Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/1sMeYGhqggC40Lj69E80Wfqcva0.roa
File: 1sMeYGhqggC40Lj69E80Wfqcva0.roa (raw, json)
Hash identifier: p4VRv7Xvv1yUdO3pt8IOhQf+UeWuyXq8LnxWrFvgZSc=
Subject key identifier: D6:C3:1E:60:68:6A:82:00:B8:D0:B8:FA:F4:4F:34:59:FA:9C:BD:AD
Certificate issuer: /CN=23e22f8bdedcbe19bb33fce14fc1db6ae3a40e90
Certificate serial: 077C0EE4
Authority key identifier: 23:E2:2F:8B:DE:DC:BE:19:BB:33:FC:E1:4F:C1:DB:6A:E3:A4:0E:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-Ivi97cvhm7M_zhT8HbauOkDpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/1sMeYGhqggC40Lj69E80Wfqcva0.roa
Signing time: Sat 01 Jan 2022 14:58:17 +0000
ROA not before: Sat 01 Jan 2022 14:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207143
IP address blocks: 213.167.224.0/24 maxlen: 24
213.167.226.0/24 maxlen: 24
213.167.225.0/24 maxlen: 24
213.167.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125570788 (0x77c0ee4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e22f8bdedcbe19bb33fce14fc1db6ae3a40e90
Validity
Not Before: Jan 1 14:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6c31e60686a8200b8d0b8faf44f3459fa9cbdad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ff:89:e6:b4:ee:b2:9a:80:d1:1a:36:c5:64:
fd:7e:2a:bc:d9:5a:6b:9c:e1:d8:bf:c8:dc:e0:db:
7d:19:82:bd:49:f4:5b:b2:9c:5a:b2:7e:37:9f:3c:
be:de:37:18:3f:00:78:6f:6b:80:c3:d1:4c:c9:d1:
4b:c7:50:1f:12:9f:e8:a6:db:3b:b0:9d:8b:b9:60:
de:47:b3:43:46:cb:ab:a5:5c:ee:af:35:9b:3d:21:
69:a0:79:92:25:7b:5b:4f:84:76:b3:c7:90:60:bf:
1d:ed:d6:70:f0:fb:f4:52:6d:3e:e6:30:5f:5f:d9:
00:ef:a8:5f:d9:9a:84:c2:62:5e:d6:d8:c2:50:3f:
b3:e1:fa:e8:74:57:35:dc:89:b1:06:bd:60:eb:aa:
33:0a:1b:40:09:59:46:a5:e4:75:1a:1f:67:41:bf:
57:d3:ad:85:5c:b6:0b:37:a5:5b:c5:3f:3e:e6:74:
ff:79:76:cd:47:87:e1:d0:a5:d0:da:67:52:d8:fe:
d1:4e:91:fb:df:20:7d:97:21:e3:35:5c:14:9a:c4:
0b:3a:fa:ed:04:e4:63:ed:45:42:cd:b9:cb:f9:d3:
ef:fa:ec:6e:5e:60:79:bd:9f:f3:1f:be:72:3f:bb:
de:bf:0b:6b:eb:69:d7:44:92:c6:a4:1c:58:bd:51:
b9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C3:1E:60:68:6A:82:00:B8:D0:B8:FA:F4:4F:34:59:FA:9C:BD:AD
X509v3 Authority Key Identifier:
keyid:23:E2:2F:8B:DE:DC:BE:19:BB:33:FC:E1:4F:C1:DB:6A:E3:A4:0E:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-Ivi97cvhm7M_zhT8HbauOkDpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/1sMeYGhqggC40Lj69E80Wfqcva0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/I-Ivi97cvhm7M_zhT8HbauOkDpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.224.0/22
