Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/o_E96WYom3Waq9j4UPHXEjLaS5I.roa
File: o_E96WYom3Waq9j4UPHXEjLaS5I.roa (raw, json)
Hash identifier: cHYf3Pam2YGiah5/WkmjmwAdcwR5haETD6zUBNHCI3k=
Subject key identifier: A3:F1:3D:E9:66:28:9B:75:9A:AB:D8:F8:50:F1:D7:12:32:DA:4B:92
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 0185C547DE1831B5350BAEBEFA08A0728010
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/o_E96WYom3Waq9j4UPHXEjLaS5I.roa
Signing time: Wed 18 Jan 2023 14:28:19 +0000
ROA not before: Wed 18 Jan 2023 14:28:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 213.209.176.0/20 maxlen: 24
213.209.181.128/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c5:47:de:18:31:b5:35:0b:ae:be:fa:08:a0:72:80:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Jan 18 14:28:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3f13de966289b759aabd8f850f1d71232da4b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1a:1d:89:a5:5a:fd:0c:21:51:55:ac:62:0d:
f7:3e:dd:35:53:8a:57:7c:64:0a:2b:0e:ff:2f:af:
da:88:82:a6:2d:95:ae:c3:5d:17:e9:52:f7:59:56:
06:b4:77:d8:58:b0:f2:ea:8e:05:e6:a1:de:d0:5c:
3c:3d:e7:09:19:3f:b9:69:ba:05:75:7e:4f:69:25:
ab:27:20:46:41:08:dc:1e:3c:cb:fb:25:e3:d5:ff:
9f:89:5d:d8:d0:c2:b9:3b:bd:05:49:ea:28:6d:1d:
15:c7:9d:e2:fd:b5:0e:d2:cb:da:35:8d:b6:76:c0:
b3:6a:9a:bd:68:ce:79:6b:2a:67:bb:4b:68:cf:e6:
b2:3a:db:a2:3e:cf:1f:ff:4e:80:65:63:1d:f1:9e:
f0:2d:a4:7e:2f:96:c2:51:f2:20:79:47:1e:1c:5c:
1d:b1:03:b6:b9:30:6c:c2:77:f0:8b:d3:3d:57:57:
fa:02:cf:e3:45:90:10:bb:84:aa:c0:97:bb:19:4c:
45:fe:a7:ee:7d:6d:5e:2d:22:f9:b3:e0:d7:08:99:
dd:0f:8f:43:ff:b7:68:00:3e:6f:44:63:97:ae:5a:
ff:48:16:99:00:26:5f:8c:45:bd:28:b8:3f:ba:1e:
b9:4f:3a:57:b6:9d:6f:cf:13:92:2e:b5:de:36:79:
ea:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F1:3D:E9:66:28:9B:75:9A:AB:D8:F8:50:F1:D7:12:32:DA:4B:92
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/o_E96WYom3Waq9j4UPHXEjLaS5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.176.0/20
Signature Algorithm: sha256WithRSAEncryption
53:76:8f:a0:f9:a2:88:0d:e1:94:0f:7a:c9:bb:33:e9:81:e1:
69:42:a5:1c:74:38:a2:13:18:e2:fc:ea:9a:b5:5b:e5:9b:e1:
14:b7:6f:34:5d:88:6f:1a:5e:8d:e0:b0:4c:7a:6a:65:c5:69:
95:93:0e:12:b0:cc:30:41:0d:c3:d4:1c:a2:c5:eb:66:80:8a:
a4:7e:e6:34:be:30:4a:70:04:31:44:cb:f3:93:f5:e2:73:2e:
db:b3:66:4f:ef:fe:a1:25:63:5d:f8:0e:de:0e:b5:00:fd:11:
6e:bb:23:bb:f4:17:1a:a3:c0:dc:4d:b6:46:c6:71:09:e7:6e:
1e:69:83:4f:58:e3:74:8d:93:a1:54:da:05:f4:7a:fa:7c:39:
f5:96:8e:e5:ee:81:d7:f5:5e:c7:27:3a:b7:77:33:98:26:e6:
32:12:48:cb:b8:35:ad:69:4a:12:10:4c:78:61:68:13:0b:fb:
f2:f5:71:a1:cd:9c:65:f0:a0:b2:be:67:3a:d8:08:02:72:31:
1a:37:fa:da:54:76:17:1f:4f:c3:b6:a8:4e:99:64:96:06:f9:
b6:4c:41:af:b0:bc:3a:08:d1:2e:95:0a:1d:8f:a9:73:9b:33:
68:d9:f2:30:a2:7f:12:67:46:04:ab:2e:24:86:e7:a2:09:12:
71:54:99:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXFR94YMbU1C66++gigcoAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjMwMTE4MTQyODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2YxM2RlOTY2Mjg5Yjc1OWFhYmQ4Zjg1MGYxZDcxMjMyZGE0YjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBodiaVa/QwhUVWsYg33Pt01U4pX
fGQKKw7/L6/aiIKmLZWuw10X6VL3WVYGtHfYWLDy6o4F5qHe0Fw8PecJGT+5aboF
dX5PaSWrJyBGQQjcHjzL+yXj1f+fiV3Y0MK5O70FSeoobR0Vx53i/bUO0svaNY22
dsCzapq9aM55aypnu0toz+ayOtuiPs8f/06AZWMd8Z7wLaR+L5bCUfIgeUceHFwd
sQO2uTBswnfwi9M9V1f6As/jRZAQu4SqwJe7GUxF/qfufW1eLSL5s+DXCJndD49D
/7doAD5vRGOXrlr/SBaZACZfjEW9KLg/uh65TzpXtp1vzxOSLrXeNnnqtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPxPelmKJt1mqvY+FDx1xIy2kuSMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvb19FOTZXWW9tM1dhcTlqNFVQSFhFakxhUzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1dGwMA0G
CSqGSIb3DQEBCwUAA4IBAQBTdo+g+aKIDeGUD3rJuzPpgeFpQqUcdDiiExji/Oqa
tVvlm+EUt280XYhvGl6N4LBMemplxWmVkw4SsMwwQQ3D1ByixetmgIqkfuY0vjBK
cAQxRMvzk/Xicy7bs2ZP7/6hJWNd+A7eDrUA/RFuuyO79Bcao8DcTbZGxnEJ524e
aYNPWON0jZOhVNoF9Hr6fDn1lo7l7oHX9V7HJzq3dzOYJuYyEkjLuDWtaUoSEEx4
YWgTC/vy9XGhzZxl8KCyvmc62AgCcjEaN/raVHYXH0/DtqhOmWSWBvm2TEGvsLw6
CNEulQodj6lzmzNo2fIwon8SZ0YEqy4khueiCRJxVJkQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:36:37 2025 by rpki-client