Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/NtRgpQKgtFzzLmbzFa5RxCkJ1RA.roa
File: NtRgpQKgtFzzLmbzFa5RxCkJ1RA.roa (raw, json)
Hash identifier: YgG676tIV+uwbte0N6gnTKAKx0BJgNdFuMuFgW1r4q4=
Subject key identifier: 36:D4:60:A5:02:A0:B4:5C:F3:2E:66:F3:15:AE:51:C4:29:09:D5:10
Certificate issuer: /CN=8901f673c6b0ff8835ea02faedba5b49cf14224e
Certificate serial: 01856DDD3B0E9BAD192F958EC6099ED2C980
Authority key identifier: 89:01:F6:73:C6:B0:FF:88:35:EA:02:FA:ED:BA:5B:49:CF:14:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/NtRgpQKgtFzzLmbzFa5RxCkJ1RA.roa
Signing time: Sun 01 Jan 2023 15:04:53 +0000
ROA not before: Sun 01 Jan 2023 15:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205094
IP address blocks: 213.142.154.0/23 maxlen: 23
2a12:f140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:3b:0e:9b:ad:19:2f:95:8e:c6:09:9e:d2:c9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8901f673c6b0ff8835ea02faedba5b49cf14224e
Validity
Not Before: Jan 1 15:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36d460a502a0b45cf32e66f315ae51c42909d510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:84:09:8c:d5:b0:b4:c2:fb:12:95:ed:69:7d:
a4:21:e3:dc:64:30:e8:d4:33:86:58:99:b2:b7:e0:
59:fd:23:49:0b:01:fb:ce:3d:b8:e0:8e:93:a7:46:
57:7a:26:f7:d8:e6:5a:0b:bb:fb:3f:b1:e4:08:b1:
ef:36:1b:a2:25:1c:15:4e:4e:01:dc:35:20:0d:db:
a6:27:11:b6:cf:50:11:23:b1:8e:d1:68:57:49:89:
dc:4f:7e:8f:5a:d6:2c:45:65:75:6e:54:5c:93:6d:
81:5e:fc:43:9f:8f:d2:e4:0e:0f:be:47:58:28:fc:
38:b0:32:4a:fe:75:c9:a3:c7:76:8c:86:85:ad:61:
a3:f6:2a:21:0b:9b:64:f1:e2:d6:04:3c:15:7d:13:
8b:ab:a9:dd:27:ae:eb:72:8b:a4:82:27:08:3e:e4:
ac:10:a5:bc:92:68:9d:da:6d:02:c1:be:74:b0:f6:
05:13:f9:a8:15:ee:ef:33:c6:14:d9:50:92:b0:97:
26:26:51:5b:c9:f2:3f:1c:e7:9c:b2:13:ca:93:ad:
02:47:50:30:d7:02:42:3d:2d:b5:22:bf:81:15:a9:
b8:54:37:c3:fd:4c:1c:62:35:2a:cf:b1:6b:e3:c9:
39:1d:62:3a:bf:21:55:58:b4:8e:a0:d6:85:16:23:
a0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D4:60:A5:02:A0:B4:5C:F3:2E:66:F3:15:AE:51:C4:29:09:D5:10
X509v3 Authority Key Identifier:
keyid:89:01:F6:73:C6:B0:FF:88:35:EA:02:FA:ED:BA:5B:49:CF:14:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/NtRgpQKgtFzzLmbzFa5RxCkJ1RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.154.0/23
IPv6:
2a12:f140::/29
Signature Algorithm: sha256WithRSAEncryption
8f:fb:0d:bb:63:2e:17:49:9a:65:5a:49:ee:89:9d:04:28:b8:
