Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/D6L6Eq1RMhtXqAHvwkNVAtUeaus.roa
File: D6L6Eq1RMhtXqAHvwkNVAtUeaus.roa (raw, json)
Hash identifier: noZ7tHnQdy01efyZN5Z1wpGlCywLilF155moCEbF2t4=
Subject key identifier: 0F:A2:FA:12:AD:51:32:1B:57:A8:01:EF:C2:43:55:02:D5:1E:6A:EB
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 0185720C59CA9A65729F0F566D118982423A
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/D6L6Eq1RMhtXqAHvwkNVAtUeaus.roa
Signing time: Mon 02 Jan 2023 10:34:50 +0000
ROA not before: Mon 02 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 213.209.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:59:ca:9a:65:72:9f:0f:56:6d:11:89:82:42:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Jan 2 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fa2fa12ad51321b57a801efc2435502d51e6aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a2:b4:3b:2d:42:f3:fb:9b:08:89:c9:6b:49:
a1:f7:f6:58:d8:bb:43:f6:87:e1:02:6a:7b:95:24:
29:aa:3d:c1:0a:6f:5e:b9:d4:3a:3f:f3:9f:ea:ea:
26:8c:e3:48:8c:63:54:0a:46:0e:59:47:32:b1:0f:
6c:dc:bb:f8:73:6c:86:56:d4:05:6e:f6:e3:7f:4e:
08:85:6d:a2:01:35:74:9d:0a:01:29:6c:f9:bf:29:
ae:5e:f0:df:5c:c4:3a:2a:15:ae:5f:ae:59:55:57:
5d:55:2f:3c:cb:8f:63:ba:95:f0:0f:90:a5:6b:cb:
dc:37:df:e2:ba:06:4e:3b:98:ea:9d:d9:23:60:fc:
5f:a8:7a:3a:25:1b:9a:c6:b9:a2:a8:7a:2c:bf:32:
41:c4:e2:ba:0a:2e:4d:ac:34:3b:e4:1a:a2:2f:17:
21:d8:02:6b:72:52:d4:09:be:93:89:ba:45:bf:ae:
b3:31:c0:d2:f6:aa:c0:ba:f8:b5:23:ee:23:01:c1:
ea:74:2d:4c:39:d8:12:1f:bb:66:5e:ae:cd:b8:bd:
4a:ff:c7:af:64:3b:14:45:82:85:80:da:57:30:94:
c5:e8:e4:fa:d9:ab:99:5e:d0:68:5e:42:cc:09:e7:
fb:3f:45:1f:48:cf:d0:eb:05:ae:52:ba:e2:63:e8:
d9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A2:FA:12:AD:51:32:1B:57:A8:01:EF:C2:43:55:02:D5:1E:6A:EB
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/D6L6Eq1RMhtXqAHvwkNVAtUeaus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.176.0/20
Signature Algorithm: sha256WithRSAEncryption
3a:9a:5f:93:80:39:f3:09:1e:30:07:78:62:35:8f:7c:64:c2:
fb:a6:89:ff:90:06:35:b7:f7:9b:79:cd:1a:3d:06:ed:ce:2b:
e5:cf:7f:d2:59:5d:ea:88:f9:e0:8c:1f:16:7c:fb:4a:d4:2a:
7f:b3:39:17:9a:6c:6b:67:30:e9:0f:c8:07:76:19:d0:31:5b:
37:32:ba:b8:ca:7e:db:07:d4:b8:7f:7b:9a:7d:ab:51:ae:a1:
41:3c:6c:c9:f7:fd:e1:fe:e4:cb:84:6d:43:7b:83:ea:03:5c:
4a:35:b0:83:1b:39:df:05:e8:0a:66:22:f9:39:01:98:f1:a6:
65:87:14:c9:5e:23:35:95:31:d2:ee:60:aa:b1:88:ce:55:d1:
2b:b9:a9:21:01:50:a5:2e:08:52:80:1a:7a:83:86:6a:9c:d5:
d8:ae:1d:2f:16:c7:11:7b:5c:b6:77:a9:2a:41:80:8f:0f:ad:
ea:98:05:eb:b7:cf:e9:27:73:e2:86:0c:d8:ef:36:35:af:94:
e3:3c:0f:d4:2f:ed:f1:ea:d5:f1:16:f7:62:68:22:9e:95:82:
bc:87:25:54:0c:0d:bc:a3:f7:46:60:63:b3:b4:07:49:0b:84:
7b:51:d5:6e:bc:b3:e1:72:72:cf:a3:0c:c4:6a:74:76:72:d2:
85:f3:32:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDFnKmmVynw9WbRGJgkI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjMwMTAyMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmEyZmExMmFkNTEzMjFiNTdhODAxZWZjMjQzNTUwMmQ1MWU2YWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKK0Oy1C8/ubCInJa0mh9/ZY2LtD
9ofhAmp7lSQpqj3BCm9eudQ6P/Of6uomjONIjGNUCkYOWUcysQ9s3Lv4c2yGVtQF
bvbjf04IhW2iATV0nQoBKWz5vymuXvDfXMQ6KhWuX65ZVVddVS88y49jupXwD5Cl
a8vcN9/iugZOO5jqndkjYPxfqHo6JRuaxrmiqHosvzJBxOK6Ci5NrDQ75BqiLxch
2AJrclLUCb6TibpFv66zMcDS9qrAuvi1I+4jAcHqdC1MOdgSH7tmXq7NuL1K/8ev
ZDsURYKFgNpXMJTF6OT62auZXtBoXkLMCef7P0UfSM/Q6wWuUrriY+jZXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+i+hKtUTIbV6gB78JDVQLVHmrrMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvRDZMNkVxMVJNaHRYcUFIdndrTlZBdFVlYXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1dGwMA0G
CSqGSIb3DQEBCwUAA4IBAQA6ml+TgDnzCR4wB3hiNY98ZML7pon/kAY1t/ebec0a
PQbtzivlz3/SWV3qiPngjB8WfPtK1Cp/szkXmmxrZzDpD8gHdhnQMVs3Mrq4yn7b
B9S4f3uafatRrqFBPGzJ9/3h/uTLhG1De4PqA1xKNbCDGznfBegKZiL5OQGY8aZl
hxTJXiM1lTHS7mCqsYjOVdEruakhAVClLghSgBp6g4ZqnNXYrh0vFscRe1y2d6kq
QYCPD63qmAXrt8/pJ3PihgzY7zY1r5TjPA/UL+3x6tXxFvdiaCKelYK8hyVUDA28
o/dGYGOztAdJC4R7UdVuvLPhcnLPowzEanR2ctKF8zI4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:41 2025 by rpki-client