Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/u0KGKCWxBhaFDwCfVe3oc0uj3AY.roa
File: u0KGKCWxBhaFDwCfVe3oc0uj3AY.roa (raw, json)
Hash identifier: J/NfGKCaVycYvOhzU6PNY2/t4lVkq6dV4UBYxcVbKXg=
Subject key identifier: BB:42:86:28:25:B1:06:16:85:0F:00:9F:55:ED:E8:73:4B:A3:DC:06
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 11625912
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/u0KGKCWxBhaFDwCfVe3oc0uj3AY.roa
Signing time: Sat 01 Jan 2022 05:57:06 +0000
ROA not before: Sat 01 Jan 2022 05:57:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19437
IP address blocks: 212.60.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 291658002 (0x11625912)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 05:57:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb42862825b10616850f009f55ede8734ba3dc06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6e:a5:ef:e3:e8:c2:ed:8f:7b:63:e2:a3:e7:
81:99:7f:ab:56:bb:c4:46:61:97:8c:75:a9:03:8a:
7b:da:8e:10:49:b6:c3:4a:3b:8e:fc:f3:b3:4b:21:
31:90:1c:88:02:d8:1a:d4:ae:eb:b6:7e:c6:f8:6b:
32:84:ae:12:81:4a:3c:7d:a8:58:19:d4:25:df:33:
b0:73:ff:d8:b3:6d:67:ff:ed:b3:46:43:15:ac:b6:
e5:7f:6c:36:2c:4b:94:a5:c5:64:3b:6d:cc:be:8f:
a8:ae:9a:c4:32:6d:c1:9f:19:bf:36:e9:71:1e:d6:
3c:9d:07:f6:47:39:93:7d:62:12:bd:91:9b:dc:e5:
26:4c:73:7e:5c:86:2c:52:43:e0:7c:20:da:4e:07:
dc:b9:9f:0f:3a:4e:c7:d6:91:d5:7c:24:ae:1f:15:
dc:79:57:de:b0:b1:58:e0:72:eb:79:84:23:16:12:
72:6a:1e:40:45:a9:c4:c2:46:e8:3a:bb:0a:e8:e9:
25:5c:fd:1d:ac:86:8e:43:68:7b:d1:03:80:5e:b1:
44:6d:fd:10:29:c0:81:1b:6d:6f:0d:0d:b7:52:e1:
ed:1c:56:07:01:b2:cf:8a:28:0a:0d:61:bb:70:8f:
6e:f6:ef:ea:ca:c6:67:57:b4:6a:af:dc:86:fa:e5:
04:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:42:86:28:25:B1:06:16:85:0F:00:9F:55:ED:E8:73:4B:A3:DC:06
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/u0KGKCWxBhaFDwCfVe3oc0uj3AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
13:92:1b:a6:f7:3d:b4:bf:5a:73:40:c1:85:e5:5b:46:45:b5:
29:e3:f8:e7:20:6f:d8:0a:a9:f0:16:a1:44:0a:ca:16:15:6d:
b3:54:60:10:b1:30:17:8c:cc:a6:49:b5:79:59:a3:bd:de:17:
4e:98:39:01:ec:16:df:6e:b9:4a:1c:14:e8:bb:dd:37:28:4e:
eb:b5:bc:4b:d5:07:cf:73:be:af:e8:94:38:1c:98:ae:cf:4b:
c9:de:e0:aa:1d:02:f1:35:c7:5c:63:4c:db:0e:b1:a0:c9:60:
f0:1c:59:c9:2d:29:99:60:78:43:82:b3:fe:72:e7:76:b8:f8:
34:8d:6e:85:c4:63:67:93:55:19:b6:d1:7c:ec:bb:68:e0:98:
c4:1b:9b:0c:ed:7c:02:82:7b:33:d7:a4:f7:47:c4:52:da:d3:
28:c6:52:f5:d3:b2:f0:6c:32:d1:c6:d9:39:4f:8d:7a:89:53:
f2:46:13:32:da:c7:d7:c8:c8:29:4e:44:cb:82:1a:2f:b0:62:
81:6d:70:80:34:a7:d4:b6:81:7a:4c:11:b3:13:07:d2:24:b1:
bf:b9:36:94:2f:59:1b:bb:ad:ae:15:74:35:e1:b2:fb:3f:7c:
1d:4a:88:c6:e7:df:0b:88:ae:ea:1d:b5:8f:a7:73:5a:4b:4b:
84:51:80:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEWJZEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDEw
MTA1NTcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI0Mjg2MjgyNWIx
MDYxNjg1MGYwMDlmNTVlZGU4NzM0YmEzZGMwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNupe/j6MLtj3tj4qPngZl/q1a7xEZhl4x1qQOKe9qOEEm2
w0o7jvzzs0shMZAciALYGtSu67Z+xvhrMoSuEoFKPH2oWBnUJd8zsHP/2LNtZ//t
s0ZDFay25X9sNixLlKXFZDttzL6PqK6axDJtwZ8ZvzbpcR7WPJ0H9kc5k31iEr2R
m9zlJkxzflyGLFJD4Hwg2k4H3LmfDzpOx9aR1Xwkrh8V3HlX3rCxWOBy63mEIxYS
cmoeQEWpxMJG6Dq7CujpJVz9HayGjkNoe9EDgF6xRG39ECnAgRttbw0Nt1Lh7RxW
BwGyz4ooCg1hu3CPbvbv6srGZ1e0aq/chvrlBGcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7QoYoJbEGFoUPAJ9V7ehzS6PcBjAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L3UwS0dLQ1d4QmhhRkR3Q2ZWZTNvYzB1ajNBWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQ8FzANBgkqhkiG9w0BAQsFAAOC
AQEAE5Ibpvc9tL9ac0DBheVbRkW1KeP45yBv2Aqp8BahRArKFhVts1RgELEwF4zM
pkm1eVmjvd4XTpg5AewW3265ShwU6LvdNyhO67W8S9UHz3O+r+iUOByYrs9Lyd7g
qh0C8TXHXGNM2w6xoMlg8BxZyS0pmWB4Q4Kz/nLndrj4NI1uhcRjZ5NVGbbRfOy7
aOCYxBubDO18AoJ7M9ek90fEUtrTKMZS9dOy8Gwy0cbZOU+NeolT8kYTMtrH18jI
KU5Ey4IaL7BigW1wgDSn1LaBekwRsxMH0iSxv7k2lC9ZG7utrhV0NeGy+z98HUqI
xuffC4iu6h21j6dzWktLhFGA3A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:55 2023 by rpki-client on console-fra.rpki-client.org