Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/tOXDpVfstrYJuKj45Pcgbae3_so.roa
File: tOXDpVfstrYJuKj45Pcgbae3_so.roa (raw, json)
Hash identifier: UAcH+65xhGsFy0fQpk5NDZgbNEDd4sFO1B0IJgtrPDE=
Subject key identifier: B4:E5:C3:A5:57:EC:B6:B6:09:B8:A8:F8:E4:F7:20:6D:A7:B7:FE:CA
Certificate issuer: /CN=808c3a6c5cbff0739e438d05744405b16197b15b
Certificate serial: 0A2FBB1E
Authority key identifier: 80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/tOXDpVfstrYJuKj45Pcgbae3_so.roa
Signing time: Sat 01 Jan 2022 04:56:03 +0000
ROA not before: Sat 01 Jan 2022 04:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41820
IP address blocks: 213.109.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170900254 (0xa2fbb1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808c3a6c5cbff0739e438d05744405b16197b15b
Validity
Not Before: Jan 1 04:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4e5c3a557ecb6b609b8a8f8e4f7206da7b7feca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:62:8c:72:c6:3d:c9:bf:44:78:9a:3b:d6:71:
51:f4:da:9b:ef:9d:1d:b7:ad:29:5a:82:88:4f:55:
e4:76:52:0a:65:ff:ac:c2:e5:46:11:44:f3:9b:64:
07:e9:d6:d5:24:58:14:98:c4:92:ee:02:70:14:9b:
64:7f:68:57:28:5f:0e:21:01:bc:ae:fa:f6:18:33:
5e:b9:76:86:03:33:6d:02:aa:b5:2f:50:7c:64:84:
70:d0:9e:ea:a1:51:72:13:92:ac:17:1c:35:c7:50:
e1:1f:93:f6:54:5a:30:9e:8b:3c:d9:0b:00:36:d9:
f9:d8:29:0c:49:ea:93:91:12:5a:3d:af:ed:48:47:
69:28:2a:6b:0e:9e:61:0c:b8:c9:2d:d6:fe:b5:6a:
02:5f:51:a6:d6:a5:3f:e0:4a:35:e8:e5:6c:d3:d5:
33:97:27:3b:87:30:19:16:a8:33:21:ef:be:41:db:
a5:43:a4:d0:be:45:2a:8e:ee:53:36:a3:d7:f4:da:
e9:e3:37:73:f2:44:46:8a:72:6e:f0:ca:ed:e1:06:
a9:d7:96:1d:90:2a:62:55:92:59:b8:49:af:cc:8a:
34:dd:a5:b2:a0:ac:64:79:b5:28:c4:dd:6b:f6:6c:
cd:fc:08:4c:77:18:e6:69:54:48:13:39:1a:c4:5a:
89:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E5:C3:A5:57:EC:B6:B6:09:B8:A8:F8:E4:F7:20:6D:A7:B7:FE:CA
X509v3 Authority Key Identifier:
keyid:80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/tOXDpVfstrYJuKj45Pcgbae3_so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/gIw6bFy_8HOeQ40FdEQFsWGXsVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.80.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:e0:e1:19:be:36:33:4e:0d:75:c1:63:26:23:ba:a3:b9:4f:
6e:83:00:75:7a:e1:6e:25:6e:50:0c:4d:93:68:00:00:84:b6:
cf:65:bf:de:eb:b2:cc:35:2d:c0:fc:fc:2a:84:fe:5b:c0:24:
f8:e2:c0:b3:2b:4b:f3:d5:52:9a:74:1b:83:39:eb:a4:e8:99:
3d:74:67:fb:31:db:46:e8:f3:ad:15:f5:57:73:ea:46:6f:73:
de:74:e1:b2:81:62:af:b4:77:b9:17:7b:6a:6f:01:1a:da:38:
fb:09:06:d0:df:98:70:1f:15:d7:70:ba:f5:66:bd:75:5c:28:
56:45:16:4a:9e:7e:09:cd:9a:d1:20:c2:11:36:bc:e7:95:10:
8a:c2:19:05:bc:58:1a:c9:94:e3:e7:9f:cf:1d:64:cf:e0:29:
31:58:95:38:4b:cc:cf:00:2d:b9:1c:21:f6:91:a7:f9:92:80:
f7:4c:e8:b0:cd:40:a4:4c:0f:74:59:07:05:f8:0d:6d:57:a2:
df:7a:93:12:b6:18:a2:9c:ca:08:bd:ec:75:1e:65:94:4d:7f:
52:e4:ce:a2:5a:7b:34:dd:47:66:68:0d:5a:af:1a:45:ed:27:
0c:49:66:64:ad:26:cc:ca:47:a0:e7:7a:01:5d:50:16:73:44:
ee:bf:ce:70
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECi+7HjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MDhjM2E2YzVjYmZmMDczOWU0MzhkMDU3NDQ0MDViMTYxOTdiMTViMB4XDTIyMDEw
MTA0NTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRlNWMzYTU1N2Vj
YjZiNjA5YjhhOGY4ZTRmNzIwNmRhN2I3ZmVjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKlijHLGPcm/RHiaO9ZxUfTam++dHbetKVqCiE9V5HZSCmX/
rMLlRhFE85tkB+nW1SRYFJjEku4CcBSbZH9oVyhfDiEBvK769hgzXrl2hgMzbQKq
tS9QfGSEcNCe6qFRchOSrBccNcdQ4R+T9lRaMJ6LPNkLADbZ+dgpDEnqk5ESWj2v
7UhHaSgqaw6eYQy4yS3W/rVqAl9RptalP+BKNejlbNPVM5cnO4cwGRaoMyHvvkHb
pUOk0L5FKo7uUzaj1/Ta6eM3c/JERopybvDK7eEGqdeWHZAqYlWSWbhJr8yKNN2l
sqCsZHm1KMTda/ZszfwITHcY5mlUSBM5GsRaiVECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS05cOlV+y2tgm4qPjk9yBtp7f+yjAfBgNVHSMEGDAWgBSAjDpsXL/wc55D
jQV0RAWxYZexWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dJdzZiRnlfOEhPZVE0MEZkRVFGc1dHWHNWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvNjk4ZTRlLTBhMzktNDE2Yi1hZmZlLTYxODE5YzQ4MGNiZS8x
L3RPWERwVmZzdHJZSnVLajQ1UGNnYmFlM19zby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
Njk4ZTRlLTBhMzktNDE2Yi1hZmZlLTYxODE5YzQ4MGNiZS8xL2dJdzZiRnlfOEhP
ZVE0MEZkRVFGc1dHWHNWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANVtUDANBgkqhkiG9w0BAQsFAAOC
AQEAWuDhGb42M04NdcFjJiO6o7lPboMAdXrhbiVuUAxNk2gAAIS2z2W/3uuyzDUt
wPz8KoT+W8Ak+OLAsytL89VSmnQbgznrpOiZPXRn+zHbRujzrRX1V3PqRm9z3nTh
soFir7R3uRd7am8BGto4+wkG0N+YcB8V13C69Wa9dVwoVkUWSp5+Cc2a0SDCETa8
55UQisIZBbxYGsmU4+efzx1kz+ApMViVOEvMzwAtuRwh9pGn+ZKA90zosM1ApEwP
dFkHBfgNbVei33qTErYYopzKCL3sdR5llE1/UuTOolp7NN1HZmgNWq8aRe0nDElm
ZK0mzMpHoOd6AV1QFnNE7r/OcA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:02 2023 by rpki-client on console-fra.rpki-client.org