E4:E8:AE:F5:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5m53Jv9ToTyAzLyk1dOU5Oiu9UI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31b11f-2b6b-4252-990b-516ca84fe5fe/1/UFnaNwxNtZTnZppHg-eySfJTDDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31b11f-2b6b-4252-990b-516ca84fe5fe/1/5m53Jv9ToTyAzLyk1dOU5Oiu9UI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.236.0/22
Signature Algorithm: sha256WithRSAEncryption
43:48:8b:33:76:78:7b:19:5a:44:68:7b:0c:01:34:e0:0b:a3:
95:d8:95:dc:b0:fd:27:1b:60:5f:22:0b:8a:7f:4d:3c:86:50:
d3:8f:e7:18:a2:c3:a5:d3:99:b7:5d:37:03:f7:5a:dd:3d:ca:
a8:f9:e0:00:41:71:22:18:15:b7:d9:f8:2f:80:4c:23:0c:86:
60:4b:7b:0e:94:a9:7a:d0:12:5d:26:8c:c3:02:09:9f:fb:81:
70:c4:bb:3c:1a:9b:d1:bf:12:89:c8:a7:fa:01:31:0b:55:c0:
2f:a3:25:3b:c6:af:02:ff:0a:09:3f:cd:e6:52:d2:39:db:a8:
96:90:41:0a:5e:3a:2d:88:bd:4b:18:a2:bf:fe:4e:c9:e6:ba:
0a:94:00:64:81:df:39:43:a9:6d:c7:22:8e:56:68:b3:5d:0c:
af:3a:cd:94:6e:5b:28:ba:42:0f:ff:f0:0a:af:04:f6:82:f3:
dc:c0:53:be:a7:e3:74:aa:6c:d8:91:be:0b:0b:9e:f8:79:e9:
c7:b0:24:58:ee:89:26:3d:10:77:e7:bb:40:21:16:36:da:fd:
59:ac:73:96:f3:ef:63:1b:de:d9:cd:e8:4f:0b:8c:c0:c2:86:
08:65:2f:13:ed:0f:2b:f2:51:b5:d0:89:ea:cd:6f:57:22:f8:
ae:04:21:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAbNJ6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NjZlNzcyNmZmNTNhMTNjODBjY2JjYTRkNWQzOTRlNGU4YWVmNTQyMB4XDTIyMDEw
MTA5MDMyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA1OWRhMzcwYzRk
YjU5NGU3NjY5YTQ3ODNlN2IyNDlmMjUzMGMzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6XSOWMbllnj/xsIi7ePlsyO9pc8B/lRZ59Z5UgsISIsqGR
CFPm63fneG00fbRyLggRhXCdhNIJ03KgJMUr2qj9AUXzgNY+2QtvtMQ0ZA25LYRF
o/SuR3tYXq5nf0z6OyUguL/5sGFL5Z8NS/pxufaL9FJHjHxJnu0knm5q4sRQRSjd
RGL8wxoZ6czfN66RsS+ALMbaIUlBPHrdp3jtjFLT4gNjb5hlxT5NEBg1GC8uKlri
t21oQBoSUD1Q4qjk3DGnZNenw4ZbAkxyyW3cfOazyQbwi4NSKRuENyVy43R0ORC2
zH5FHgKgsgeEcM4d4iIvq8yPGSknWsIxmxp9BOUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRQWdo3DE21lOdmmkeD57JJ8lMMOTAfBgNVHSMEGDAWgBTmbncm/1OhPIDM
vKTV05Tk6K71QjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVtNTNKdjlUb1R5QXpMeWsxZE9VNU9pdTlVSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvMzFiMTFmLTJiNmItNDI1Mi05OTBiLTUxNmNhODRmZTVmZS8x
L1VGbmFOd3hOdFpUblpwcEhnLWV5U2ZKVEREay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
MzFiMTFmLTJiNmItNDI1Mi05OTBiLTUxNmNhODRmZTVmZS8xLzVtNTNKdjlUb1R5
QXpMeWsxZE9VNU9pdTlVSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtWL7DANBgkqhkiG9w0BAQsFAAOC
AQEAQ0iLM3Z4exlaRGh7DAE04AujldiV3LD9JxtgXyILin9NPIZQ04/nGKLDpdOZ
t103A/da3T3KqPngAEFxIhgVt9n4L4BMIwyGYEt7DpSpetASXSaMwwIJn/uBcMS7
PBqb0b8Sicin+gExC1XAL6MlO8avAv8KCT/N5lLSOduolpBBCl46LYi9Sxiiv/5O
yea6CpQAZIHfOUOpbccijlZos10MrzrNlG5bKLpCD//wCq8E9oLz3MBTvqfjdKps
2JG+Cwue+Hnpx7AkWO6JJj0Qd+e7QCEWNtr9WaxzlvPvYxve2c3oTwuMwMKGCGUv
E+0PK/JRtdCJ6s1vVyL4rgQhuA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:08 2023 by rpki-client on console-ams.rpki-client.org