Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/u7FcusWGrDLp0VnLfIsuOJ7xZ6g.roa
File: u7FcusWGrDLp0VnLfIsuOJ7xZ6g.roa (raw, json)
Hash identifier: QvYfOCKHuA6L62WHMNAA78kpZ/GIL8+yXTU9hLRNJz0=
Subject key identifier: BB:B1:5C:BA:C5:86:AC:32:E9:D1:59:CB:7C:8B:2E:38:9E:F1:67:A8
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE6538A43E80F57BA929E57025B7CC4
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/u7FcusWGrDLp0VnLfIsuOJ7xZ6g.roa
Signing time: Sun 01 Jan 2023 10:35:12 +0000
ROA not before: Sun 01 Jan 2023 10:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34577
IP address blocks: 213.16.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:53:8a:43:e8:0f:57:ba:92:9e:57:02:5b:7c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbb15cbac586ac32e9d159cb7c8b2e389ef167a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e7:d6:e3:78:6e:a8:8e:03:91:e5:dc:b4:9b:
2f:01:85:c1:5a:70:c8:f2:b1:a2:55:ef:d1:ca:c5:
3d:8c:83:cf:00:a2:06:f1:87:cc:0b:3e:1d:d6:b3:
95:1c:ff:cc:14:43:3c:7d:c8:93:1f:de:eb:9a:73:
47:05:27:bb:7b:11:35:bc:c1:52:2e:af:5a:71:4a:
06:15:a8:db:d8:d8:94:79:d8:b4:7a:e9:a3:3d:ae:
41:d6:0f:2b:ae:4a:bb:6f:1b:83:50:2e:86:46:3c:
a7:1e:ad:a5:59:38:a8:9a:99:92:00:1f:60:55:08:
1e:e0:65:b3:da:91:8f:38:8a:fc:53:a4:e4:74:98:
a4:af:d6:14:50:b5:2c:5d:86:e4:89:5e:e6:4e:b9:
60:f5:f3:38:51:6d:c5:d5:ad:7a:e9:cc:c5:05:93:
5a:04:ad:cb:5f:ed:52:77:be:6a:00:58:dc:b0:95:
c3:ce:f0:d4:bc:55:2e:ca:33:b4:1a:0e:c3:a0:45:
5b:61:d4:1e:7b:55:c0:f4:6c:46:88:32:08:fd:78:
a2:ab:08:4f:98:55:33:c0:bc:80:e1:c3:9b:cc:df:
79:9d:b7:a3:46:f9:5e:ad:73:f0:e1:d3:25:83:47:
e4:5e:13:28:3a:be:4b:92:4e:ce:19:61:26:68:74:
9c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B1:5C:BA:C5:86:AC:32:E9:D1:59:CB:7C:8B:2E:38:9E:F1:67:A8
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/u7FcusWGrDLp0VnLfIsuOJ7xZ6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.16.56.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:9c:6c:c2:9b:be:2c:a1:b3:c0:fd:f9:61:00:eb:62:21:ec:
1d:aa:aa:07:fd:e3:f6:ae:07:85:51:2a:70:e9:6d:05:63:cb:
83:70:23:73:d1:db:6f:62:8d:7e:6d:82:c6:e2:07:5d:90:e9:
5f:0f:ed:a2:d8:cb:12:2e:f1:dd:a3:b2:85:6c:c4:d6:9e:c5:
36:97:e7:2c:e4:37:61:48:d3:ee:b3:f7:4e:1b:d7:0f:47:fc:
6a:18:e0:7e:3a:8f:e6:c0:ea:61:d7:42:f2:2e:11:c1:30:a0:
f6:2c:9a:18:a3:71:04:4a:3a:43:10:d0:ca:05:91:39:cc:48:
38:30:76:c8:96:44:e5:1a:83:67:6c:e0:16:68:69:10:50:3a:
f7:17:9c:32:db:ac:cf:3a:75:f4:ec:2b:b9:dc:b7:cd:4c:3f:
93:62:4c:7a:d2:71:8e:94:4d:b3:80:aa:d4:d9:6e:62:b5:1e:
c8:4c:22:e5:81:f9:20:1c:76:4b:0a:f1:a6:d3:72:10:81:ce:
81:56:7f:b9:79:d2:9b:ea:15:16:0a:e3:9e:6a:2c:12:e1:ed:
f7:9e:3f:1d:ff:da:46:46:45:f1:ce:26:7f:78:32:09:10:ab:
0e:2e:70:00:0b:e8:c1:1c:19:14:62:61:a9:62:df:46:39:12:
68:96:e3:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5lOKQ+gPV7qSnlcCW3zEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmIxNWNiYWM1ODZhYzMyZTlkMTU5Y2I3YzhiMmUzODllZjE2N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOfW43huqI4DkeXctJsvAYXBWnDI
8rGiVe/RysU9jIPPAKIG8YfMCz4d1rOVHP/MFEM8fciTH97rmnNHBSe7exE1vMFS
Lq9acUoGFajb2NiUedi0eumjPa5B1g8rrkq7bxuDUC6GRjynHq2lWTiompmSAB9g
VQge4GWz2pGPOIr8U6TkdJikr9YUULUsXYbkiV7mTrlg9fM4UW3F1a166czFBZNa
BK3LX+1Sd75qAFjcsJXDzvDUvFUuyjO0Gg7DoEVbYdQee1XA9GxGiDII/XiiqwhP
mFUzwLyA4cObzN95nbejRvlerXPw4dMlg0fkXhMoOr5Lkk7OGWEmaHScCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuxXLrFhqwy6dFZy3yLLjie8WeoMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvdTdGY3VzV0dyRExwMFZuTGZJc3VPSjd4WjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RA4MA0G
CSqGSIb3DQEBCwUAA4IBAQCnnGzCm74sobPA/flhAOtiIewdqqoH/eP2rgeFUSpw
6W0FY8uDcCNz0dtvYo1+bYLG4gddkOlfD+2i2MsSLvHdo7KFbMTWnsU2l+cs5Ddh
SNPus/dOG9cPR/xqGOB+Oo/mwOph10LyLhHBMKD2LJoYo3EESjpDENDKBZE5zEg4
MHbIlkTlGoNnbOAWaGkQUDr3F5wy26zPOnX07Cu53LfNTD+TYkx60nGOlE2zgKrU
2W5itR7ITCLlgfkgHHZLCvGm03IQgc6BVn+5edKb6hUWCuOeaiwS4e33nj8d/9pG
RkXxziZ/eDIJEKsOLnAAC+jBHBkUYmGpYt9GORJoluN3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:51 2025 by rpki-client