Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/248el6f9RI-iGUzKUf8HPmXRcaY.roa
File: 248el6f9RI-iGUzKUf8HPmXRcaY.roa (raw, json)
Hash identifier: lbRnE8OTJMCt8eu/ej1LXcSrr4knHLw3cFHK8rTWUeo=
Subject key identifier: DB:8F:1E:97:A7:FD:44:8F:A2:19:4C:CA:51:FF:07:3E:65:D1:71:A6
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 018220D853E7BF78B4F90B5A44B729F54347
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/248el6f9RI-iGUzKUf8HPmXRcaY.roa
Signing time: Thu 21 Jul 2022 13:00:24 +0000
ROA not before: Thu 21 Jul 2022 13:00:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.21.231.0/24 maxlen: 24
213.21.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:20:d8:53:e7:bf:78:b4:f9:0b:5a:44:b7:29:f5:43:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jul 21 13:00:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db8f1e97a7fd448fa2194cca51ff073e65d171a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:02:e4:bf:24:6a:b3:39:02:52:51:ae:7d:c3:
7b:d1:52:e3:1a:2e:c2:0c:e9:bb:aa:25:5b:af:db:
17:e9:69:53:03:6e:7a:c7:6c:ba:5a:7a:56:7f:33:
ee:54:db:23:9c:cf:dc:b9:8f:45:01:0d:39:20:99:
c7:80:7b:d8:a8:ab:dc:d4:ee:d4:30:df:eb:b0:6b:
e0:03:d6:ac:e8:4c:92:c3:3c:0f:87:a2:c3:11:97:
6f:e3:bf:e6:87:cf:60:dc:a5:24:f5:6f:4b:68:72:
fc:13:6c:92:d7:59:87:17:6f:c4:bb:21:c4:1c:0b:
7b:ae:6b:c6:9d:7c:0b:3c:40:fb:fd:c3:e4:4b:c2:
30:70:ea:8c:44:1d:b4:d4:24:cb:c1:37:cd:f2:2c:
82:e3:9a:43:3e:e4:34:9e:18:39:a0:3d:be:9e:f5:
8b:b2:d6:63:a5:82:0c:0a:d7:24:85:e0:95:69:3b:
bb:de:c0:34:80:1c:6e:25:34:e5:47:52:12:b4:e3:
94:f0:db:8a:79:9a:2f:f9:67:b1:d9:2b:a9:d7:19:
a2:32:97:04:44:f9:a8:bb:60:5d:74:b2:e0:ce:a7:
10:35:c3:d1:6e:31:c9:3d:15:b1:ad:4d:5f:3f:20:
53:c4:db:aa:51:0d:36:7c:4e:45:1b:f6:a1:11:2d:
d8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8F:1E:97:A7:FD:44:8F:A2:19:4C:CA:51:FF:07:3E:65:D1:71:A6
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/248el6f9RI-iGUzKUf8HPmXRcaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.229.0/24
213.21.231.0/24
Signature Algorithm: sha256WithRSAEncryption
85:c5:92:0f:4b:1b:5a:2e:a0:42:00:8a:fd:cc:4a:af:5e:c5:
87:cb:91:f5:6d:83:b7:83:8a:ff:78:6f:90:e9:79:55:ce:88:
3f:63:f8:80:1d:33:28:bc:1d:d3:40:63:01:bd:c2:4c:e7:8e:
b3:9c:fa:df:44:45:9b:5e:17:58:38:b3:2a:bd:f0:2c:27:b1:
b4:f5:1a:0d:c2:3b:d9:2f:7d:70:01:2f:2b:9b:0e:ae:36:fb:
66:85:a2:1f:a8:0e:14:eb:75:4c:ff:de:f9:ce:11:c8:93:2a:
66:58:97:04:c7:c5:35:bf:4a:7c:4e:92:0c:cf:27:71:3e:fe:
b3:34:67:c4:67:8f:51:06:3f:a3:6e:40:a8:78:a1:9d:f9:46:
43:f0:60:f6:ce:52:1e:02:91:c9:72:11:81:7d:f7:0e:c3:9e:
08:f2:c7:34:a8:76:a1:2a:10:b2:50:81:b1:41:78:79:a8:49:
80:07:fe:b8:ac:bd:7c:b2:90:7a:01:ba:ef:cb:8b:d4:7f:d7:
6f:30:b9:d1:51:72:27:01:38:66:30:2b:cc:ac:f0:88:9c:3e:
0c:31:0c:4c:ac:3c:52:f6:90:11:83:19:61:91:3b:c4:cf:17:
24:a5:a1:9e:67:76:92:99:ab:2e:7f:87:46:08:29:a4:36:21:
b5:e4:7d:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIg2FPnv3i0+QtaRLcp9UNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIwNzIxMTMwMDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjhmMWU5N2E3ZmQ0NDhmYTIxOTRjY2E1MWZmMDczZTY1ZDE3MWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQLkvyRqszkCUlGufcN70VLjGi7C
DOm7qiVbr9sX6WlTA256x2y6WnpWfzPuVNsjnM/cuY9FAQ05IJnHgHvYqKvc1O7U
MN/rsGvgA9as6EySwzwPh6LDEZdv47/mh89g3KUk9W9LaHL8E2yS11mHF2/EuyHE
HAt7rmvGnXwLPED7/cPkS8IwcOqMRB201CTLwTfN8iyC45pDPuQ0nhg5oD2+nvWL
stZjpYIMCtckheCVaTu73sA0gBxuJTTlR1IStOOU8NuKeZov+Wex2Sup1xmiMpcE
RPmou2BddLLgzqcQNcPRbjHJPRWxrU1fPyBTxNuqUQ02fE5FG/ahES3YswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNuPHpen/USPohlMylH/Bz5l0XGmMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvMjQ4ZWw2ZjlSSS1pR1V6S1VmOEhQbVhSY2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1RXlAwQA
1RXnMA0GCSqGSIb3DQEBCwUAA4IBAQCFxZIPSxtaLqBCAIr9zEqvXsWHy5H1bYO3
g4r/eG+Q6XlVzog/Y/iAHTMovB3TQGMBvcJM546znPrfREWbXhdYOLMqvfAsJ7G0
9RoNwjvZL31wAS8rmw6uNvtmhaIfqA4U63VM/975zhHIkypmWJcEx8U1v0p8TpIM
zydxPv6zNGfEZ49RBj+jbkCoeKGd+UZD8GD2zlIeApHJchGBffcOw54I8sc0qHah
KhCyUIGxQXh5qEmAB/64rL18spB6Abrvy4vUf9dvMLnRUXInAThmMCvMrPCInD4M
MQxMrDxS9pARgxlhkTvEzxckpaGeZ3aSmasuf4dGCCmkNiG15H2W
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:19 2023 by rpki-client on console-fra.rpki-client.org