Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/8628b1-4a97-483e-a420-f8ebc42c6691/1/REcZIrmuGfttzt0Zjt8rPKxjYus.roa
File: REcZIrmuGfttzt0Zjt8rPKxjYus.roa (raw, json)
Hash identifier: 7MWtpUITa8CH1xLGjPXpUlyDzGuilcJvmKoYw/TCwbY=
Subject key identifier: 44:47:19:22:B9:AE:19:FB:6D:CE:DD:19:8E:DF:2B:3C:AC:63:62:EB
Certificate issuer: /CN=ac21a0182d6664a8cff9e9e0170b692168cef950
Certificate serial: 013B92D4
Authority key identifier: AC:21:A0:18:2D:66:64:A8:CF:F9:E9:E0:17:0B:69:21:68:CE:F9:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCGgGC1mZKjP-engFwtpIWjO-VA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/8628b1-4a97-483e-a420-f8ebc42c6691/1/REcZIrmuGfttzt0Zjt8rPKxjYus.roa
Signing time: Sat 01 Jan 2022 05:53:34 +0000
ROA not before: Sat 01 Jan 2022 05:53:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 213.173.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20681428 (0x13b92d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac21a0182d6664a8cff9e9e0170b692168cef950
Validity
Not Before: Jan 1 05:53:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44471922b9ae19fb6dcedd198edf2b3cac6362eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4e:f9:07:ca:ad:6d:52:45:ce:31:17:5c:4d:
6e:bf:73:44:d6:18:9c:e8:a4:8d:6e:f7:83:ef:92:
02:6a:8c:07:c3:a5:82:00:ec:5a:52:49:df:08:4a:
f2:10:69:38:e3:9f:c8:9a:d8:ee:d8:c6:c6:f0:f7:
56:8f:d6:5a:8a:66:b8:44:43:82:e5:3b:ab:96:ff:
0c:87:1f:64:36:76:0b:02:fd:5b:7f:22:37:67:af:
1e:f0:cc:d5:26:98:25:96:0a:00:97:ac:e2:48:58:
53:6d:82:e1:f8:49:7b:56:d3:9e:89:2d:85:e4:17:
b4:f2:a5:b9:3c:e4:a4:45:8b:b2:97:fd:e1:fd:ad:
9e:b0:87:9e:b0:f5:de:21:1c:95:21:54:27:78:0f:
4e:46:31:e9:4e:6c:cb:57:cf:28:15:bc:d8:cd:cb:
56:63:b1:45:b0:cf:4b:3b:66:56:c7:0d:d9:d1:04:
aa:af:0a:ea:02:21:94:a6:a1:99:29:a8:8e:9f:0b:
d4:e7:a3:32:58:4a:b5:ba:7d:4a:16:13:57:fb:c9:
c2:a4:93:fc:10:0d:38:3e:05:cf:28:a1:bc:7a:ff:
09:39:7a:67:44:12:7c:9f:7e:88:9d:30:13:3f:00:
42:7b:c8:c8:b7:94:88:51:1a:a8:ae:3b:7e:7d:b1:
ea:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:47:19:22:B9:AE:19:FB:6D:CE:DD:19:8E:DF:2B:3C:AC:63:62:EB
X509v3 Authority Key Identifier:
keyid:AC:21:A0:18:2D:66:64:A8:CF:F9:E9:E0:17:0B:69:21:68:CE:F9:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCGgGC1mZKjP-engFwtpIWjO-VA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/8628b1-4a97-483e-a420-f8ebc42c6691/1/REcZIrmuGfttzt0Zjt8rPKxjYus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/8628b1-4a97-483e-a420-f8ebc42c6691/1/rCGgGC1mZKjP-engFwtpIWjO-VA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.173.38.0/24
