Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/O9XPst5IweCTHmRx8XDpg_ELvLY.roa
File: O9XPst5IweCTHmRx8XDpg_ELvLY.roa (raw, json)
Hash identifier: mij1OGVNGNjggrkDGwzfqAJDM9vnd3UxjvkpIotufB8=
Subject key identifier: 3B:D5:CF:B2:DE:48:C1:E0:93:1E:64:71:F1:70:E9:83:F1:0B:BC:B6
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 040E6C85
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/O9XPst5IweCTHmRx8XDpg_ELvLY.roa
Signing time: Fri 28 Jan 2022 14:20:06 +0000
ROA not before: Fri 28 Jan 2022 14:20:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206092
IP address blocks: 212.30.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68054149 (0x40e6c85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Jan 28 14:20:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bd5cfb2de48c1e0931e6471f170e983f10bbcb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6b:5a:a1:de:23:aa:68:08:06:98:06:a7:7a:
76:4c:db:3a:64:35:cc:57:bf:47:45:aa:62:35:2e:
6b:a0:a2:02:5b:84:4f:e5:2e:6c:80:b8:c7:39:5f:
b4:e8:fc:72:de:e3:ce:4c:4b:a1:1c:56:e0:d3:6e:
82:44:b3:7d:02:f4:7c:a9:f0:c8:bd:d5:9d:50:89:
99:33:6b:c2:3e:10:cc:f3:5a:68:5b:fd:d0:90:e9:
fa:2e:ca:b7:44:3f:3d:ab:e5:9e:a3:30:26:8f:ea:
7e:d9:37:17:e0:c6:cf:d3:8f:26:fa:6f:f0:57:82:
a0:4d:7d:cb:d7:c7:27:35:1c:c5:de:70:c7:79:81:
6c:b2:8c:8a:38:0f:68:50:56:a8:96:bb:a8:0d:40:
fb:6d:3d:71:6a:d3:31:01:16:6f:8b:6c:78:f2:a2:
c0:2e:03:62:41:c0:ba:60:8e:37:d6:9f:d3:48:db:
76:12:75:15:28:32:f9:6b:90:25:57:ef:e3:63:18:
d8:fe:62:ec:da:2e:d3:37:78:cc:06:dd:6e:00:ca:
f1:37:7c:b3:ab:1e:ed:ce:28:3e:9d:54:a2:ad:b5:
44:4c:5a:08:cd:b4:ea:3e:0f:cd:63:2b:22:b3:ba:
4e:45:9f:fb:4c:41:ac:b5:d0:2d:00:03:d2:98:e5:
38:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D5:CF:B2:DE:48:C1:E0:93:1E:64:71:F1:70:E9:83:F1:0B:BC:B6
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/O9XPst5IweCTHmRx8XDpg_ELvLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.30.33.0/24
Signature Algorithm: sha256WithRSAEncryption
71:c7:be:76:a3:be:3b:55:34:bc:b5:87:cb:c9:b8:a9:88:3f:
48:5d:40:79:6a:4d:a0:81:da:06:a7:8d:bf:e0:89:be:fd:54:
7b:8d:cb:5e:90:04:e2:eb:c9:b6:8c:ac:ea:54:23:2b:d8:67:
7e:f9:61:0b:91:4f:55:c1:b7:7e:d8:6c:d0:39:30:70:46:9c:
fb:2d:3b:3a:79:16:fd:4f:d4:3d:91:ba:d8:c2:e5:45:75:31:
ec:89:7c:62:00:19:d7:37:76:2f:45:99:3d:5e:3f:95:ee:9b:
84:a1:e9:66:08:97:e0:8c:c3:bd:2d:1f:18:2c:f4:e8:1a:85:
d4:67:06:30:93:c0:49:b5:7b:df:74:e8:49:a6:a2:56:22:82:
df:86:e2:78:de:bb:ed:88:8a:1a:52:98:99:50:d3:30:40:4a:
aa:72:fe:80:1b:28:e7:94:82:fc:0d:2a:fc:2b:dc:44:9e:ce:
a6:25:4e:af:f1:d4:e1:8c:24:f6:09:7f:17:30:81:73:71:41:
6b:df:1b:66:db:23:77:4e:c3:9b:b5:7c:1f:50:3a:ca:75:90:
a4:c5:a9:0e:bf:24:ee:a4:20:12:dc:ab:4f:88:39:d4:08:10:
e4:1b:fa:20:9e:68:c4:fb:2f:c5:dd:57:47:3e:fa:fa:3c:b9:
2b:c3:62:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBA5shTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDU1ZDdmZWU0YTQ5OWVjYWYxMWQyZDNkYThlMzg5ZGUzMjM0MTJmMB4XDTIyMDEy
ODE0MjAwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JkNWNmYjJkZTQ4
YzFlMDkzMWU2NDcxZjE3MGU5ODNmMTBiYmNiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5rWqHeI6poCAaYBqd6dkzbOmQ1zFe/R0WqYjUua6CiAluE
T+UubIC4xzlftOj8ct7jzkxLoRxW4NNugkSzfQL0fKnwyL3VnVCJmTNrwj4QzPNa
aFv90JDp+i7Kt0Q/PavlnqMwJo/qftk3F+DGz9OPJvpv8FeCoE19y9fHJzUcxd5w
x3mBbLKMijgPaFBWqJa7qA1A+209cWrTMQEWb4tsePKiwC4DYkHAumCON9af00jb
dhJ1FSgy+WuQJVfv42MY2P5i7Nou0zd4zAbdbgDK8Td8s6se7c4oPp1Uoq21RExa
CM206j4PzWMrIrO6TkWf+0xBrLXQLQAD0pjlOPECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ71c+y3kjB4JMeZHHxcOmD8Qu8tjAfBgNVHSMEGDAWgBQkVdf+5KSZ7K8R
0tPajjid4yNBLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pGWFhfdVNrbWV5dkVkTFQybzQ0bmVNalFTOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvM2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8x
L085WFBzdDVJd2VDVEhtUng4WERwZ19FTHZMWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
M2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8xL0pGWFhfdVNrbWV5
dkVkTFQybzQ0bmVNalFTOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQeITANBgkqhkiG9w0BAQsFAAOC
AQEAcce+dqO+O1U0vLWHy8m4qYg/SF1AeWpNoIHaBqeNv+CJvv1Ue43LXpAE4uvJ
toys6lQjK9hnfvlhC5FPVcG3fths0DkwcEac+y07OnkW/U/UPZG62MLlRXUx7Il8
YgAZ1zd2L0WZPV4/le6bhKHpZgiX4IzDvS0fGCz06BqF1GcGMJPASbV733ToSaai
ViKC34bieN677YiKGlKYmVDTMEBKqnL+gBso55SC/A0q/CvcRJ7OpiVOr/HU4Ywk
9gl/FzCBc3FBa98bZtsjd07Dm7V8H1A6ynWQpMWpDr8k7qQgEtyrT4g51AgQ5Bv6
IJ5oxPsvxd1XRz76+jy5K8Ni+Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:35 2023 by rpki-client on console-fra.rpki-client.org