Signature Algorithm: sha256WithRSAEncryption
54:61:d6:5b:32:7f:84:9b:a7:7b:07:6c:84:3b:03:dd:c0:26:
ff:e7:a8:e0:6c:a0:2d:c5:50:46:1e:b7:1b:79:8b:e6:bc:fa:
f3:0f:c0:28:6f:99:84:11:b2:05:e5:d9:f7:c7:d5:1c:99:3a:
d5:37:21:fc:3a:6f:2c:0c:e6:11:e1:1c:b4:d0:27:03:d1:75:
10:17:46:33:db:36:3b:a1:3e:06:c3:a1:0d:dc:1c:c5:b9:c3:
b6:62:67:a1:58:08:c2:66:80:1a:08:26:86:7e:74:07:ee:23:
2a:aa:65:2f:43:a5:2a:f6:cb:3f:66:1c:b3:d0:cc:ef:69:bc:
b1:b5:28:56:43:0b:b9:ff:4a:b5:4a:0f:42:ce:7d:53:c5:4c:
0b:17:94:19:61:97:6c:50:97:b9:be:90:f3:02:19:ef:76:9f:
7a:05:a4:ef:04:a1:d7:60:eb:67:2a:5d:a8:c3:ef:c5:e1:22:
96:6e:cb:eb:2d:88:dc:ef:25:df:90:0e:b8:c6:37:1f:e9:6d:
83:73:b3:88:49:2e:fd:f2:70:24:31:40:d5:3a:c7:e6:b4:b8:
b3:85:0e:6e:71:23:a1:96:d8:25:d4:ed:db:fe:cc:a8:ac:4b:
fd:11:05:32:7e:8f:4a:ad:a0:7f:3e:06:df:b0:10:76:35:eb:
aa:df:21:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB3wO5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2UyMmY4YmRlZGNiZTE5YmIzM2ZjZTE0ZmMxZGI2YWUzYTQwZTkwMB4XDTIyMDEw
MTE0NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDZjMzFlNjA2ODZh
ODIwMGI4ZDBiOGZhZjQ0ZjM0NTlmYTljYmRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMP/iea07rKagNEaNsVk/X4qvNlaa5zh2L/I3ODbfRmCvUn0
W7KcWrJ+N588vt43GD8AeG9rgMPRTMnRS8dQHxKf6KbbO7Cdi7lg3kezQ0bLq6Vc
7q81mz0haaB5kiV7W0+EdrPHkGC/He3WcPD79FJtPuYwX1/ZAO+oX9mahMJiXtbY
wlA/s+H66HRXNdyJsQa9YOuqMwobQAlZRqXkdRofZ0G/V9OthVy2CzelW8U/PuZ0
/3l2zUeH4dCl0NpnUtj+0U6R+98gfZch4zVcFJrECzr67QTkY+1FQs25y/nT7/rs
bl5geb2f8x++cj+73r8La+tp10SSxqQcWL1RuQkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTWwx5gaGqCALjQuPr0TzRZ+py9rTAfBgNVHSMEGDAWgBQj4i+L3ty+Gbsz
/OFPwdtq46QOkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ktSXZpOTdjdmhtN01femhUOEhiYXVPa0RwQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDYvZTZhMGRiLWM3NjYtNDk5MS1iNzJjLTc0YmQwNDViMmFmNy8x
LzFzTWVZR2hxZ2dDNDBMajY5RTgwV2ZxY3ZhMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYv
ZTZhMGRiLWM3NjYtNDk5MS1iNzJjLTc0YmQwNDViMmFmNy8xL0ktSXZpOTdjdmht
N01femhUOEhiYXVPa0RwQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtWn4DANBgkqhkiG9w0BAQsFAAOC
AQEAVGHWWzJ/hJunewdshDsD3cAm/+eo4GygLcVQRh63G3mL5rz68w/AKG+ZhBGy
BeXZ98fVHJk61Tch/DpvLAzmEeEctNAnA9F1EBdGM9s2O6E+BsOhDdwcxbnDtmJn
oVgIwmaAGggmhn50B+4jKqplL0OlKvbLP2Ycs9DM72m8sbUoVkMLuf9KtUoPQs59
U8VMCxeUGWGXbFCXub6Q8wIZ73afegWk7wSh12DrZypdqMPvxeEilm7L6y2I3O8l
35AOuMY3H+ltg3OziEku/fJwJDFA1TrH5rS4s4UObnEjoZbYJdTt2/7MqKxL/REF
Mn6PSq2gfz4G37AQdjXrqt8hmg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:21 2025 by rpki-client