Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/LanXfvNaoa-mNJ55dajan0IvfQI.roa
File: LanXfvNaoa-mNJ55dajan0IvfQI.roa (raw, json)
Hash identifier: x2ZKqSOdW+yCWstE0cTiXmwcbh45pFyRxz8wzVpwJpI=
Subject key identifier: 2D:A9:D7:7E:F3:5A:A1:AF:A6:34:9E:79:75:A8:DA:9F:42:2F:7D:02
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 018369A90665F57CCC2DCEADCFD5EB19ECC6
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/LanXfvNaoa-mNJ55dajan0IvfQI.roa
Signing time: Fri 23 Sep 2022 09:23:48 +0000
ROA not before: Fri 23 Sep 2022 09:23:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12695
IP address blocks: 213.21.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:69:a9:06:65:f5:7c:cc:2d:ce:ad:cf:d5:eb:19:ec:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Sep 23 09:23:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2da9d77ef35aa1afa6349e7975a8da9f422f7d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:77:fd:2d:ba:09:56:05:0b:ab:db:e9:b9:1e:
e1:4e:38:7f:ce:fa:42:cd:6c:c9:4c:7e:9f:53:37:
a8:d4:fd:d2:31:ec:a7:92:fa:8f:1d:20:6d:e7:8d:
2b:0a:2a:17:83:78:b0:e4:ff:ef:55:5b:a7:41:b5:
d9:30:df:d5:f6:dd:b7:fd:35:af:e1:ff:8c:b0:c9:
db:14:ce:f6:68:95:9d:5a:51:fa:2c:49:1c:e5:78:
11:7c:f6:e2:48:2a:9e:c1:4a:73:ca:32:1f:62:a7:
6b:da:8d:61:40:5c:05:56:09:fa:ad:ce:09:a1:a6:
f6:4b:77:67:68:48:fb:74:44:e0:db:02:93:a7:0a:
ce:1d:29:d4:e4:ce:8c:93:63:c8:74:d7:63:b6:85:
31:11:8f:2e:b6:b6:5a:ac:77:15:19:7a:10:a5:4d:
a3:4a:1c:76:40:da:9d:c4:da:23:31:ab:6a:2f:12:
72:f6:43:4f:43:23:86:86:d6:00:13:ce:62:ff:81:
5a:83:f8:3c:88:1d:f6:2d:d4:97:64:c9:a0:5e:68:
b3:53:b2:81:5d:ab:2b:91:98:8b:8f:3f:c2:7c:ce:
53:33:e3:8c:d8:33:7e:99:b3:0a:e3:77:02:62:bb:
2b:9d:f9:eb:25:3e:3b:6c:12:60:e1:55:f8:01:5a:
da:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A9:D7:7E:F3:5A:A1:AF:A6:34:9E:79:75:A8:DA:9F:42:2F:7D:02
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/LanXfvNaoa-mNJ55dajan0IvfQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.239.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:96:3e:62:85:c6:0d:a3:33:1e:f3:8d:3b:5f:3a:6e:51:f5:
a1:fd:50:d1:65:76:e0:52:62:fc:a0:22:fe:e4:d9:b3:a4:34:
d2:8e:f1:e2:ed:65:1d:b7:e5:45:f3:e0:70:39:58:85:cb:45:
ae:b6:61:98:01:c0:43:a2:6c:6b:04:0b:13:70:56:e4:da:e5:
e9:5b:59:01:83:e6:e2:97:b2:35:8d:7b:f9:b0:a2:91:dc:8f:
93:ec:8c:df:72:65:65:df:7a:f2:36:9a:3e:bc:05:3f:f1:58:
12:76:8c:30:5e:a7:6a:17:18:06:98:9a:f1:bb:b4:8e:1c:cb:
83:29:64:d0:fb:01:dc:26:3e:96:96:e8:9e:ea:02:31:2d:e6:
2d:af:24:15:fd:04:06:e9:4c:a9:71:1f:a4:6d:f3:a7:7a:2e:
77:6b:a1:51:97:2b:f2:d9:a3:f7:aa:1e:01:aa:8f:8f:74:c6:
bf:28:19:37:52:32:b0:3a:a5:03:08:63:a4:81:ae:ce:20:64:
0c:53:77:1c:8e:e0:8b:69:22:d2:8f:dd:f1:a8:41:fe:37:0e:
bb:52:d1:7c:e5:56:8b:68:6a:04:b6:3c:a6:cd:5f:96:cf:03:
21:59:6b:10:d3:c1:a9:4f:01:11:35:f9:e7:fb:b9:6e:03:a1:
26:a2:b5:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNpqQZl9XzMLc6tz9XrGezGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIwOTIzMDkyMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGE5ZDc3ZWYzNWFhMWFmYTYzNDllNzk3NWE4ZGE5ZjQyMmY3ZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nf9LboJVgULq9vpuR7hTjh/zvpC
zWzJTH6fUzeo1P3SMeynkvqPHSBt540rCioXg3iw5P/vVVunQbXZMN/V9t23/TWv
4f+MsMnbFM72aJWdWlH6LEkc5XgRfPbiSCqewUpzyjIfYqdr2o1hQFwFVgn6rc4J
oab2S3dnaEj7dETg2wKTpwrOHSnU5M6Mk2PIdNdjtoUxEY8utrZarHcVGXoQpU2j
Shx2QNqdxNojMatqLxJy9kNPQyOGhtYAE85i/4Fag/g8iB32LdSXZMmgXmizU7KB
XasrkZiLjz/CfM5TM+OM2DN+mbMK43cCYrsrnfnrJT47bBJg4VX4AVrapwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2p137zWqGvpjSeeXWo2p9CL30CMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvTGFuWGZ2TmFvYS1tTko1NWRhamFuMEl2ZlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXvMA0G
CSqGSIb3DQEBCwUAA4IBAQALlj5ihcYNozMe8407XzpuUfWh/VDRZXbgUmL8oCL+
5NmzpDTSjvHi7WUdt+VF8+BwOViFy0WutmGYAcBDomxrBAsTcFbk2uXpW1kBg+bi
l7I1jXv5sKKR3I+T7IzfcmVl33ryNpo+vAU/8VgSdowwXqdqFxgGmJrxu7SOHMuD
KWTQ+wHcJj6Wluie6gIxLeYtryQV/QQG6UypcR+kbfOnei53a6FRlyvy2aP3qh4B
qo+PdMa/KBk3UjKwOqUDCGOkga7OIGQMU3ccjuCLaSLSj93xqEH+Nw67UtF85VaL
aGoEtjymzV+WzwMhWWsQ08GpTwERNfnn+7luA6EmorUB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:38 2024 by rpki-client on console-ams.rpki-client.org