Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/XYvFnla0Zl3yP5Y3drx91AWdzJ8.roa
File: XYvFnla0Zl3yP5Y3drx91AWdzJ8.roa (raw, json)
Hash identifier: BYY50Cm4rmEfqXXGNktGsXFPYDqtrdJq1DVhtHCBbiM=
Subject key identifier: 5D:8B:C5:9E:56:B4:66:5D:F2:3F:96:37:76:BC:7D:D4:05:9D:CC:9F
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 01852A0A4F58445918C80E5AEE6405821330
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/XYvFnla0Zl3yP5Y3drx91AWdzJ8.roa
Signing time: Mon 19 Dec 2022 10:59:56 +0000
ROA not before: Mon 19 Dec 2022 10:59:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 213.21.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:0a:4f:58:44:59:18:c8:0e:5a:ee:64:05:82:13:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Dec 19 10:59:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d8bc59e56b4665df23f963776bc7dd4059dcc9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8b:9c:49:8c:62:b9:9d:e1:b4:32:b3:a3:34:
4c:56:da:d9:a7:c3:c5:d2:bc:8b:60:97:4b:e8:81:
13:cf:74:0e:7a:4b:6b:93:43:17:ee:56:8b:b8:3b:
03:3a:6b:ec:a2:b0:8e:67:fd:5a:74:f5:57:27:ec:
40:e9:06:b7:31:1c:55:2a:49:f3:3d:bb:80:2b:4e:
95:51:e9:65:09:3c:03:79:f4:a4:f3:20:ad:9c:66:
25:ae:f9:7e:a0:39:dd:1b:8a:18:29:94:22:db:de:
04:e8:92:e9:82:56:16:80:4d:8b:0f:f3:bb:5a:3b:
d3:1d:5d:02:51:02:28:f2:78:73:7a:51:89:e4:86:
98:f5:98:21:19:71:33:8d:d4:3d:fe:19:32:77:dd:
ae:00:b7:39:21:e0:59:cb:9b:d9:dd:8d:2f:f5:22:
b0:6b:14:49:cf:6c:35:cc:82:4c:e5:c0:c5:ef:0a:
de:e9:cb:64:50:c0:1b:c5:a5:06:e7:57:d1:cc:ed:
91:0c:9e:61:60:1b:c3:31:c6:91:a4:cc:37:ac:7f:
77:1d:66:ec:c8:cf:ce:26:20:e1:3a:5e:8e:cf:09:
d9:8f:fe:11:ff:d4:88:7f:90:92:ec:1c:1d:84:d1:
74:5c:0c:d2:3a:c7:f0:c5:9c:4e:34:1a:fa:cd:c5:
11:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8B:C5:9E:56:B4:66:5D:F2:3F:96:37:76:BC:7D:D4:05:9D:CC:9F
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/XYvFnla0Zl3yP5Y3drx91AWdzJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
20:7c:5a:7f:12:f5:c6:b7:22:84:fd:81:d2:34:79:e2:c4:25:
03:52:52:b2:7a:01:96:29:99:47:49:3f:7d:3b:ad:df:a0:ac:
9d:21:ea:1c:f8:7a:db:2a:e8:0d:ae:18:27:ee:28:4a:e6:6b:
69:b9:4d:3d:a0:1c:b9:5f:73:54:ce:07:79:17:5f:2b:02:86:
77:65:07:65:2e:40:a2:70:96:37:f6:cf:0c:2a:73:db:f8:f5:
9e:68:04:b2:c4:1c:63:aa:11:57:9d:1a:89:c7:bb:c6:5a:f9:
1f:d4:87:d6:0f:3d:16:9c:04:e7:02:a0:43:55:4e:23:87:8d:
12:bc:ff:24:cd:80:f8:4e:6f:6a:62:30:6d:51:d9:50:fd:cf:
36:49:9b:6f:d2:48:56:22:16:fd:79:8f:0f:96:cc:0a:dd:24:
ab:99:24:b5:f7:13:4f:64:22:14:4b:0b:c7:a1:68:51:53:b7:
c7:15:74:58:dc:03:8f:3a:4c:91:14:27:59:84:25:67:4d:bd:
88:d3:ac:b9:bb:89:d9:4a:a9:a3:03:25:ae:d9:52:0f:d7:b6:
88:a9:fd:8b:51:85:90:13:75:5c:a0:87:20:e1:b6:bc:92:89:
1b:d6:43:fd:87:42:eb:ee:32:7c:c9:bd:94:cf:a1:aa:75:43:
b9:a4:e9:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUqCk9YRFkYyA5a7mQFghMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIxMjE5MTA1OTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhiYzU5ZTU2YjQ2NjVkZjIzZjk2Mzc3NmJjN2RkNDA1OWRjYzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4ucSYxiuZ3htDKzozRMVtrZp8PF
0ryLYJdL6IETz3QOektrk0MX7laLuDsDOmvsorCOZ/1adPVXJ+xA6Qa3MRxVKknz
PbuAK06VUellCTwDefSk8yCtnGYlrvl+oDndG4oYKZQi294E6JLpglYWgE2LD/O7
WjvTHV0CUQIo8nhzelGJ5IaY9ZghGXEzjdQ9/hkyd92uALc5IeBZy5vZ3Y0v9SKw
axRJz2w1zIJM5cDF7wre6ctkUMAbxaUG51fRzO2RDJ5hYBvDMcaRpMw3rH93HWbs
yM/OJiDhOl6OzwnZj/4R/9SIf5CS7BwdhNF0XAzSOsfwxZxONBr6zcURxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2LxZ5WtGZd8j+WN3a8fdQFncyfMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvWFl2Rm5sYTBabDN5UDVZM2RyeDkxQVdkeko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RX8MA0G
CSqGSIb3DQEBCwUAA4IBAQAgfFp/EvXGtyKE/YHSNHnixCUDUlKyegGWKZlHST99
O63foKydIeoc+HrbKugNrhgn7ihK5mtpuU09oBy5X3NUzgd5F18rAoZ3ZQdlLkCi
cJY39s8MKnPb+PWeaASyxBxjqhFXnRqJx7vGWvkf1IfWDz0WnATnAqBDVU4jh40S
vP8kzYD4Tm9qYjBtUdlQ/c82SZtv0khWIhb9eY8PlswK3SSrmSS19xNPZCIUSwvH
oWhRU7fHFXRY3AOPOkyRFCdZhCVnTb2I06y5u4nZSqmjAyWu2VIP17aIqf2LUYWQ
E3VcoIcg4ba8kokb1kP9h0Lr7jJ8yb2Uz6GqdUO5pOkD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:20 2023 by rpki-client on console-fra.rpki-client.org