Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1Ch_-J1u-hWS63TUB_1gHveBfLE.roa
File: 1Ch_-J1u-hWS63TUB_1gHveBfLE.roa (raw, json)
Hash identifier: A1GG9sPFgzsPOEsa9KqVwNkEyel8sTugy5YQKhB+Riw=
Subject key identifier: D4:28:7F:F8:9D:6E:FA:15:92:EB:74:D4:07:FD:60:1E:F7:81:7C:B1
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0B27F516
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1Ch_-J1u-hWS63TUB_1gHveBfLE.roa
Signing time: Wed 16 Mar 2022 21:10:13 +0000
ROA not before: Wed 16 Mar 2022 21:10:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.142.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 187168022 (0xb27f516)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Mar 16 21:10:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4287ff89d6efa1592eb74d407fd601ef7817cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c2:89:d9:a9:da:7b:1a:88:ee:41:a7:6e:83:
ba:40:b6:8b:14:39:05:57:25:ad:a4:1f:10:37:b2:
0b:af:86:7f:d1:28:34:23:5f:e4:c7:a9:f8:87:8a:
20:84:8c:19:4e:61:e0:3a:09:cb:48:ad:97:79:57:
e2:ab:79:3c:8c:7f:07:40:19:7a:07:95:01:86:16:
0a:71:ed:17:81:3c:d4:49:3e:63:cb:58:3f:a3:a6:
85:bb:35:91:ec:fe:c9:6e:19:b8:09:63:c2:55:0a:
bb:a5:ab:40:67:b3:85:2e:e7:26:42:c8:7d:c7:4c:
a4:30:13:2a:fa:e6:c6:5f:f9:35:ca:5c:68:da:08:
3c:52:9a:77:96:28:fe:92:f4:f1:76:8e:d0:48:c6:
d3:90:34:f2:27:f3:51:c8:78:c2:6e:2c:6c:dd:65:
f5:d6:ca:77:d1:c5:14:91:04:59:a1:a3:7f:5f:61:
05:b0:b7:3a:0a:15:fe:8c:9c:d0:89:6e:c7:d0:2b:
f2:2d:d4:02:a4:bf:60:04:bc:77:06:cc:6a:91:ad:
e2:24:ba:1e:ea:cd:2f:23:3c:f3:bd:de:9b:73:6d:
b8:0f:a2:1e:5f:40:04:66:7c:c3:fa:15:a7:16:b3:
a0:10:be:81:9a:f6:83:fb:03:e7:f8:06:b1:15:33:
f3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:28:7F:F8:9D:6E:FA:15:92:EB:74:D4:07:FD:60:1E:F7:81:7C:B1
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1Ch_-J1u-hWS63TUB_1gHveBfLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.134.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:1e:ac:d6:52:3e:7b:fb:b2:a4:21:a6:bf:0d:4e:34:aa:85:
3b:74:28:c4:27:1d:71:c4:77:e4:b1:11:10:db:bd:fc:ec:0f:
91:4f:1f:5e:0a:08:c6:48:13:02:62:ba:1d:52:12:22:3e:0d:
96:4e:8a:34:3b:4b:2d:9a:b7:36:f9:7b:10:bd:85:d1:44:36:
e0:0d:0d:03:76:d3:f0:26:a6:ca:7b:73:5a:38:77:12:65:3b:
ee:62:2e:f9:4d:08:46:a4:8c:97:90:c0:4e:4d:13:09:73:05:
84:65:67:4f:ba:b2:28:e2:2d:68:a7:ed:da:fe:2d:73:57:cc:
22:23:5c:ea:ce:3d:df:85:9d:4f:21:1a:31:b9:27:c1:cd:5e:
27:49:31:2a:cc:50:3d:d0:a7:b8:ea:31:b6:dc:48:52:54:8b:
f9:ce:41:08:61:b8:a8:f3:10:38:45:55:23:58:51:4e:37:70:
2d:58:c9:ed:eb:c8:f3:dc:8a:e5:a6:22:53:d7:d1:6e:ce:1c:
55:43:c6:7b:df:d7:35:6e:2a:14:32:56:32:5e:1b:b4:59:61:
43:c6:22:a3:88:40:1a:90:8c:f6:24:37:1b:a6:55:cb:e0:5c:
b4:e7:29:0f:b7:fb:95:64:13:ed:08:3f:6b:84:0a:f0:c3:10:
9a:27:e3:8d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECyf1FjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDMx
NjIxMTAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDQyODdmZjg5ZDZl
ZmExNTkyZWI3NGQ0MDdmZDYwMWVmNzgxN2NiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/Cidmp2nsaiO5Bp26DukC2ixQ5BVclraQfEDeyC6+Gf9Eo
NCNf5Mep+IeKIISMGU5h4DoJy0itl3lX4qt5PIx/B0AZegeVAYYWCnHtF4E81Ek+
Y8tYP6Omhbs1kez+yW4ZuAljwlUKu6WrQGezhS7nJkLIfcdMpDATKvrmxl/5Ncpc
aNoIPFKad5Yo/pL08XaO0EjG05A08ifzUch4wm4sbN1l9dbKd9HFFJEEWaGjf19h
BbC3OgoV/oyc0Ilux9Ar8i3UAqS/YAS8dwbMapGt4iS6HurNLyM8873em3NtuA+i
Hl9ABGZ8w/oVpxazoBC+gZr2g/sD5/gGsRUz818CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTUKH/4nW76FZLrdNQH/WAe94F8sTAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
LzFDaF8tSjF1LWhXUzYzVFVCXzFnSHZlQmZMRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWOhjANBgkqhkiG9w0BAQsFAAOC
AQEATR6s1lI+e/uypCGmvw1ONKqFO3QoxCcdccR35LERENu9/OwPkU8fXgoIxkgT
AmK6HVISIj4Nlk6KNDtLLZq3Nvl7EL2F0UQ24A0NA3bT8CamyntzWjh3EmU77mIu
+U0IRqSMl5DATk0TCXMFhGVnT7qyKOItaKft2v4tc1fMIiNc6s4934WdTyEaMbkn
wc1eJ0kxKsxQPdCnuOoxttxIUlSL+c5BCGG4qPMQOEVVI1hRTjdwLVjJ7evI89yK
5aYiU9fRbs4cVUPGe9/XNW4qFDJWMl4btFlhQ8Yio4hAGpCM9iQ3G6ZVy+BctOcp
D7f7lWQT7Qg/a4QK8MMQmifjjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:37 2024 by rpki-client on console-ams.rpki-client.org