Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/MpQNSRrse6BsBHq1OgPqkFHo8cA.roa
File: MpQNSRrse6BsBHq1OgPqkFHo8cA.roa (raw, json)
Hash identifier: X1bnHg9A9zHbtX7ojk1PYvPW+jh5RbSRFo21rQg/gPM=
Subject key identifier: 32:94:0D:49:1A:EC:7B:A0:6C:04:7A:B5:3A:03:EA:90:51:E8:F1:C0
Certificate issuer: /CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Certificate serial: 446720EC
Authority key identifier: E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/MpQNSRrse6BsBHq1OgPqkFHo8cA.roa
Signing time: Sat 01 Jan 2022 08:03:07 +0000
ROA not before: Sat 01 Jan 2022 08:03:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199027
IP address blocks: 213.152.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1147609324 (0x446720ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Validity
Not Before: Jan 1 08:03:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32940d491aec7ba06c047ab53a03ea9051e8f1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2b:f0:63:58:fa:4c:c6:ee:c9:0b:2a:4b:7c:
f4:5f:2f:73:80:8c:46:84:ee:76:39:f7:64:01:28:
86:ef:99:95:47:35:03:30:c0:bc:1b:87:70:68:07:
0e:04:95:f2:54:d5:55:a6:0b:a8:92:1f:1e:bf:ed:
3f:b1:3e:91:b1:5c:1c:2c:a9:ae:da:3e:95:47:a2:
a6:e5:dc:ed:9f:38:d8:b3:28:0d:1c:25:79:01:81:
22:e5:0d:05:79:a6:ef:29:fe:2f:a4:90:8e:da:7e:
f4:51:a9:d6:da:ac:e3:2f:94:a0:a7:32:75:24:ff:
a8:06:27:bb:d7:bc:2a:ed:bc:96:ab:55:fa:f8:82:
4d:b1:59:56:73:c3:02:8f:f1:09:bf:17:01:6e:6a:
56:a1:36:4e:d6:98:af:5c:40:06:c0:17:b9:47:79:
90:b8:1a:3f:3d:c7:96:b6:ce:9f:a6:44:86:ee:1d:
79:7f:66:14:65:cc:47:1b:2d:74:a6:a0:e5:4f:bb:
96:37:6a:32:43:1f:8c:6d:a9:71:4e:d7:b0:92:50:
0e:de:e7:c3:9d:a4:97:36:d3:57:56:cd:4c:60:20:
f0:f6:43:0b:91:49:ef:35:00:ac:37:f6:25:4e:19:
54:96:4a:29:00:63:ce:4e:c1:4b:b0:11:71:fb:9e:
b7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:94:0D:49:1A:EC:7B:A0:6C:04:7A:B5:3A:03:EA:90:51:E8:F1:C0
X509v3 Authority Key Identifier:
keyid:E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/MpQNSRrse6BsBHq1OgPqkFHo8cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.152.21.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:0e:84:72:09:7d:ad:de:70:34:bd:ea:0f:91:12:63:a8:d4:
1d:3c:89:e0:21:3d:a3:bb:b5:bf:fb:18:22:ed:bb:f2:42:d5:
05:60:bf:b6:39:7c:8b:76:47:3f:a6:68:86:24:2a:79:91:c9:
a8:76:24:12:e5:3f:39:cb:22:e8:9e:0b:a9:48:4f:c7:2f:d9:
08:ef:58:4a:e2:ab:a7:ce:80:48:cc:76:4c:7d:1f:d7:ff:55:
1a:03:e2:c1:86:48:85:3d:53:c8:3b:56:42:ec:05:f1:99:ee:
b9:08:4c:bb:85:39:d2:4a:4c:f8:a9:cd:e3:7a:21:90:fa:a7:
ab:12:c6:0a:6d:f4:47:27:73:0e:6e:fe:c8:6b:f5:51:e4:e1:
90:85:af:ec:0d:b9:43:69:2e:b4:6b:d5:eb:be:b6:cb:00:74:
82:0a:37:a6:d6:73:1a:0c:9d:34:40:ee:80:a3:c2:aa:37:cd:
3a:2e:ea:03:97:66:ea:f8:06:12:4b:f3:ff:cc:85:b3:76:f3:
b9:7f:41:5f:7d:fd:d0:02:8e:32:00:6e:34:a2:aa:6a:8c:23:
12:98:99:49:1f:9e:3f:b5:81:d9:df:54:1e:55:15:89:54:bb:
fa:5c:0a:ef:10:db:63:e9:5c:64:f4:b5:08:bf:9a:16:d2:58:
3c:3a:c9:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIERGcg7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDc5YWYxNzE2ZGM0NjFlNWJiM2Y4NzYyMTViY2I5NGU4ODA4YmEwMB4XDTIyMDEw
MTA4MDMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI5NDBkNDkxYWVj
N2JhMDZjMDQ3YWI1M2EwM2VhOTA1MWU4ZjFjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8r8GNY+kzG7skLKkt89F8vc4CMRoTudjn3ZAEohu+ZlUc1
AzDAvBuHcGgHDgSV8lTVVaYLqJIfHr/tP7E+kbFcHCyprto+lUeipuXc7Z842LMo
DRwleQGBIuUNBXmm7yn+L6SQjtp+9FGp1tqs4y+UoKcydST/qAYnu9e8Ku28lqtV
+viCTbFZVnPDAo/xCb8XAW5qVqE2TtaYr1xABsAXuUd5kLgaPz3HlrbOn6ZEhu4d
eX9mFGXMRxstdKag5U+7ljdqMkMfjG2pcU7XsJJQDt7nw52klzbTV1bNTGAg8PZD
C5FJ7zUArDf2JU4ZVJZKKQBjzk7BS7ARcfuet1MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQylA1JGux7oGwEerU6A+qQUejxwDAfBgNVHSMEGDAWgBTkea8XFtxGHluz
+HYhW8uU6ICLoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVIbXZGeGJjUmg1YnNfaDJJVnZMbE9pQWk2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvNjMyOTlhLTg2YjItNDlmZi1iNmUyLTI0MWVhYjYxNDgzZi8x
L01wUU5TUnJzZTZCc0JIcTFPZ1Bxa0ZIbzhjQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
NjMyOTlhLTg2YjItNDlmZi1iNmUyLTI0MWVhYjYxNDgzZi8xLzVIbXZGeGJjUmg1
YnNfaDJJVnZMbE9pQWk2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWYFTANBgkqhkiG9w0BAQsFAAOC
AQEAfg6Ecgl9rd5wNL3qD5ESY6jUHTyJ4CE9o7u1v/sYIu278kLVBWC/tjl8i3ZH
P6ZohiQqeZHJqHYkEuU/Ocsi6J4LqUhPxy/ZCO9YSuKrp86ASMx2TH0f1/9VGgPi
wYZIhT1TyDtWQuwF8ZnuuQhMu4U50kpM+KnN43ohkPqnqxLGCm30RydzDm7+yGv1
UeThkIWv7A25Q2kutGvV6762ywB0ggo3ptZzGgydNEDugKPCqjfNOi7qA5dm6vgG
Ekvz/8yFs3bzuX9BX3390AKOMgBuNKKqaowjEpiZSR+eP7WB2d9UHlUViVS7+lwK
7xDbY+lcZPS1CL+aFtJYPDrJpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:36 2024 by rpki-client on console-ams.rpki-client.org