Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/qHV-feCCD4lCxAQVE99ULKI-ppY.roa
File: qHV-feCCD4lCxAQVE99ULKI-ppY.roa (raw, json)
Hash identifier: 81InZ0qbDkFSFmT6LYwXsngRH/QIQ5mnMNI+G5Iz1vU=
Subject key identifier: A8:75:7E:7D:E0:82:0F:89:42:C4:04:15:13:DF:54:2C:A2:3E:A6:96
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0182399C566497738CA02B3C8F54F7E3F151
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/qHV-feCCD4lCxAQVE99ULKI-ppY.roa
Signing time: Tue 26 Jul 2022 08:25:23 +0000
ROA not before: Tue 26 Jul 2022 08:25:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.21.231.0/24 maxlen: 24
213.21.232.0/24 maxlen: 24
213.21.229.0/24 maxlen: 24
213.21.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:39:9c:56:64:97:73:8c:a0:2b:3c:8f:54:f7:e3:f1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jul 26 08:25:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8757e7de0820f8942c4041513df542ca23ea696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3d:88:5b:7b:9c:68:95:3b:dd:01:4a:45:03:
47:9c:a8:07:a1:df:90:d1:0a:42:31:0d:cd:56:7d:
8f:b9:e7:93:c9:64:f0:92:e0:71:10:2d:3e:61:3d:
e4:5d:b7:06:fb:5b:8f:f7:d7:83:22:d3:9f:78:28:
25:5e:44:9c:06:30:b8:02:69:75:1e:2f:81:a6:68:
b5:b8:e3:b1:ac:38:b2:7b:7c:ae:85:18:c2:34:15:
68:6f:8c:81:b4:59:60:df:ae:4e:c7:a7:6c:75:83:
a0:ad:2c:d1:35:fd:53:37:47:62:8d:74:32:28:b0:
f9:f6:ef:3c:91:47:a2:2b:c6:ff:fd:25:5b:97:5a:
30:ec:0f:86:dc:99:08:2f:3c:18:cf:7e:83:f0:88:
2e:28:ca:99:7f:b6:f7:62:e4:d3:0e:af:f9:fa:9f:
4a:ca:90:53:ab:09:cf:f5:8a:d4:8e:40:72:25:b5:
7d:71:6f:ec:5d:ff:8e:df:8f:74:57:82:c0:ac:c2:
cd:28:64:87:fa:2a:76:95:d3:aa:33:aa:cf:75:c6:
9c:65:c8:7e:56:22:c0:a5:6f:33:78:0e:e0:f8:09:
87:b2:b0:da:13:f6:c0:9d:04:4e:c3:99:49:32:29:
b6:d6:05:a6:1c:13:09:2c:6d:94:96:b1:ab:f0:33:
6b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:75:7E:7D:E0:82:0F:89:42:C4:04:15:13:DF:54:2C:A2:3E:A6:96
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/qHV-feCCD4lCxAQVE99ULKI-ppY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.229.0/24
213.21.231.0-213.21.232.255
213.21.244.0/24
Signature Algorithm: sha256WithRSAEncryption
26:f4:8f:9a:e4:6a:aa:02:c0:c5:19:51:e4:c8:97:cf:17:a3:
be:4a:e4:f9:21:a7:93:bd:70:3d:e0:53:4a:20:ae:e1:57:f2:
39:0c:9a:dd:67:11:8e:cb:00:21:0d:8b:68:9d:d6:92:9d:d4:
ef:91:e8:aa:8b:c3:72:5f:2d:7e:da:86:2c:b1:56:fa:e0:02:
53:a5:5f:53:9f:72:f5:80:32:88:1d:40:90:cd:a8:e4:6f:e4:
72:85:36:a8:80:bf:f4:a7:d8:06:e5:53:8e:91:88:cc:e1:c3:
c0:fa:a0:2f:81:54:c7:d7:67:33:33:83:c6:05:c0:0c:78:de:
fc:7f:aa:e5:52:80:39:68:fe:62:44:f7:52:1e:00:e0:f1:95:
95:e2:d0:1b:53:ae:4c:78:cd:4d:c2:36:4d:c9:a4:f3:62:5a:
f6:7d:0f:bc:0b:63:02:26:2b:a8:c5:bd:fa:70:31:14:d7:ad:
04:0d:45:ed:0e:1d:98:7b:a8:38:01:4e:d6:ae:b3:d9:47:83:
b2:0c:3f:79:e1:d3:95:93:ff:53:6d:c9:e0:d7:f1:86:08:78:
8e:e5:e6:e5:c7:57:c6:b5:7c:83:0b:26:04:39:94:1d:16:52:
3c:05:59:e2:be:c3:72:2c:82:42:56:29:b6:c5:02:d7:28:9f:
ed:60:fe:4d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYI5nFZkl3OMoCs8j1T34/FRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIwNzI2MDgyNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODc1N2U3ZGUwODIwZjg5NDJjNDA0MTUxM2RmNTQyY2EyM2VhNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj2IW3ucaJU73QFKRQNHnKgHod+Q
0QpCMQ3NVn2PueeTyWTwkuBxEC0+YT3kXbcG+1uP99eDItOfeCglXkScBjC4Aml1
Hi+Bpmi1uOOxrDiye3yuhRjCNBVob4yBtFlg365Ox6dsdYOgrSzRNf1TN0dijXQy
KLD59u88kUeiK8b//SVbl1ow7A+G3JkILzwYz36D8IguKMqZf7b3YuTTDq/5+p9K
ypBTqwnP9YrUjkByJbV9cW/sXf+O3490V4LArMLNKGSH+ip2ldOqM6rPdcacZch+
ViLApW8zeA7g+AmHsrDaE/bAnQROw5lJMim21gWmHBMJLG2UlrGr8DNriwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKh1fn3ggg+JQsQEFRPfVCyiPqaWMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvcUhWLWZlQ0NENGxDeEFRVkU5OVVMS0ktcHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQA1RXlMAwD
BADVFecDBADVFegDBADVFfQwDQYJKoZIhvcNAQELBQADggEBACb0j5rkaqoCwMUZ
UeTIl88Xo75K5Pkhp5O9cD3gU0ogruFX8jkMmt1nEY7LACENi2id1pKd1O+R6KqL
w3JfLX7ahiyxVvrgAlOlX1OfcvWAMogdQJDNqORv5HKFNqiAv/Sn2AblU46RiMzh
w8D6oC+BVMfXZzMzg8YFwAx43vx/quVSgDlo/mJE91IeAODxlZXi0BtTrkx4zU3C
Nk3JpPNiWvZ9D7wLYwImK6jFvfpwMRTXrQQNRe0OHZh7qDgBTtaus9lHg7IMP3nh
05WT/1NtyeDX8YYIeI7l5uXHV8a1fIMLJgQ5lB0WUjwFWeK+w3IsgkJWKbbFAtco
n+1g/k0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:20 2023 by rpki-client on console-fra.rpki-client.org