Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/rtnddSxUFrheSprNUO3QREY9E8g.roa
File: rtnddSxUFrheSprNUO3QREY9E8g.roa (raw, json)
Hash identifier: 0wXc0dSgGqQhiTqcU3eOfdQInPXV7GKdYU+22+66vPQ=
Subject key identifier: AE:D9:DD:75:2C:54:16:B8:5E:4A:9A:CD:50:ED:D0:44:46:3D:13:C8
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 018355AC2C565D0394F58B8FCDD0007B1798
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/rtnddSxUFrheSprNUO3QREY9E8g.roa
Signing time: Mon 19 Sep 2022 12:14:50 +0000
ROA not before: Mon 19 Sep 2022 12:14:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 213.21.230.0/24 maxlen: 24
213.21.231.0/24 maxlen: 24
213.21.228.0/24 maxlen: 24
213.21.229.0/24 maxlen: 24
213.21.233.0/24 maxlen: 24
213.21.232.0/24 maxlen: 24
213.21.237.0/24 maxlen: 24
213.21.238.0/24 maxlen: 24
213.21.235.0/24 maxlen: 24
213.21.236.0/24 maxlen: 24
213.21.244.0/24 maxlen: 24
213.21.241.0/24 maxlen: 24
213.21.247.0/24 maxlen: 24
213.21.251.0/24 maxlen: 24
213.21.253.0/24 maxlen: 24
193.68.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:55:ac:2c:56:5d:03:94:f5:8b:8f:cd:d0:00:7b:17:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Sep 19 12:14:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aed9dd752c5416b85e4a9acd50edd044463d13c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e8:e7:cb:b8:1a:b1:9e:91:f1:ba:92:4c:c8:
0f:19:11:f0:f1:91:6e:6b:98:b2:83:69:40:d3:f1:
17:2a:7f:1c:14:5f:b8:fc:43:f3:c3:25:78:9a:29:
0e:43:c2:9c:d9:10:c2:a3:30:f1:25:67:f0:db:be:
cd:2f:17:c5:76:d7:a7:73:11:57:09:1c:8d:1c:ce:
2b:c5:7c:4e:32:ae:26:f3:11:dd:30:02:d9:98:12:
51:58:cc:4a:8a:3f:96:91:92:55:4e:65:41:19:8c:
49:c4:a4:74:53:8a:51:1c:6a:20:df:2a:b5:79:82:
bb:f2:79:37:62:23:9a:ef:1c:5e:c2:48:94:67:8f:
7a:9c:1d:c2:bc:85:03:37:b5:c1:f4:56:42:94:03:
fc:8d:53:04:ae:f1:19:28:ae:a5:1a:2c:a8:24:25:
cf:ad:a4:2a:63:a7:5a:0f:9d:da:e3:b1:e5:96:97:
cc:73:a7:7e:4b:05:f7:e0:ec:47:9e:d5:09:0e:32:
5f:75:2d:59:b9:40:08:d2:c6:88:74:99:0c:d6:f4:
9f:9c:17:b6:d3:07:4a:06:6e:62:61:2d:fa:07:4e:
cb:7c:51:a6:96:09:31:5a:a2:6a:89:52:57:c7:f7:
35:68:ec:3d:47:db:e6:ca:41:43:aa:d2:65:8c:1e:
6c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D9:DD:75:2C:54:16:B8:5E:4A:9A:CD:50:ED:D0:44:46:3D:13:C8
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/rtnddSxUFrheSprNUO3QREY9E8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.68.85.0/24
213.21.228.0-213.21.233.255
