Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/cW8oTmKIp393tS1harHEiGdUn-Y.roa
File: cW8oTmKIp393tS1harHEiGdUn-Y.roa (raw, json)
Hash identifier: wQI/hRYWu/u0xhPajcbwlehxCLWuu2fZOI7mFGBFHjA=
Subject key identifier: 71:6F:28:4E:62:88:A7:7F:77:B5:2D:61:6A:B1:C4:88:67:54:9F:E6
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 0188E1FA4836341E9B0735C75A681D38C71F
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/cW8oTmKIp393tS1harHEiGdUn-Y.roa
Signing time: Thu 22 Jun 2023 07:20:56 +0000
ROA not before: Thu 22 Jun 2023 07:20:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 217.23.32.0/20 maxlen: 24
194.165.128.0/19 maxlen: 24
213.186.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e1:fa:48:36:34:1e:9b:07:35:c7:5a:68:1d:38:c7:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Jun 22 07:20:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=716f284e6288a77f77b52d616ab1c48867549fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d7:b0:9b:af:5e:54:a6:a5:73:d7:57:d7:a5:
ca:0d:71:27:fb:a2:a0:2b:10:04:87:78:5c:df:ba:
6e:de:de:94:ad:01:58:0e:f9:51:98:9c:44:06:8e:
62:73:32:ab:7e:24:65:7f:48:3a:57:2a:85:d5:8e:
87:9f:5a:2d:7f:ae:57:73:1d:b6:11:66:be:fe:6e:
e2:7c:9b:ea:9f:b4:b2:e3:1b:c7:2b:5b:1d:8b:fb:
75:e9:76:10:37:9c:6b:57:fc:ba:76:25:0d:a8:30:
56:f5:6f:bd:6e:00:98:24:03:d2:b4:79:6b:4b:55:
c6:d1:59:0b:a7:20:9a:fd:94:1f:42:ea:67:d1:be:
9b:58:d5:0f:30:3c:77:79:53:05:0f:ff:bd:a8:6b:
58:98:05:00:9d:17:ff:10:51:fb:8f:fc:76:95:0e:
a6:bb:2e:f8:1e:5c:ea:43:78:eb:a5:9f:79:10:2e:
6d:d3:a6:15:00:5f:19:62:c5:b8:02:86:1c:24:8f:
41:3e:8e:b5:e9:80:80:31:53:4b:f6:f9:9c:81:69:
5e:09:64:d7:2d:e3:28:54:5c:9f:f1:7b:6f:aa:19:
24:fe:12:e6:b2:7d:65:39:e3:cc:c0:ae:6b:e6:64:
7c:2e:8d:91:9c:25:7a:94:f3:a2:ae:89:cc:a9:94:
11:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6F:28:4E:62:88:A7:7F:77:B5:2D:61:6A:B1:C4:88:67:54:9F:E6
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/cW8oTmKIp393tS1harHEiGdUn-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.128.0/19
213.186.164.0/24
217.23.32.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:2d:5c:dc:b4:c1:79:48:9a:8f:2e:32:21:8e:3a:30:3e:b1:
62:e9:a7:6a:8d:9a:79:5c:79:6b:4d:c1:cc:a6:89:08:09:ba:
aa:5a:e6:33:50:92:c2:c8:ac:aa:0d:e7:fe:65:f0:db:8b:44:
7c:52:32:21:99:47:95:ad:d6:22:34:f1:61:81:33:d5:73:f2:
05:a8:a8:6f:d1:b8:cc:b6:03:1c:f0:bf:3c:0e:1b:95:00:d9:
68:ac:62:ca:1e:c1:aa:fa:08:7c:4d:29:06:68:71:a0:ab:1b:
44:d9:0c:99:26:56:65:7e:cc:2b:06:76:c4:bb:2c:19:cb:d9:
2c:17:d1:eb:d6:9a:1e:01:c1:29:9e:2b:20:35:7d:72:10:e9:
e4:a7:77:fa:e2:b6:a1:da:6c:4b:3b:11:5e:a7:aa:dc:39:58:
cd:7e:4b:47:ae:18:1f:de:33:1d:14:be:d0:93:5b:a1:16:0d:
2a:e7:28:21:db:9d:47:f4:13:10:85:d2:b0:a7:5a:2f:91:1e:
17:ab:3f:36:c5:ae:93:60:47:84:fd:8b:f5:a6:a1:28:e3:46:
88:d4:45:1e:5f:16:ad:1a:ee:c1:ea:80:d5:f1:06:27:a6:60:
30:86:02:26:c0:ad:bd:cd:a6:70:7e:57:ec:cd:d7:86:65:b0:
8d:49:7e:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjh+kg2NB6bBzXHWmgdOMcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUz
NmNiYzYwHhcNMjMwNjIyMDcyMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTZmMjg0ZTYyODhhNzdmNzdiNTJkNjE2YWIxYzQ4ODY3NTQ5ZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tewm69eVKalc9dX16XKDXEn+6Kg
KxAEh3hc37pu3t6UrQFYDvlRmJxEBo5iczKrfiRlf0g6VyqF1Y6Hn1otf65Xcx22
EWa+/m7ifJvqn7Sy4xvHK1sdi/t16XYQN5xrV/y6diUNqDBW9W+9bgCYJAPStHlr
S1XG0VkLpyCa/ZQfQupn0b6bWNUPMDx3eVMFD/+9qGtYmAUAnRf/EFH7j/x2lQ6m
uy74HlzqQ3jrpZ95EC5t06YVAF8ZYsW4AoYcJI9BPo616YCAMVNL9vmcgWleCWTX
LeMoVFyf8Xtvqhkk/hLmsn1lOePMwK5r5mR8Lo2RnCV6lPOironMqZQRmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHFvKE5iiKd/d7UtYWqxxIhnVJ/mMB8GA1UdIwQY
MBaAFFbQ47KPK+M+xanSygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMt
OGI4ZDcyMTcyMDkwLzEvY1c4b1RtS0lwMzkzdFMxaGFySEVpR2RVbi1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkw
LzEvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFwqWAAwQA
1bqkAwQE2RcgMA0GCSqGSIb3DQEBCwUAA4IBAQCgLVzctMF5SJqPLjIhjjowPrFi
6adqjZp5XHlrTcHMpokICbqqWuYzUJLCyKyqDef+ZfDbi0R8UjIhmUeVrdYiNPFh
gTPVc/IFqKhv0bjMtgMc8L88DhuVANlorGLKHsGq+gh8TSkGaHGgqxtE2QyZJlZl
fswrBnbEuywZy9ksF9Hr1poeAcEpnisgNX1yEOnkp3f64rah2mxLOxFep6rcOVjN
fktHrhgf3jMdFL7Qk1uhFg0q5ygh251H9BMQhdKwp1ovkR4Xqz82xa6TYEeE/Yv1
pqEo40aI1EUeXxatGu7B6oDV8QYnpmAwhgImwK29zaZwflfszdeGZbCNSX5v
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:05 2025 by rpki-client