Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/RvPSkuZCKoDsX7C76CN_iKNTUMQ.roa
File: RvPSkuZCKoDsX7C76CN_iKNTUMQ.roa (raw, json)
Hash identifier: 9/Y3yrLdR/R9QwrEp+I/ixYyw8+Dpxy1LJBhYeHVdUw=
Subject key identifier: 46:F3:D2:92:E6:42:2A:80:EC:5F:B0:BB:E8:23:7F:88:A3:53:50:C4
Certificate issuer: /CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Certificate serial: 018572034243B813A6C478728A001792A99F
Authority key identifier: 50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/RvPSkuZCKoDsX7C76CN_iKNTUMQ.roa
Signing time: Mon 02 Jan 2023 10:24:54 +0000
ROA not before: Mon 02 Jan 2023 10:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12813
IP address blocks: 212.11.224.0/24 maxlen: 24
212.11.224.0/19 maxlen: 19
212.11.226.0/24 maxlen: 24
212.11.225.0/24 maxlen: 24
212.11.227.0/24 maxlen: 24
2a00:1278::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:42:43:b8:13:a6:c4:78:72:8a:00:17:92:a9:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50264c3f09831ccd889712f4fab5c5b1be0cad56
Validity
Not Before: Jan 2 10:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46f3d292e6422a80ec5fb0bbe8237f88a35350c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a0:33:51:24:73:59:db:58:78:64:4d:4d:f9:
bf:ee:9a:ba:8d:8b:d3:d4:aa:f2:38:1d:aa:dd:e6:
d9:79:9e:a0:35:12:53:01:8e:de:4d:c5:a1:de:fc:
05:61:20:3d:c1:47:f4:ee:bc:af:e5:2e:8b:dc:cb:
aa:1c:f8:aa:91:24:95:6d:f9:98:ae:b5:1e:64:25:
2d:10:1a:b8:8d:01:7e:f5:1d:f7:34:ab:08:3e:b0:
51:25:6d:30:c7:2e:fa:3e:2a:e2:dc:c5:5a:dc:6b:
e9:8c:19:64:16:1c:c2:c4:46:30:10:19:bf:0e:91:
1d:a6:3c:04:2c:97:9d:03:5a:81:68:9f:1e:9a:7d:
4f:0d:93:fe:97:a6:2e:96:9c:1a:41:9a:1b:cb:35:
e2:b0:70:e5:4b:77:89:58:23:72:22:b0:76:bd:a5:
ac:80:0a:22:2d:32:1d:d3:73:ae:d9:e1:75:e6:fb:
4b:35:36:bc:d7:91:f8:20:30:65:5d:88:3a:e2:78:
f4:73:aa:bb:f9:0f:ea:62:04:fe:89:64:68:b3:7e:
42:ee:ca:76:50:4d:a1:bc:e3:c6:6a:7d:13:2b:35:
ea:03:0c:c9:4a:fc:3b:61:98:ae:05:69:4a:59:65:
c9:d9:c9:2e:1e:47:4b:b3:b2:aa:34:b5:f7:29:da:
7a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F3:D2:92:E6:42:2A:80:EC:5F:B0:BB:E8:23:7F:88:A3:53:50:C4
X509v3 Authority Key Identifier:
keyid:50:26:4C:3F:09:83:1C:CD:88:97:12:F4:FA:B5:C5:B1:BE:0C:AD:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCZMPwmDHM2IlxL0-rXFsb4MrVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/RvPSkuZCKoDsX7C76CN_iKNTUMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/01835f-504f-45bd-a052-714f9626d021/1/UCZMPwmDHM2IlxL0-rXFsb4MrVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.224.0/19
