Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/dBupz-O2_Ytobh0MU0DxUJsqNCQ.roa
File: dBupz-O2_Ytobh0MU0DxUJsqNCQ.roa (raw, json)
Hash identifier: +oHEo5iMEWbhaUyK5/NkjDgKi1oLbr2aTF8nhRrFNVs=
Subject key identifier: 74:1B:A9:CF:E3:B6:FD:8B:68:6E:1D:0C:53:40:F1:50:9B:2A:34:24
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0182A58DE188F2650E1CBB4EF2A9673C22A6
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/dBupz-O2_Ytobh0MU0DxUJsqNCQ.roa
Signing time: Tue 16 Aug 2022 07:28:35 +0000
ROA not before: Tue 16 Aug 2022 07:28:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 213.142.158.0/24 maxlen: 24
80.253.254.0/24 maxlen: 24
80.253.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a5:8d:e1:88:f2:65:0e:1c:bb:4e:f2:a9:67:3c:22:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Aug 16 07:28:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=741ba9cfe3b6fd8b686e1d0c5340f1509b2a3424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:04:86:b0:6d:70:ac:61:8d:f5:29:f6:23:90:
a7:a5:6c:e2:dc:eb:2a:5b:86:71:0e:48:1c:4c:6d:
15:00:46:b3:7d:04:25:66:59:2b:97:2e:f8:61:2c:
07:8c:8b:bd:80:43:81:61:f3:07:5b:1e:12:83:51:
87:56:6f:81:40:c1:91:26:20:15:4f:9d:23:eb:28:
a2:9a:b5:09:bf:87:b1:80:a4:a7:02:86:04:cb:2f:
06:c3:fd:66:c9:7b:62:14:51:5b:ae:66:5c:a8:d5:
77:92:83:27:d6:5e:f6:bb:04:c8:ca:52:e3:c1:60:
e9:38:f5:93:1e:1e:1b:46:18:eb:81:e8:b8:22:e8:
99:5a:a0:80:c6:7d:1a:93:16:14:7e:31:c1:e1:eb:
72:c4:ba:e1:7b:6b:fb:f1:80:6d:6f:37:93:43:54:
e3:03:1b:53:48:a7:d5:28:e3:34:4d:20:c0:21:4e:
1c:2f:ed:1d:0a:68:de:5b:21:b8:43:5e:63:4f:82:
fa:06:5f:34:0b:75:de:17:2c:ea:c9:86:4c:43:f0:
9c:0f:4e:76:40:47:e8:03:f6:1f:7e:f9:6d:a3:54:
34:9a:03:a6:f4:0b:d1:1b:22:41:e4:7e:e3:f2:78:
3a:e9:97:dd:53:72:cd:29:48:28:ee:0d:91:49:56:
c9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:1B:A9:CF:E3:B6:FD:8B:68:6E:1D:0C:53:40:F1:50:9B:2A:34:24
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/dBupz-O2_Ytobh0MU0DxUJsqNCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.254.0/23
213.142.158.0/24
Signature Algorithm: sha256WithRSAEncryption
95:23:cb:8c:1e:42:b8:bb:0c:36:7e:61:d3:bb:a2:fc:2a:b3:
62:27:0c:3e:ec:68:ed:d4:1b:b2:2c:eb:3d:e7:bd:a3:3e:b9:
e1:30:98:0b:1a:8a:07:08:13:6f:05:32:d7:a1:36:0b:77:d9:
a6:4c:b0:b5:df:c2:f9:33:f1:33:ae:d8:de:16:0d:cc:00:f9:
cf:5f:2e:b5:57:87:59:52:51:21:ce:cf:17:90:84:1f:1a:2b:
d1:ae:0b:d5:2f:f3:2a:66:2c:31:3e:27:07:7b:12:11:a1:72:
bf:d2:83:c3:6e:49:93:a9:9a:1a:35:93:a6:3a:4f:c9:f3:f6:
47:b9:9e:e6:e2:c7:d4:ec:24:41:f6:6a:54:2d:96:21:2d:78:
59:31:54:fb:f2:1d:a0:ea:25:67:e1:fd:aa:ce:4a:1a:cf:93:
40:8e:69:08:5a:88:8f:1d:23:82:c3:5a:80:5b:df:a2:5b:c9:
59:76:d7:95:4b:2c:d1:34:de:e6:a9:1a:58:3c:f4:32:aa:0b:
ed:aa:29:24:30:34:0c:60:15:88:bd:3b:4b:c6:15:11:82:a6:
c6:48:fd:f3:f4:0e:c1:a9:69:8a:06:82:3f:87:dd:fc:74:c1:
c8:44:9f:03:d7:bd:1a:ad:7a:15:f8:21:8e:9e:b4:43:d4:79:
a6:7e:a2:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKljeGI8mUOHLtO8qlnPCKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjIwODE2MDcyODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDFiYTljZmUzYjZmZDhiNjg2ZTFkMGM1MzQwZjE1MDliMmEzNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqASGsG1wrGGN9Sn2I5CnpWzi3Osq
W4ZxDkgcTG0VAEazfQQlZlkrly74YSwHjIu9gEOBYfMHWx4Sg1GHVm+BQMGRJiAV
T50j6yiimrUJv4exgKSnAoYEyy8Gw/1myXtiFFFbrmZcqNV3koMn1l72uwTIylLj
wWDpOPWTHh4bRhjrgei4IuiZWqCAxn0akxYUfjHB4etyxLrhe2v78YBtbzeTQ1Tj
AxtTSKfVKOM0TSDAIU4cL+0dCmjeWyG4Q15jT4L6Bl80C3XeFyzqyYZMQ/CcD052
QEfoA/Yffvlto1Q0mgOm9AvRGyJB5H7j8ng66ZfdU3LNKUgo7g2RSVbJHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHQbqc/jtv2LaG4dDFNA8VCbKjQkMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvZEJ1cHotTzJfWXRvYmgwTVUwRHhVSnNxTkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUP3+AwQA
1Y6eMA0GCSqGSIb3DQEBCwUAA4IBAQCVI8uMHkK4uww2fmHTu6L8KrNiJww+7Gjt
1BuyLOs9572jPrnhMJgLGooHCBNvBTLXoTYLd9mmTLC138L5M/EzrtjeFg3MAPnP
Xy61V4dZUlEhzs8XkIQfGivRrgvVL/MqZiwxPicHexIRoXK/0oPDbkmTqZoaNZOm
Ok/J8/ZHuZ7m4sfU7CRB9mpULZYhLXhZMVT78h2g6iVn4f2qzkoaz5NAjmkIWoiP
HSOCw1qAW9+iW8lZdteVSyzRNN7mqRpYPPQyqgvtqikkMDQMYBWIvTtLxhURgqbG
SP3z9A7BqWmKBoI/h938dMHIRJ8D170arXoV+CGOnrRD1HmmfqIQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-ams.rpki-client.org