Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/xNilBj7ZqZDbsypoWqCzJRio9UI.roa
File: xNilBj7ZqZDbsypoWqCzJRio9UI.roa (raw, json)
Hash identifier: ZRUGxxTbbl1khXD8TCNJA2GS8ACBNb52FvSU96P4BzA=
Subject key identifier: C4:D8:A5:06:3E:D9:A9:90:DB:B3:2A:68:5A:A0:B3:25:18:A8:F5:42
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 01853F34469DC6499FDC0176E57062EDD0AE
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/xNilBj7ZqZDbsypoWqCzJRio9UI.roa
Signing time: Fri 23 Dec 2022 13:37:48 +0000
ROA not before: Fri 23 Dec 2022 13:37:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212582
IP address blocks: 213.21.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:34:46:9d:c6:49:9f:dc:01:76:e5:70:62:ed:d0:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Dec 23 13:37:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4d8a5063ed9a990dbb32a685aa0b32518a8f542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:00:bb:59:7d:e1:c8:99:07:a9:14:08:0f:8b:
72:7e:c1:b0:1e:e5:5b:c2:31:6f:29:46:c7:71:b6:
73:09:33:8e:50:bd:cb:e3:c2:2f:2a:74:ed:6c:ae:
03:41:76:5c:07:88:3c:25:25:6a:8f:42:2d:02:b5:
96:28:f9:10:63:18:7f:6e:c5:06:61:8b:be:7b:d1:
dc:ff:7e:ea:dd:5e:27:33:8e:15:9d:1b:c2:88:27:
e5:fc:3e:5e:79:ae:ea:a1:85:5a:19:04:eb:25:d0:
d5:68:e6:b1:35:49:11:26:23:d8:ba:e0:d8:14:02:
d2:38:9b:00:fc:87:d0:cd:e8:08:e2:54:7f:49:d8:
46:d2:e9:1a:a5:d4:d2:20:c3:8d:bd:70:d4:93:59:
4a:37:0b:e3:06:c6:97:b1:39:92:7e:89:30:5a:77:
71:e2:7e:57:77:84:fb:ac:84:f2:45:06:4b:1c:80:
10:eb:f2:70:df:36:de:04:d1:0c:dc:fc:03:d1:57:
ee:2f:8a:12:bd:96:5f:c8:8a:a5:48:c8:42:9f:32:
6b:30:63:2b:93:0b:a8:97:20:1e:d3:c5:44:04:4e:
31:1b:5f:2d:70:3e:b3:58:71:31:06:0a:c5:8a:e9:
9d:e0:d5:6d:08:e9:ee:06:4b:27:38:31:79:39:67:
d0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D8:A5:06:3E:D9:A9:90:DB:B3:2A:68:5A:A0:B3:25:18:A8:F5:42
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/xNilBj7ZqZDbsypoWqCzJRio9UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.239.0/24
Signature Algorithm: sha256WithRSAEncryption
17:4c:e8:68:88:98:ca:7d:cd:9f:17:6c:20:0f:ef:33:35:c0:
16:2e:06:ac:06:34:f0:ab:20:ce:e5:d4:3c:a0:fd:90:c1:68:
a4:42:fd:02:ad:fa:1d:5d:8d:88:e4:a2:d8:85:18:44:0d:2d:
42:88:22:5a:39:ad:c9:cd:64:b9:09:b9:03:1b:59:f2:ec:57:
71:87:3f:ef:57:05:4c:1a:03:a5:93:8d:f1:a2:d0:a6:46:ee:
ce:7d:67:3d:8f:8e:c9:0f:51:2b:39:de:a1:b4:cc:ed:97:91:
e4:c0:1a:bd:e1:bf:27:4a:06:3a:bc:8b:1c:a7:75:0d:60:f7:
73:18:93:f9:01:7d:27:49:5e:7a:28:1b:e7:0f:9e:fc:86:f5:
73:0f:a6:6b:a7:f6:e6:c8:b9:84:d3:c6:c2:99:d0:54:be:4d:
33:1f:3b:5a:47:1f:95:a5:3f:47:bf:d8:b2:f2:ae:2f:96:b4:
4a:7a:19:97:5a:b3:83:6b:05:e6:e6:0b:fc:6f:53:bc:ce:7b:
4a:5a:61:67:4d:9b:18:33:5a:8f:78:c1:1e:56:53:08:ae:a0:
22:d0:ff:c1:42:e1:15:31:5e:ea:40:d4:18:46:ce:72:08:9c:
b8:8c:47:5d:40:c2:34:3a:64:6d:a2:d1:1d:84:96:ef:23:17:
07:1a:5b:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU/NEadxkmf3AF25XBi7dCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIxMjIzMTMzNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQ4YTUwNjNlZDlhOTkwZGJiMzJhNjg1YWEwYjMyNTE4YThmNTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AC7WX3hyJkHqRQID4tyfsGwHuVb
wjFvKUbHcbZzCTOOUL3L48IvKnTtbK4DQXZcB4g8JSVqj0ItArWWKPkQYxh/bsUG
YYu+e9Hc/37q3V4nM44VnRvCiCfl/D5eea7qoYVaGQTrJdDVaOaxNUkRJiPYuuDY
FALSOJsA/IfQzegI4lR/SdhG0ukapdTSIMONvXDUk1lKNwvjBsaXsTmSfokwWndx
4n5Xd4T7rITyRQZLHIAQ6/Jw3zbeBNEM3PwD0VfuL4oSvZZfyIqlSMhCnzJrMGMr
kwuolyAe08VEBE4xG18tcD6zWHExBgrFiumd4NVtCOnuBksnODF5OWfQzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTYpQY+2amQ27MqaFqgsyUYqPVCMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEveE5pbEJqN1pxWkRic3lwb1dxQ3pKUmlvOVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXvMA0G
CSqGSIb3DQEBCwUAA4IBAQAXTOhoiJjKfc2fF2wgD+8zNcAWLgasBjTwqyDO5dQ8
oP2QwWikQv0CrfodXY2I5KLYhRhEDS1CiCJaOa3JzWS5CbkDG1ny7Fdxhz/vVwVM
GgOlk43xotCmRu7OfWc9j47JD1ErOd6htMztl5HkwBq94b8nSgY6vIscp3UNYPdz
GJP5AX0nSV56KBvnD578hvVzD6Zrp/bmyLmE08bCmdBUvk0zHztaRx+VpT9Hv9iy
8q4vlrRKehmXWrODawXm5gv8b1O8zntKWmFnTZsYM1qPeMEeVlMIrqAi0P/BQuEV
MV7qQNQYRs5yCJy4jEddQMI0OmRtotEdhJbvIxcHGlst
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org