Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/2pKzMTuL8cPXnG8ZaDf1LCmuP2I.roa
File: 2pKzMTuL8cPXnG8ZaDf1LCmuP2I.roa (raw, json)
Hash identifier: jsIxvILEKTTjC6LwgLX6KXMDLX/K+f5CQ/Vj9wWVbpE=
Subject key identifier: DA:92:B3:31:3B:8B:F1:C3:D7:9C:6F:19:68:37:F5:2C:29:AE:3F:62
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0AE57619
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/2pKzMTuL8cPXnG8ZaDf1LCmuP2I.roa
Signing time: Tue 15 Feb 2022 15:45:03 +0000
ROA not before: Tue 15 Feb 2022 15:45:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207429
IP address blocks: 213.142.135.0/24 maxlen: 24
213.142.143.0/24 maxlen: 24
80.253.245.0/24 maxlen: 24
80.253.244.0/24 maxlen: 24
80.253.247.0/24 maxlen: 24
91.151.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182810137 (0xae57619)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Feb 15 15:45:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da92b3313b8bf1c3d79c6f196837f52c29ae3f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cf:05:8a:c7:c6:06:51:e4:73:9b:c5:0d:b7:
f1:1f:6e:60:4e:f3:2a:30:1e:f7:f8:14:00:87:9c:
0d:c2:8f:7d:40:50:ea:89:a7:9b:1b:9d:b0:41:7e:
12:7a:60:38:4b:4c:f4:91:25:99:49:ef:b6:d9:03:
b6:bd:42:01:62:bb:f2:58:d3:bc:31:0f:6f:15:59:
6d:71:db:11:53:bf:af:33:57:33:62:6d:59:6e:4a:
a8:4b:4a:07:ad:95:4f:27:8e:0e:a0:d8:3e:fc:c6:
93:0a:13:ac:d0:aa:8e:e4:a5:bd:8e:d1:1b:f6:33:
f4:33:2f:a8:41:f7:69:6f:91:79:02:be:57:fe:6b:
cc:ba:da:5d:fc:15:93:c8:5f:43:38:43:4e:09:c3:
fe:90:1c:75:03:70:9b:08:98:36:f3:80:f2:35:8e:
a2:ee:8a:a1:8b:90:53:68:15:c0:f9:ca:98:a7:14:
e7:24:aa:10:c9:8f:ec:96:ec:89:8d:05:c3:ed:ab:
f3:34:83:1a:f9:51:f0:6c:93:8f:3d:fc:b6:b4:e6:
89:75:5b:99:47:a1:b0:0e:b3:dc:c2:7d:78:d5:26:
37:59:4a:c1:6e:5d:94:cc:b1:ea:db:46:fb:d0:6e:
5b:c2:01:cb:54:cf:8e:4b:3f:c0:9b:22:72:ff:5b:
4c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:92:B3:31:3B:8B:F1:C3:D7:9C:6F:19:68:37:F5:2C:29:AE:3F:62
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/2pKzMTuL8cPXnG8ZaDf1LCmuP2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.244.0/23
80.253.247.0/24
91.151.81.0/24
213.142.135.0/24
213.142.143.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:fb:e8:cf:83:83:64:af:fc:62:46:39:56:4d:a7:4d:d9:33:
64:f4:63:8a:62:42:71:ee:3b:05:99:3e:c5:a7:ff:c7:16:35:
e2:dd:8c:f0:d4:56:c2:1b:1e:ca:6c:18:19:fc:47:90:b9:6f:
fc:b0:e9:35:23:15:8c:7c:22:4d:f9:48:46:26:84:07:3b:1d:
d0:c6:55:17:ad:03:a1:49:41:b3:87:2d:0d:18:c5:cc:f6:e4:
08:1e:92:4b:9c:62:9f:74:4f:9f:b8:3d:59:74:0d:65:5c:f2:
9a:16:70:38:4f:21:29:17:9c:1b:86:5c:3f:5f:05:be:96:f2:
74:11:09:30:23:5f:68:f5:39:df:c4:3b:8b:41:da:f2:33:74:
78:5f:c0:81:15:9b:32:b6:12:2b:e4:89:c6:87:0e:76:66:dd:
c6:34:c7:19:ee:fd:ae:cf:8b:67:ca:fd:0d:cf:92:f4:24:fa:
9d:1c:84:ec:fe:49:0f:96:bf:a7:30:db:66:c2:87:0e:78:25:
0c:03:42:1a:36:5a:f4:62:61:3e:30:8d:08:19:36:08:1d:c3:
bd:c2:e8:31:75:c6:c0:db:35:8f:c5:8f:77:5f:f4:ca:64:57:
0c:d9:cb:7e:b5:3a:ea:3b:8b:28:b2:38:87:83:ac:44:1d:a8:
34:71:c7:8e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECuV2GTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDIx
NTE1NDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE5MmIzMzEzYjhi
ZjFjM2Q3OWM2ZjE5NjgzN2Y1MmMyOWFlM2Y2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/PBYrHxgZR5HObxQ238R9uYE7zKjAe9/gUAIecDcKPfUBQ
6omnmxudsEF+EnpgOEtM9JElmUnvttkDtr1CAWK78ljTvDEPbxVZbXHbEVO/rzNX
M2JtWW5KqEtKB62VTyeODqDYPvzGkwoTrNCqjuSlvY7RG/Yz9DMvqEH3aW+ReQK+
V/5rzLraXfwVk8hfQzhDTgnD/pAcdQNwmwiYNvOA8jWOou6KoYuQU2gVwPnKmKcU
5ySqEMmP7JbsiY0Fw+2r8zSDGvlR8GyTjz38trTmiXVbmUehsA6z3MJ9eNUmN1lK
wW5dlMyx6ttG+9BuW8IBy1TPjks/wJsicv9bTFUCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTakrMxO4vxw9ecbxloN/UsKa4/YjAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
LzJwS3pNVHVMOGNQWG5HOFphRGYxTENtdVAySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAVD99AMEAFD99wMEAFuXUQMEANWO
hwMEANWOjzANBgkqhkiG9w0BAQsFAAOCAQEAoPvoz4ODZK/8YkY5Vk2nTdkzZPRj
imJCce47BZk+xaf/xxY14t2M8NRWwhseymwYGfxHkLlv/LDpNSMVjHwiTflIRiaE
Bzsd0MZVF60DoUlBs4ctDRjFzPbkCB6SS5xin3RPn7g9WXQNZVzymhZwOE8hKRec
G4ZcP18FvpbydBEJMCNfaPU538Q7i0Ha8jN0eF/AgRWbMrYSK+SJxocOdmbdxjTH
Ge79rs+LZ8r9Dc+S9CT6nRyE7P5JD5a/pzDbZsKHDnglDANCGjZa9GJhPjCNCBk2
CB3DvcLoMXXGwNs1j8WPd1/0ymRXDNnLfrU66juLKLI4h4OsRB2oNHHHjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org