Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/pbFyBCB95m9rEsbNnimcVqiD1yg.roa
File: pbFyBCB95m9rEsbNnimcVqiD1yg.roa (raw, json)
Hash identifier: DjCPHVeteU25IJMCFjfzy35pqtlcd5l3A0OfPgoAcpw=
Subject key identifier: A5:B1:72:04:20:7D:E6:6F:6B:12:C6:CD:9E:29:9C:56:A8:83:D7:28
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 170A40F2
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/pbFyBCB95m9rEsbNnimcVqiD1yg.roa
Signing time: Fri 29 Apr 2022 12:25:07 +0000
ROA not before: Fri 29 Apr 2022 12:25:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 212.68.172.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.176.0/24 maxlen: 24
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
212.68.184.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 386547954 (0x170a40f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Apr 29 12:25:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5b17204207de66f6b12c6cd9e299c56a883d728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:72:6b:25:35:9b:6e:5c:a6:e3:99:18:34:79:
66:22:ba:de:61:d8:17:02:c1:c7:96:d1:3e:4f:83:
10:e8:49:79:00:a1:fc:28:c9:5f:98:9d:35:6f:1d:
79:5d:2d:ea:3e:a9:40:1d:2a:e7:46:a1:68:6e:e5:
39:61:37:f1:76:e1:08:a0:63:c6:3b:92:2e:f3:46:
f7:0e:6c:01:2d:81:86:82:9d:96:96:22:bb:4f:6a:
9e:d5:b5:48:ed:50:f8:d6:bc:00:3a:fa:e0:1b:e0:
09:cf:1d:6f:39:40:16:e2:99:06:84:47:03:96:a7:
7d:00:3e:2d:e7:f9:3b:7d:be:82:61:c4:d0:6d:7f:
65:fa:6a:e4:17:23:1c:d3:04:6d:1e:6a:2f:86:40:
93:80:e8:ce:09:54:cc:70:c7:8c:e2:9e:19:84:a2:
7b:30:d7:42:f7:80:fe:cd:2a:f8:27:8d:2f:06:ff:
8d:b0:be:18:0c:10:e3:34:22:3c:37:f0:db:9b:86:
07:3a:d3:a1:ba:43:af:6e:75:26:10:90:73:4d:6b:
cb:be:db:52:d4:bb:5e:97:0b:86:a8:89:04:50:58:
98:a5:28:11:99:d3:b9:fc:5b:d6:55:59:5f:d0:3a:
4a:b5:08:25:a6:58:78:68:0b:3e:db:a4:c8:2c:f3:
7b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B1:72:04:20:7D:E6:6F:6B:12:C6:CD:9E:29:9C:56:A8:83:D7:28
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/pbFyBCB95m9rEsbNnimcVqiD1yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.172.0-212.68.187.255
Signature Algorithm: sha256WithRSAEncryption
0a:60:1b:52:3d:fd:eb:87:4b:9a:bf:ed:a5:ef:4b:0a:b1:f3:
e3:42:4f:38:f6:1c:f5:2a:32:4a:2a:52:03:b7:2f:79:58:1c:
c3:07:b4:e7:e8:a4:89:2b:a4:39:b8:9f:b7:25:5a:3e:cf:4e:
ff:2e:f9:33:92:ed:5d:96:e0:dc:bc:08:a9:65:4c:5d:11:4d:
83:c1:03:2d:e5:1c:a5:e3:11:a3:16:16:67:f0:19:d5:8a:2f:
21:f0:07:b4:3c:7d:45:20:26:d8:2d:38:d5:78:73:50:de:d8:
b5:e5:15:f6:24:71:3b:c0:a6:fa:fe:6c:89:80:41:6e:ad:f6:
bc:75:33:62:5c:9c:ac:4d:ab:7d:5f:5a:58:8d:36:c6:92:ba:
53:ba:b3:3a:40:e3:f8:19:34:f5:e6:8b:b9:1d:c1:c6:37:99:
d4:8a:85:f0:0b:2c:be:29:f6:5c:92:73:80:28:27:c6:da:b9:
4d:8c:6e:7a:e8:1a:12:3e:7c:89:ff:68:d8:39:50:13:a7:31:
70:e1:e8:be:0a:8e:5b:d1:e0:c8:2c:a5:60:67:8e:91:73:97:
3c:26:54:35:65:69:ec:7a:4f:b8:cd:67:32:a3:18:6c:94:9d:
e0:81:cf:28:e7:bd:75:d8:db:b7:2c:76:c4:e0:f6:1c:35:1e:
6b:0b:ec:b4
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEFwpA8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmJhZDNkZTgzMWRhOTQyMjJjMWFkZDEwNGNhZjRjMzI0NzY4OWFjMB4XDTIyMDQy
OTEyMjUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTViMTcyMDQyMDdk
ZTY2ZjZiMTJjNmNkOWUyOTljNTZhODgzZDcyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKlyayU1m25cpuOZGDR5ZiK63mHYFwLBx5bRPk+DEOhJeQCh
/CjJX5idNW8deV0t6j6pQB0q50ahaG7lOWE38XbhCKBjxjuSLvNG9w5sAS2BhoKd
lpYiu09qntW1SO1Q+Na8ADr64BvgCc8dbzlAFuKZBoRHA5anfQA+Lef5O32+gmHE
0G1/Zfpq5BcjHNMEbR5qL4ZAk4DozglUzHDHjOKeGYSiezDXQveA/s0q+CeNLwb/
jbC+GAwQ4zQiPDfw25uGBzrTobpDr251JhCQc01ry77bUtS7XpcLhqiJBFBYmKUo
EZnTufxb1lVZX9A6SrUIJaZYeGgLPtukyCzzexECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSlsXIEIH3mb2sSxs2eKZxWqIPXKDAfBgNVHSMEGDAWgBSrutPegx2pQiLB
rdEEyvTDJHaJrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E3clQzb01kcVVJaXdhM1JCTXIwd3lSMmlhdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGU4MTQ5LWQ1M2MtNDk5Mi1iZDA3LTU1YzQzNGVlYzk2Yy8x
L3BiRnlCQ0I5NW05ckVzYk5uaW1jVnFpRDF5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGU4MTQ5LWQ1M2MtNDk5Mi1iZDA3LTU1YzQzNGVlYzk2Yy8xL3E3clQzb01kcVVJ
aXdhM1JCTXIwd3lSMmlhdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQC1ESsAwQC1ES4MA0GCSqGSIb3
DQEBCwUAA4IBAQAKYBtSPf3rh0uav+2l70sKsfPjQk849hz1KjJKKlIDty95WBzD
B7Tn6KSJK6Q5uJ+3JVo+z07/Lvkzku1dluDcvAipZUxdEU2DwQMt5Ryl4xGjFhZn
8BnVii8h8Ae0PH1FICbYLTjVeHNQ3ti15RX2JHE7wKb6/myJgEFurfa8dTNiXJys
Tat9X1pYjTbGkrpTurM6QOP4GTT15ou5HcHGN5nUioXwCyy+KfZcknOAKCfG2rlN
jG566BoSPnyJ/2jYOVATpzFw4ei+Co5b0eDILKVgZ46Rc5c8JlQ1ZWnsek+4zWcy
oxhslJ3ggc8o57112Nu3LHbE4PYcNR5rC+y0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org