Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/xTqunYX95oweWCIVFxyptvdlArc.roa
File: xTqunYX95oweWCIVFxyptvdlArc.roa (raw, json)
Hash identifier: eDvq2tnBqW7+byK3i1g0LAmTPCPz6bqlNsjxkhP6TgM=
Subject key identifier: C5:3A:AE:9D:85:FD:E6:8C:1E:58:22:15:17:1C:A9:B6:F7:65:02:B7
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018708CB2D060AD15E9525EFB2746E2F86F2
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/xTqunYX95oweWCIVFxyptvdlArc.roa
Signing time: Wed 22 Mar 2023 10:09:05 +0000
ROA not before: Wed 22 Mar 2023 10:09:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202233
IP address blocks: 213.4.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:cb:2d:06:0a:d1:5e:95:25:ef:b2:74:6e:2f:86:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Mar 22 10:09:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c53aae9d85fde68c1e582215171ca9b6f76502b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7e:17:53:6f:3d:1e:de:e4:fd:31:ce:9a:06:
55:37:84:23:65:be:79:27:de:e0:3b:06:8d:2f:f8:
7e:4e:b0:cb:e1:92:59:ea:a9:74:71:86:20:37:88:
db:7d:c3:6d:c4:a9:ae:4f:ea:a0:2a:9e:c3:18:f8:
55:59:cc:f8:87:f8:b6:08:bf:b0:b0:53:b9:42:51:
af:23:54:5d:6b:fb:6a:f9:e3:13:05:3b:6c:04:60:
27:68:27:1f:86:28:52:0a:c7:98:f1:99:16:c6:36:
88:d7:96:99:a8:15:4b:f9:c9:2d:96:69:ae:e5:bc:
45:9f:58:be:4c:04:3c:5c:23:11:9b:b6:68:d0:c9:
ad:87:fc:41:74:59:ea:a8:e7:e5:d3:cf:53:58:46:
57:80:e9:c2:22:7b:33:bc:81:6f:11:ac:02:1e:9b:
e4:8e:43:6c:79:3c:fa:73:db:87:1c:1b:d8:eb:ee:
53:fd:98:ab:9b:f1:64:44:72:0c:61:1a:4a:dd:4d:
49:e6:09:fd:17:b7:fc:fe:c6:f0:c5:db:1d:b9:d8:
fc:a0:f6:af:61:2d:10:61:db:3e:ec:f5:49:99:db:
71:ef:0f:02:66:10:f9:58:0e:47:8a:b3:8b:fd:49:
85:d5:22:68:6a:43:2e:ec:7c:66:6a:1f:02:c4:19:
0d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3A:AE:9D:85:FD:E6:8C:1E:58:22:15:17:1C:A9:B6:F7:65:02:B7
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/xTqunYX95oweWCIVFxyptvdlArc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.4.126.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:af:7d:91:e9:9a:d1:8f:fd:3a:13:a2:f5:32:93:1d:97:5f:
f7:e4:50:2f:2b:04:87:a2:0b:43:20:bf:cb:e3:3f:00:4a:3c:
c4:30:27:54:83:37:66:37:94:64:93:f9:9a:57:be:a9:30:82:
ce:b4:3c:27:c5:8c:1c:98:0e:98:8f:54:ef:da:18:3e:cc:4e:
fb:1d:5f:c6:c5:64:c1:a4:26:59:22:b3:f8:93:39:be:fd:81:
48:64:9a:97:76:f3:0a:54:f9:f7:dd:04:1d:be:c4:2c:ed:f1:
f0:83:63:77:26:e2:88:cb:b1:8c:61:10:c0:bd:f9:f0:41:eb:
27:89:89:52:32:1c:f4:0f:dd:90:31:5f:31:36:a2:0f:51:f5:
9c:54:c1:8d:67:60:f6:65:a0:96:e0:52:85:dd:d4:4b:62:21:
29:77:cb:f4:57:09:9e:53:8f:00:70:35:1c:0d:29:14:44:27:
99:3d:95:47:f6:17:1c:8f:3d:a5:43:3e:2e:5c:4c:3b:9b:ba:
36:84:95:93:5c:3e:67:ad:9a:05:35:ff:b6:e8:a5:ef:21:14:
67:79:6a:a1:5e:76:a6:ca:6f:83:42:0c:4c:2b:4a:2d:aa:d0:
d7:71:27:d9:48:4a:fd:d7:dd:a1:a9:bd:45:44:7b:61:bb:1e:
02:1b:dd:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcIyy0GCtFelSXvsnRuL4byMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMzIyMTAwOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTNhYWU5ZDg1ZmRlNjhjMWU1ODIyMTUxNzFjYTliNmY3NjUwMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX4XU289Ht7k/THOmgZVN4QjZb55
J97gOwaNL/h+TrDL4ZJZ6ql0cYYgN4jbfcNtxKmuT+qgKp7DGPhVWcz4h/i2CL+w
sFO5QlGvI1Rda/tq+eMTBTtsBGAnaCcfhihSCseY8ZkWxjaI15aZqBVL+cktlmmu
5bxFn1i+TAQ8XCMRm7Zo0Mmth/xBdFnqqOfl089TWEZXgOnCInszvIFvEawCHpvk
jkNseTz6c9uHHBvY6+5T/Zirm/FkRHIMYRpK3U1J5gn9F7f8/sbwxdsdudj8oPav
YS0QYds+7PVJmdtx7w8CZhD5WA5HirOL/UmF1SJoakMu7Hxmah8CxBkNvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMU6rp2F/eaMHlgiFRccqbb3ZQK3MB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEveFRxdW5ZWDk1b3dlV0NJVkZ4eXB0dmRsQXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1QR+MA0G
CSqGSIb3DQEBCwUAA4IBAQCrr32R6ZrRj/06E6L1MpMdl1/35FAvKwSHogtDIL/L
4z8ASjzEMCdUgzdmN5Rkk/maV76pMILOtDwnxYwcmA6Yj1Tv2hg+zE77HV/GxWTB
pCZZIrP4kzm+/YFIZJqXdvMKVPn33QQdvsQs7fHwg2N3JuKIy7GMYRDAvfnwQesn
iYlSMhz0D92QMV8xNqIPUfWcVMGNZ2D2ZaCW4FKF3dRLYiEpd8v0VwmeU48AcDUc
DSkURCeZPZVH9hccjz2lQz4uXEw7m7o2hJWTXD5nrZoFNf+26KXvIRRneWqhXnam
ym+DQgxMK0otqtDXcSfZSEr9192hqb1FRHthux4CG93j
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:42 2025 by rpki-client