Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/Uo-8StKmvIb8LSElh-ZlkPT9gyo.roa
File: Uo-8StKmvIb8LSElh-ZlkPT9gyo.roa (raw, json)
Hash identifier: 2hBC5X+2khzTuUhBtjMt294QA/7wNMqNxwaRBxCBzp4=
Subject key identifier: 52:8F:BC:4A:D2:A6:BC:86:FC:2D:21:25:87:E6:65:90:F4:FD:83:2A
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 01847FFAB22D7A0FF4CA816084354C75545D
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/Uo-8StKmvIb8LSElh-ZlkPT9gyo.roa
Signing time: Wed 16 Nov 2022 10:27:26 +0000
ROA not before: Wed 16 Nov 2022 10:27:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212027
IP address blocks: 213.21.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:fa:b2:2d:7a:0f:f4:ca:81:60:84:35:4c:75:54:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Nov 16 10:27:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=528fbc4ad2a6bc86fc2d212587e66590f4fd832a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bc:1d:ca:ad:b5:12:8d:16:b5:5c:0a:95:11:
6f:48:7d:9d:b7:6e:56:35:87:0c:da:ba:ca:27:24:
ad:97:52:1c:61:df:e4:f1:79:14:a0:b4:e1:67:ea:
e5:fb:e9:ea:bc:b9:4f:a8:1a:9b:f9:45:31:fa:2a:
8e:11:e5:70:93:4c:ff:a7:50:ee:1c:af:d3:0a:4c:
5a:0f:6a:a4:4c:23:5c:33:3b:74:16:6a:5d:85:4c:
89:76:93:a6:62:81:ba:8b:b6:f5:52:09:d6:1a:07:
1c:47:f7:e0:ea:59:7a:05:ce:af:90:d0:1f:bc:0d:
3e:fa:65:97:5d:bc:bf:96:6b:76:a6:27:6a:a1:0f:
8e:20:e7:03:a6:a3:09:a5:c7:d7:3b:40:70:7c:c2:
94:6c:ab:47:90:44:31:63:d3:a5:bd:9e:ed:72:b8:
57:1d:46:53:dd:c3:6b:3a:42:6a:91:a0:47:a7:30:
6f:fb:76:9b:53:e1:f1:ba:f3:9a:ef:5d:11:ed:7b:
3b:a4:19:dd:da:11:4e:d9:65:13:1d:31:44:24:5b:
a7:02:c2:ac:b2:57:5e:9f:aa:de:5b:f5:32:06:63:
54:4b:73:2b:59:3c:db:b2:8e:1d:89:ab:e0:f3:af:
49:bd:90:6c:7c:ce:7c:1b:da:9c:b9:fc:71:20:08:
ea:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:8F:BC:4A:D2:A6:BC:86:FC:2D:21:25:87:E6:65:90:F4:FD:83:2A
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/Uo-8StKmvIb8LSElh-ZlkPT9gyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.239.0/24
Signature Algorithm: sha256WithRSAEncryption
88:89:b8:57:65:40:d3:b5:b5:3d:4e:af:95:d5:62:a0:5c:aa:
b3:4b:c6:87:ce:35:f6:e0:b6:cc:76:0a:d8:85:76:de:3a:ad:
5f:3e:d2:0d:03:f6:ea:d4:b1:8f:a6:8d:1c:4c:78:2e:52:e7:
80:6f:ae:ab:7c:bb:40:19:fc:e6:97:eb:25:08:92:78:2b:17:
09:41:33:d3:c6:7e:b0:09:ef:c7:db:aa:17:d6:c1:ec:66:53:
08:31:5e:a0:81:10:44:31:5b:a5:7e:a3:48:d3:20:22:f0:7f:
21:67:8e:97:9f:20:ef:cb:38:02:06:f0:d0:58:cf:ce:81:e0:
3f:dc:58:31:bd:be:e9:6d:4e:1c:58:7c:2c:ad:08:70:aa:5d:
28:ab:5d:61:18:d5:28:8e:92:b7:8a:35:d1:19:d5:f9:f5:95:
af:76:1f:fc:e7:f7:6e:37:c0:27:82:94:54:61:cc:f5:fb:2e:
b5:aa:5e:69:67:0e:be:bf:b2:59:0e:f9:16:81:54:f4:da:f5:
be:3c:bc:68:e6:78:24:4c:39:13:1e:ea:92:5d:53:4d:05:dc:
cb:03:c2:ad:14:a3:3e:87:67:6b:fc:15:9d:a4:f9:a5:98:3b:
63:92:37:07:35:f7:bc:7d:12:ba:4d:4f:1b:51:d8:33:2e:89:
78:a5:01:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR/+rIteg/0yoFghDVMdVRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIxMTE2MTAyNzI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjhmYmM0YWQyYTZiYzg2ZmMyZDIxMjU4N2U2NjU5MGY0ZmQ4MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7wdyq21Eo0WtVwKlRFvSH2dt25W
NYcM2rrKJyStl1IcYd/k8XkUoLThZ+rl++nqvLlPqBqb+UUx+iqOEeVwk0z/p1Du
HK/TCkxaD2qkTCNcMzt0FmpdhUyJdpOmYoG6i7b1UgnWGgccR/fg6ll6Bc6vkNAf
vA0++mWXXby/lmt2pidqoQ+OIOcDpqMJpcfXO0BwfMKUbKtHkEQxY9OlvZ7tcrhX
HUZT3cNrOkJqkaBHpzBv+3abU+HxuvOa710R7Xs7pBnd2hFO2WUTHTFEJFunAsKs
slden6reW/UyBmNUS3MrWTzbso4diavg869JvZBsfM58G9qcufxxIAjqKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFKPvErSpryG/C0hJYfmZZD0/YMqMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvVW8tOFN0S212SWI4TFNFbGgtWmxrUFQ5Z3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXvMA0G
CSqGSIb3DQEBCwUAA4IBAQCIibhXZUDTtbU9Tq+V1WKgXKqzS8aHzjX24LbMdgrY
hXbeOq1fPtINA/bq1LGPpo0cTHguUueAb66rfLtAGfzml+slCJJ4KxcJQTPTxn6w
Ce/H26oX1sHsZlMIMV6ggRBEMVulfqNI0yAi8H8hZ46XnyDvyzgCBvDQWM/OgeA/
3Fgxvb7pbU4cWHwsrQhwql0oq11hGNUojpK3ijXRGdX59ZWvdh/85/duN8AngpRU
Ycz1+y61ql5pZw6+v7JZDvkWgVT02vW+PLxo5ngkTDkTHuqSXVNNBdzLA8KtFKM+
h2dr/BWdpPmlmDtjkjcHNfe8fRK6TU8bUdgzLol4pQHI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:11 2023 by rpki-client on console-ams.rpki-client.org