Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/lPhtmv2NK4mXcWULpEfVJv4mPrU.roa
File: lPhtmv2NK4mXcWULpEfVJv4mPrU.roa (raw, json)
Hash identifier: a/B7UXUO8eQH5qJAQIpekYhHE/jChr54PXwZAxTgmLQ=
Subject key identifier: 94:F8:6D:9A:FD:8D:2B:89:97:71:65:0B:A4:47:D5:26:FE:26:3E:B5
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 0186D5663F00B3A96CA3B63BD603E0308429
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/lPhtmv2NK4mXcWULpEfVJv4mPrU.roa
Signing time: Sun 12 Mar 2023 10:38:13 +0000
ROA not before: Sun 12 Mar 2023 10:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25317
IP address blocks: 213.244.32.0/21 maxlen: 21
213.244.44.0/22 maxlen: 22
213.244.48.0/21 maxlen: 21
213.244.56.0/21 maxlen: 21
2a0a:6840::/30 maxlen: 30
2a0a:6844::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d5:66:3f:00:b3:a9:6c:a3:b6:3b:d6:03:e0:30:84:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: Mar 12 10:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94f86d9afd8d2b899771650ba447d526fe263eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:79:81:17:26:89:e3:13:93:ac:78:c2:9d:85:
f4:6f:51:60:4c:d7:53:0d:d4:55:ed:73:05:d3:e2:
da:1b:5c:59:b9:41:47:9b:ea:fa:17:98:32:49:36:
1a:86:d0:ca:d5:e3:50:48:5c:04:9e:6f:90:93:5d:
48:51:8c:38:4a:52:ac:ae:2b:d4:9f:c3:dd:7b:02:
3d:d1:3d:ad:cf:32:4d:ab:bb:6e:b5:be:d1:42:49:
0f:a5:5c:91:f5:b5:3b:02:17:53:9d:50:76:0c:db:
7e:c4:5c:37:d7:59:73:80:06:e2:93:31:19:63:c3:
9e:d8:b3:82:7b:52:53:9d:8d:8b:40:14:16:52:0e:
02:58:d4:b7:06:9f:70:82:2a:27:86:40:fe:ad:fb:
a5:9d:60:ef:f6:62:73:f4:37:fc:32:14:a0:a3:fa:
e5:21:e1:12:5e:9e:c9:35:b9:23:da:43:0b:48:16:
cd:ea:ee:0f:39:06:6e:a4:15:96:e8:fd:5c:ed:96:
96:16:24:b1:08:9d:6d:88:b3:02:45:d5:f0:c6:2c:
3c:76:eb:aa:2e:ca:78:e2:5f:40:11:b3:c9:bb:0d:
19:bb:9d:c3:58:48:98:37:28:93:ad:20:d9:08:d5:
ab:2b:0f:49:5d:b0:a6:7e:8e:55:1f:64:24:1c:05:
b9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F8:6D:9A:FD:8D:2B:89:97:71:65:0B:A4:47:D5:26:FE:26:3E:B5
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/lPhtmv2NK4mXcWULpEfVJv4mPrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.244.32.0/21
213.244.44.0-213.244.63.255
IPv6:
2a0a:6840::/29
Signature Algorithm: sha256WithRSAEncryption
87:19:b0:8d:a8:ba:b2:b1:24:e3:67:0e:21:a0:5d:1c:07:ac:
aa:59:30:23:25:d2:c7:5b:7e:2c:e1:3b:c5:24:79:b4:3e:a8:
3d:32:ef:f0:a5:78:b8:6f:ca:5a:a0:1b:31:36:3f:96:34:7c:
60:1c:43:da:20:81:4b:a6:77:44:f9:be:64:6e:34:45:d5:41:
7a:53:24:dd:95:13:6e:9c:45:e1:bd:21:64:62:2d:d7:ae:7f:
88:8e:60:e7:42:dd:87:a3:ef:4e:b3:26:66:15:e9:dc:a8:04:
8f:0b:66:8c:57:a2:1d:cb:0d:cc:6e:45:4d:24:96:cf:4b:cb:
83:1c:00:5c:4a:f4:74:01:3f:cb:e3:2a:06:80:06:9e:5b:73:
f1:c0:53:00:b4:81:6e:d4:cd:a5:9a:ee:16:51:c6:b4:1c:b2:
3b:3d:cb:0f:f6:d8:f9:23:31:a4:c9:67:e7:99:30:e0:3c:97:
8b:86:d5:1b:1f:f7:49:37:20:a8:d2:81:1a:12:e9:56:86:71:
35:4e:88:2c:da:d0:e6:a0:7e:fe:89:a6:e3:37:1e:3b:1d:a8:
4f:b7:f0:bd:45:f0:0d:8f:e3:15:3b:54:55:b9:49:33:cc:1f:
45:cc:05:e2:88:53:a5:74:15:73:1b:54:5e:f6:c1:2c:22:45:
69:01:44:e7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYbVZj8As6lso7Y71gPgMIQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjMwMzEyMTAzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGY4NmQ5YWZkOGQyYjg5OTc3MTY1MGJhNDQ3ZDUyNmZlMjYzZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnmBFyaJ4xOTrHjCnYX0b1FgTNdT
DdRV7XMF0+LaG1xZuUFHm+r6F5gySTYahtDK1eNQSFwEnm+Qk11IUYw4SlKsrivU
n8PdewI90T2tzzJNq7tutb7RQkkPpVyR9bU7AhdTnVB2DNt+xFw311lzgAbikzEZ
Y8Oe2LOCe1JTnY2LQBQWUg4CWNS3Bp9wgionhkD+rfulnWDv9mJz9Df8MhSgo/rl
IeESXp7JNbkj2kMLSBbN6u4POQZupBWW6P1c7ZaWFiSxCJ1tiLMCRdXwxiw8duuq
Lsp44l9AEbPJuw0Zu53DWEiYNyiTrSDZCNWrKw9JXbCmfo5VH2QkHAW5hQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJT4bZr9jSuJl3FlC6RH1Sb+Jj61MB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvbFBodG12Mk5LNG1YY1dVTHBFZlZKdjRtUHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQD1fQgMAwD
BALV9CwDBAbV9AAwDQQCAAIwBwMFAyoKaEAwDQYJKoZIhvcNAQELBQADggEBAIcZ
sI2ourKxJONnDiGgXRwHrKpZMCMl0sdbfizhO8UkebQ+qD0y7/CleLhvylqgGzE2
P5Y0fGAcQ9oggUumd0T5vmRuNEXVQXpTJN2VE26cReG9IWRiLdeuf4iOYOdC3Yej
706zJmYV6dyoBI8LZoxXoh3LDcxuRU0kls9Ly4McAFxK9HQBP8vjKgaABp5bc/HA
UwC0gW7UzaWa7hZRxrQcsjs9yw/22PkjMaTJZ+eZMOA8l4uG1Rsf90k3IKjSgRoS
6VaGcTVOiCza0Oagfv6JpuM3HjsdqE+38L1F8A2P4xU7VFW5STPMH0XMBeKIU6V0
FXMbVF72wSwiRWkBROc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:30 2025 by rpki-client