Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/7F1YxNzn1eIY7ggtgBEY6J6oqu4.roa
File: 7F1YxNzn1eIY7ggtgBEY6J6oqu4.roa (raw, json)
Hash identifier: gw0xTqEvG+UQOACavWlKewy57BELV5C/gMpKCzdoL/c=
Subject key identifier: EC:5D:58:C4:DC:E7:D5:E2:18:EE:08:2D:80:11:18:E8:9E:A8:AA:EE
Certificate issuer: /CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Certificate serial: 018570E772EB5865CC7424E60F97D4E28A89
Authority key identifier: E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/7F1YxNzn1eIY7ggtgBEY6J6oqu4.roa
Signing time: Mon 02 Jan 2023 05:14:54 +0000
ROA not before: Mon 02 Jan 2023 05:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199027
IP address blocks: 213.152.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:72:eb:58:65:cc:74:24:e6:0f:97:d4:e2:8a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Validity
Not Before: Jan 2 05:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec5d58c4dce7d5e218ee082d801118e89ea8aaee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e9:f5:69:2d:9d:52:c6:f1:d0:3b:a6:9a:30:
11:db:07:04:ef:1f:a5:e9:62:d1:ec:46:4b:92:f3:
2a:7d:24:9e:6a:96:94:4a:1c:c3:71:06:c8:f3:7e:
50:ab:a6:6c:39:40:a7:96:cd:4e:f0:3c:29:d1:ff:
18:8d:e2:5d:b1:0d:a2:e8:44:01:ad:6a:67:66:f1:
df:aa:ab:e7:a2:74:a3:4b:94:94:6f:9c:7f:41:ee:
33:47:b3:94:0b:6f:a9:e2:71:0e:37:fd:4d:a0:ce:
3e:14:a6:05:72:8c:c4:b3:a7:cf:85:2a:47:b9:7a:
fe:f9:57:ae:54:9d:80:b7:ef:38:14:7f:f1:65:a1:
89:73:43:9b:42:ca:1f:62:46:ac:4d:cc:e9:13:fd:
8d:c7:f2:31:7b:d5:d9:55:43:03:be:02:55:c0:04:
be:c6:bd:40:3a:40:3c:88:42:54:9e:47:66:11:26:
cb:e0:f6:dd:7c:58:84:e0:14:d6:1e:92:a7:1b:fe:
fa:8b:87:5f:9e:0f:73:41:d5:8e:08:6d:28:94:01:
7f:cb:ce:1c:b9:e3:fb:cb:5c:77:6d:4a:7f:8f:fc:
b2:c5:06:f6:45:4a:59:72:38:6b:42:f1:9b:6e:cf:
b8:30:f1:7f:f0:5d:41:d0:39:6c:d1:55:40:6f:ca:
68:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:5D:58:C4:DC:E7:D5:E2:18:EE:08:2D:80:11:18:E8:9E:A8:AA:EE
X509v3 Authority Key Identifier:
keyid:E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/7F1YxNzn1eIY7ggtgBEY6J6oqu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.152.21.0/24
Signature Algorithm: sha256WithRSAEncryption
89:fb:10:b2:b2:d4:15:17:9a:f3:19:5b:4a:9b:78:22:c7:8a:
4f:61:8e:2c:e7:07:8e:ab:bf:65:c7:24:ef:a5:2c:72:f7:06:
9f:82:10:e9:86:df:cf:e1:83:b4:92:33:d5:13:c6:ad:df:77:
f9:ee:0e:9d:02:98:2d:37:1a:24:a9:c8:fb:1a:eb:1f:07:7d:
0c:84:27:05:ce:54:74:a2:c9:7d:85:42:47:5e:68:2c:2f:3c:
9c:fb:4d:94:b8:55:ae:1d:07:7c:01:10:4d:6f:18:6c:90:ee:
6b:a5:8b:46:b5:48:f5:ff:b9:bb:8a:67:2f:f5:0e:66:c7:2a:
59:3e:1f:31:26:31:62:18:1d:dc:6c:3a:b4:98:4b:1d:d0:3a:
41:59:6c:6e:71:d4:b1:5b:7f:93:e1:f3:0a:bb:9c:14:51:34:
96:21:b8:f0:2c:1a:45:7d:12:f7:74:4d:a4:74:cf:98:e7:da:
70:98:28:3d:aa:d2:ff:98:53:87:e9:0b:1f:9f:10:59:4e:e0:
1c:ad:b1:10:7f:cf:1f:7e:d9:8e:e2:91:71:f2:15:9a:ac:8a:
69:d4:b0:67:92:6e:22:c0:27:9b:45:79:96:8f:18:9f:17:34:
5e:28:ec:3b:05:dc:3f:9b:83:ea:a0:6f:33:88:02:74:2e:51:
b6:10:fe:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw53LrWGXMdCTmD5fU4oqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzlhZjE3MTZkYzQ2MWU1YmIzZjg3NjIxNWJjYjk0ZTg4
MDhiYTAwHhcNMjMwMTAyMDUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzVkNThjNGRjZTdkNWUyMThlZTA4MmQ4MDExMThlODllYThhYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqen1aS2dUsbx0DummjAR2wcE7x+l
6WLR7EZLkvMqfSSeapaUShzDcQbI835Qq6ZsOUCnls1O8Dwp0f8YjeJdsQ2i6EQB
rWpnZvHfqqvnonSjS5SUb5x/Qe4zR7OUC2+p4nEON/1NoM4+FKYFcozEs6fPhSpH
uXr++VeuVJ2At+84FH/xZaGJc0ObQsofYkasTczpE/2Nx/Ixe9XZVUMDvgJVwAS+
xr1AOkA8iEJUnkdmESbL4PbdfFiE4BTWHpKnG/76i4dfng9zQdWOCG0olAF/y84c
ueP7y1x3bUp/j/yyxQb2RUpZcjhrQvGbbs+4MPF/8F1B0Dls0VVAb8po4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOxdWMTc59XiGO4ILYARGOieqKruMB8GA1UdIwQY
MBaAFOR5rxcW3EYeW7P4diFby5TogIugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTIt
MjQxZWFiNjE0ODNmLzEvN0YxWXhOem4xZUlZN2dndGdCRVk2SjZvcXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTItMjQxZWFiNjE0ODNm
LzEvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZgVMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ+xCystQVF5rzGVtKm3gix4pPYY4s5weOq79lxyTv
pSxy9wafghDpht/P4YO0kjPVE8at33f57g6dApgtNxokqcj7GusfB30MhCcFzlR0
osl9hUJHXmgsLzyc+02UuFWuHQd8ARBNbxhskO5rpYtGtUj1/7m7imcv9Q5mxypZ
Ph8xJjFiGB3cbDq0mEsd0DpBWWxucdSxW3+T4fMKu5wUUTSWIbjwLBpFfRL3dE2k
dM+Y59pwmCg9qtL/mFOH6QsfnxBZTuAcrbEQf88fftmO4pFx8hWarIpp1LBnkm4i
wCebRXmWjxifFzReKOw7Bdw/m4PqoG8ziAJ0LlG2EP7+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:15 2025 by rpki-client