Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/4hSX2gWJNnNV5Jz3_fSailaekwU.roa
File: 4hSX2gWJNnNV5Jz3_fSailaekwU.roa (raw, json)
Hash identifier: cfKfJ5g7YrTV4RxUiEllDNNAYxKeH5iw3vg/8E4bTP0=
Subject key identifier: E2:14:97:DA:05:89:36:73:55:E4:9C:F7:FD:F4:9A:8A:56:9E:93:05
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 018572FA60A26E8ACDAD0440188B602AC378
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/4hSX2gWJNnNV5Jz3_fSailaekwU.roa
Signing time: Mon 02 Jan 2023 14:54:49 +0000
ROA not before: Mon 02 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12536
IP address blocks: 212.121.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:60:a2:6e:8a:cd:ad:04:40:18:8b:60:2a:c3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 2 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e21497da0589367355e49cf7fdf49a8a569e9305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:41:c9:a0:22:91:c9:9f:53:53:5a:f0:f7:f8:
65:6d:64:15:dd:fe:db:83:f6:ae:83:c2:1a:35:3d:
98:14:1e:79:41:5b:38:bf:9e:57:dd:05:52:ef:d5:
53:55:9d:a3:14:82:5a:3f:38:59:fd:dc:d9:b2:3a:
3d:c2:12:a2:14:37:6b:bf:8c:fc:59:cb:4a:e2:0d:
52:9f:5a:69:81:e7:28:54:a3:59:d4:2f:64:5e:f9:
eb:e8:29:4e:16:55:1f:04:96:51:5f:8e:19:b3:7d:
a7:0a:31:37:2a:9a:70:58:87:a9:f1:22:b6:42:c1:
bd:9a:20:ef:74:e8:dd:eb:7a:38:a9:c4:a3:6e:ea:
fa:f0:8a:0e:42:09:52:aa:dc:a3:49:2b:f4:c8:27:
92:23:f1:52:93:01:47:a2:50:82:d0:0d:3c:97:81:
20:3d:0f:b0:af:08:61:3f:1d:e3:14:c9:31:fc:44:
93:a1:5d:62:9e:d7:57:49:5b:4c:ca:ee:08:76:fd:
5a:99:a4:01:2f:fa:89:3a:04:7b:d8:9b:a8:65:68:
ff:92:c4:3b:1d:17:84:24:4e:18:ed:fa:13:a1:d9:
5b:72:b4:aa:50:21:6b:66:6a:ca:35:dd:5a:2e:55:
b4:fa:2d:3a:cc:d2:b3:aa:1b:f0:e8:30:36:5d:72:
7a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:14:97:DA:05:89:36:73:55:E4:9C:F7:FD:F4:9A:8A:56:9E:93:05
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/4hSX2gWJNnNV5Jz3_fSailaekwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.121.32.0/19
Signature Algorithm: sha256WithRSAEncryption
01:66:84:98:d7:ee:8d:e9:c6:c0:f6:5e:fd:03:23:31:43:a5:
27:ed:a7:8f:f3:93:96:f7:23:be:40:67:a8:24:50:04:44:24:
c6:8a:e1:bf:75:00:a6:66:64:91:e7:08:af:de:5f:3d:26:99:
b9:6c:59:59:79:16:ba:f0:72:b7:80:14:73:1e:0a:7e:14:f2:
8a:be:5b:c2:67:87:d4:9c:43:7c:67:d2:24:80:54:97:ff:1f:
af:21:3b:e5:b0:35:4d:75:47:02:45:24:a4:f1:4e:b5:34:dc:
84:62:6f:7b:de:00:ed:50:7d:ea:19:88:ef:e2:b9:4e:ca:7b:
2c:77:5e:38:e2:55:a8:69:cd:fb:6e:62:48:00:c0:75:03:e7:
54:bb:cc:4e:ce:99:d3:f5:c6:4f:c7:80:3f:12:e4:a1:8d:cd:
19:ab:bb:34:35:bd:b1:88:df:1e:80:dc:26:7f:1c:da:44:71:
05:18:2e:0b:82:18:f3:89:87:01:f3:a4:26:df:3d:9b:e5:03:
4c:33:37:91:97:57:5c:dc:0f:8e:0b:f6:ea:14:2f:6a:ce:d5:
a3:82:30:31:ca:fb:ec:69:8d:da:15:f7:a8:57:67:76:50:9e:
e9:b5:ff:91:93:33:59:b2:93:03:6d:d9:af:a3:54:38:3f:93:
b7:51:bb:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+mCiborNrQRAGItgKsN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjMwMTAyMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjE0OTdkYTA1ODkzNjczNTVlNDljZjdmZGY0OWE4YTU2OWU5MzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEHJoCKRyZ9TU1rw9/hlbWQV3f7b
g/aug8IaNT2YFB55QVs4v55X3QVS79VTVZ2jFIJaPzhZ/dzZsjo9whKiFDdrv4z8
WctK4g1Sn1ppgecoVKNZ1C9kXvnr6ClOFlUfBJZRX44Zs32nCjE3KppwWIep8SK2
QsG9miDvdOjd63o4qcSjbur68IoOQglSqtyjSSv0yCeSI/FSkwFHolCC0A08l4Eg
PQ+wrwhhPx3jFMkx/ESToV1intdXSVtMyu4Idv1amaQBL/qJOgR72JuoZWj/ksQ7
HReEJE4Y7foTodlbcrSqUCFrZmrKNd1aLlW0+i06zNKzqhvw6DA2XXJ6lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOIUl9oFiTZzVeSc9/30mopWnpMFMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvNGhTWDJnV0pObk5WNUp6M19mU2FpbGFla3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1HkgMA0G
CSqGSIb3DQEBCwUAA4IBAQABZoSY1+6N6cbA9l79AyMxQ6Un7aeP85OW9yO+QGeo
JFAERCTGiuG/dQCmZmSR5wiv3l89Jpm5bFlZeRa68HK3gBRzHgp+FPKKvlvCZ4fU
nEN8Z9IkgFSX/x+vITvlsDVNdUcCRSSk8U61NNyEYm973gDtUH3qGYjv4rlOynss
d1444lWoac37bmJIAMB1A+dUu8xOzpnT9cZPx4A/EuShjc0Zq7s0Nb2xiN8egNwm
fxzaRHEFGC4LghjziYcB86Qm3z2b5QNMMzeRl1dc3A+OC/bqFC9qztWjgjAxyvvs
aY3aFfeoV2d2UJ7ptf+RkzNZspMDbdmvo1Q4P5O3UbsH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:11 2025 by rpki-client