Signature Algorithm: sha256WithRSAEncryption
36:08:65:7b:ba:1d:c4:6a:8c:39:3e:b0:50:21:6d:1f:ee:d9:
15:43:be:29:0f:58:1a:c1:d9:2c:bd:6a:26:4e:49:c1:cd:12:
74:d4:63:98:63:3f:c1:0b:55:79:82:81:cc:51:89:92:d0:e1:
b5:b9:6e:ca:d8:4e:1d:09:e7:e0:27:4a:27:0d:c3:22:ee:03:
2c:8f:38:db:91:09:f8:0c:b6:4b:04:a1:47:1b:21:88:0c:63:
4b:c6:6e:53:f7:7f:2d:05:30:18:15:6f:4c:07:2e:bc:3b:a8:
13:66:3a:51:7f:06:77:fd:8a:a4:6f:78:39:ac:66:20:b7:9d:
4d:41:c5:58:d0:a9:0a:12:22:d3:fb:4b:39:e0:93:b0:90:4b:
54:3a:c6:28:c8:35:85:29:a8:43:b4:0e:af:5b:36:4b:94:0c:
94:48:e7:ee:ec:11:e5:58:ac:80:91:da:85:7f:1e:a3:db:0c:
47:81:a1:6b:2f:77:81:65:59:90:13:9f:fc:44:a7:c6:04:5d:
95:37:f4:37:43:19:4d:29:5d:bb:34:c0:88:6f:98:50:6f:b3:
65:22:b7:93:91:e7:40:66:ab:7c:a1:fc:af:8b:ca:d8:b8:4e:
d8:c5:f9:d8:d7:fc:53:1f:b8:d3:79:de:36:f4:a7:8e:e3:11:
99:54:bc:2e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATuS1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzIxYTAxODJkNjY2NGE4Y2ZmOWU5ZTAxNzBiNjkyMTY4Y2VmOTUwMB4XDTIyMDEw
MTA1NTMzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ0NzE5MjJiOWFl
MTlmYjZkY2VkZDE5OGVkZjJiM2NhYzYzNjJlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJdO+QfKrW1SRc4xF1xNbr9zRNYYnOikjW73g++SAmqMB8Ol
ggDsWlJJ3whK8hBpOOOfyJrY7tjGxvD3Vo/WWopmuERDguU7q5b/DIcfZDZ2CwL9
W38iN2evHvDM1SaYJZYKAJes4khYU22C4fhJe1bTnoktheQXtPKluTzkpEWLspf9
4f2tnrCHnrD13iEclSFUJ3gPTkYx6U5sy1fPKBW82M3LVmOxRbDPSztmVscN2dEE
qq8K6gIhlKahmSmojp8L1OejMlhKtbp9ShYTV/vJwqST/BANOD4FzyihvHr/CTl6
Z0QSfJ9+iJ0wEz8AQnvIyLeUiFEaqK47fn2x6kECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRERxkiua4Z+23O3RmO3ys8rGNi6zAfBgNVHSMEGDAWgBSsIaAYLWZkqM/5
6eAXC2khaM75UDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JDR2dHQzFtWktqUC1lbmdGd3RwSVdqTy1WQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvODYyOGIxLTRhOTctNDgzZS1hNDIwLWY4ZWJjNDJjNjY5MS8x
L1JFY1pJcm11R2Z0dHp0MFpqdDhyUEt4all1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
ODYyOGIxLTRhOTctNDgzZS1hNDIwLWY4ZWJjNDJjNjY5MS8xL3JDR2dHQzFtWktq
UC1lbmdGd3RwSVdqTy1WQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWtJjANBgkqhkiG9w0BAQsFAAOC
AQEANghle7odxGqMOT6wUCFtH+7ZFUO+KQ9YGsHZLL1qJk5Jwc0SdNRjmGM/wQtV
eYKBzFGJktDhtbluythOHQnn4CdKJw3DIu4DLI8425EJ+Ay2SwShRxshiAxjS8Zu
U/d/LQUwGBVvTAcuvDuoE2Y6UX8Gd/2KpG94OaxmILedTUHFWNCpChIi0/tLOeCT
sJBLVDrGKMg1hSmoQ7QOr1s2S5QMlEjn7uwR5VisgJHahX8eo9sMR4Ghay93gWVZ
kBOf/ESnxgRdlTf0N0MZTSlduzTAiG+YUG+zZSK3k5HnQGarfKH8r4vK2LhO2MX5
2Nf8Ux+403neNvSnjuMRmVS8Lg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:10 2023 by rpki-client on console-fra.rpki-client.org