Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/a565fb-50bd-4bb6-875c-0e2bbd4337aa/1/xr2Xw0d6nW7tt0OYapr92bKGzjQ.roa
File: xr2Xw0d6nW7tt0OYapr92bKGzjQ.roa (raw, json)
Hash identifier: ORTlDSrvUOH2FqvwuRAZBM5bipH558kc82tPY7PGAwQ=
Subject key identifier: C6:BD:97:C3:47:7A:9D:6E:ED:B7:43:98:6A:9A:FD:D9:B2:86:CE:34
Certificate issuer: /CN=b1c208a23b2d4d87be93f89d532bc6f44908819b
Certificate serial: 018552AA78E2BEE9A24BFC5822E49B9766BE
Authority key identifier: B1:C2:08:A2:3B:2D:4D:87:BE:93:F8:9D:53:2B:C6:F4:49:08:81:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/scIIojstTYe-k_idUyvG9EkIgZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/a565fb-50bd-4bb6-875c-0e2bbd4337aa/1/xr2Xw0d6nW7tt0OYapr92bKGzjQ.roa
Signing time: Tue 27 Dec 2022 08:19:41 +0000
ROA not before: Tue 27 Dec 2022 08:19:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59848
IP address blocks: 213.109.145.0/24 maxlen: 24
2a11:6ac0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:52:aa:78:e2:be:e9:a2:4b:fc:58:22:e4:9b:97:66:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1c208a23b2d4d87be93f89d532bc6f44908819b
Validity
Not Before: Dec 27 08:19:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6bd97c3477a9d6eedb743986a9afdd9b286ce34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:02:34:48:43:3d:0a:c5:fa:16:44:06:56:
6f:7c:aa:78:a8:50:56:f4:5b:5f:d1:9a:e7:7c:3c:
6c:d2:1f:5a:41:1e:99:0e:fc:2e:6f:76:9b:28:57:
16:9d:1d:1f:dd:78:45:86:89:65:12:4e:5e:bc:bd:
c3:80:19:5c:0f:34:f0:8d:25:26:44:4d:bd:bd:8e:
39:88:d3:b0:d3:6e:92:0f:25:a1:89:cd:ac:a7:ba:
a5:3f:ae:11:4f:d4:49:c6:44:89:d9:f7:bd:55:95:
bb:e3:31:f3:0b:12:9d:03:25:36:20:1c:9e:a8:a7:
33:97:91:4f:8e:9a:eb:5b:af:32:44:66:aa:2c:ee:
90:d8:dd:2a:73:49:d3:0e:c6:66:c8:db:ed:17:1c:
a0:9d:4f:6f:97:d5:81:ad:6f:df:ea:46:d8:bb:35:
64:da:33:90:29:07:ef:47:15:de:94:8b:4c:a0:45:
f4:d9:4f:c6:0b:2a:ed:d1:e6:fa:1e:52:a5:0a:9e:
d7:8c:1b:d5:b4:59:cc:84:41:01:7b:94:2b:c3:2b:
8d:89:96:e4:2d:a7:cc:26:f9:a6:ba:d2:f7:3f:71:
0a:a8:12:4f:84:7a:45:2b:aa:c8:b5:25:8c:c5:23:
33:4a:ab:5e:18:f0:e0:87:2c:be:4c:30:18:03:34:
d7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:BD:97:C3:47:7A:9D:6E:ED:B7:43:98:6A:9A:FD:D9:B2:86:CE:34
X509v3 Authority Key Identifier:
keyid:B1:C2:08:A2:3B:2D:4D:87:BE:93:F8:9D:53:2B:C6:F4:49:08:81:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/scIIojstTYe-k_idUyvG9EkIgZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a565fb-50bd-4bb6-875c-0e2bbd4337aa/1/xr2Xw0d6nW7tt0OYapr92bKGzjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a565fb-50bd-4bb6-875c-0e2bbd4337aa/1/scIIojstTYe-k_idUyvG9EkIgZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.145.0/24
