Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/Ps9TLTlWesdl217X2MUvEL3bnZg.roa
File: Ps9TLTlWesdl217X2MUvEL3bnZg.roa (raw, json)
Hash identifier: PX0pIeLCV+ngJiCWpJVp0DAkfwmyAJBj4Kw1ByNoqtY=
Subject key identifier: 3E:CF:53:2D:39:56:7A:C7:65:DB:5E:D7:D8:C5:2F:10:BD:DB:9D:98
Certificate issuer: /CN=1fa795167d2d9fb420941f17287bdf3c5eed8df9
Certificate serial: 018AEF99FA2357402D3E2B11D1F8EC299E16
Authority key identifier: 1F:A7:95:16:7D:2D:9F:B4:20:94:1F:17:28:7B:DF:3C:5E:ED:8D:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6eVFn0tn7QglB8XKHvfPF7tjfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/Ps9TLTlWesdl217X2MUvEL3bnZg.roa
Signing time: Mon 02 Oct 2023 08:56:00 +0000
ROA not before: Mon 02 Oct 2023 08:56:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200868
IP address blocks: 213.181.126.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:99:fa:23:57:40:2d:3e:2b:11:d1:f8:ec:29:9e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fa795167d2d9fb420941f17287bdf3c5eed8df9
Validity
Not Before: Oct 2 08:56:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ecf532d39567ac765db5ed7d8c52f10bddb9d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:22:2b:91:c6:1e:fd:78:35:95:6f:31:99:2d:
24:e2:08:4f:46:06:b2:e7:5b:d2:46:21:d1:a2:e4:
7c:60:25:79:29:ea:a6:63:51:a3:36:f4:49:ee:59:
04:04:fd:05:2c:20:6d:84:0e:36:df:19:24:16:f7:
7d:d0:d4:3a:4c:74:63:a3:67:10:ce:2e:23:a9:45:
e8:10:7c:97:d0:54:c1:54:9f:b2:e8:d1:4f:5f:3c:
be:bc:05:47:81:c2:fc:aa:a7:88:dc:03:9d:cf:26:
bb:9d:4b:ab:e9:a8:a3:9e:dc:d3:9e:7e:c9:cf:1e:
08:2b:17:43:01:9a:25:e1:13:2f:04:42:df:47:b3:
30:4d:69:a8:aa:9b:c1:3d:f5:62:08:75:cf:50:3d:
06:4c:fa:d2:4d:8f:ff:36:91:94:21:2a:e0:35:8e:
b4:28:1a:8e:f3:a4:0b:5d:f9:43:4a:86:b9:6f:ef:
1b:f6:1b:a2:e3:95:3a:51:23:49:6c:5a:e5:67:c0:
18:d1:6f:88:c0:1c:9f:ce:1f:c2:14:c9:51:f9:b8:
d6:2b:6d:39:c7:1b:aa:0c:2e:02:8d:d1:72:44:7f:
f6:3a:42:fe:ba:b2:4b:b8:38:27:72:b9:61:ed:a5:
48:6b:40:d5:b9:04:6a:39:e4:e3:19:09:f9:80:53:
0d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:CF:53:2D:39:56:7A:C7:65:DB:5E:D7:D8:C5:2F:10:BD:DB:9D:98
X509v3 Authority Key Identifier:
keyid:1F:A7:95:16:7D:2D:9F:B4:20:94:1F:17:28:7B:DF:3C:5E:ED:8D:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6eVFn0tn7QglB8XKHvfPF7tjfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/Ps9TLTlWesdl217X2MUvEL3bnZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/H6eVFn0tn7QglB8XKHvfPF7tjfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.181.126.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:66:eb:5a:75:da:cf:0e:96:f0:07:ed:13:a3:fc:98:88:1e:
