Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/2R5s8lW0XlWZez6gw3HJ1vGtLKY.roa
File: 2R5s8lW0XlWZez6gw3HJ1vGtLKY.roa (raw, json)
Hash identifier: hU3V/DhADlZWjUL4CdBKYj/jGGyzqRtIS6so/xEyRg0=
Subject key identifier: D9:1E:6C:F2:55:B4:5E:55:99:7B:3E:A0:C3:71:C9:D6:F1:AD:2C:A6
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE657D593D1AD4337FD78CA6FA28866
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/2R5s8lW0XlWZez6gw3HJ1vGtLKY.roa
Signing time: Sun 01 Jan 2023 10:35:13 +0000
ROA not before: Sun 01 Jan 2023 10:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39177
IP address blocks: 213.91.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:57:d5:93:d1:ad:43:37:fd:78:ca:6f:a2:88:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d91e6cf255b45e55997b3ea0c371c9d6f1ad2ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5b:ca:72:be:17:b0:c7:a7:8d:44:33:23:0d:
a9:ec:49:16:cc:76:da:07:99:be:c5:84:25:b0:7e:
64:1a:ae:a2:dd:59:c2:a2:c7:f4:56:d1:d1:d4:d1:
40:1a:20:f5:aa:82:04:ea:0d:cc:42:fc:74:90:13:
70:dd:47:da:e1:0a:b5:08:70:1c:09:09:70:bc:ff:
93:10:0f:70:e9:ea:23:bf:09:93:2f:c0:dc:08:e6:
db:f0:68:fa:36:11:10:13:68:36:ee:08:ff:09:12:
29:ce:d6:47:26:bd:38:4d:6d:df:b4:a2:2e:f3:cd:
ee:2d:8f:af:c3:e0:fd:66:3f:af:89:18:ab:45:af:
d7:1f:8b:b5:25:73:b6:a2:20:29:bb:c1:3b:79:6c:
01:b9:2f:49:1a:ee:ce:dd:4b:7b:e5:21:80:14:b0:
f0:10:43:ee:41:d6:81:cb:82:46:c8:fe:a3:07:1a:
b1:01:93:2d:29:33:c2:ab:f7:1c:8b:dc:67:7c:1d:
db:53:be:3a:f9:28:ff:45:4f:94:39:14:0d:ea:9c:
b7:7a:ee:a2:d7:2f:33:95:23:0f:f5:c6:6e:e5:dc:
1c:fe:86:dd:14:ea:b7:a6:28:11:ac:24:b8:cc:6d:
14:55:b2:ee:3b:81:ba:c9:04:29:92:d0:da:1f:f1:
25:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1E:6C:F2:55:B4:5E:55:99:7B:3E:A0:C3:71:C9:D6:F1:AD:2C:A6
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/2R5s8lW0XlWZez6gw3HJ1vGtLKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.91.196.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e0:7c:a6:c1:ed:f1:75:66:ad:14:29:7b:6a:dc:15:01:b7:
dc:e3:61:7e:4c:eb:c8:da:af:6f:fe:ad:17:1d:87:ca:2b:00:
36:dc:6e:4b:61:64:a2:47:4f:66:81:8c:aa:f8:ee:d7:15:e8:
db:c3:b5:fe:26:ac:6f:2f:8f:02:11:03:fb:8b:90:af:dd:28:
fb:97:71:28:84:67:bc:34:5b:c7:4a:27:db:b9:c9:05:66:b0:
d3:49:f1:d9:a3:6d:69:81:8f:c6:52:c9:79:75:71:f0:9a:aa:
b0:2b:22:b0:85:c9:23:f5:23:46:ae:01:c8:7c:af:18:7d:2c:
16:f7:d6:43:47:7f:ca:93:36:a1:fe:ec:e7:36:02:18:75:1f:
51:2d:80:12:71:87:22:08:cc:ce:26:07:3e:bb:b9:82:c3:d2:
17:4c:25:92:e9:b7:fa:f6:fa:9f:ad:70:67:c3:60:d3:55:8f:
cd:bd:b3:24:bf:1a:22:be:78:cb:35:91:dc:44:3c:af:d2:d1:
39:a4:5e:3f:09:84:40:be:d3:3b:81:e0:34:5b:6e:1d:26:77:
f8:47:dc:8e:56:58:7f:82:23:ab:ff:1b:a1:a8:81:1e:01:d2:
6e:6c:61:c6:96:df:0d:fe:e8:82:3c:47:16:cd:fc:1c:49:35:
f6:0e:6c:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5lfVk9GtQzf9eMpvoohmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTFlNmNmMjU1YjQ1ZTU1OTk3YjNlYTBjMzcxYzlkNmYxYWQyY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlvKcr4XsMenjUQzIw2p7EkWzHba
B5m+xYQlsH5kGq6i3VnCosf0VtHR1NFAGiD1qoIE6g3MQvx0kBNw3Ufa4Qq1CHAc
CQlwvP+TEA9w6eojvwmTL8DcCObb8Gj6NhEQE2g27gj/CRIpztZHJr04TW3ftKIu
883uLY+vw+D9Zj+viRirRa/XH4u1JXO2oiApu8E7eWwBuS9JGu7O3Ut75SGAFLDw
EEPuQdaBy4JGyP6jBxqxAZMtKTPCq/cci9xnfB3bU746+Sj/RU+UORQN6py3eu6i
1y8zlSMP9cZu5dwc/obdFOq3pigRrCS4zG0UVbLuO4G6yQQpktDaH/EllwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNkebPJVtF5VmXs+oMNxydbxrSymMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvMlI1czhsVzBYbFdaZXo2Z3czSEoxdkd0TEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1VvEMA0G
CSqGSIb3DQEBCwUAA4IBAQBM4Hymwe3xdWatFCl7atwVAbfc42F+TOvI2q9v/q0X
HYfKKwA23G5LYWSiR09mgYyq+O7XFejbw7X+JqxvL48CEQP7i5Cv3Sj7l3EohGe8
NFvHSifbuckFZrDTSfHZo21pgY/GUsl5dXHwmqqwKyKwhckj9SNGrgHIfK8YfSwW
99ZDR3/Kkzah/uznNgIYdR9RLYAScYciCMzOJgc+u7mCw9IXTCWS6bf69vqfrXBn
w2DTVY/NvbMkvxoivnjLNZHcRDyv0tE5pF4/CYRAvtM7geA0W24dJnf4R9yOVlh/
giOr/xuhqIEeAdJubGHGlt8N/uiCPEcWzfwcSTX2DmxV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:46 2025 by rpki-client