IPv6:
2a00:1278::/32
Signature Algorithm: sha256WithRSAEncryption
9d:69:8b:6e:4c:59:bc:41:74:8e:80:a1:0e:7b:dd:5d:96:93:
e8:a8:70:3d:b8:a4:dd:ca:f5:57:b1:94:20:02:5d:25:31:a9:
92:a4:22:65:3d:50:dd:fe:39:fa:e0:5f:28:71:3f:5c:0d:c2:
59:67:79:b1:5c:93:f7:4e:25:d1:71:e1:c5:c6:37:1f:25:e6:
7a:04:62:e9:1f:a2:39:17:d5:75:82:d6:cb:78:d5:4b:c7:15:
f6:b0:af:32:46:e7:0f:5d:07:3c:cf:84:c4:4d:61:58:f4:c9:
63:60:c4:fb:68:64:e1:39:e1:0b:86:5f:14:1c:27:0e:a7:2b:
a6:07:b6:c9:e0:a2:2b:d5:72:1c:66:1b:f9:e1:1e:63:dc:9a:
e4:83:5b:32:df:75:38:d5:e3:1d:e6:e4:de:3a:7a:b0:62:de:
b0:d1:8e:38:e7:af:f3:75:76:2e:b1:99:f6:08:3f:7a:83:24:
77:ef:f5:8b:43:4c:c8:30:b0:4b:78:39:16:8f:77:7c:01:28:
16:9b:2e:88:35:d3:e8:8e:6b:a8:3f:f6:f3:ff:b8:bc:f6:ef:
7e:d5:54:6e:59:83:77:6a:f5:57:c4:f0:11:c2:59:ae:00:7c:
fd:43:cc:66:f5:a7:40:f5:bf:ec:14:8a:40:e1:75:07:e1:96:
96:d7:9f:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyA0JDuBOmxHhyigAXkqmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMjY0YzNmMDk4MzFjY2Q4ODk3MTJmNGZhYjVjNWIxYmUw
Y2FkNTYwHhcNMjMwMTAyMTAyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmYzZDI5MmU2NDIyYTgwZWM1ZmIwYmJlODIzN2Y4OGEzNTM1MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqAzUSRzWdtYeGRNTfm/7pq6jYvT
1KryOB2q3ebZeZ6gNRJTAY7eTcWh3vwFYSA9wUf07ryv5S6L3MuqHPiqkSSVbfmY
rrUeZCUtEBq4jQF+9R33NKsIPrBRJW0wxy76Piri3MVa3GvpjBlkFhzCxEYwEBm/
DpEdpjwELJedA1qBaJ8emn1PDZP+l6YulpwaQZobyzXisHDlS3eJWCNyIrB2vaWs
gAoiLTId03Ou2eF15vtLNTa815H4IDBlXYg64nj0c6q7+Q/qYgT+iWRos35C7sp2
UE2hvOPGan0TKzXqAwzJSvw7YZiuBWlKWWXJ2ckuHkdLs7KqNLX3Kdp6qwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEbz0pLmQiqA7F+wu+gjf4ijU1DEMB8GA1UdIwQY
MBaAFFAmTD8JgxzNiJcS9Pq1xbG+DK1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTIt
NzE0Zjk2MjZkMDIxLzEvUnZQU2t1WkNLb0RzWDdDNzZDTl9pS05UVU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMTgzNWYtNTA0Zi00NWJkLWEwNTItNzE0Zjk2MjZkMDIx
LzEvVUNaTVB3bURITTJJbHhMMC1yWEZzYjRNclZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1AvgMA0E
AgACMAcDBQAqABJ4MA0GCSqGSIb3DQEBCwUAA4IBAQCdaYtuTFm8QXSOgKEOe91d
lpPoqHA9uKTdyvVXsZQgAl0lMamSpCJlPVDd/jn64F8ocT9cDcJZZ3mxXJP3TiXR
ceHFxjcfJeZ6BGLpH6I5F9V1gtbLeNVLxxX2sK8yRucPXQc8z4TETWFY9MljYMT7
aGThOeELhl8UHCcOpyumB7bJ4KIr1XIcZhv54R5j3Jrkg1sy33U41eMd5uTeOnqw
Yt6w0Y4456/zdXYusZn2CD96gyR37/WLQ0zIMLBLeDkWj3d8ASgWmy6INdPojmuo
P/bz/7i89u9+1VRuWYN3avVXxPARwlmuAHz9Q8xm9adA9b/sFIpA4XUH4ZaW158H
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:05:14 2025 by rpki-client