IPv6:
2a11:6ac0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:09:30:40:92:02:91:97:41:f9:90:0d:e2:36:bb:26:a0:68:
7c:d4:1a:60:62:fc:88:48:e0:0c:d4:7e:10:d4:d9:63:f5:03:
d8:bc:9b:f9:61:8c:1f:02:b2:d8:3c:d2:1d:74:35:c8:1d:55:
61:4c:20:0e:1b:4c:5e:38:53:3d:1b:56:67:c5:06:4b:bb:5c:
88:f2:64:0f:e5:e0:e4:cb:bd:70:c5:32:99:bd:86:8d:a8:63:
a4:1c:97:75:24:28:e0:b9:0d:d3:f4:2b:bb:c0:4b:d3:37:6f:
2b:ba:6c:9d:88:86:b9:93:97:00:c6:42:ec:15:92:86:6b:26:
22:dc:71:2b:b5:ba:84:16:da:c3:c7:fe:c3:e4:0d:10:77:7a:
0e:70:93:84:38:8e:b6:43:fd:95:1a:a1:f5:a8:ac:6f:d2:fe:
07:b2:19:29:22:4e:85:b2:3d:6d:b1:e2:7b:3a:8e:c3:b4:37:
d7:e5:49:e0:f2:87:44:5d:0d:8b:c7:fb:3d:ea:d4:cb:0a:62:
b7:48:0e:40:26:be:44:9c:71:84:54:20:7d:6b:43:75:a0:b6:
f5:5e:2a:9b:6d:fe:26:1e:00:b0:51:a3:4e:c7:6c:3e:2e:93:
9f:f8:8e:1e:8c:d1:32:df:9a:02:2e:6a:ae:ee:96:36:39:9c:
63:5d:a9:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVSqnjivumiS/xYIuSbl2a+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYzIwOGEyM2IyZDRkODdiZTkzZjg5ZDUzMmJjNmY0NDkw
ODgxOWIwHhcNMjIxMjI3MDgxOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmJkOTdjMzQ3N2E5ZDZlZWRiNzQzOTg2YTlhZmRkOWIyODZjZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZACNEhDPQrF+hZEBlZvfKp4qFBW
9Ftf0ZrnfDxs0h9aQR6ZDvwub3abKFcWnR0f3XhFhollEk5evL3DgBlcDzTwjSUm
RE29vY45iNOw026SDyWhic2sp7qlP64RT9RJxkSJ2fe9VZW74zHzCxKdAyU2IBye
qKczl5FPjprrW68yRGaqLO6Q2N0qc0nTDsZmyNvtFxygnU9vl9WBrW/f6kbYuzVk
2jOQKQfvRxXelItMoEX02U/GCyrt0eb6HlKlCp7XjBvVtFnMhEEBe5QrwyuNiZbk
LafMJvmmutL3P3EKqBJPhHpFK6rItSWMxSMzSqteGPDghyy+TDAYAzTXKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMa9l8NHep1u7bdDmGqa/dmyhs40MB8GA1UdIwQY
MBaAFLHCCKI7LU2HvpP4nVMrxvRJCIGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2NJSW9qc3RUWWUta19pZFV5dkc5RWtJZ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hNTY1ZmItNTBiZC00YmI2LTg3NWMt
MGUyYmJkNDMzN2FhLzEveHIyWHcwZDZuVzd0dDBPWWFwcjkyYktHempRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hNTY1ZmItNTBiZC00YmI2LTg3NWMtMGUyYmJkNDMzN2Fh
LzEvc2NJSW9qc3RUWWUta19pZFV5dkc5RWtJZ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1W2RMA0E
AgACMAcDBQMqEWrAMA0GCSqGSIb3DQEBCwUAA4IBAQAqCTBAkgKRl0H5kA3iNrsm
oGh81BpgYvyISOAM1H4Q1Nlj9QPYvJv5YYwfArLYPNIddDXIHVVhTCAOG0xeOFM9
G1ZnxQZLu1yI8mQP5eDky71wxTKZvYaNqGOkHJd1JCjguQ3T9Cu7wEvTN28rumyd
iIa5k5cAxkLsFZKGayYi3HErtbqEFtrDx/7D5A0Qd3oOcJOEOI62Q/2VGqH1qKxv
0v4HshkpIk6Fsj1tseJ7Oo7DtDfX5Ung8odEXQ2Lx/s96tTLCmK3SA5AJr5EnHGE
VCB9a0N1oLb1Xiqbbf4mHgCwUaNOx2w+LpOf+I4ejNEy35oCLmqu7pY2OZxjXamU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:27 2024 by rpki-client on console-fra.rpki-client.org