86:a9:c8:8d:b1:ff:03:c7:19:39:e4:20:fa:e7:08:ae:f3:3d:
81:19:df:9a:a9:db:b9:75:81:f6:9d:6d:0c:13:bb:6d:4d:0e:
b7:e1:2b:a4:12:2b:f2:26:1b:55:a3:ed:ab:04:1b:28:e2:40:
77:6a:14:33:b9:52:d6:f5:c1:a7:7b:48:c7:34:c9:d6:4a:0c:
fe:8a:54:30:9a:3c:ad:32:6c:36:55:0d:9c:bd:be:72:8c:0c:
07:60:64:4c:5e:5d:33:06:9c:17:45:2e:fe:82:71:38:fb:05:
c9:b7:7f:3b:74:8c:df:b2:92:6f:ea:28:a5:c8:16:80:2b:90:
13:c3:9c:71:e3:c5:ea:c3:a0:a8:ba:7f:06:1d:8c:8f:67:de:
3f:39:df:ae:d2:c9:05:1c:be:2c:25:33:6d:6f:b9:90:ae:87:
ca:69:99:98:03:cd:6f:86:65:14:fc:14:1c:e8:00:23:81:82:
e6:cb:22:01:48:12:80:d2:96:ce:8a:41:4f:6e:24:ff:76:f8:
e4:4b:c4:02:db:52:c2:8e:a3:a9:fa:1b:20:b4:ec:5d:26:11:
10:bc:c6:66:9f:cc:80:c7:c2:92:31:45:db:cd:94:0d:a1:09:
cf:8c:cd:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrvmfojV0AtPisR0fjsKZ4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYTc5NTE2N2QyZDlmYjQyMDk0MWYxNzI4N2JkZjNjNWVl
ZDhkZjkwHhcNMjMxMDAyMDg1NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWNmNTMyZDM5NTY3YWM3NjVkYjVlZDdkOGM1MmYxMGJkZGI5ZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiIrkcYe/Xg1lW8xmS0k4ghPRgay
51vSRiHRouR8YCV5KeqmY1GjNvRJ7lkEBP0FLCBthA423xkkFvd90NQ6THRjo2cQ
zi4jqUXoEHyX0FTBVJ+y6NFPXzy+vAVHgcL8qqeI3AOdzya7nUur6aijntzTnn7J
zx4IKxdDAZol4RMvBELfR7MwTWmoqpvBPfViCHXPUD0GTPrSTY//NpGUISrgNY60
KBqO86QLXflDSoa5b+8b9hui45U6USNJbFrlZ8AY0W+IwByfzh/CFMlR+bjWK205
xxuqDC4CjdFyRH/2OkL+urJLuDgncrlh7aVIa0DVuQRqOeTjGQn5gFMNlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD7PUy05VnrHZdte19jFLxC9252YMB8GA1UdIwQY
MBaAFB+nlRZ9LZ+0IJQfFyh73zxe7Y35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZlVkZuMHRuN1FnbEI4WEtIdmZQRjd0amZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84MzUzNWEtZTFiZC00ZmI3LTlmMDkt
N2I3ZTk3NmM4NDEyLzEvUHM5VExUbFdlc2RsMjE3WDJNVXZFTDNiblpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84MzUzNWEtZTFiZC00ZmI3LTlmMDktN2I3ZTk3NmM4NDEy
LzEvSDZlVkZuMHRuN1FnbEI4WEtIdmZQRjd0amZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1bV+MA0G
CSqGSIb3DQEBCwUAA4IBAQAsZutaddrPDpbwB+0To/yYiB6GqciNsf8Dxxk55CD6
5wiu8z2BGd+aqdu5dYH2nW0ME7ttTQ634SukEivyJhtVo+2rBBso4kB3ahQzuVLW
9cGne0jHNMnWSgz+ilQwmjytMmw2VQ2cvb5yjAwHYGRMXl0zBpwXRS7+gnE4+wXJ
t387dIzfspJv6iilyBaAK5ATw5xx48Xqw6Coun8GHYyPZ94/Od+u0skFHL4sJTNt
b7mQrofKaZmYA81vhmUU/BQc6AAjgYLmyyIBSBKA0pbOikFPbiT/dvjkS8QC21LC
jqOp+hsgtOxdJhEQvMZmn8yAx8KSMUXbzZQNoQnPjM01
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:10:05 2025 by rpki-client