a9:cb:ba:8c:0a:fd:28:61:a1:44:b8:f9:93:56:b7:31:0c:cc:
67:6a:5d:f4:4e:ce:da:dc:b7:1c:fc:dc:88:a5:4d:d0:1a:ec:
76:99:55:bd:bd:71:16:ac:ba:4e:c8:a0:88:bf:42:a2:8a:de:
3f:b2:c9:69:9c:20:ad:d1:dd:72:fe:34:c5:8e:e7:6f:0a:b5:
f0:bb:88:59:5f:69:ea:27:fb:0b:f3:aa:ba:20:f3:32:ce:db:
a5:18:6b:d3:0b:bb:ea:18:08:2f:0c:57:e7:ba:aa:13:b4:56:
4f:15:aa:da:b3:73:e9:c5:cd:bf:58:8b:a1:fd:69:d4:66:50:
e0:60:ea:46:3a:da:7d:8a:32:32:5c:35:b3:a4:a0:77:8b:4d:
a4:19:a7:c6:c4:ae:74:32:6c:09:d7:de:15:b7:be:52:f6:38:
8f:e7:c0:b4:16:16:2a:75:87:42:ae:f5:50:1a:95:e3:9e:b3:
b9:02:f6:b9:03:cb:89:6b:8e:56:8a:0e:39:af:4b:c0:6b:bd:
47:2f:54:bc:85:c7:43:24:a4:29:94:d3:03:6b:77:1f:ce:5b:
2f:ca:c1:41:99:be:76:d3:95:8e:96:0a:59:9b:33:22:f3:70:
90:6d:36:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt3TsOm60ZL5WOxgme0smAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDFmNjczYzZiMGZmODgzNWVhMDJmYWVkYmE1YjQ5Y2Yx
NDIyNGUwHhcNMjMwMTAxMTUwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ0NjBhNTAyYTBiNDVjZjMyZTY2ZjMxNWFlNTFjNDI5MDlkNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYQJjNWwtML7EpXtaX2kIePcZDDo
1DOGWJmyt+BZ/SNJCwH7zj244I6Tp0ZXeib32OZaC7v7P7HkCLHvNhuiJRwVTk4B
3DUgDdumJxG2z1ARI7GO0WhXSYncT36PWtYsRWV1blRck22BXvxDn4/S5A4PvkdY
KPw4sDJK/nXJo8d2jIaFrWGj9iohC5tk8eLWBDwVfROLq6ndJ67rcoukgicIPuSs
EKW8kmid2m0Cwb50sPYFE/moFe7vM8YU2VCSsJcmJlFbyfI/HOecshPKk60CR1Aw
1wJCPS21Ir+BFam4VDfD/UwcYjUqz7Fr48k5HWI6vyFVWLSOoNaFFiOg6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDbUYKUCoLRc8y5m8xWuUcQpCdUQMB8GA1UdIwQY
MBaAFIkB9nPGsP+INeoC+u26W0nPFCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFIMmM4YXdfNGcxNmdMNjdicGJTYzhVSWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9jMmJhMTAtMjBlZC00ZThjLWI3NmMt
NTNjNGQ1NzYyZDFhLzEvTnRSZ3BRS2d0Rnp6TG1iekZhNVJ4Q2tKMVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9jMmJhMTAtMjBlZC00ZThjLWI3NmMtNTNjNGQ1NzYyZDFh
LzEvaVFIMmM4YXdfNGcxNmdMNjdicGJTYzhVSWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB1Y6aMA0E
AgACMAcDBQMqEvFAMA0GCSqGSIb3DQEBCwUAA4IBAQCP+w27Yy4XSZplWknuiZ0E
KLipy7qMCv0oYaFEuPmTVrcxDMxnal30Ts7a3Lcc/NyIpU3QGux2mVW9vXEWrLpO
yKCIv0Kiit4/sslpnCCt0d1y/jTFjudvCrXwu4hZX2nqJ/sL86q6IPMyztulGGvT
C7vqGAgvDFfnuqoTtFZPFaras3Ppxc2/WIuh/WnUZlDgYOpGOtp9ijIyXDWzpKB3
i02kGafGxK50MmwJ194Vt75S9jiP58C0FhYqdYdCrvVQGpXjnrO5Ava5A8uJa45W
ig45r0vAa71HL1S8hcdDJKQplNMDa3cfzlsvysFBmb5205WOlgpZmzMi83CQbTbq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:40 2025 by rpki-client