Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/XlwMtXy-ufzFwENNWFR9VGkdC6Y.roa
File: XlwMtXy-ufzFwENNWFR9VGkdC6Y.roa (raw, json)
Hash identifier: zFmGg/mJCuJBqXiPEkMReLcvWK0xPcRKy8njJ5/XKcA=
Subject key identifier: 5E:5C:0C:B5:7C:BE:B9:FC:C5:C0:43:4D:58:54:7D:54:69:1D:0B:A6
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0183550A1F6DD647989F58FBF69673D3EEAA
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/XlwMtXy-ufzFwENNWFR9VGkdC6Y.roa
Signing time: Mon 19 Sep 2022 09:17:50 +0000
ROA not before: Mon 19 Sep 2022 09:17:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.21.231.0/24 maxlen: 24
213.21.229.0/24 maxlen: 24
213.21.232.0/24 maxlen: 24
213.21.244.0/24 maxlen: 24
213.21.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:55:0a:1f:6d:d6:47:98:9f:58:fb:f6:96:73:d3:ee:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Sep 19 09:17:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e5c0cb57cbeb9fcc5c0434d58547d54691d0ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fa:71:8e:24:b3:4d:e2:bf:32:bb:f8:90:df:
68:f3:bf:b1:de:16:a7:46:4c:56:5a:15:f2:56:70:
0d:bd:ff:2b:32:cc:d2:97:7b:00:0d:ef:48:fc:78:
10:a6:17:00:67:8e:10:df:92:00:e8:8b:d3:8b:13:
5c:10:8f:25:d7:df:ce:23:2c:10:96:fa:3b:65:ff:
bb:71:b7:ef:7b:77:7b:5d:a8:46:e8:fb:55:03:03:
4b:f0:df:51:4e:c5:87:29:20:49:e3:72:74:c2:9a:
f1:dd:03:4a:6e:82:99:8d:34:c3:cb:2f:8e:5d:d2:
02:42:ba:94:0c:4e:37:40:38:fe:e4:c4:66:16:45:
5e:c6:67:e0:ae:f8:55:3a:8d:98:e6:f7:d0:78:db:
87:3b:4b:73:de:48:82:d6:f3:23:62:81:14:5e:57:
2a:6f:46:9b:08:39:c3:67:6a:54:66:d3:3d:4c:e7:
67:93:26:39:a6:3a:4d:83:0c:4a:a4:b9:13:54:d5:
03:48:ad:39:29:49:f7:4b:ad:9b:86:fc:7d:81:ef:
55:04:a2:d5:ad:81:e8:f8:4d:ba:cb:c7:1d:94:31:
8f:91:7d:b2:ac:9a:05:07:1c:af:dc:3d:01:36:46:
d4:3a:ba:dd:74:68:db:8b:75:99:98:78:5e:d3:97:
c0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5C:0C:B5:7C:BE:B9:FC:C5:C0:43:4D:58:54:7D:54:69:1D:0B:A6
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/XlwMtXy-ufzFwENNWFR9VGkdC6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.229.0/24
213.21.231.0-213.21.232.255
213.21.244.0/24
213.21.253.0/24
Signature Algorithm: sha256WithRSAEncryption
34:76:b3:06:de:4a:66:5c:c0:6f:80:45:44:da:0e:53:79:48:
e6:3f:82:a2:53:e9:70:13:9e:87:38:9b:c9:c1:d5:23:7e:ed:
0e:99:80:c4:bc:d0:75:40:f3:b5:2e:58:50:cb:a2:f5:47:f0:
2f:0b:ce:31:a4:fa:1f:2e:a3:64:ea:13:db:f1:2d:3c:66:c8:
5e:36:df:98:31:53:2b:b4:21:bd:32:6a:b9:71:9a:59:24:4c:
dc:2f:13:ad:4f:e2:16:53:da:c7:20:18:24:8e:29:0d:14:b6:
8d:c3:ac:50:a1:b7:6d:ca:6e:f3:21:f3:1f:45:dc:13:26:70:
c9:26:b5:e2:0a:b6:09:01:cb:2c:60:f4:85:26:7a:b8:8f:dd:
80:0f:c1:7b:32:86:fb:bf:0f:16:af:06:c6:bc:8c:33:e7:76:
c6:99:03:53:f3:81:0b:68:7f:71:75:7d:e5:4a:c0:ee:de:50:
40:5d:c6:0f:fd:c0:eb:12:46:37:74:c4:9b:6e:25:af:dd:4e:
24:3a:56:41:26:11:84:fb:d1:ba:79:5b:03:90:0d:89:13:a7:
5d:6f:1f:a1:79:f2:13:8a:b9:e2:d3:b0:81:cd:eb:79:e0:2f:
6c:6a:fd:47:19:c8:60:7e:b2:b8:82:a8:ca:4d:7c:b8:a7:68:
ea:bf:36:b8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYNVCh9t1keYn1j79pZz0+6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIwOTE5MDkxNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTVjMGNiNTdjYmViOWZjYzVjMDQzNGQ1ODU0N2Q1NDY5MWQwYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvpxjiSzTeK/Mrv4kN9o87+x3han
RkxWWhXyVnANvf8rMszSl3sADe9I/HgQphcAZ44Q35IA6IvTixNcEI8l19/OIywQ
lvo7Zf+7cbfve3d7XahG6PtVAwNL8N9RTsWHKSBJ43J0wprx3QNKboKZjTTDyy+O
XdICQrqUDE43QDj+5MRmFkVexmfgrvhVOo2Y5vfQeNuHO0tz3kiC1vMjYoEUXlcq
b0abCDnDZ2pUZtM9TOdnkyY5pjpNgwxKpLkTVNUDSK05KUn3S62bhvx9ge9VBKLV
rYHo+E26y8cdlDGPkX2yrJoFBxyv3D0BNkbUOrrddGjbi3WZmHhe05fAQQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF5cDLV8vrn8xcBDTVhUfVRpHQumMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvWGx3TXRYeS11ZnpGd0VOTldGUjlWR2tkQzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA1RXlMAwD
BADVFecDBADVFegDBADVFfQDBADVFf0wDQYJKoZIhvcNAQELBQADggEBADR2swbe
SmZcwG+ARUTaDlN5SOY/gqJT6XATnoc4m8nB1SN+7Q6ZgMS80HVA87UuWFDLovVH
8C8LzjGk+h8uo2TqE9vxLTxmyF4235gxUyu0Ib0yarlxmlkkTNwvE61P4hZT2scg
GCSOKQ0Uto3DrFCht23KbvMh8x9F3BMmcMkmteIKtgkByyxg9IUmeriP3YAPwXsy
hvu/DxavBsa8jDPndsaZA1PzgQtof3F1feVKwO7eUEBdxg/9wOsSRjd0xJtuJa/d
TiQ6VkEmEYT70bp5WwOQDYkTp11vH6F58hOKueLTsIHN63ngL2xq/UcZyGB+sriC
qMpNfLinaOq/Nrg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:20 2023 by rpki-client on console-fra.rpki-client.org