Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/s5YqmU9cQ2lc0wXYoZLbKEfnWI8.roa
File: s5YqmU9cQ2lc0wXYoZLbKEfnWI8.roa (raw, json)
Hash identifier: pJq2jymHNthpkWl4m1lOpMpTfT8/tvSFqvtb6Y5AcqY=
Subject key identifier: B3:96:2A:99:4F:5C:43:69:5C:D3:05:D8:A1:92:DB:28:47:E7:58:8F
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0AE37D5A
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/s5YqmU9cQ2lc0wXYoZLbKEfnWI8.roa
Signing time: Tue 15 Feb 2022 02:14:22 +0000
ROA not before: Tue 15 Feb 2022 02:14:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207429
IP address blocks: 213.142.135.0/24 maxlen: 24
80.253.245.0/24 maxlen: 24
80.253.244.0/24 maxlen: 24
80.253.247.0/24 maxlen: 24
91.151.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182680922 (0xae37d5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Feb 15 02:14:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3962a994f5c43695cd305d8a192db2847e7588f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:48:03:4f:97:a5:d5:6e:21:c7:43:16:70:5f:
5e:49:f8:06:93:95:a1:07:46:46:51:4a:a9:f2:31:
26:c8:4b:9b:dc:5b:d4:15:f1:82:89:00:ff:fb:2b:
d8:97:e2:07:02:67:4e:ce:ef:f0:27:a4:31:de:b2:
ce:01:90:89:97:8e:51:a9:fa:47:64:16:2e:d4:3e:
35:30:eb:79:94:cc:b8:80:9d:44:59:50:ee:0d:c1:
cc:d7:1b:2e:3e:ea:3a:7e:4e:56:15:fb:b6:8c:80:
3d:df:40:77:59:4a:17:90:45:38:f4:6b:a9:e0:37:
96:f7:2f:cb:d6:95:99:9b:6e:01:1c:2a:f4:c2:90:
29:8b:e1:71:90:25:76:1b:6c:0f:35:73:84:09:74:
38:2d:43:17:1f:bb:c0:28:b7:79:2a:f2:8e:e2:29:
e2:6d:24:f1:ae:6c:ab:37:8f:1e:16:bd:91:27:f5:
3d:16:4d:0a:5a:aa:5c:3d:9a:a7:bc:09:95:a3:b7:
d4:6d:ad:7f:25:25:cc:1c:b7:5e:1c:03:bb:12:cf:
66:5c:85:94:45:31:7a:fa:f8:62:30:42:80:bc:1a:
03:d4:ec:08:b6:bd:a4:63:93:1c:37:59:3b:46:a6:
25:f3:57:c1:33:ea:1d:2c:5f:55:e1:0d:55:c8:4a:
08:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:96:2A:99:4F:5C:43:69:5C:D3:05:D8:A1:92:DB:28:47:E7:58:8F
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/s5YqmU9cQ2lc0wXYoZLbKEfnWI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.244.0/23
80.253.247.0/24
91.151.81.0/24
213.142.135.0/24
Signature Algorithm: sha256WithRSAEncryption
54:18:61:a2:33:f4:c3:7b:6a:6d:6d:99:07:15:c7:f7:12:4f:
b4:fa:a1:6c:7a:ae:6d:25:12:f0:cb:cc:5b:16:8e:3b:b8:08:
ea:7a:8c:de:85:58:c9:d7:9e:e8:53:f4:85:b5:53:e8:9e:df:
d7:20:3f:3d:54:4c:66:71:49:72:9b:09:e6:e6:f4:ad:db:78:
82:a8:00:38:18:b8:9d:2a:fc:42:c3:07:bc:fe:9e:9f:4a:ff:
3a:fb:ac:cb:bc:47:d9:3f:77:f6:79:de:dc:ba:8b:45:2d:db:
7c:26:a6:fd:fe:8a:ab:12:a2:25:79:ad:50:12:17:85:ce:db:
cf:73:2e:95:2c:30:ca:8c:33:34:40:5e:63:2c:77:eb:8e:0f:
f9:e2:b6:1d:72:d1:05:e0:8a:c8:1c:a7:1c:ef:9f:5b:e9:28:
80:24:57:ce:ea:33:72:bf:46:71:1c:c1:54:c5:bd:3d:f9:05:
05:01:52:b5:49:17:7d:ee:b3:96:01:aa:4c:94:c6:cd:e1:a6:
e5:9a:a4:b3:40:46:94:2c:db:e8:d9:7d:10:79:69:de:7d:cc:
35:1d:7b:31:b5:b8:93:66:c5:80:64:8c:3f:bc:8e:d6:73:bc:
2a:f8:e1:97:c4:8f:78:ad:59:72:ce:b1:bd:43:e1:d4:0a:c6:
71:bd:75:f9
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECuN9WjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDIx
NTAyMTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM5NjJhOTk0ZjVj
NDM2OTVjZDMwNWQ4YTE5MmRiMjg0N2U3NTg4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdIA0+XpdVuIcdDFnBfXkn4BpOVoQdGRlFKqfIxJshLm9xb
1BXxgokA//sr2JfiBwJnTs7v8CekMd6yzgGQiZeOUan6R2QWLtQ+NTDreZTMuICd
RFlQ7g3BzNcbLj7qOn5OVhX7toyAPd9Ad1lKF5BFOPRrqeA3lvcvy9aVmZtuARwq
9MKQKYvhcZAldhtsDzVzhAl0OC1DFx+7wCi3eSryjuIp4m0k8a5sqzePHha9kSf1
PRZNClqqXD2ap7wJlaO31G2tfyUlzBy3XhwDuxLPZlyFlEUxevr4YjBCgLwaA9Ts
CLa9pGOTHDdZO0amJfNXwTPqHSxfVeENVchKCKMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSzliqZT1xDaVzTBdihktsoR+dYjzAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L3M1WXFtVTljUTJsYzB3WFlvWkxiS0VmbldJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVD99AMEAFD99wMEAFuXUQMEANWO
hzANBgkqhkiG9w0BAQsFAAOCAQEAVBhhojP0w3tqbW2ZBxXH9xJPtPqhbHqubSUS
8MvMWxaOO7gI6nqM3oVYydee6FP0hbVT6J7f1yA/PVRMZnFJcpsJ5ub0rdt4gqgA
OBi4nSr8QsMHvP6en0r/Ovusy7xH2T939nne3LqLRS3bfCam/f6KqxKiJXmtUBIX
hc7bz3MulSwwyowzNEBeYyx3644P+eK2HXLRBeCKyBynHO+fW+kogCRXzuozcr9G
cRzBVMW9PfkFBQFStUkXfe6zlgGqTJTGzeGm5Zqks0BGlCzb6Nl9EHlp3n3MNR17
MbW4k2bFgGSMP7yO1nO8Kvjhl8SPeK1Zcs6xvUPh1ArGcb11+Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org