213.21.235.0-213.21.238.255
213.21.241.0/24
213.21.244.0/24
213.21.247.0/24
213.21.251.0/24
213.21.253.0/24
Signature Algorithm: sha256WithRSAEncryption
21:91:35:09:ee:21:e9:7c:92:7a:b5:83:d3:96:82:c3:41:3f:
51:48:d5:5b:1c:19:c1:f4:2b:4a:80:25:95:4d:af:db:54:4e:
0f:95:e1:19:12:8a:67:ea:85:52:a1:b6:35:54:a7:cd:17:a0:
47:5f:e3:4a:36:6b:17:8c:d0:15:17:1e:b6:e0:a5:56:99:3c:
67:10:da:59:c5:e0:b5:e9:14:2b:bd:4a:5f:95:8a:78:ec:99:
f9:93:44:4b:1a:fb:7f:01:48:7c:62:d2:8d:53:1f:5a:fc:5f:
81:f2:da:1d:73:59:0d:45:c9:91:06:97:ed:66:fb:73:b0:1a:
93:e5:0a:f8:e9:da:b1:b7:c4:7b:d7:fd:67:79:40:67:57:3b:
79:19:56:21:e4:62:3a:4e:4d:f3:6e:3d:47:b3:01:3f:f4:7c:
aa:c8:ba:e5:90:28:8c:ff:89:0b:34:a1:8c:3b:87:50:3d:68:
69:57:ca:a8:10:5c:4b:08:26:c2:f1:32:2f:bb:02:c5:1e:54:
90:08:5d:6a:fb:ab:88:1b:fb:01:78:c0:d1:93:c4:c5:36:cc:
f6:bb:65:2c:ca:82:df:29:cf:3e:cc:70:10:76:8e:46:2a:fe:
a6:63:9f:eb:8c:ea:f4:e6:79:3c:c7:ad:5a:fc:d7:52:94:4b:
a7:8e:44:d6
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYNVrCxWXQOU9YuPzdAAexeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIwOTE5MTIxNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ5ZGQ3NTJjNTQxNmI4NWU0YTlhY2Q1MGVkZDA0NDQ2M2QxM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+jny7gasZ6R8bqSTMgPGRHw8ZFu
a5iyg2lA0/EXKn8cFF+4/EPzwyV4mikOQ8Kc2RDCozDxJWfw277NLxfFdtencxFX
CRyNHM4rxXxOMq4m8xHdMALZmBJRWMxKij+WkZJVTmVBGYxJxKR0U4pRHGog3yq1
eYK78nk3YiOa7xxewkiUZ496nB3CvIUDN7XB9FZClAP8jVMErvEZKK6lGiyoJCXP
raQqY6daD53a47HllpfMc6d+SwX34OxHntUJDjJfdS1ZuUAI0saIdJkM1vSfnBe2
0wdKBm5iYS36B07LfFGmlgkxWqJqiVJXx/c1aOw9R9vmykFDqtJljB5sHQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFK7Z3XUsVBa4XkqazVDt0ERGPRPIMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvcnRuZGRTeFVGcmhlU3ByTlVPM1FSRVk5RThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAwURVMAwD
BALVFeQDBAHVFegwDAMEANUV6wMEANUV7gMEANUV8QMEANUV9AMEANUV9wMEANUV
+wMEANUV/TANBgkqhkiG9w0BAQsFAAOCAQEAIZE1Ce4h6XySerWD05aCw0E/UUjV
WxwZwfQrSoAllU2v21ROD5XhGRKKZ+qFUqG2NVSnzRegR1/jSjZrF4zQFRcetuCl
Vpk8ZxDaWcXgtekUK71KX5WKeOyZ+ZNESxr7fwFIfGLSjVMfWvxfgfLaHXNZDUXJ
kQaX7Wb7c7Aak+UK+OnasbfEe9f9Z3lAZ1c7eRlWIeRiOk5N8249R7MBP/R8qsi6
5ZAojP+JCzShjDuHUD1oaVfKqBBcSwgmwvEyL7sCxR5UkAhdavuriBv7AXjA0ZPE
xTbM9rtlLMqC3ynPPsxwEHaORir+pmOf64zq9OZ5PMetWvzXUpRLp45E1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:38 2024 by rpki-client on console-ams.rpki-client.org