Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/fYJ19UKoEHV0xgYM72OD5Zgh_dI.roa
File: fYJ19UKoEHV0xgYM72OD5Zgh_dI.roa (raw, json)
Hash identifier: zzUlh5GhdZhJpucbCv7gbod1npcFl51VSADDJcW96sU=
Subject key identifier: 7D:82:75:F5:42:A8:10:75:74:C6:06:0C:EF:63:83:E5:98:21:FD:D2
Certificate issuer: /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial: 02E628CD
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/fYJ19UKoEHV0xgYM72OD5Zgh_dI.roa
Signing time: Sat 01 Jan 2022 03:59:33 +0000
ROA not before: Sat 01 Jan 2022 03:59:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2600
IP address blocks: 212.109.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48638157 (0x2e628cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
Validity
Not Before: Jan 1 03:59:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d8275f542a8107574c6060cef6383e59821fdd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c0:a6:73:56:73:a8:90:ba:3a:37:24:40:f8:
07:43:33:66:8a:09:b8:05:75:eb:8d:67:86:17:ff:
1c:7f:23:63:f0:d0:c0:ca:31:8a:2f:4c:b4:5b:65:
8d:a5:aa:dd:da:f4:76:20:91:02:fc:11:85:08:80:
86:88:a2:39:a7:ec:1c:a7:53:17:18:f0:fb:51:22:
a4:bd:a5:be:2c:d3:78:17:15:68:61:a7:e0:f6:e3:
32:65:c6:02:a1:8e:67:2b:b6:68:71:f0:d9:c1:b6:
8e:b8:33:81:7a:08:3e:bc:ab:6c:0c:48:2f:4d:8f:
c1:e5:a0:4a:eb:b8:9c:80:fa:58:d7:05:38:ba:b6:
f6:55:5e:d1:74:e4:6f:0f:40:28:f4:c4:5f:c6:e7:
3c:07:45:66:0b:9f:fa:f3:d9:a9:54:53:d0:5c:c3:
96:3a:46:38:5d:24:4d:18:b6:13:ef:27:50:61:11:
bc:4d:0f:7b:a5:c5:3d:a4:41:6a:dc:95:80:92:88:
6d:9b:3a:f9:20:4e:9f:d6:98:5a:6e:5e:4b:23:4d:
4b:a8:60:13:9a:85:8e:ed:38:85:28:13:6c:98:4f:
28:c3:3a:e4:d6:ad:2d:6b:89:21:28:44:19:02:b1:
fe:50:8c:b6:33:4b:2f:68:63:88:89:29:92:89:1b:
09:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:82:75:F5:42:A8:10:75:74:C6:06:0C:EF:63:83:E5:98:21:FD:D2
X509v3 Authority Key Identifier:
keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/fYJ19UKoEHV0xgYM72OD5Zgh_dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.109.224.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:7d:f3:72:2e:1f:79:0c:0c:78:17:44:fd:f0:fe:f7:33:4f:
e0:ad:76:ea:ed:58:e1:53:33:45:21:5e:4c:57:14:44:e2:85:
5e:53:7b:bb:9c:28:71:24:28:3e:e6:39:e4:92:2f:3a:14:be:
78:1b:b4:b9:af:7f:d6:fd:a1:d2:8b:8a:a4:20:6f:97:0e:65:
58:c7:f3:24:5a:bf:ad:b8:21:49:b5:91:af:8e:3a:aa:04:1a:
19:6e:fa:46:8e:a5:ab:a4:3e:c5:6e:d5:13:5c:70:2d:f9:97:
0f:82:b2:b5:79:7f:73:f5:0c:1f:0a:0a:37:71:00:03:1d:a0:
f8:be:50:c0:8c:df:a8:0e:18:ba:99:51:a6:16:4f:0f:1e:25:
cf:9c:c5:d9:ad:e6:cf:38:d4:5e:3e:d0:5f:3a:71:ce:3e:3e:
c2:65:7b:e6:48:3a:85:b4:36:2c:b5:7d:35:20:e1:f0:09:9d:
b7:ad:a4:55:94:df:cc:f4:5f:a9:cf:21:dc:c4:1b:ea:f9:dc:
87:c0:79:08:85:5f:92:52:35:46:ad:5f:e6:0a:a1:11:31:6f:
6f:5f:b8:04:9b:bd:6a:ac:8e:cf:dc:fa:11:e8:5e:e0:1b:af:
56:f9:c2:af:dc:fb:06:31:6d:49:03:07:2c:87:39:94:42:76:
33:28:74:d6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAuYozTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODE5OTU2ZGRjZWFlMDIyY2ZlMTIzZGEzNzNjNmIxMTE2NDAzNjhkMB4XDTIyMDEw
MTAzNTkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q4Mjc1ZjU0MmE4
MTA3NTc0YzYwNjBjZWY2MzgzZTU5ODIxZmRkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/ApnNWc6iQujo3JED4B0MzZooJuAV1641nhhf/HH8jY/DQ
wMoxii9MtFtljaWq3dr0diCRAvwRhQiAhoiiOafsHKdTFxjw+1EipL2lvizTeBcV
aGGn4PbjMmXGAqGOZyu2aHHw2cG2jrgzgXoIPryrbAxIL02PweWgSuu4nID6WNcF
OLq29lVe0XTkbw9AKPTEX8bnPAdFZguf+vPZqVRT0FzDljpGOF0kTRi2E+8nUGER
vE0Pe6XFPaRBatyVgJKIbZs6+SBOn9aYWm5eSyNNS6hgE5qFju04hSgTbJhPKMM6
5NatLWuJIShEGQKx/lCMtjNLL2hjiIkpkokbCakCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR9gnX1QqgQdXTGBgzvY4PlmCH90jAfBgNVHSMEGDAWgBSIGZVt3OrgIs/h
I9o3PGsRFkA2jTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lCbVZiZHpxNENMUDRTUGFOenhyRVJaQU5vMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvOTg4NzY4LWYxN2ItNGY1OS1iZTA5LTJkZWIxNGMyOTBlZC8x
L2ZZSjE5VUtvRUhWMHhnWU03Mk9ENVpnaF9kSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
OTg4NzY4LWYxN2ItNGY1OS1iZTA5LTJkZWIxNGMyOTBlZC8xL2lCbVZiZHpxNENM
UDRTUGFOenhyRVJaQU5vMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRt4DANBgkqhkiG9w0BAQsFAAOC
AQEAbH3zci4feQwMeBdE/fD+9zNP4K126u1Y4VMzRSFeTFcUROKFXlN7u5wocSQo
PuY55JIvOhS+eBu0ua9/1v2h0ouKpCBvlw5lWMfzJFq/rbghSbWRr446qgQaGW76
Ro6lq6Q+xW7VE1xwLfmXD4KytXl/c/UMHwoKN3EAAx2g+L5QwIzfqA4YuplRphZP
Dx4lz5zF2a3mzzjUXj7QXzpxzj4+wmV75kg6hbQ2LLV9NSDh8Amdt62kVZTfzPRf
qc8h3MQb6vnch8B5CIVfklI1Rq1f5gqhETFvb1+4BJu9aqyOz9z6Eehe4BuvVvnC
r9z7BjFtSQMHLIc5lEJ2Myh01g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:33 2024 by rpki-client on console-fra.rpki-client.org