Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/31b11f-2b6b-4252-990b-516ca84fe5fe/1/wv0vRF1zHQuoFJU5mfhsm1gYzww.roa
File: wv0vRF1zHQuoFJU5mfhsm1gYzww.roa (raw, json)
Hash identifier: sZNfKL9rvtzPpm82VTP7vQb4KAmtzgDYbq0lBSPTXMQ=
Subject key identifier: C2:FD:2F:44:5D:73:1D:0B:A8:14:95:39:99:F8:6C:9B:58:18:CF:0C
Certificate issuer: /CN=e66e7726ff53a13c80ccbca4d5d394e4e8aef542
Certificate serial: 01856D9D4C2A547F079D69E980059C7D09D9
Authority key identifier: E6:6E:77:26:FF:53:A1:3C:80:CC:BC:A4:D5:D3:94:E4:E8:AE:F5:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5m53Jv9ToTyAzLyk1dOU5Oiu9UI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/31b11f-2b6b-4252-990b-516ca84fe5fe/1/wv0vRF1zHQuoFJU5mfhsm1gYzww.roa
Signing time: Sun 01 Jan 2023 13:55:03 +0000
ROA not before: Sun 01 Jan 2023 13:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209786
IP address blocks: 213.139.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:4c:2a:54:7f:07:9d:69:e9:80:05:9c:7d:09:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e66e7726ff53a13c80ccbca4d5d394e4e8aef542
Validity
Not Before: Jan 1 13:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2fd2f445d731d0ba814953999f86c9b5818cf0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6e:db:ad:ea:b1:69:b4:af:bb:f6:15:7b:83:
e3:4f:b3:41:d7:3b:fd:3b:d5:99:90:58:4d:1c:3e:
67:47:3d:93:c8:46:0b:ee:7b:4a:09:e1:2f:fe:ed:
3b:7d:ad:b3:7a:05:72:6c:6f:32:b7:b1:f7:3c:27:
d7:47:15:a5:1a:07:db:ec:fd:59:92:d0:fd:d1:58:
22:50:b4:b0:80:a4:8e:24:1c:a5:8d:24:c2:0b:7f:
f6:46:44:52:23:cb:f7:52:be:98:8b:b8:66:2e:e1:
c6:a4:db:10:96:37:45:05:67:83:4b:e9:57:3f:f6:
c3:65:ee:e6:38:fc:25:39:a9:25:a9:cf:68:cf:dc:
3e:16:ad:0f:a9:66:9b:97:44:f1:35:b1:e3:fb:2e:
ae:a5:0f:d1:12:91:74:7f:30:ff:8e:01:83:8c:3c:
c0:bb:72:74:fe:3c:36:56:91:94:d5:0f:f9:4f:9b:
59:4f:af:11:14:07:75:c1:47:85:0f:1a:c1:74:e7:
8c:ab:55:4b:60:3e:f3:49:59:48:a6:be:02:5f:5a:
ac:45:66:10:03:e0:28:f5:76:2c:e7:1c:ea:d7:6d:
a8:e5:1f:94:b4:f4:d7:79:a0:61:f5:c0:ac:da:d0:
2d:df:8f:49:9b:04:2a:12:83:4a:6e:2e:4a:20:da:
1c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:FD:2F:44:5D:73:1D:0B:A8:14:95:39:99:F8:6C:9B:58:18:CF:0C
X509v3 Authority Key Identifier:
keyid:E6:6E:77:26:FF:53:A1:3C:80:CC:BC:A4:D5:D3:94:E4:E8:AE:F5:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5m53Jv9ToTyAzLyk1dOU5Oiu9UI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31b11f-2b6b-4252-990b-516ca84fe5fe/1/wv0vRF1zHQuoFJU5mfhsm1gYzww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31b11f-2b6b-4252-990b-516ca84fe5fe/1/5m53Jv9ToTyAzLyk1dOU5Oiu9UI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.236.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:7d:9b:11:7e:45:f5:e5:33:9d:e7:00:de:6f:01:c4:93:bd:
1f:2f:35:a7:a0:4e:39:31:7c:05:b6:a5:da:dd:85:60:dc:f8:
e3:fe:d2:e9:3c:2c:b0:1d:ac:2a:32:f7:57:6e:58:ae:f0:1a:
cd:fa:bd:bd:ef:6c:90:de:db:33:36:e7:f3:3e:ea:75:0f:af:
59:8f:9a:72:2f:be:66:06:d5:45:bd:05:b2:7b:ee:e4:6a:99:
41:2d:a8:ba:dc:45:29:32:f8:d0:b1:44:58:be:61:37:e6:98:
9b:25:bb:26:2e:61:06:fa:a1:88:f3:17:99:aa:52:d6:11:b4:
c2:54:d9:73:a1:6f:19:a3:2c:35:82:a2:63:f0:94:d1:66:2f:
a3:c9:d6:9e:b3:b8:4f:b7:90:56:12:ca:00:bd:fd:bd:23:aa:
d6:a3:ef:1f:2b:84:4a:48:bb:f9:66:a2:fe:2d:11:01:1b:34:
e1:18:70:f8:5a:0f:88:3f:46:02:99:6b:94:3e:ab:bd:40:44:
59:7f:50:06:26:4f:44:c4:ea:17:9c:e1:e1:11:04:29:f4:83:
5a:42:7c:e6:49:82:40:94:84:b8:4d:e4:61:1f:13:21:a8:32:
f6:c8:9f:75:71:bb:10:b8:4c:c5:fc:5f:a9:6b:c9:40:4f:51:
51:d3:df:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnUwqVH8HnWnpgAWcfQnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NmU3NzI2ZmY1M2ExM2M4MGNjYmNhNGQ1ZDM5NGU0ZThh
ZWY1NDIwHhcNMjMwMTAxMTM1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmZkMmY0NDVkNzMxZDBiYTgxNDk1Mzk5OWY4NmM5YjU4MThjZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG7breqxabSvu/YVe4PjT7NB1zv9
O9WZkFhNHD5nRz2TyEYL7ntKCeEv/u07fa2zegVybG8yt7H3PCfXRxWlGgfb7P1Z
ktD90VgiULSwgKSOJByljSTCC3/2RkRSI8v3Ur6Yi7hmLuHGpNsQljdFBWeDS+lX
P/bDZe7mOPwlOaklqc9oz9w+Fq0PqWabl0TxNbHj+y6upQ/REpF0fzD/jgGDjDzA
u3J0/jw2VpGU1Q/5T5tZT68RFAd1wUeFDxrBdOeMq1VLYD7zSVlIpr4CX1qsRWYQ
A+Ao9XYs5xzq122o5R+UtPTXeaBh9cCs2tAt349JmwQqEoNKbi5KINociwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFML9L0Rdcx0LqBSVOZn4bJtYGM8MMB8GA1UdIwQY
MBaAFOZudyb/U6E8gMy8pNXTlOTorvVCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW01M0p2OVRvVHlBekx5azFkT1U1T2l1OVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zMWIxMWYtMmI2Yi00MjUyLTk5MGIt
NTE2Y2E4NGZlNWZlLzEvd3YwdlJGMXpIUXVvRkpVNW1maHNtMWdZend3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zMWIxMWYtMmI2Yi00MjUyLTk5MGItNTE2Y2E4NGZlNWZl
LzEvNW01M0p2OVRvVHlBekx5azFkT1U1T2l1OVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1YvsMA0G
CSqGSIb3DQEBCwUAA4IBAQCffZsRfkX15TOd5wDebwHEk70fLzWnoE45MXwFtqXa
3YVg3Pjj/tLpPCywHawqMvdXbliu8BrN+r2972yQ3tszNufzPup1D69Zj5pyL75m
BtVFvQWye+7kaplBLai63EUpMvjQsURYvmE35pibJbsmLmEG+qGI8xeZqlLWEbTC
VNlzoW8Zoyw1gqJj8JTRZi+jydaes7hPt5BWEsoAvf29I6rWo+8fK4RKSLv5ZqL+
LREBGzThGHD4Wg+IP0YCmWuUPqu9QERZf1AGJk9ExOoXnOHhEQQp9INaQnzmSYJA
lIS4TeRhHxMhqDL2yJ91cbsQuEzF/F+pa8lAT1FR09+E
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:48 2025 by rpki-client