Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/zTDPJHIE259DfEHl784pEWHmBpY.roa
File: zTDPJHIE259DfEHl784pEWHmBpY.roa (raw, json)
Hash identifier: Z9LeAxODpeDUly5YjNXFRPVjfgLPjciTcoK1XLh96gs=
Subject key identifier: CD:30:CF:24:72:04:DB:9F:43:7C:41:E5:EF:CE:29:11:61:E6:06:96
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0188A5C4B578F83E103D2EE8D888BF5C0582
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/zTDPJHIE259DfEHl784pEWHmBpY.roa
Signing time: Sat 10 Jun 2023 14:45:12 +0000
ROA not before: Sat 10 Jun 2023 14:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210574
IP address blocks: 213.142.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a5:c4:b5:78:f8:3e:10:3d:2e:e8:d8:88:bf:5c:05:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jun 10 14:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd30cf247204db9f437c41e5efce291161e60696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b6:d1:9b:4d:0c:4f:b5:c8:b7:af:1b:db:0d:
9f:a6:7a:34:35:bf:dc:28:ec:5b:36:82:1b:a5:b9:
4e:2a:67:e0:35:23:5e:91:5f:2b:ee:42:c5:3e:f4:
99:48:a4:4d:ea:e8:5c:5a:59:2b:42:ef:d5:9f:4d:
b9:3b:ce:ca:62:6c:59:6b:37:94:5f:b3:8a:ea:13:
e6:92:2c:fc:62:22:34:84:21:06:95:c3:0d:9e:59:
ba:f9:43:88:93:70:e9:55:87:f2:55:e7:21:6b:d0:
e3:85:6f:ae:84:7a:b1:05:b1:54:54:84:18:b3:f6:
39:c7:fd:cb:26:c3:2d:30:1d:21:7e:31:19:33:19:
fc:27:c2:1f:82:07:de:6d:d0:e2:c0:41:ac:a1:b8:
da:d8:a3:fb:17:d2:c0:ec:e6:44:b1:d5:10:b8:91:
11:08:32:92:1c:3d:d3:5c:db:88:e1:2d:b5:08:98:
8b:bc:59:73:88:22:93:c5:e1:60:5a:69:cd:84:e8:
d7:31:37:39:9e:7b:7a:06:67:10:1a:0f:17:33:77:
0b:4a:eb:74:66:7f:73:2b:a7:56:f7:63:b7:9a:f6:
5c:ad:41:bd:dc:42:e1:ad:4b:18:6d:8c:03:a7:5e:
15:89:65:6c:5d:a9:fe:8a:46:07:35:2a:af:b7:8e:
08:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:30:CF:24:72:04:DB:9F:43:7C:41:E5:EF:CE:29:11:61:E6:06:96
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/zTDPJHIE259DfEHl784pEWHmBpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.157.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:17:b9:9b:ad:5b:5f:a6:7c:76:8f:35:df:5a:0b:0c:04:dc:
ef:5d:b3:5a:3c:10:08:31:ff:0b:7b:98:ec:68:d0:80:ff:00:
1d:6c:55:73:32:67:bf:83:34:c7:31:61:1c:7e:a8:ca:64:2e:
00:e7:32:d9:b0:97:74:e9:28:0a:fc:ab:d4:38:6a:31:d9:97:
73:1c:8c:e7:eb:03:e4:6f:8f:4e:56:1f:ee:60:5d:8f:3e:1f:
0d:0b:56:ab:ac:a3:a1:b3:1d:25:95:92:41:05:13:c2:fa:f8:
fb:e6:2e:57:cd:e8:e7:40:d1:59:3d:dc:24:8e:ea:e3:fa:63:
34:ea:d1:50:e4:c6:2f:92:63:96:4b:e5:64:65:24:54:2c:13:
88:97:8e:00:c4:95:47:d0:c3:48:5f:7a:1a:04:88:f9:ee:a9:
54:68:b0:a7:af:36:64:9c:be:93:fe:e6:80:59:5b:25:a9:02:
13:79:eb:45:69:5c:62:e0:f3:68:b4:4c:81:1a:97:4f:92:60:
79:50:93:e6:f8:24:3d:79:9c:9e:7b:24:21:88:0e:72:94:86:
e1:96:b2:96:fb:40:f1:af:35:51:d9:e1:0d:9f:2d:28:f7:f8:
35:c0:88:95:57:60:37:6d:c6:3f:43:5b:fd:c9:a1:99:09:3e:
c0:0f:39:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYilxLV4+D4QPS7o2Ii/XAWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwNjEwMTQ0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDMwY2YyNDcyMDRkYjlmNDM3YzQxZTVlZmNlMjkxMTYxZTYwNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobbRm00MT7XIt68b2w2fpno0Nb/c
KOxbNoIbpblOKmfgNSNekV8r7kLFPvSZSKRN6uhcWlkrQu/Vn025O87KYmxZazeU
X7OK6hPmkiz8YiI0hCEGlcMNnlm6+UOIk3DpVYfyVecha9DjhW+uhHqxBbFUVIQY
s/Y5x/3LJsMtMB0hfjEZMxn8J8IfggfebdDiwEGsobja2KP7F9LA7OZEsdUQuJER
CDKSHD3TXNuI4S21CJiLvFlziCKTxeFgWmnNhOjXMTc5nnt6BmcQGg8XM3cLSut0
Zn9zK6dW92O3mvZcrUG93ELhrUsYbYwDp14ViWVsXan+ikYHNSqvt44IiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0wzyRyBNufQ3xB5e/OKRFh5gaWMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvelREUEpISUUyNTlEZkVIbDc4NHBFV0htQnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Y6dMA0G
CSqGSIb3DQEBCwUAA4IBAQC0F7mbrVtfpnx2jzXfWgsMBNzvXbNaPBAIMf8Le5js
aNCA/wAdbFVzMme/gzTHMWEcfqjKZC4A5zLZsJd06SgK/KvUOGox2ZdzHIzn6wPk
b49OVh/uYF2PPh8NC1arrKOhsx0llZJBBRPC+vj75i5XzejnQNFZPdwkjurj+mM0
6tFQ5MYvkmOWS+VkZSRULBOIl44AxJVH0MNIX3oaBIj57qlUaLCnrzZknL6T/uaA
WVslqQITeetFaVxi4PNotEyBGpdPkmB5UJPm+CQ9eZyeeyQhiA5ylIbhlrKW+0Dx
rzVR2eENny0o9/g1wIiVV2A3bcY/Q1v9yaGZCT7ADzmF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:05 2025 by rpki-client