Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/cab149-d567-48fc-ac9b-20b024c6fc2f/1/7H2g3f_TdyCJTiNKyQOuRzlzGyI.roa
File: 7H2g3f_TdyCJTiNKyQOuRzlzGyI.roa (raw, json)
Hash identifier: caA9+afKo+Zb1478t6K9Nt4nuKyIuxs/XEtjHdDpeto=
Subject key identifier: EC:7D:A0:DD:FF:D3:77:20:89:4E:23:4A:C9:03:AE:47:39:73:1B:22
Certificate issuer: /CN=7139b69078f96cabaf718a39bb58678aeac1ccc2
Certificate serial: 01869E2106266AE064D28729C9DE711F38B8
Authority key identifier: 71:39:B6:90:78:F9:6C:AB:AF:71:8A:39:BB:58:67:8A:EA:C1:CC:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTm2kHj5bKuvcYo5u1hniurBzMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/cab149-d567-48fc-ac9b-20b024c6fc2f/1/7H2g3f_TdyCJTiNKyQOuRzlzGyI.roa
Signing time: Wed 01 Mar 2023 17:03:29 +0000
ROA not before: Wed 01 Mar 2023 17:03:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197999
IP address blocks: 193.33.216.0/23 maxlen: 23
31.217.216.0/21 maxlen: 21
2a03:1a80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9e:21:06:26:6a:e0:64:d2:87:29:c9:de:71:1f:38:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7139b69078f96cabaf718a39bb58678aeac1ccc2
Validity
Not Before: Mar 1 17:03:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec7da0ddffd37720894e234ac903ae4739731b22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:68:d1:7a:1d:f5:5e:64:2d:60:16:7b:3d:1d:
30:18:90:cc:ee:54:86:6c:bd:3c:1e:b7:a3:2d:45:
63:be:f5:9f:3c:43:4b:06:1a:9b:20:56:e1:4c:92:
5e:9b:80:d7:48:9a:78:c7:18:c2:80:8f:e8:ef:2d:
ed:58:0e:0f:9b:ac:79:9b:cc:b2:b6:e1:2e:06:e3:
3b:d1:7b:4f:d2:b3:d9:15:33:97:ec:d2:96:d4:18:
09:cd:ca:1f:63:4e:0f:9f:49:06:c8:88:83:be:4a:
75:ee:ae:d6:ae:0c:d6:90:b9:49:92:2d:cf:23:b9:
e7:9e:3b:c9:b1:4b:e8:71:ae:a9:37:01:fd:d2:2e:
94:e3:ae:06:54:b2:8a:b5:bd:85:7e:73:1d:a3:74:
f3:98:4e:2b:c3:71:6c:35:b7:98:3f:2f:39:5f:98:
f6:89:fe:d4:2c:7a:52:9c:e2:7b:47:a8:98:59:3c:
d3:43:6a:6c:b3:11:ee:c0:80:90:70:da:16:e5:5e:
f8:0f:9e:13:84:de:8a:9b:e4:ac:78:8a:d3:4b:61:
6b:96:b1:41:cc:1f:fa:7b:14:3e:e4:9f:0c:6a:a3:
bc:f2:81:af:4f:f7:ee:95:bc:7e:03:e6:1d:1a:2e:
f7:05:e9:37:06:30:9d:15:5b:fd:d5:7d:80:d8:b5:
41:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7D:A0:DD:FF:D3:77:20:89:4E:23:4A:C9:03:AE:47:39:73:1B:22
X509v3 Authority Key Identifier:
keyid:71:39:B6:90:78:F9:6C:AB:AF:71:8A:39:BB:58:67:8A:EA:C1:CC:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTm2kHj5bKuvcYo5u1hniurBzMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/cab149-d567-48fc-ac9b-20b024c6fc2f/1/7H2g3f_TdyCJTiNKyQOuRzlzGyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/cab149-d567-48fc-ac9b-20b024c6fc2f/1/cTm2kHj5bKuvcYo5u1hniurBzMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.216.0/21
