Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/0oXpRu4I7B93Y8GeZZRboWhy2FY.roa
File: 0oXpRu4I7B93Y8GeZZRboWhy2FY.roa (raw, json)
Hash identifier: fG0v62k6xbZsE5mpjkDtfuf7jAhnGp5u0CL0PnEGoVw=
Subject key identifier: D2:85:E9:46:EE:08:EC:1F:77:63:C1:9E:65:94:5B:A1:68:72:D8:56
Certificate issuer: /CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Certificate serial: 01881037FB33B8A70719210837BF9EAD7E52
Authority key identifier: 50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/0oXpRu4I7B93Y8GeZZRboWhy2FY.roa
Signing time: Fri 12 May 2023 13:48:04 +0000
ROA not before: Fri 12 May 2023 13:48:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12813
IP address blocks: 212.11.224.0/24 maxlen: 24
212.11.224.0/19 maxlen: 19
212.11.226.0/24 maxlen: 24
212.11.225.0/24 maxlen: 24
212.11.227.0/24 maxlen: 24
212.11.240.0/24 maxlen: 24
212.11.241.0/24 maxlen: 24
2a00:1278::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:37:fb:33:b8:a7:07:19:21:08:37:bf:9e:ad:7e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Validity
Not Before: May 12 13:48:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d285e946ee08ec1f7763c19e65945ba16872d856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ab:46:58:4d:ec:ac:c5:1d:f6:8a:3d:10:8f:
19:c0:72:0d:04:55:d8:28:54:fe:16:16:66:5d:78:
1c:92:71:a4:df:2d:50:af:de:71:71:16:ad:c1:1d:
02:be:8b:39:3b:8f:c7:b0:37:80:50:04:5d:35:9d:
a4:12:89:3d:32:7a:6b:8e:7a:36:90:47:8b:34:9d:
6c:69:cb:2e:52:84:44:41:6e:b6:37:8c:bd:ce:44:
57:fd:d4:c1:93:1c:cf:52:51:59:c7:07:bb:f0:cc:
10:d4:8b:de:de:a2:a5:c2:d4:f5:a9:ad:cb:c9:6d:
4b:96:97:65:8e:95:86:98:a4:6c:ff:b7:ed:41:51:
f3:c0:95:5d:b1:1c:d9:51:ae:00:83:86:0b:00:e9:
ca:e8:72:ef:3d:87:6f:ba:5a:2b:a2:ef:bb:d7:da:
36:2c:79:01:37:f1:19:e1:59:a7:8d:e1:04:9b:4b:
14:ff:68:f5:c1:e4:ec:6f:69:59:b8:dd:26:10:bd:
81:d5:da:d7:ab:67:1c:4f:f9:8a:4b:82:cd:1d:3a:
96:68:89:b3:dd:62:bb:24:d8:c7:cb:01:35:62:ff:
17:c0:f2:7b:5b:76:f3:2e:cd:20:12:a9:82:c2:63:
1c:e9:a3:58:f7:12:f1:b8:f7:6c:41:97:4d:3e:ad:
46:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:85:E9:46:EE:08:EC:1F:77:63:C1:9E:65:94:5B:A1:68:72:D8:56
X509v3 Authority Key Identifier:
keyid:50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/0oXpRu4I7B93Y8GeZZRboWhy2FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/UCZMPwmDHM2IlxL0-rXFsb4MrVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.224.0/19
IPv6:
2a00:1278::/32
Signature Algorithm: sha256WithRSAEncryption
13:22:5c:a9:e9:db:5f:c2:9b:84:5f:77:3a:16:b2:10:8b:54:
d7:d1:ce:ae:ee:95:da:bc:b7:f7:3c:67:85:be:31:e4:91:5b:
ab:7b:b6:a2:36:d8:c1:d2:6e:f2:cc:31:a4:c8:a7:54:19:14:
7d:22:f1:af:cf:3b:98:46:36:8b:aa:da:f1:87:ec:b3:a0:f4:
1e:d8:2f:9d:2c:da:41:36:a4:b5:f4:b1:f2:5f:ac:dc:82:5d:
80:ff:a6:6c:ec:a9:9b:48:73:0c:41:a1:ea:97:57:06:ad:89:
f7:50:ad:a2:9d:78:1c:ed:49:2b:f3:f5:e2:12:4a:69:32:b5:
ec:a8:c0:6e:22:b4:16:43:12:81:b6:b4:da:44:a6:e8:52:fb:
4c:fe:34:73:df:75:f2:2a:bd:04:d3:2c:ed:bf:30:c3:6c:b1:
bb:f2:9d:2b:73:52:e3:5a:8f:36:75:ca:96:17:aa:e9:51:e5:
55:e1:19:19:a9:d8:e5:b2:ad:41:a7:f5:af:a4:f7:69:63:66:
33:8e:cf:82:60:3a:44:31:86:f3:65:89:3e:d7:03:09:75:2b:
b4:29:b6:1d:37:85:48:35:cd:98:83:26:85:fc:5c:e0:28:21:
d2:05:5c:af:e9:19:e5:99:30:1a:92:50:2a:8d:38:ab:41:d6:
9b:80:99:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgQN/szuKcHGSEIN7+erX5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMjY0YzNmMDk4MzFjY2Q4ODk3MTJmNGZhYjVjNWIxYmUw
Y2FkNTYwHhcNMjMwNTEyMTM0ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjg1ZTk0NmVlMDhlYzFmNzc2M2MxOWU2NTk0NWJhMTY4NzJkODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlatGWE3srMUd9oo9EI8ZwHINBFXY
KFT+FhZmXXgcknGk3y1Qr95xcRatwR0Cvos5O4/HsDeAUARdNZ2kEok9Mnprjno2
kEeLNJ1sacsuUoREQW62N4y9zkRX/dTBkxzPUlFZxwe78MwQ1Ive3qKlwtT1qa3L
yW1LlpdljpWGmKRs/7ftQVHzwJVdsRzZUa4Ag4YLAOnK6HLvPYdvulorou+719o2
LHkBN/EZ4VmnjeEEm0sU/2j1weTsb2lZuN0mEL2B1drXq2ccT/mKS4LNHTqWaImz
3WK7JNjHywE1Yv8XwPJ7W3bzLs0gEqmCwmMc6aNY9xLxuPdsQZdNPq1GmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNKF6UbuCOwfd2PBnmWUW6FocthWMB8GA1UdIwQY
MBaAFFAmTD8JgxzNiJcS9Pq1xbG+DK1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTIt
NzE0Zjk2MjZkMDIxLzEvMG9YcFJ1NEk3QjkzWThHZVpaUmJvV2h5MkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTItNzE0Zjk2MjZkMDIx
LzEvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1AvgMA0E
AgACMAcDBQAqABJ4MA0GCSqGSIb3DQEBCwUAA4IBAQATIlyp6dtfwpuEX3c6FrIQ
i1TX0c6u7pXavLf3PGeFvjHkkVure7aiNtjB0m7yzDGkyKdUGRR9IvGvzzuYRjaL
qtrxh+yzoPQe2C+dLNpBNqS19LHyX6zcgl2A/6Zs7KmbSHMMQaHql1cGrYn3UK2i
nXgc7Ukr8/XiEkppMrXsqMBuIrQWQxKBtrTaRKboUvtM/jRz33XyKr0E0yztvzDD
bLG78p0rc1LjWo82dcqWF6rpUeVV4RkZqdjlsq1Bp/WvpPdpY2Yzjs+CYDpEMYbz
ZYk+1wMJdSu0KbYdN4VINc2YgyaF/FzgKCHSBVyv6RnlmTAaklAqjTirQdabgJkd
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:26:48 2025 by rpki-client