193.33.216.0/23
IPv6:
2a03:1a80::/32
Signature Algorithm: sha256WithRSAEncryption
43:ba:4f:d8:44:90:03:ee:5f:14:5d:b3:5f:c4:88:49:02:85:
b4:3a:80:d5:be:5e:66:9f:3c:7a:d3:8c:9c:60:23:f7:91:f1:
7a:f1:ef:f6:42:ad:3c:f0:3f:56:bf:4a:a1:5b:92:1e:ab:73:
bd:79:40:16:be:eb:9f:7c:a1:f2:69:79:58:b8:63:c4:b3:03:
47:61:44:b1:74:27:ae:25:c5:86:6d:57:ff:29:d2:5e:57:38:
36:e3:11:a9:94:0c:b4:b6:3e:5b:94:8b:ff:14:e1:39:5f:83:
bf:5e:59:6f:c9:4c:4e:82:05:5d:33:f0:09:28:42:d4:b8:a4:
7a:84:75:c0:a6:56:20:9a:6e:70:e3:61:bb:9d:33:8d:7d:b4:
1d:19:71:c7:f3:f3:da:3e:b2:28:e9:ae:44:06:7c:e6:59:21:
a6:08:51:d0:33:ae:68:80:21:fc:e0:57:98:89:55:20:ca:e1:
80:75:e4:c1:ce:fd:60:eb:18:3d:8b:07:05:7e:69:ec:0a:2a:
14:89:83:f5:68:2e:92:a5:88:9d:e5:68:14:7c:c7:fa:41:c1:
24:50:c8:1e:fd:9d:c3:fb:41:c8:0a:66:b7:bb:2d:39:e6:61:
e9:19:89:b0:54:a2:b4:71:35:ff:db:d1:80:ac:aa:e2:17:94:
9f:08:79:fb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYaeIQYmauBk0ocpyd5xHzi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMzliNjkwNzhmOTZjYWJhZjcxOGEzOWJiNTg2NzhhZWFj
MWNjYzIwHhcNMjMwMzAxMTcwMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzdkYTBkZGZmZDM3NzIwODk0ZTIzNGFjOTAzYWU0NzM5NzMxYjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2jReh31XmQtYBZ7PR0wGJDM7lSG
bL08HrejLUVjvvWfPENLBhqbIFbhTJJem4DXSJp4xxjCgI/o7y3tWA4Pm6x5m8yy
tuEuBuM70XtP0rPZFTOX7NKW1BgJzcofY04Pn0kGyIiDvkp17q7WrgzWkLlJki3P
I7nnnjvJsUvoca6pNwH90i6U464GVLKKtb2FfnMdo3TzmE4rw3FsNbeYPy85X5j2
if7ULHpSnOJ7R6iYWTzTQ2pssxHuwICQcNoW5V74D54ThN6Km+SseIrTS2FrlrFB
zB/6exQ+5J8MaqO88oGvT/fulbx+A+YdGi73Bek3BjCdFVv91X2A2LVBFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOx9oN3/03cgiU4jSskDrkc5cxsiMB8GA1UdIwQY
MBaAFHE5tpB4+Wyrr3GKObtYZ4rqwczCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1RtMmtIajViS3V2Y1lvNXUxaG5pdXJCek1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jYWIxNDktZDU2Ny00OGZjLWFjOWIt
MjBiMDI0YzZmYzJmLzEvN0gyZzNmX1RkeUNKVGlOS3lRT3VSemx6R3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jYWIxNDktZDU2Ny00OGZjLWFjOWItMjBiMDI0YzZmYzJm
LzEvY1RtMmtIajViS3V2Y1lvNXUxaG5pdXJCek1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDH9nYAwQB
wSHYMA0EAgACMAcDBQAqAxqAMA0GCSqGSIb3DQEBCwUAA4IBAQBDuk/YRJAD7l8U
XbNfxIhJAoW0OoDVvl5mnzx604ycYCP3kfF68e/2Qq088D9Wv0qhW5Ieq3O9eUAW
vuuffKHyaXlYuGPEswNHYUSxdCeuJcWGbVf/KdJeVzg24xGplAy0tj5blIv/FOE5
X4O/XllvyUxOggVdM/AJKELUuKR6hHXAplYgmm5w42G7nTONfbQdGXHH8/PaPrIo
6a5EBnzmWSGmCFHQM65ogCH84FeYiVUgyuGAdeTBzv1g6xg9iwcFfmnsCioUiYP1
aC6SpYid5WgUfMf6QcEkUMge/Z3D+0HICma3uy055mHpGYmwVKK0cTX/29GArKri
F5SfCHn7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:35 2025 by rpki-client